summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2019-02-05 22:31:39 +0100
committermakefu <github@syntax-fehler.de>2019-02-05 22:31:39 +0100
commita9ec59e87d65c1f72f346e0568a542715502576f (patch)
treec50f29688cc9ffe6ab0d00cf1d3ce0706b5b3bfb
parent80c2ab739d2d51bf47b07fd6f39508a85077b0e6 (diff)
parent932d11ed9346fbef640604d1107be39e7c11be85 (diff)
Merge remote-tracking branch 'lass/master'
-rw-r--r--krebs/2configs/reaktor2.nix3
-rw-r--r--krebs/3modules/external/default.nix54
-rw-r--r--krebs/3modules/external/palo.nix81
-rw-r--r--krebs/3modules/external/tinc/palo.pub13
-rw-r--r--krebs/3modules/reaktor2.nix4
-rw-r--r--krebs/5pkgs/haskell/reaktor2.nix6
-rw-r--r--krebs/krops.nix14
-rw-r--r--lass/1systems/blue/source.nix14
-rw-r--r--lass/1systems/mors/config.nix1
-rw-r--r--lass/2configs/hardening.nix11
-rw-r--r--lass/2configs/radio.nix61
-rw-r--r--lass/2configs/reaktor-coders.nix46
-rw-r--r--lass/5pkgs/custom/xmonad-lass/default.nix3
m---------submodules/krops0
-rw-r--r--tv/5pkgs/override/default.nix6
-rw-r--r--tv/5pkgs/override/rxvt_unicode/default.nix6
-rw-r--r--tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch41
17 files changed, 269 insertions, 95 deletions
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index ff6b539ba..4d90ae3d5 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -61,7 +61,7 @@ let
];
hooks.PRIVMSG = [
{
- pattern = "^bier bal(ance)*$";
+ pattern = "^bier bal(an(ce)?)?$";
activate = "match";
command = {
env = {
@@ -134,6 +134,7 @@ in {
};
r = {
nick = "reaktor2|krebs";
+ sendDelaySec = null;
plugins = [
{
plugin = "register";
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 089113ac6..1f80906f8 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -16,7 +16,33 @@ with import <stockholm/lib>;
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
in {
+
hosts = mapAttrs hostDefaults {
+ catullus = {
+ owner = config.krebs.users.kmein;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.2.3";
+ aliases = [ "catullus.r" ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2tRtskPP6391+ZX9xzsx
+ CUotXuqYucYmnUbrRSIlxASVqTmAf3nDOE5EDBBcTdSwnb02JcJW4Zh7+BGgMxjF
+ GxDPs6ETI28mHK+6rp8TOkMnyDb5mtSGVZPvKJU9fFOt6aAX1J1BzTfwtHtVQq7K
+ WBzdpeKXlw4dIQ6K6SGmPIPpEh9pE1Xb+GuVljCXKxGJFbW40dmh2ZdadO7umBDu
+ vRk08jT9/BUnUP6KrZlvyePnG38z6srMrVU+XAHu5D2qZ9y+QIp3kw7Y5JUrNXc7
+ 9q9P9TYx15GiIz2mSJKcLVmkLRebsaqdV7dBibPbfdGE+NB+F1FYPGDdW4cnonon
+ DzzjGm/FDfOCXEnSkYGQDBWpfd/8AWum1xGJxJCPNBJElGE2o5jDWo4Y1b9gHP0M
+ vARm8AOK8R1pQ7BP+pNMO0gGw2NDrtWiWpTeZ7SqXmZAZ/Gmyen9X+/fowcbTyDH
+ b9joIuMQeOtxbUV2JprZIdit9NBFSZq/7Re/GBUwjGBm3LabIXFNGKZovx/f9lf8
+ r5tVs4SPauiKzZS0K1Gz1NSq+3OXaY5EwVrBUXptYqRT7uyhVloOPRUsqRFeB0Fn
+ Y5xOpDJ0UiJxgFbdH5Vb81D/VjNO9Q4nZib8wSEuLrYLHGoceQPX4+Ov9IdhIL4B
+ BMTCaF+VCWC5PCLr0e61KqMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ };
dpdkm = {
owner = config.krebs.users.Mic92;
nets = rec {
@@ -176,32 +202,6 @@ in {
};
};
};
- kruck = {
- owner = config.krebs.users.palo;
- nets = {
- retiolum = {
- ip4.addr = "10.243.29.201";
- aliases = [
- "kruck.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
- QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
- EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
- uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
- /RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
- 9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
- qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
- gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
- jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
- fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
- TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
qubasa = {
owner = config.krebs.users.qubasa;
nets = {
@@ -419,8 +419,6 @@ in {
mail = "joerg@thalheim.io";
pubkey = ssh-for "Mic92";
};
- palo = {
- };
qubasa = {
mail = "luis.nixos@gmail.com";
};
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
new file mode 100644
index 000000000..e151ad358
--- /dev/null
+++ b/krebs/3modules/external/palo.nix
@@ -0,0 +1,81 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = false;
+ external = true;
+ monitoring = false;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum.ip6.addr =
+ (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill.ip6.addr =
+ (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ });
+ ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
+ tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
+
+in {
+ hosts = mapAttrs hostDefaults {
+ pepe = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.1";
+ tinc.port = 720;
+ aliases = [ "pepe.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ kruck = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.3";
+ tinc.port = 720;
+ aliases = [ "kruck.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ schasch = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.2";
+ tinc.port = 720;
+ aliases = [ "schasch.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workhorse = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.5";
+ tinc.port = 720;
+ aliases = [ "workhorse.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workout = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.4";
+ tinc.port = 720;
+ aliases = [ "workout.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ };
+ users = {
+ palo = {
+ };
+ };
+}
+
diff --git a/krebs/3modules/external/tinc/palo.pub b/krebs/3modules/external/tinc/palo.pub
new file mode 100644
index 000000000..65284d51d
--- /dev/null
+++ b/krebs/3modules/external/tinc/palo.pub
@@ -0,0 +1,13 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE
+8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4
+oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/
+ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD
+ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ
+ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu
+MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL
+rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo
+sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1
+EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH
+yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ==
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index e3e6ddf4f..9ab207d88 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -33,6 +33,10 @@ with import <stockholm/lib>;
default = "reaktor2${optionalString (name != "default") "-${name}"}";
type = types.filename;
};
+ sendDelaySec = mkOption {
+ default = 0.7;
+ type = types.nullOr types.float;
+ };
username = mkOption {
default = self.config.systemd-service-name;
type = types.username;
diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 40c628802..f06e79121 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -7,11 +7,11 @@
}:
mkDerivation {
pname = "reaktor2";
- version = "0.2.1";
+ version = "0.2.2";
src = fetchgit {
url = "https://cgit.krebsco.de/reaktor2";
- sha256 = "0wg76wlzfi893rl0lzhfs6bkpdcvwvgl6mpnz6w7r8f7znr4a9vr";
- rev = "0e199f7a357a4c5973e5837ec67699cf224ca69c";
+ sha256 = "1kyr5i5zdzvc7fcyac1i1yvi88kcxafrgp8p79c1b9l4g9sjnv78";
+ rev = "9f4e2644188f985d7cd806c13e2c0dee1688b9f0";
fetchSubmodules = true;
};
isLibrary = false;
diff --git a/krebs/krops.nix b/krebs/krops.nix
index 76bca026d..94418fdc2 100644
--- a/krebs/krops.nix
+++ b/krebs/krops.nix
@@ -9,13 +9,19 @@
krebs-source = { test ? false }: rec {
nixpkgs = if test then {
- derivation = ''
- with import <nixpkgs> {};
+ derivation = let
+ rev = (lib.importJSON ./nixpkgs.json).rev;
+ sha256 = (lib.importJSON ./nixpkgs.json).sha256;
+ in ''
+ with import (builtins.fetchTarball {
+ url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
+ sha256 = "${sha256}";
+ }) {};
pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs";
- rev = "${(lib.importJSON ./nixpkgs.json).rev}";
- sha256 = "${(lib.importJSON ./nixpkgs.json).sha256}";
+ rev = "${rev}";
+ sha256 = "${sha256}";
}
'';
} else {
diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix
index a32c3a829..a52771a4d 100644
--- a/lass/1systems/blue/source.nix
+++ b/lass/1systems/blue/source.nix
@@ -1,13 +1,19 @@
{ lib, pkgs, ... }:
{
nixpkgs = lib.mkForce {
- derivation = ''
- with import <nixpkgs> {};
+ derivation = let
+ rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
+ sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
+ in ''
+ with import (builtins.fetchTarball {
+ url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
+ sha256 = "${sha256}";
+ }) {};
pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs";
- rev = "${(lib.importJSON ../../../krebs/nixpkgs.json).rev}";
- sha256 = "${(lib.importJSON ../../../krebs/nixpkgs.json).sha256}";
+ rev = "${rev}";
+ sha256 = "${sha256}";
