libselinux: 2.4 -> 2.7
This commit is contained in:
parent
880d8c16b5
commit
ea7507b9dc
@ -1,4 +1,4 @@
|
|||||||
{ stdenv, fetchurl, fetchpatch, pkgconfig, libsepol, pcre
|
{ stdenv, fetchurl, pcre, pkgconfig, libsepol
|
||||||
, enablePython ? true, swig ? null, python ? null
|
, enablePython ? true, swig ? null, python ? null
|
||||||
}:
|
}:
|
||||||
|
|
||||||
@ -8,48 +8,34 @@ with stdenv.lib;
|
|||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "libselinux-${version}";
|
name = "libselinux-${version}";
|
||||||
version = "2.4";
|
version = "2.7";
|
||||||
inherit (libsepol) se_release se_url;
|
inherit (libsepol) se_release se_url;
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "${se_url}/${se_release}/libselinux-${version}.tar.gz";
|
url = "${se_url}/${se_release}/libselinux-${version}.tar.gz";
|
||||||
sha256 = "0yqg73ns97jwjh1iyv0jr5qxb8k5sqq5ywfkx11lzfn5yj8k0126";
|
sha256 = "0mwcq78v6ngbq06xmb9dvilpg0jnl2vs9fgrpakhmmiskdvc1znh";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ pkgconfig ];
|
nativeBuildInputs = [ pkgconfig ];
|
||||||
buildInputs = [ libsepol pcre ]
|
buildInputs = [ libsepol pcre ]
|
||||||
++ optionals enablePython [ swig python ];
|
++ optionals enablePython [ swig python ];
|
||||||
|
|
||||||
# Avoid this false warning:
|
# drop fortify here since package uses it by default, leading to compile error:
|
||||||
# avc_internal.c: In function 'avc_netlink_receive':
|
# command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
|
||||||
# avc_internal.c:105:25: error: cast increases required alignment of target type [-Werror=cast-align]
|
hardeningDisable = [ "fortify" ];
|
||||||
# struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
|
|
||||||
# ^
|
|
||||||
|
|
||||||
NIX_CFLAGS_COMPILE = "-std=gnu89 -Wno-error=cast-align";
|
|
||||||
|
|
||||||
# Unreleased upstream patch that fixes Python package issue arising
|
|
||||||
# from recent SWIG changes.
|
|
||||||
patches = optional enablePython (fetchpatch {
|
|
||||||
name = "fix-python-swig.patch";
|
|
||||||
url = "https://github.com/SELinuxProject/selinux/commit/a9604c30a5e2f71007d31aa6ba41cf7b95d94822.patch";
|
|
||||||
sha256 = "0mjrclh0sd8m7vq0wvl6pg29ss415j3kn0266v8ixy4fprafagfp";
|
|
||||||
stripLen = 1;
|
|
||||||
});
|
|
||||||
|
|
||||||
postPatch = optionalString enablePython ''
|
postPatch = optionalString enablePython ''
|
||||||
sed -i -e 's|\$(LIBDIR)/libsepol.a|${libsepol}/lib/libsepol.a|' src/Makefile
|
sed -i -e 's|\$(LIBDIR)/libsepol.a|${libsepol}/lib/libsepol.a|' src/Makefile
|
||||||
''
|
|
||||||
+ ''
|
|
||||||
sed '1i#include <sys/uio.h>' -i src/setrans_client.c
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
# fix install locations
|
||||||
preBuild = ''
|
preBuild = ''
|
||||||
# Build fails without this precreated
|
|
||||||
mkdir -p $out/include
|
|
||||||
|
|
||||||
makeFlagsArray+=("PREFIX=$out")
|
makeFlagsArray+=("PREFIX=$out")
|
||||||
makeFlagsArray+=("DESTDIR=$out")
|
makeFlagsArray+=("DESTDIR=$out")
|
||||||
|
makeFlagsArray+=("MAN3DIR=$out/share/man/man3")
|
||||||
|
makeFlagsArray+=("MAN5DIR=$out/share/man/man5")
|
||||||
|
makeFlagsArray+=("MAN8DIR=$out/share/man/man8")
|
||||||
|
makeFlagsArray+=("PYSITEDIR=$out/lib/python2.7/site-packages")
|
||||||
'';
|
'';
|
||||||
|
|
||||||
installTargets = [ "install" ] ++ optional enablePython "install-pywrap";
|
installTargets = [ "install" ] ++ optional enablePython "install-pywrap";
|
||||||
|
Loading…
Reference in New Issue
Block a user