diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2022-03-14 00:13:54 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-14 00:13:54 +0000 |
| commit | d81dcd87bd90411a0cffb07099946de6f836a2ee (patch) | |
| tree | e6f5ab760013dc88ff85a2d17343d036b452d011 | |
| parent | Merge staging-next-21.11 into staging-21.11 (diff) | |
| parent | Merge release-21.11 into staging-next-21.11 (diff) | |
| download | nixpkgs-d81dcd87bd90411a0cffb07099946de6f836a2ee.tar.gz | |
Merge staging-next-21.11 into staging-21.11
| -rw-r--r-- | nixos/modules/services/web-servers/tomcat.nix | 7 | ||||
| -rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/tomcat.nix | 21 | ||||
| -rw-r--r-- | pkgs/applications/networking/instant-messengers/signal-desktop/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/applications/virtualization/qemu/default.nix | 5 |
5 files changed, 33 insertions, 5 deletions
diff --git a/nixos/modules/services/web-servers/tomcat.nix b/nixos/modules/services/web-servers/tomcat.nix index f9446fe125a3..877097cf3781 100644 --- a/nixos/modules/services/web-servers/tomcat.nix +++ b/nixos/modules/services/web-servers/tomcat.nix @@ -23,8 +23,8 @@ in package = mkOption { type = types.package; - default = pkgs.tomcat85; - defaultText = literalExpression "pkgs.tomcat85"; + default = pkgs.tomcat9; + defaultText = literalExpression "pkgs.tomcat9"; example = lib.literalExpression "pkgs.tomcat9"; description = '' Which tomcat package to use. @@ -127,7 +127,7 @@ in webapps = mkOption { type = types.listOf types.path; default = [ tomcat.webapps ]; - defaultText = literalExpression "[ pkgs.tomcat85.webapps ]"; + defaultText = literalExpression "[ config.services.tomcat.package.webapps ]"; description = "List containing WAR files or directories with WAR files which are web applications to be deployed on Tomcat"; }; @@ -201,6 +201,7 @@ in { uid = config.ids.uids.tomcat; description = "Tomcat user"; home = "/homeless-shelter"; + group = "tomcat"; extraGroups = cfg.extraGroups; }; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index de105d59eb53..3ba60fb6d05b 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -461,6 +461,7 @@ in timezone = handleTest ./timezone.nix {}; tinc = handleTest ./tinc {}; tinydns = handleTest ./tinydns.nix {}; + tomcat = handleTest ./tomcat.nix {}; tor = handleTest ./tor.nix {}; trac = handleTest ./trac.nix {}; # traefik test relies on docker-containers diff --git a/nixos/tests/tomcat.nix b/nixos/tests/tomcat.nix new file mode 100644 index 000000000000..e383f224e3d1 --- /dev/null +++ b/nixos/tests/tomcat.nix @@ -0,0 +1,21 @@ +import ./make-test-python.nix ({ pkgs, ... }: + +{ + name = "tomcat"; + + machine = { pkgs, ... }: { + services.tomcat.enable = true; + }; + + testScript = '' + machine.wait_for_unit("tomcat.service") + machine.wait_for_open_port(8080) + machine.wait_for_file("/var/tomcat/webapps/examples"); + machine.succeed( + "curl --fail http://localhost:8080/examples/servlets/servlet/HelloWorldExample | grep 'Hello World!'" + ) + machine.succeed( + "curl --fail http://localhost:8080/examples/jsp/jsp2/simpletag/hello.jsp | grep 'Hello, world!'" + ) + ''; +}) diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index 5c16b1b9108a..bcab954b24be 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -24,7 +24,7 @@ let in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "5.34.0"; # Please backport all updates to the stable channel. + version = "5.35.0"; # Please backport all updates to the stable channel. # All releases have a limited lifetime and "expire" 90 days after the release. # When releases "expire" the application becomes unusable until an update is # applied. The expiration date for the current release can be extracted with: @@ -34,7 +34,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "sha256-uU4WJtd9qwrjHgsK0oDg/pCf/5lfNhoMDEd/lHUnLwk="; + sha256 = "sha256-2KF2OLq6/vHElgloxn+kgQisJC+HAkpOBfsKfEPW35c="; }; nativeBuildInputs = [ diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix index 4a271e0eb74c..f59748dde001 100644 --- a/pkgs/applications/virtualization/qemu/default.nix +++ b/pkgs/applications/virtualization/qemu/default.nix @@ -97,6 +97,11 @@ stdenv.mkDerivation rec { sha256 = "09xz06g57wxbacic617pq9c0qb7nly42gif0raplldn5lw964xl2"; revert = true; }) + (fetchpatch { + name = "CVE-2021-4145.patch"; + url = "https://gitlab.com/qemu-project/qemu/-/commit/66fed30c9cd11854fc878a4eceb507e915d7c9cd.patch"; + sha256 = "10za2nag51y4fhc8z7fzw3dfhj37zx8rwg0xcmw5kzmb0gyvvz70"; + }) ] ++ lib.optional nixosTestRunner ./force-uid0-on-9p.patch ++ lib.optionals stdenv.hostPlatform.isMusl [ ./sigrtminmax.patch |