}
'';
};
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index b6565dc6a..f35ebff56 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -36,6 +36,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/blue-host.nix>
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/nfs-dl.nix>
+ <stockholm/lass/2configs/hardening.nix>
{
krebs.iptables.tables.filter.INPUT.rules = [
#risk of rain
diff --git a/lass/2configs/hardening.nix b/lass/2configs/hardening.nix
new file mode 100644
index 000000000..aee4bf06f
--- /dev/null
+++ b/lass/2configs/hardening.nix
@@ -0,0 +1,11 @@
+{ pkgs, lib, ... }:
+with lib;
+{
+ security.chromiumSuidSandbox.enable = true;
+ security.lockKernelModules = false;
+ boot.kernel.sysctl."user.max_user_namespaces" = 63414;
+
+ imports = [
+ <nixpkgs/nixos/modules/profiles/hardened.nix>
+ ];
+}
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 987632cd1..f88b2627b 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -170,32 +170,45 @@ in {
};
};
- krebs.Reaktor.playlist = {
- nickname = "the_playlist|r";
- channels = [
- "#the_playlist"
- "#krebs"
- ];
- extraEnviron = {
- REAKTOR_HOST = "irc.freenode.org";
- };
- plugins = with pkgs.ReaktorPlugins; [
- (buildSimpleReaktorPlugin "skip" {
- script = "${skip_track}/bin/skip_track";
- pattern = "^skip$";
- })
- (buildSimpleReaktorPlugin "current" {
- script = "${print_current}/bin/print_current";
- pattern = "^current$";
- })
- (buildSimpleReaktorPlugin "suggest" {
- script = "${pkgs.writeDash "suggest" ''
- echo "$@" >> $HOME/playlist_suggest
- ''}";
- pattern = "^suggest: (?P<args>.*)$";
- })
+ krebs.reaktor2.the_playlist = {
+ hostname = "irc.freenode.org";
+ port = "6697";
+ useTLS = true;
+ nick = "the_playlist";
+ plugins = [
+ {
+ plugin = "register";
+ config = {
+ channels = [
+ "#the_playlist"
+ "#krebs"
+ ];
+ };
+ }
+ {
+ plugin = "system";
+ config = {
+ workdir = config.krebs.reaktor2.the_playlist.stateDir;
+ hooks.PRIVMSG = [
+ {
+ activate = "match";
+ pattern = ''!([^ ]+)(?:\s*(.*))?'';
+ command = 1;
+ arguments = [2];
+ commands = {
+ skip.filename = "${skip_track}/bin/skip_track";
+ current.filename = "${print_current}/bin/print_current";
+ suggest.filename = pkgs.writeDash "suggest" ''
+ echo "$@" >> playlist_suggest
+ '';
+ };
+ }
+ ];
+ };
+ }
];
};
+
services.nginx = {
enable = true;
virtualHosts."radio.lassul.us" = {
diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix
index 44d9d6866..4baec1976 100644
--- a/lass/2configs/reaktor-coders.nix
+++ b/lass/2configs/reaktor-coders.nix
@@ -32,6 +32,7 @@ in {
pattern = ''@([^ ]+) (.*)$'';
command = 1;
arguments = [2];
+ env.HOME = config.krebs.reaktor2.coders.stateDir;
commands = let
lambdabot = (import (pkgs.fetchFromGitHub {
owner = "NixOS"; repo = "nixpkgs";
@@ -46,36 +47,21 @@ in {
-e "$@"
'';
in {
- pl = {
- env.HOME = config.krebs.reaktor2.coders.stateDir;
- filename = pkgs.writeDash "lambdabot-pl" ''
- ${lambdabotWrapper} "@pl $1"
- '';
- };
- type = {
- env.HOME = config.krebs.reaktor2.coders.stateDir;
- filename = pkgs.writeDash "lambdabot-type" ''
- ${lambdabotWrapper} "@type $1"
- '';
- };
- "let" = {
- env.HOME = config.krebs.reaktor2.coders.stateDir;
- filename = pkgs.writeDash "lambdabot-let" ''
- ${lambdabotWrapper} "@let $1"
- '';
- };
- run = {
- env.HOME = config.krebs.reaktor2.coders.stateDir;
- filename = pkgs.writeDash "lambdabot-run" ''
- ${lambdabotWrapper} "@run $1"
- '';
- };
- kind = {
- env.HOME = config.krebs.reaktor2.coders.stateDir;
- filename = pkgs.writeDash "lambdabot-kind" ''
- ${lambdabotWrapper} "@kind $1"
- '';
- };
+ pl.filename = pkgs.writeDash "lambdabot-pl" ''
+ ${lambdabotWrapper} "@pl $1"
+ '';
+ type.filename = pkgs.writeDash "lambdabot-type" ''
+ ${lambdabotWrapper} "@type $1"
+ '';
+ "let".filename = pkgs.writeDash "lambdabot-let" ''
+ ${lambdabotWrapper} "@let $1"
+ '';
+ run.filename = pkgs.writeDash "lambdabot-run" ''
+ ${lambdabotWrapper} "@run $1"
+ '';
+ kind.filename = pkgs.writeDash "lambdabot-kind" ''
+ ${lambdabotWrapper} "@kind $1"
+ '';
};
}
{
diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix
index 483e37bc8..1f2e7110e 100644
--- a/lass/5pkgs/custom/xmonad-lass/default.nix
+++ b/lass/5pkgs/custom/xmonad-lass/default.nix
@@ -41,6 +41,7 @@ import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
import XMonad.Layout.FixedColumn (FixedColumn(..))
