8951df2e2c
sane-scripts: set vim tags for python scripts
2024-05-26 10:42:12 +00:00
3a045f4d88
doc: polyunfill: point to https://github.com/NixOS/nixpkgs/pull/314791
2024-05-26 08:00:18 +00:00
57d6a9a4c3
polyunfill: simplify pam hacks
2024-05-26 07:04:12 +00:00
2ee39ca0cc
poly_unfill: remove /run/wrappers/bin/unix_chkpwd
...
non-privileged users don't need to check passwords
well, maybe they do (for desktop unlockers), but i've already solved that :)
2024-05-26 06:37:59 +00:00
9d9211c5fa
polyunfill: distribute /run/wrappers/bin/unix_chkpwd without suid bit
2024-05-26 01:18:30 +00:00
9ce7dcd57a
/run/wrappers: remove unused newgidmap,newuidmap,newgrp binaries
2024-05-26 01:18:30 +00:00
af72f312d3
sandbox: remove /run/wrappers: SUID wrappers dont really accomplish much inside a namespace
2024-05-26 01:18:30 +00:00
efa1ee6c69
iproute2: disable sandbox and fix ip
commands
2024-05-26 01:18:30 +00:00
6a15434cc6
net/vpn: remove the bridge devices from my VPN setup
2024-05-26 01:18:30 +00:00
59e4256dd8
sane-vpn: lint
2024-05-26 01:18:30 +00:00
6365bb7594
desko: disable wpa_supplicant/wireless networking again
2024-05-26 01:18:17 +00:00
8cb73687ce
unl0kr: don't add extra deps to user's PATH
2024-05-26 01:17:42 +00:00
73f5c9608e
sanebox: tighter dependency handling, to not rely on @BACKEND_FALLBACK@
2024-05-25 10:26:36 +00:00
b035d312aa
firejail: purge
2024-05-25 10:21:31 +00:00
a5e1a804c9
sane-vpn: port to sanebox/pasta (no more firejail)
2024-05-25 10:09:10 +00:00
7c6813ff37
sanebox: add a new method pastaonly
2024-05-25 10:08:49 +00:00
7b1bc210fd
sanebox: integrate with pasta
(passt) for better net sandboxing
2024-05-25 09:39:18 +00:00
118ed5f950
sanebox: populate --sanebox-net-dev with the actual net device -- not the bridge
2024-05-25 08:17:38 +00:00
ffe599e5cb
sanebox: rename --sanebox-net to --sanebox-net-dev
2024-05-25 08:13:35 +00:00
fc52860dfc
nixpatches: fix miniupnpc
2024-05-25 08:04:08 +00:00
377b1a21a8
todo.md: explore beets
for mp3 tagging
2024-05-25 08:03:35 +00:00
a7881ecfce
self-check: refactor
2024-05-25 04:10:15 +00:00
692bc89cbb
health-check: include a wg-home check
2024-05-25 03:49:33 +00:00
842651efd5
mpv: tune webm.conf
2024-05-25 02:05:18 +00:00
27b4d4da16
mpv: ship a music visualizer
...
note that it doesnt show in `webm` exports
2024-05-25 02:05:09 +00:00
e407467e55
mpv: ship mpv-webm
tool for clipping videos
2024-05-25 00:55:40 +00:00
30c677fafc
feeds: subscribe to weekinethereumnews.com
2024-05-25 00:52:39 +00:00
ac59083e01
nixpkgs: 2024-05-23 -> 2024-05-24; nixpkgs-wayland -> 2024-05-24
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/4e80f8a6e6acab514a039e525b8613651c301ad3' (2024-05-23)
→ 'github:nixos/nixpkgs/cc5c0d369b5e8f49705e2a2d7464e4b162804805' (2024-05-24)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/b962cd91aa0b1150ebd4e8552943de9b7700fe5e' (2024-05-23)
→ 'github:nixos/nixpkgs/2baa58d3488bd9cc4d53d6812509edc34a1c7e2a' (2024-05-24)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/ff79b5982b903329be17630667bb7a0f28552ac5' (2024-05-23)
→ 'github:nix-community/nixpkgs-wayland/8746004cd97164c89f0997ea06642b819e5bc3fb' (2024-05-24)
• Updated input 'nixpkgs-wayland/nix-eval-jobs/nixpkgs':
'github:NixOS/nixpkgs/b962cd91aa0b1150ebd4e8552943de9b7700fe5e' (2024-05-06)
→ 'github:NixOS/nixpkgs/ad7efee13e0d216bf29992311536fce1d3eefbef' (2024-05-06)
```
2024-05-24 23:27:05 +00:00
49b48b24fc
ship linux/posix manpages
2024-05-24 06:57:20 +00:00
4bc6a4fc67
todo.md: document mpv audiocast limitations
2024-05-24 06:42:23 +00:00
844a128d60
iproute2: fix sandboxing (hopefully)
2024-05-24 06:41:12 +00:00
d25fb31767
sanebox: fix qoute error in linkCache array test
2024-05-24 06:14:08 +00:00
309797fe23
sane-input-handler: fix unrecoverable terminal state
...
bonsai is prone to miss inputs during high CPU load.
