Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: b0dac30ab552
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 816101fed3e5
Choose a head ref
  • 5 commits
  • 5 files changed
  • 5 contributors

Commits on May 6, 2018

  1. nixos/matrix-synapse service: url_preview_url_blacklist fix (#40027) 

    Moved list of ip ranges to url_preview_ip_range_blacklist defaults.
Fixes #40017

(cherry picked from commit 560e91f)
    @fadenb @joachifm
    fadenb authored and joachifm committed May 6, 2018

    Verified

    This commit was signed with the committer’s verified signature.
    tilpner Till Höppner
    GPG key ID: 6A13327225BE51F6
    Verified
    Learn about vigilant mode
    Copy the full SHA
    0560474 View commit details

  2. sshguard: service creates /var/lib/sshguard 

    (cherry picked from commit 21b9260)
    @bricewge @joachifm
    bricewge authored and joachifm committed May 6, 2018
    Copy the full SHA
    30c90bf View commit details

  3. ntfs-3g: fix debian url 

    (cherry picked from commit 04d126a)
    @joachifm
    voobscout authored and joachifm committed May 6, 2018
    Copy the full SHA
    7245e33 View commit details

  4. refind: fix runtime errors 

    In newer versions, instead of using $PWD to locate its ressource files,
Refind now refers to the dir containing $0.
This causes runtime errors due to missing ressources.

In lieu a wrapper binary, we now simply patch the variable 'RefindDir'
which stores the path to the ressource dir.

(cherry picked from commit adce6bf)
    @erikarvstedt @joachifm
    erikarvstedt authored and joachifm committed May 6, 2018
    Copy the full SHA
    d953df9 View commit details

  5. transmission-gtk: 2.93 -> 2.94 

    (cherry picked from commit 66aedd5)

Bug-fix release, see [1]

[1]: https://github.com/transmission/transmission/releases/tag/2.94
    @joachifm
    R. RyanTM authored and joachifm committed May 6, 2018
    Copy the full SHA
    816101f View commit details
18 changes: 9 additions & 9 deletions nixos/modules/services/misc/matrix-synapse.nix
View file
Original file line number Diff line number Diff line change
@@ -395,7 +395,14 @@ in {
};
url_preview_ip_range_blacklist = mkOption {
type = types.listOf types.str;
default = [];
default = [
"127.0.0.0/8"
"10.0.0.0/8"
"172.16.0.0/12"
"192.168.0.0/16"
"100.64.0.0/10"
"169.254.0.0/16"
];
description = ''
List of IP address CIDR ranges that the URL preview spider is denied
from accessing.
@@ -412,14 +419,7 @@ in {
};
url_preview_url_blacklist = mkOption {
type = types.listOf types.str;
default = [
"127.0.0.0/8"
"10.0.0.0/8"
"172.16.0.0/12"
"192.168.0.0/16"
"100.64.0.0/10"
"169.254.0.0/16"
];
default = [];
description = ''
Optional list of URL matches that the URL preview spider is
denied from accessing.
1 change: 1 addition & 0 deletions nixos/modules/services/security/sshguard.nix
View file
Original file line number Diff line number Diff line change
@@ -133,6 +133,7 @@ in {
ReadOnlyDirectories = "/";
ReadWriteDirectories = "/run/sshguard /var/lib/sshguard";
RuntimeDirectory = "sshguard";
StateDirectory = "sshguard";
CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_RAW";
};
};
6 changes: 3 additions & 3 deletions pkgs/applications/networking/p2p/transmission/default.nix
View file
Original file line number Diff line number Diff line change
@@ -10,11 +10,11 @@ let inherit (stdenv.lib) optional optionals optionalString; in

stdenv.mkDerivation rec {
name = "transmission-" + optionalString enableGTK3 "gtk-" + version;
version = "2.93";
version = "2.94";

src = fetchurl {
url = "https://github.com/transmission/transmission-releases/raw/master/transmission-2.93.tar.xz";
sha256 = "8815920e0a4499bcdadbbe89a4115092dab42ce5199f71ff9a926cfd12b9b90b";
url = "https://github.com/transmission/transmission-releases/raw/master/transmission-2.94.tar.xz";
sha256 = "0zbbj7rlm6m7vb64x68a64cwmijhsrwx9l63hbwqs7zr9742qi1m";
};

nativeBuildInputs = [ pkgconfig ]
16 changes: 4 additions & 12 deletions pkgs/tools/bootloaders/refind/default.nix
View file
Original file line number Diff line number Diff line change
@@ -57,7 +57,7 @@ stdenv.mkDerivation rec {
install -D -m0644 gptsync/gptsync_${efiPlatform}.efi $out/share/refind/tools_${efiPlatform}/gptsync_${efiPlatform}.efi
# helper scripts
install -D -m0755 refind-install $out/share/refind/refind-install
install -D -m0755 refind-install $out/bin/refind-install
install -D -m0755 mkrlconf $out/bin/refind-mkrlconf
install -D -m0755 mvrefind $out/bin/refind-mvrefind
install -D -m0755 fonts/mkfont.sh $out/bin/refind-mkfont
@@ -86,21 +86,13 @@ stdenv.mkDerivation rec {
# keys
install -D -m0644 keys/* $out/share/refind/keys/
# The refind-install script assumes that all resource files are
# installed under the same directory as the script itself. To avoid
# having to patch around this assumption, generate a wrapper that
# cds into $out/share/refind and executes the real script from
# there.
cat >$out/bin/refind-install <<EOF
#! ${stdenv.shell}
cd $out/share/refind && exec -a $out/bin/refind-install ./refind-install \$*
EOF
chmod +x $out/bin/refind-install
# Fix variable definition of 'RefindDir' which is used to locate ressource files.
sed -i "s,\bRefindDir=.*,RefindDir=$out/share/refind,g" $out/bin/refind-install
# Patch uses of `which`. We could patch in calls to efibootmgr,
# openssl, convert, and openssl, but that would greatly enlarge
# refind's closure (from ca 28MB to over 400MB).
sed -i 's,`which \(.*\)`,`type -p \1`,g' $out/share/refind/refind-install
sed -i 's,`which \(.*\)`,`type -p \1`,g' $out/bin/refind-install
sed -i 's,`which \(.*\)`,`type -p \1`,g' $out/bin/refind-mvrefind
sed -i 's,`which \(.*\)`,`type -p \1`,g' $out/bin/refind-mkfont
'';
2 changes: 1 addition & 1 deletion pkgs/tools/filesystems/ntfs-3g/default.nix
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ stdenv.mkDerivation rec {

patches = [
(fetchpatch {
url = "https://sources.debian.net/data/main/n/ntfs-3g/1:2016.2.22AR.1-4/debian/patches/0003-CVE-2017-0358.patch";
url = "https://sources.debian.org/data/main/n/ntfs-3g/1:2016.2.22AR.1+dfsg-1/debian/patches/0003-CVE-2017-0358.patch";
sha256 = "0hd05q9q06r18k8pmppvch1sslzqln5fvqj51d5r72g4mnpavpj3";
})
];