import XMonad.Layout.Minimize (minimize)
import XMonad.Layout.NoBorders (smartBorders)
+import XMonad.Layout.MouseResizableTile (mouseResizableTile)
import XMonad.Layout.SimplestFloat (simplestFloat)
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy)
@@ -93,7 +94,7 @@ main' = do
myLayoutHook = defLayout
where
- defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat)
+ defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile)
floatHooks :: Query (Endo WindowSet)
floatHooks = composeOne
diff --git a/submodules/krops b/submodules/krops
-Subproject 61b5ef3b8e7e4d601db67a20f14a5022e9de839
+Subproject 5b8fb8dc0ee14672d7fd533bd98635b8725dbb2
diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix
new file mode 100644
index 000000000..cd7c5645b
--- /dev/null
+++ b/tv/5pkgs/override/default.nix
@@ -0,0 +1,6 @@
+with import <stockholm/lib>;
+self: super: {
+ rxvt_unicode = self.callPackage ./rxvt_unicode {
+ rxvt_unicode = super.rxvt_unicode;
+ };
+}
diff --git a/tv/5pkgs/override/rxvt_unicode/default.nix b/tv/5pkgs/override/rxvt_unicode/default.nix
new file mode 100644
index 000000000..858a46be6
--- /dev/null
+++ b/tv/5pkgs/override/rxvt_unicode/default.nix
@@ -0,0 +1,6 @@
+{ rxvt_unicode }:
+rxvt_unicode.overrideAttrs (old: {
+ patches = old.patches ++ [
+ ./finish-running-selection.patch
+ ];
+})
diff --git a/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch b/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
new file mode 100644
index 000000000..a342ccf5c
--- /dev/null
+++ b/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
@@ -0,0 +1,41 @@
+diff --git a/src/rxvttoolkit.h b/src/rxvttoolkit.h
+index 56c9a3f..429055d 100644
+--- a/src/rxvttoolkit.h
++++ b/src/rxvttoolkit.h
+@@ -384,6 +384,7 @@ struct rxvt_selection
+ {
+ rxvt_selection (rxvt_display *disp, int selnum, Time tm, Window win, Atom prop, rxvt_term *term);
+ void run ();
++ void finish (char *data = 0, unsigned int len = 0);
+ ~rxvt_selection ();
+
+ rxvt_term *term; // terminal to paste to, may be 0
+@@ -404,7 +405,6 @@ private:
+ void timer_cb (ev::timer &w, int revents); ev::timer timer_ev;
+ void x_cb (XEvent &xev); xevent_watcher x_ev;
+
+- void finish (char *data = 0, unsigned int len = 0);
+ void stop ();
+ bool request (Atom target, int selnum);
+ void handle_selection (Window win, Atom prop, bool delete_prop);
+diff --git a/src/screen.C b/src/screen.C
+index 9eb375a..77e7109 100644
+--- a/src/screen.C
++++ b/src/screen.C
+@@ -2736,11 +2736,11 @@ rxvt_term::paste (char *data, unsigned int len) NOTHROW
+ void
+ rxvt_term::selection_request (Time tm, int selnum) NOTHROW
+ {
+- if (!selection_req)
+- {
+- selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
+- selection_req->run ();
+- }
++ if (selection_req)
++ selection_req->finish ();
++
++ selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
++ selection_req->run ();
+ }
+
+ /* ------------------------------------------------------------------------- */