Apparmor: update to 2.8.1

2 files changed, 37 insertions, 5 deletions

diff --git a/pkgs/os-specific/linux/apparmor/capability.patch b/pkgs/os-specific/linux/apparmor/capability.patch
new file mode 100644
index 000000000000..c8f2b511d957
--- /dev/null
+++ b/pkgs/os-specific/linux/apparmor/capability.patch
@@ -0,0 +1,16 @@
+Description: allow parser to build even when not on Linux.
+Author: Kees Cook <kees@debian.org>
+
+Index: apparmor-debian/common/Make.rules
+===================================================================
+--- apparmor-debian.orig/common/Make.rules	2012-05-05 14:41:25.967259523 -0700
++++ apparmor-debian/common/Make.rules	2012-05-05 14:41:28.451291053 -0700
+@@ -160,7 +160,7 @@
+ CAPABILITIES=$(shell echo "\#include <linux/capability.h>" | cpp -dM | LC_ALL=C sed -n -e '/CAP_EMPTY_SET/d' -e 's/^\#define[ \t]\+CAP_\([A-Z0-9_]\+\)[ \t]\+\([0-9xa-f]\+\)\(.*\)$$/CAP_\1/p' | sort)
+ 
+ .PHONY: list_capabilities
+-list_capabilities: /usr/include/linux/capability.h
++list_capabilities:
+ 	@echo "$(CAPABILITIES)"
+ 
+ # =====================
diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix
index 8a7d2b9e4581..221156555707 100644
--- a/pkgs/os-specific/linux/apparmor/default.nix
+++ b/pkgs/os-specific/linux/apparmor/default.nix
@@ -1,17 +1,20 @@
 { stdenv, fetchurl
 , autoconf, automake, libtool, makeWrapper
-, perl, bison, flex, glibc, gettext, which, rpm, tetex, LocaleGettext, bash, pam, TermReadKey, RpcXML, swig}:
+, perl, bison, flex, glibc, gettext, which, rpm, tetex, LocaleGettext
+, bash, pam, TermReadKey, RpcXML, swig, python }:
 stdenv.mkDerivation rec {
 
   name = "apparmor-${version}";
-  version = "2.6.1";
+  version = "2.8.1";
 
   src = fetchurl {
-    url = "http://launchpad.net/apparmor/2.6/2.6.1/+download/${name}.tar.gz";
-    sha256 = "1x7225xgzyc5agbn41xsip236anr1kmaw70xc94pag82q7c1bc4w";
+    url = "http://launchpad.net/apparmor/2.8/${version}/+download/${name}.tar.gz";
+    sha256 = "1r0a5k14jbiik28m5gql0f3dbxl252jya7i120rrsbzqqnvw6nw7";
   };
 
-  buildInputs = [ autoconf automake libtool perl bison flex gettext which rpm tetex LocaleGettext pam TermReadKey RpcXML swig makeWrapper ];
+  buildInputs = [
+    autoconf automake libtool perl bison flex gettext which rpm tetex
+    LocaleGettext pam TermReadKey RpcXML swig makeWrapper python ];
 
   prePatch = ''
     substituteInPlace libraries/libapparmor/src/Makefile.in --replace "/usr/include" "${glibc}/include"
@@ -24,11 +27,16 @@ stdenv.mkDerivation rec {
     substituteInPlace parser/Makefile --replace "/usr/include/bits/socket.h" "${glibc}/include/bits/socket.h"
     substituteInPlace parser/Makefile --replace "/usr/include/linux/capability.h" "${glibc}/include/linux/capability.h"
 
+    # for some reason pdf documentation doesn't build
+    substituteInPlace parser/Makefile --replace "manpages htmlmanpages pdf" "manpages htmlmanpages"
+
     substituteInPlace parser/tst/gen-xtrans.pl --replace "/usr/bin/perl" "${perl}/bin/perl"
     substituteInPlace parser/tst/Makefile --replace "/usr/bin/prove" "${perl}/bin/prove"
     substituteInPlace parser/tst/Makefile --replace "./caching.sh" "${bash}/bin/bash ./caching.sh"
   '';
 
+  patches = ./capability.patch;
+
   buildPhase =''
     PERL5LIB=$PERL5LIB:$out/lib/perl5/site_perl:$out/lib
 
@@ -80,6 +88,14 @@ LD_LIBRARY_PATH=$out/lib    make
 	"${src}/kernel-patches/2.6.37/0003-AppArmor-Allow-dfa-backward-compatibility-with-broke.patch"
       ];
     };
+    linux_3_2_patch = {
+      features.apparmor = true;
+      patch = [
+	"${src}/kernel-patches/3.2/0001-AppArmor-compatibility-patch-for-v5-network-controll.patch"
+	"${src}/kernel-patches/3.2/0002-AppArmor-compatibility-patch-for-v5-interface.patch"
+	"${src}/kernel-patches/3.2/0003-AppArmor-Allow-dfa-backward-compatibility-with-broke.patch"
+      ];
+    };
   };
 
   meta = with stdenv.lib; {