Merge pull request #104781 from NixOS/staging-next

Staging next
author: Frederik Rietdijk <freddyrietdijk@fridh.nl> 2020-11-30 18:27:29 +0100
committer: GitHub <noreply@github.com> 2020-11-30 18:27:29 +0100
commit: 9a63b3d3d61ca822aceeb4a994e8ef21a7593cc7 (patch)
tree: aceb3c75e546efae7ce47a390fdadce36e39eddd /pkgs/os-specific
parent: d554addf6c5f7024b44fc214df03af25dbcf3bfc (diff)
parent: 0d8491cb2b045e8a0b52bde121929b15a1d20196 (diff)
4 files changed, 20 insertions, 16 deletions
diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix
index 59656f54db285..284ef472d049a 100644
--- a/pkgs/os-specific/linux/kernel-headers/default.nix
+++ b/pkgs/os-specific/linux/kernel-headers/default.nix
@@ -69,12 +69,12 @@ let
 in {
   inherit makeLinuxHeaders;
 
-  linuxHeaders = let version = "5.5"; in
+  linuxHeaders = let version = "5.9.8"; in
     makeLinuxHeaders {
       inherit version;
       src = fetchurl {
         url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
-        sha256 = "0c131fi6s7vgvka1c0597vnvcmwn1pp968rci5kq64iwj3pd9yx6";
+        sha256 = "19l67gzk97higd2cbggipcb0wi21pv0ag0mc4qh6cqk564xp6mkn";
       };
       patches = [
          ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms
diff --git a/pkgs/os-specific/linux/libselinux/default.nix b/pkgs/os-specific/linux/libselinux/default.nix
index 741c51e2233b8..4dfd6a3f2cd6d 100644
--- a/pkgs/os-specific/linux/libselinux/default.nix
+++ b/pkgs/os-specific/linux/libselinux/default.nix
@@ -1,26 +1,26 @@
 { stdenv, fetchurl, pcre, pkgconfig, libsepol
-, enablePython ? true, swig ? null, python ? null
+, enablePython ? true, swig ? null, python3 ? null
 , fts
 }:
 
-assert enablePython -> swig != null && python != null;
+assert enablePython -> swig != null && python3 != null;
 
 with stdenv.lib;
 
 stdenv.mkDerivation rec {
   pname = "libselinux";
-  version = "2.9";
+  version = "3.0";
   inherit (libsepol) se_release se_url;
 
   outputs = [ "bin" "out" "dev" "man" ] ++ optional enablePython "py";
 
   src = fetchurl {
     url = "${se_url}/${se_release}/libselinux-${version}.tar.gz";
-    sha256 = "14r69mgmz7najf9wbizvp68q56mqx4yjbkxjlbcqg5a47s3wik0v";
+    sha256 = "0cr4p0qkr4qd5z1x677vwhz6mlz55kxyijwi2dmrvbhxcw7v78if";
   };
 
-  nativeBuildInputs = [ pkgconfig ] ++ optionals enablePython [ swig python ];
-  buildInputs = [ libsepol pcre fts ] ++ optionals enablePython [ python ];
+  nativeBuildInputs = [ pkgconfig ] ++ optionals enablePython [ swig python3 ];
+  buildInputs = [ libsepol pcre fts ] ++ optionals enablePython [ python3 ];
 
   # drop fortify here since package uses it by default, leading to compile error:
   # command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
@@ -35,14 +35,18 @@ stdenv.mkDerivation rec {
     "MAN3DIR=$(man)/share/man/man3"
     "MAN5DIR=$(man)/share/man/man5"
     "MAN8DIR=$(man)/share/man/man8"
-    "PYTHON=${python.pythonForBuild}/bin/python"
-    "PYTHONLIBDIR=$(py)/${python.sitePackages}"
+    "PYTHON=${python3.pythonForBuild}/bin/python"
+    "PYTHONLIBDIR=$(py)/${python3.sitePackages}"
     "SBINDIR=$(bin)/sbin"
     "SHLIBDIR=$(out)/lib"
 
     "LIBSEPOLA=${stdenv.lib.getLib libsepol}/lib/libsepol.a"
   ];
 
+  preInstall = ''
+    mkdir -p $py/${python3.sitePackages}/selinux
+  '';
+
   installTargets = [ "install" ] ++ optional enablePython "install-pywrap";
 
   meta = removeAttrs libsepol.meta ["outputsToInstall"] // {
diff --git a/pkgs/os-specific/linux/libsepol/default.nix b/pkgs/os-specific/linux/libsepol/default.nix
index 497961af11b44..3592ba1637c1b 100644
--- a/pkgs/os-specific/linux/libsepol/default.nix
+++ b/pkgs/os-specific/linux/libsepol/default.nix
@@ -2,15 +2,15 @@
 
 stdenv.mkDerivation rec {
   pname = "libsepol";
-  version = "2.9";
-  se_release = "20190315";
+  version = "3.0";
+  se_release = "20191204";
   se_url = "https://github.com/SELinuxProject/selinux/releases/download";
 
   outputs = [ "bin" "out" "dev" "man" ];
 
   src = fetchurl {
     url = "${se_url}/${se_release}/libsepol-${version}.tar.gz";
-    sha256 = "0p8x7w73jn1nysx1d7416wqrhbi0r6isrjxib7jf68fi72q14jx3";
+    sha256 = "0ygb6dh5lng91xs6xiqf5v0nxa68qmjc787p0s5h9w89364f2yjv";
   };
 
   nativeBuildInputs = [ flex ];
diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix
index 478791bded0f2..f7a51ff9a0367 100644
--- a/pkgs/os-specific/linux/systemd/default.nix
+++ b/pkgs/os-specific/linux/systemd/default.nix
@@ -282,9 +282,9 @@ stdenv.mkDerivation {
     "-Dmount-path=${util-linux}/bin/mount"
     "-Dumount-path=${util-linux}/bin/umount"
     "-Dcreate-log-dirs=false"
-    # Upstream uses cgroupsv2 by default. To support docker and other
-    # container managers we still need v1.
-    "-Ddefault-hierarchy=hybrid"
+
+    # Use cgroupsv2. This is already the upstream default, but better be explicit.
+    "-Ddefault-hierarchy=unified"
     # Upstream defaulted to disable manpages since they optimize for the much
     # more frequent development builds
     "-Dman=true"
author	Frederik Rietdijk <freddyrietdijk@fridh.nl>	2020-11-30 18:27:29 +0100
committer	GitHub <noreply@github.com>	2020-11-30 18:27:29 +0100
commit	9a63b3d3d61ca822aceeb4a994e8ef21a7593cc7 (patch)
tree	aceb3c75e546efae7ce47a390fdadce36e39eddd /pkgs/os-specific
parent	d554addf6c5f7024b44fc214df03af25dbcf3bfc (diff)
parent	0d8491cb2b045e8a0b52bde121929b15a1d20196 (diff)