|
|
|
@ -18,28 +18,19 @@ |
|
|
|
|
let |
|
|
|
|
pythonLxmlEnv = buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]); |
|
|
|
|
|
|
|
|
|
in stdenv.mkDerivation rec { |
|
|
|
|
in stdenv.mkDerivation { |
|
|
|
|
version = "243"; |
|
|
|
|
pname = "systemd"; |
|
|
|
|
# To whoever updates this to 239: check the todo on line 173. |
|
|
|
|
version = "242"; |
|
|
|
|
|
|
|
|
|
# When updating, use https://github.com/systemd/systemd-stable tree, not the development one! |
|
|
|
|
# Also fresh patches should be cherry-picked from that tree to our current one. |
|
|
|
|
src = fetchFromGitHub { |
|
|
|
|
owner = "NixOS"; |
|
|
|
|
repo = "systemd"; |
|
|
|
|
rev = "5fb35fbc783516e2014115c3488134a2afb8494c"; |
|
|
|
|
sha256 = "0pyjvzzh8nnxv4z58n82lz1mjnzv44sylcjgkvw8sp35vx1ryxfh"; |
|
|
|
|
rev = "7019836a26ebdc1ba20c03d06dbb3a613833bd0f"; |
|
|
|
|
sha256 = "0ywaq5jfy177k4q5hwr43v66sz62l1bqhgyxs2vk9m1d5kvrjwk6"; |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
patches = [ |
|
|
|
|
(fetchpatch { |
|
|
|
|
name = "CVE-2019-15718.patch"; |
|
|
|
|
url = https://github.com/systemd/systemd/pull/13457/commits/35e528018f315798d3bffcb592b32a0d8f5162bd.patch; |
|
|
|
|
sha256 = "0m0ypnnllx4r6a2qy1586as15i2qrzxwi1sqdp14rzdwajz1rvnv"; |
|
|
|
|
}) |
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
outputs = [ "out" "lib" "man" "dev" ]; |
|
|
|
|
|
|
|
|
|
nativeBuildInputs = |
|
|
|
@ -112,6 +103,13 @@ in stdenv.mkDerivation rec { |
|
|
|
|
"-Dsulogin-path=${utillinux}/bin/sulogin" |
|
|
|
|
"-Dmount-path=${utillinux}/bin/mount" |
|
|
|
|
"-Dumount-path=${utillinux}/bin/umount" |
|
|
|
|
"-Dcreate-log-dirs=false" |
|
|
|
|
# Upstream uses cgroupsv2 by default. To support docker and other |
|
|
|
|
# container managers we still need v1. |
|
|
|
|
"-Ddefault-hierarchy=hybrid" |
|
|
|
|
# Upstream defaulted to disable manpages since they optimize for the much |
|
|
|
|
# more frequent development builds |
|
|
|
|
"-Dman=true" |
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
preConfigure = '' |
|
|
|
|