2024-05-24 04:29:34 +00:00
a6b10244eb
sane-input-handler: set vim filetype hint
2024-05-24 04:06:53 +00:00
18ec5505c4
servo: re-enable slskd
...
routing seems stable
2024-05-24 02:58:09 +00:00
e6dbf2d530
nixpatches: update gnome-keyring patch
2024-05-24 02:58:09 +00:00
a9e31539ea
koreader-from-src: avoid a runtime dep on cmake
2024-05-24 02:58:09 +00:00
2ccb4d94c5
nixpkgs: 2024-05-16 -> 2024-05-23, nixpkgs-wayland, sops-nix, uninsane-dot-org
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/1887e39d7e68bb191eb804c0f976ad25b3980595' (2024-05-16)
→ 'github:nixos/nixpkgs/?' (2024-05-23)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/977a49df312d89b7dfbb3579bf13b7dfe23e7878' (2024-05-16)
→ 'github:nixos/nixpkgs/?' (2024-05-23)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/5e2c5345f3204c867c9d4183cbb68069d0f7a951' (2024-05-16)
→ 'github:nix-community/nixpkgs-wayland/?' (2024-05-23)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/09883ca828e8cfaacdb09e29190a7b84ad1d9925' (2024-05-12)
→ 'github:nix-community/lib-aggregate/5fa64b174daa22fe0d20ebbcc0ec2c7905b503f1' (2024-05-19)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/58e03b95f65dfdca21979a081aa62db0eed6b1d8' (2024-05-12)
→ 'github:nix-community/nixpkgs.lib/0df131b5ee4d928a4b664b6d0cd99cf134d6ab6b' (2024-05-19)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/b6cb5de2ce57acb10ecdaaf9bbd62a5ff24fa02e' (2024-05-12)
→ 'github:Mic92/sops-nix/b549832718b8946e875c016a4785d204fcfc2e53' (2024-05-22)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/8e47858badee5594292921c2668c11004c3b0142' (2024-05-11)
→ 'github:NixOS/nixpkgs/e7cc61784ddf51c81487637b3031a6dd2d6673a2' (2024-05-18)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=af8420d1c256d990b5e24de14ad8592a5d85bf77 ' (2024-04-15)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=e6f88f563bdd1700c04018951de4f69862646dd1 ' (2024-05-16)
```
2024-05-24 02:57:53 +00:00
ca57fd692f
sane-input-handler: simplify the volume button controls; reduce vol-hold repeat count to 3
2024-05-23 02:50:38 +00:00
e6a8f5bae8
eg25-control: fix --enable-gps
and --ensure-agps
commands
...
these were failing due to pathing changes from systemd -> s6
2024-05-23 02:50:38 +00:00
d9922f8aa8
moby: tidy up the initrd kernel modules
2024-05-23 02:07:30 +00:00
c51dcb30a2
linux-postmarketos: add an option for building *with* modem power feature
2024-05-23 02:07:30 +00:00
03dab63042
moby: ship a bunch of kernel modules in the initrd: this allows the postmarketos kernel to boot to graphics!
2024-05-22 22:35:04 +00:00
293af36d25
linux-postmarketos: ship landlock
2024-05-22 22:33:40 +00:00
0a1b1ae52f
linux-megous: remove some unneeded options (i.e. PCI)
2024-05-22 20:25:17 +00:00
5952c275a0
moby: document kernel compatibility
2024-05-21 22:54:11 +00:00
ea8eaaa91a
moby: un-blacklist stk3310
...
i don't know if blacklisting it is maybe interfering with other stuff
2024-05-21 22:47:12 +00:00
14a92b3f64
moby: disable iio sensor
...
this relaxes kernel requirements, allowing the pmOS kernel to pass eval checks
2024-05-21 22:47:12 +00:00
c5e7ef7b0c
polyunfill: don't ship x86-only kernel modules to moby's initrd
...
notably, this relaxes some constraints on the kernel so that e.g.
postmarketOS kernel actually passes eval checks (and boots to ssh!
no graphics yet)
2024-05-21 22:47:12 +00:00
b6d31e127d
linux-megous: dont auto-enable SELINUX
...
i think maybe it's disabled for a reason: systemd is built without it, and either it or SUN8I_DE2_CCU seems to be the difference between working drm and non-working drm
2024-05-21 22:47:12 +00:00