summary refs log tree commit diff
Commit message (Collapse)AuthorAge
* lib/modules: introduce setDefaultModuleLocationNaïm Favier2022-01-27
| | | | Wraps a module with a default location for reporting errors.
* Merge pull request #157016 from applePrincess/exploitdb-2022-01-26Fabian Affolter2022-01-27
|\ | | | | exploitdb: 2022-01-25 -> 2022-01-26
| * exploitdb: 2022-01-25 -> 2022-01-26Lein Matsumaru2022-01-27
| |
* | Merge pull request #156997 from TredwellGit/linuxBernardo Meurer2022-01-27
|\ \ | | | | | | Kernels 2022-01-27
| * | linux: 5.4.173 -> 5.4.174TredwellGit2022-01-27
| | |
| * | linux: 5.16.2 -> 5.16.3TredwellGit2022-01-27
| | |
| * | linux: 5.15.16 -> 5.15.17TredwellGit2022-01-27
| | |
| * | linux: 5.10.93 -> 5.10.94TredwellGit2022-01-27
| | |
| * | linux: 4.9.297 -> 4.9.298TredwellGit2022-01-27
| | |
| * | linux: 4.4.299 -> 4.4.300TredwellGit2022-01-27
| | |
| * | linux: 4.19.225 -> 4.19.226TredwellGit2022-01-27
| | |
| * | linux: 4.14.262 -> 4.14.263TredwellGit2022-01-27
| | |
* | | Merge pull request #156998 from mweinelt/smartctl-exporter-fixupsajs1242022-01-27
|\ \ \ | | | | | | | | prometheus.exporters.smartctl: fixes
| * | | prometheus.exporters.smartctl: Fix autodiscoveryMartin Weinelt2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When no devices are given the exporter tries to autodiscover available disks. The previous DevicePolicy was however preventing the exporter from accessing any device at all, since only explicitly mentioned ones were allowed. This commit adds an allow rule for several device classes that I could find on my machines, that gets set when no devices are explicitly configured. There is an existing problem with nvme devices, that expose a character device at `/dev/nvme0`, and a (namespaced) block device at `/dev/nvme0n1`. The character device does not come with permissions that we could give to the exporter without further impacting the hardening. crw------- 1 root root 247, 0 27. Jan 03:10 /dev/nvme0 brw-rw---- 1 root disk 259, 0 27. Jan 03:10 /dev/nvme0n1 The autodiscovery only finds the character device, which the exporter unfortunately does not have access to. However a simple udev rule can be used to resolve this: services.udev.extraRules = '' SUBSYSTEM=="nvme", KERNEL=="nvme[0-9]*", GROUP="disk" ''; Unfortunately I'm not fully aware of the security implications this change carries and we should question upstream (systemd) why they did not include such a rule. The disk group has no members on any of my machines. ❯ getent group disk disk:x:6:
| * | | prometheus.exporters.smartctl: Allow RAWIOMartin Weinelt2022-01-27
| | | | | | | | | | | | | | | | | | | | This allows the exporter to perform SCSI commands and interact with hpsa and cciss devices.
* | | | Merge pull request #156937 from mweinelt/firefoxMartin Weinelt2022-01-27
|\ \ \ \
| * | | | firefox-bin: 96.0.2 -> 96.0.3Martin Weinelt2022-01-27
| | | | |
| * | | | firefox-esr-91: 91.5.0esr -> 91.5.1esrMartin Weinelt2022-01-27
| | | | |
| * | | | firefox: 96.0.2 -> 96.0.3Martin Weinelt2022-01-27
| | | | |
* | | | | Merge pull request #154809 from ↵Bernardo Meurer2022-01-27
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | helsinki-systems/feat/stc-proper-unit-file-parser nixos/switch-to-configuration: Proper unit file parser and clean/fix lower part of the script
| * | | | | nixos/switch-to-configuration: Clean up lower part of the scriptJanne Heß2022-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Fully get rid of `parseKeyValues` and use systemctl features for that - Add some regex modifiers recommended by perlcritic - Get rid of a postfix if - Sort units when showing their status - Clean the logic for showing what failed from `elif` to `next` - Switch from `state` to `substate` for `auto-restart` because that's actually where the value is stored - Show status of units with one single systemctl call and get rid of COLUMNS in favor of --full - Add a test for failing units
| * | | | | nixos/switch-to-configuration: Proper unit file parserJanne Heß2022-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This replaces the naive K=V unit parser with a proper INI parser from a library and adds proper support for override files. Also adds a bunch of comments about parsing, I hope this makes it easier to understand and maintain in the future. There are multiple reasons to do so, the first one is just general correctness with is nice imo. But to get to more serious reasons (I didn't put in all that effort for nothing) is that this is the first step torwards more clever restart/reload handling. By using a library like Data::Compare a future PR could replace the current way of fingerprinting units (which is to compare store paths) by comparing the hashes. This is more precise because units won't get restarted because the order of the options change, comments are added, some dependency of writeText changes, .... Also this allows us to add a feature like `X-Reload-Triggers` so the unit can either be reloaded when these change or restarted when everything else changes, giving module authors the ability to have their services reloaded without having to fear that updates are not applied because the service doesn't get restarted. Another reason why this feature is nice is that now that the unit files are parsed correctly (and values are just extracted from one section), potential future rewrites can just rely on some INI library without having to implement their own weird parser that is compatible with this script. This also comes with a new subroutine to handle systemd booleans because I thought the current way of handling it was just ugly. This also allows overriding values this script reads in an override file. Apart from making this script more compatible with the world around it, this also fixes two issues I saw bugging exactly 0 (zero) people. First is that this script now supports multiple override files, also ones that are not called override.conf and the second one is that `1` and `on` are treated as bools by systemd but were previously not parsed as such by switch-to-configuration.
