summary refs log tree commit diff
path: root/pkgs/os-specific/linux/util-linux/default.nix
diff options
context:
space:
mode:
authorParnell Springmeyer <parnell@digitalmentat.com>2017-01-25 11:08:05 -0800
committerParnell Springmeyer <parnell@digitalmentat.com>2017-01-25 11:08:05 -0800
commitbae00e8aa8f3faff90e28e19cd5074b8c26d0d0e (patch)
tree56abaf30f11ad2f24b9fb7729f74c5fff50fbd93 /pkgs/os-specific/linux/util-linux/default.nix
parent1f9494b752082ec3ac048e56d1c6364a2e23a675 (diff)
parent104c3db6594043dbb81005303f055b02145305a5 (diff)
downloadnixlib-bae00e8aa8f3faff90e28e19cd5074b8c26d0d0e.tar
nixlib-bae00e8aa8f3faff90e28e19cd5074b8c26d0d0e.tar.gz
nixlib-bae00e8aa8f3faff90e28e19cd5074b8c26d0d0e.tar.bz2
nixlib-bae00e8aa8f3faff90e28e19cd5074b8c26d0d0e.tar.lz
nixlib-bae00e8aa8f3faff90e28e19cd5074b8c26d0d0e.tar.xz
nixlib-bae00e8aa8f3faff90e28e19cd5074b8c26d0d0e.tar.zst
nixlib-bae00e8aa8f3faff90e28e19cd5074b8c26d0d0e.zip
setcap-wrapper: Merging with upstream master and resolving conflicts
Diffstat (limited to 'pkgs/os-specific/linux/util-linux/default.nix')
-rw-r--r--pkgs/os-specific/linux/util-linux/default.nix33


1 files changed, 19 insertions, 14 deletions
diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix
index 11444c57f9a4..e808eaf52162 100644
--- a/pkgs/os-specific/linux/util-linux/default.nix
+++ b/pkgs/os-specific/linux/util-linux/default.nix
@@ -1,9 +1,9 @@
-{ stdenv, fetchurl, pkgconfig, zlib, ncurses ? null, perl ? null, pam, systemd }:
+{ lib, stdenv, fetchurl, pkgconfig, zlib, libseccomp, fetchpatch, autoreconfHook, ncurses ? null, perl ? null, pam, systemd, minimal ? false }:
 
 stdenv.mkDerivation rec {
   name = "util-linux-${version}";
-  version = stdenv.lib.concatStringsSep "." ([ majorVersion ]
-    ++ stdenv.lib.optional (patchVersion != "") patchVersion);
+  version = lib.concatStringsSep "." ([ majorVersion ]
+    ++ lib.optional (patchVersion != "") patchVersion);
   majorVersion = "2.28";
   patchVersion = "1";
 
@@ -14,12 +14,13 @@ stdenv.mkDerivation rec {
 
   patches = [
     ./rtcwake-search-PATH-for-shutdown.patch
-  ];
-
-  outputs = [ "bin" "out" "man" ]; # TODO: $bin is kept the first for now
-  # due to lots of ${utillinux}/bin occurences and headers being rather small
-  outputDev = "bin";
+    (fetchpatch {
+      name = "CVE-2016-2779.diff";
+      url = https://github.com/karelzak/util-linux/commit/8e4925016875c6a4f2ab4f833ba66f0fc57396a2.patch;
+      sha256 = "0kmigkq4s1b1ijrq8vcg2a5cw4qnm065m7cb1jn1q1f4x99ycy60";
+  })];
 
+  outputs = [ "bin" "dev" "out" "man" ];
 
   #FIXME: make it also work on non-nixos?
   postPatch = ''
@@ -53,20 +54,24 @@ stdenv.mkDerivation rec {
 
   makeFlags = "usrbin_execdir=$(bin)/bin usrsbin_execdir=$(bin)/sbin";
 
-  nativeBuildInputs = [ pkgconfig ];
+  # autoreconfHook is required for CVE-2016-2779
+  nativeBuildInputs = [ pkgconfig autoreconfHook ];
+  # libseccomp is required for CVE-2016-2779
   buildInputs =
-    [ zlib pam ]
-    ++ stdenv.lib.optional (ncurses != null) ncurses
-    ++ stdenv.lib.optional (systemd != null) [ systemd pkgconfig ]
-    ++ stdenv.lib.optional (perl != null) perl;
+    [ zlib pam libseccomp ]
+    ++ lib.optional (ncurses != null) ncurses
+    ++ lib.optional (systemd != null) systemd
+    ++ lib.optional (perl != null) perl;
 
   postInstall = ''
     rm "$bin/bin/su" # su should be supplied by the su package (shadow)
+  '' + lib.optionalString minimal ''
+    rm -rf $out/share/{locale,doc,bash-completion}
   '';
 
   enableParallelBuilding = true;
 
-  meta = with stdenv.lib; {
+  meta = with lib; {
     homepage = https://www.kernel.org/pub/linux/utils/util-linux/;
     description = "A set of system utilities for Linux";
     license = licenses.gpl2; # also contains parts under more permissive licenses

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-26 08:10:22 +0000