diff options
author | Franz Pletz <fpletz@fnordicwalking.de> | 2017-05-09 18:10:06 +0200 |
---|---|---|
committer | Franz Pletz <fpletz@fnordicwalking.de> | 2017-05-09 18:19:38 +0200 |
commit | eb79649414c00f4a5ac8a69f8213b891c869bc66 (patch) | |
tree | d0442aa965a61537a9b6941854b6f6138af1d3e5 | |
parent | 326efe5fdcdc77796cb260beb95fa769f2d084c0 (diff) | |
download | nixlib-eb79649414c00f4a5ac8a69f8213b891c869bc66.tar nixlib-eb79649414c00f4a5ac8a69f8213b891c869bc66.tar.gz nixlib-eb79649414c00f4a5ac8a69f8213b891c869bc66.tar.bz2 nixlib-eb79649414c00f4a5ac8a69f8213b891c869bc66.tar.lz nixlib-eb79649414c00f4a5ac8a69f8213b891c869bc66.tar.xz nixlib-eb79649414c00f4a5ac8a69f8213b891c869bc66.tar.zst nixlib-eb79649414c00f4a5ac8a69f8213b891c869bc66.zip |
bind: disable seccomp by default
Fixes #25645 & #23431.
-rw-r--r-- | pkgs/servers/dns/bind/default.nix | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/pkgs/servers/dns/bind/default.nix b/pkgs/servers/dns/bind/default.nix index 2f8bdd06bf1d..350e3be929d7 100644 --- a/pkgs/servers/dns/bind/default.nix +++ b/pkgs/servers/dns/bind/default.nix @@ -1,5 +1,7 @@ { stdenv, lib, fetchurl, openssl, libtool, perl, libxml2 -, libseccomp ? null }: +, enableSeccomp ? false, libseccomp ? null }: + +assert enableSeccomp -> libseccomp != null; let version = "9.10.4-P6"; in @@ -17,7 +19,7 @@ stdenv.mkDerivation rec { stdenv.lib.optional stdenv.isDarwin ./darwin-openssl-linking-fix.patch; buildInputs = [ openssl libtool perl libxml2 ] ++ - stdenv.lib.optional stdenv.isLinux libseccomp; + stdenv.lib.optional enableSeccomp libseccomp; STD_CDEFINES = [ "-DDIG_SIGCHASE=1" ]; # support +sigchase @@ -35,7 +37,7 @@ stdenv.mkDerivation rec { "--without-pkcs11" "--without-purify" "--without-python" - ] ++ lib.optional (stdenv.isi686 || stdenv.isx86_64) "--enable-seccomp"; + ] ++ lib.optional enableSeccomp "--enable-seccomp"; postInstall = '' moveToOutput bin/bind9-config $dev |