lldpd: 0.9.7 -> 0.9.8

Now uses the upstream systemd unit which adds lots of hardening flags.

2 files changed, 5 insertions, 9 deletions

diff --git a/nixos/modules/services/networking/lldpd.nix b/nixos/modules/services/networking/lldpd.nix
index 4f951d843e2c..ba4e1b1542fe 100644
--- a/nixos/modules/services/networking/lldpd.nix
+++ b/nixos/modules/services/networking/lldpd.nix
@@ -28,16 +28,11 @@ in
     users.extraGroups._lldpd = {};
 
     environment.systemPackages = [ pkgs.lldpd ];
+    systemd.packages = [ pkgs.lldpd ];
 
     systemd.services.lldpd = {
       wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
-      requires = [ "network.target" ];
-      serviceConfig = {
-        ExecStart = "${pkgs.lldpd}/bin/lldpd -d ${concatStringsSep " " cfg.extraArgs}";
-        PrivateTmp = true;
-        PrivateDevices = true;
-      };
+      environment.LLDPD_OPTIONS = concatStringsSep " " cfg.extraArgs;
     };
   };
 }
diff --git a/pkgs/tools/networking/lldpd/default.nix b/pkgs/tools/networking/lldpd/default.nix
index 5a97f2219ce6..1ce9f7cb3230 100644
--- a/pkgs/tools/networking/lldpd/default.nix
+++ b/pkgs/tools/networking/lldpd/default.nix
@@ -3,17 +3,18 @@
 
 stdenv.mkDerivation rec {
   name = "lldpd-${version}";
-  version = "0.9.7";
+  version = "0.9.8";
 
   src = fetchurl {
     url = "https://media.luffy.cx/files/lldpd/${name}.tar.gz";
-    sha256 = "1f0d5s4643pjmgycc5ssgl1pggyq5a7navhabkyhcg0aqdah6dmr";
+    sha256 = "0kwck17cr2f1a395a8bfmj7fz1n4i1hv429cbdbkhff33glr9r4y";
   };
 
   configureFlags = [
     "--localstatedir=/var"
     "--enable-pie"
     "--with-snmp"
+    "--with-systemdsystemunitdir=\${out}/lib/systemd/system"
   ];
 
   nativeBuildInputs = [ pkgconfig removeReferencesTo ];