* | | | | | Merge pull request #157019 from dali99/fix-mx-puppet-discord-moduleAaron Andersen2022-01-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | nixos/mx-puppet-discord: Change systemd unit description to avoid new…
| * | | | | | nixos/mx-puppet-discord: Change systemd unit description to avoid newlineDaniel Olsen2022-01-27
| | | | | | |
* | | | | | | Merge pull request #156491 from NixOS/haskell-updatesmaralorn2022-01-27
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | haskellPackages: update stackage and hackage
| * \ \ \ \ \ \ Merge branch 'master' into haskell-updatesMalte Brandy2022-01-27
| |\ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | |
* | | | | | | | Merge pull request #155116 from wentasah/amc-add-oodocStig2022-01-27
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | auto-multiple-choice: add OpenOfficeOODoc perl module as dependency
| * | | | | | | | auto-multiple-choice: add OpenOfficeOODoc as dependencyMichal Sojka2022-01-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Without this, AMC cannot export the results to OpenOffice. When one presses "Reports->OpenOffice->Export", a dialog appears saying that OpenOffice::OODoc perl module is not installed. We switch to using makeFullPerlPath to make dependencies of OpenOfficeOODoc also available. Without this, export complains about missing XMLTwig.
| * | | | | | | | perlPackages.OpenOfficeOODoc: init at 2.125Michal Sojka2022-01-15
| | | | | | | | |
* | | | | | | | | tev: 1.19 -> 1.22R. RyanTM2022-01-27
| |_|/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tev: 1.19 -> 1.22 (#156914) * tev: don't build on aarch64-linux Co-authored-by: Renaud <c0bw3b@users.noreply.github.com>
* | | | | | | | Merge pull request #156992 from hercules-ci/revert-153594-doc-optimizationRobert Hensing2022-01-27
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Revert 153594 doc optimization
| * | | | | | | | Revert "pkgs.path: Avoid copying when used via flake"Robert Hensing2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 813f9da8ab69f106055dd4a8fead7bc0a21a251b.
| * | | | | | | | Revert "flake.nix: Set nixpkgs.config.path"Robert Hensing2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 0b222173dba00680074ef9e98a5bad224f62967e.
| * | | | | | | | Revert "nixos/documentation: avoid copying nixpkgs subpaths, iteration 2"Robert Hensing2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 15a00be189be329f488986cd72d7315fa643b89a.
| * | | | | | | | Revert "nixos/documentation.nix: Only use store non-flake pkgs.path directly ↵Robert Hensing2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when already copied" This reverts commit fecf32505984f4b8feae4c54663f322dcc8bd080.
| * | | | | | | | Revert "nixos/documentation.nix: Use builtins.storePath when appropriate"Robert Hensing2022-01-27
| | |_|_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | This reverts commit 5d29853c389b52d75104415060fbeb2cd170a8fa.
* | | | | | | | Merge pull request #156929 from r-ryantm/auto-update/sympaRyan Mulligan2022-01-27
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | sympa: 6.2.66 -> 6.2.68
| * | | | | | | | sympa: 6.2.66 -> 6.2.68R. Ryantm2022-01-27
| | | | | | | | |
* | | | | | | | | tomboy: remove (#156979)dasj192022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
* | | | | | | | | Merge pull request #156999 from SuperSandro2000/procsSandro2022-01-27
|\ \ \ \ \ \ \ \ \
| * | | | | | | | | procs: 0.12.0 -> 0.12.1Sandro Jäckel2022-01-27
| | | | | | | | | |
* | | | | | | | | | Merge pull request #156995 from fabaff/bump-sqlfluffFabian Affolter2022-01-27
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | sqlfluff: 0.9.2 -> 0.9.3
| * | | | | | | | | | sqlfluff: 0.9.2 -> 0.9.3Fabian Affolter2022-01-27
| | | | | | | | | | |
* | | | | | | | | | | Merge pull request #156990 from r-ryantm/auto-update/python3.10-flux-ledFabian Affolter2022-01-27
|\ \ \ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|_|_|_|/ |/| | | | | | | | | | python310Packages.flux-led: 0.28.11 -> 0.28.17
| * | | | | | | | | | python310Packages.flux-led: 0.28.11 -> 0.28.17R. Ryantm2022-01-27
| | | | | | | | | | |
* | | | | | | | | | | Merge pull request #156964 from raboof/perl-libnet-3.12-to-3.13Stig2022-01-27
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | perlPackages.libnet: 3.12 -> 3.13
| * | | | | | | | | | | perlPackages.libnet: 3.12 -> 3.13Arnout Engelen2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mainly to get the fix for https://rt.cpan.org/Public/Bug/Display.html?id=133912
* | | | | | | | | | | | Merge pull request #154324 from zaninime/sshportalSandro2022-01-27
|\ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | sshportal: init at 1.18.5Francesco Zanini2022-01-24
| | | | | | | | | | | | |
* | | | | | | | | | | | | Merge pull request #156828 from willcohen/grass-darwinSandro2022-01-27
|\ \ \ \ \ \ \ \ \ \ \ \ \
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-29 18:37:01 +0000