Naive concatenation of $LD_LIBRARY_PATH can result in an empty
colon-delimited segment; this tells glibc to load libraries from the
current directory, which is definitely wrong, and may be a security
vulnerability if the current directory is untrusted. (See #67234, for
example.) Fix this throughout the tree.
Followup to #76804. Fixes#144646.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Our units are links in systemd unit directory, which reports state `linked` or
`linked-runtime`. This fixes systemdBoot config and the option
`services.xserver.desktopManager.plasma5.runUsingSystemd` for plasma 5.23.
wheel-inspect has a dependency on readme_renderer~=24.0.0, but the
version of readme_renderer in nixpkgs is at major 29 (currently). To
deal with this, we build a readme_renderer version at 24 inline with
the wheel-inspect derivation.
Someone ported the original hd-idle to Golang and is maintaining it.
This replaces the hd-idle package with the actively maintained Golang
port. I assume nobody will need unmaintained original version since
the Golang port can do everything the original version can do.
Details on https://github.com/NixOS/nixops/issues/1063#issuecomment-453253666.
`partOf` makes that if `smokeping.service` is stopped, `thttpd.service` will
be stopped as well.
(But not that `thttpd` will be started when `smokeping` is started).
Once `thttpd.service` is stopped that way, `Restart = always` will not apply.
When the smokeping config options are changed, NixOS's `switch-configuration.pl`
will stop `smokeping` (whit shuts down thttpd due to `partOf`), and then restart
smokeping; but this does not start thttpd.
As a result, thttpd will be off after changing the config, which isn't desired.
This commit fixes it by removing the `partOf`, which makes `Restart` work
as expected.
This avoids a common problem:
Until now, port forwarding to multiple hosts running smokeping did not work;
they all show the data of the first smokeping instance.
That ws because the image URLs generated by smokeping are absolute
(`imgurl` setting).
Consequently, if you ran
ssh node-1 -L 8081:localhost:8081
ssh node-2 -L 8081:localhost:8082
ssh node-3 -L 8081:localhost:8083
and try to open http://localhost:8081, http://localhost:8082 and
http://localhost:8083, they all would show the images of node-1!
Using a relative `imgurl` fixes that.
As per smokeping docs on `imgurl`:
> Either an absolute URL to the `imgcache` directory or one relative to the
> directory where you keep the SmokePing cgi.
