diff options
Diffstat (limited to 'pkgs/os-specific/linux/systemd/default.nix')
-rw-r--r-- | pkgs/os-specific/linux/systemd/default.nix | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 9cdc5dcd9d44d..61eea1c66015d 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -5,7 +5,6 @@ , nixosTests , pkgsCross , fetchFromGitHub -, fetchpatch , fetchzip , buildPackages , makeBinaryWrapper @@ -180,7 +179,7 @@ assert withBootloader -> withEfi; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "255.4"; + version = "255.6"; # Use the command below to update `releaseTimestamp` on every (major) version # change. More details in the commentary at mesonFlags. @@ -198,7 +197,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - hash = "sha256-P1mKq+ythrv8MU7y2CuNtEx6qCDacugzfsPRZL+NPys="; + hash = "sha256-ah0678iNfy0c5NhHhjn0roY6RoM8OE0hWyEt+qEGKRQ="; }; # On major changes, or when otherwise required, you *must* : @@ -229,15 +228,6 @@ stdenv.mkDerivation (finalAttrs: { ./0017-meson.build-do-not-create-systemdstatedir.patch ] ++ lib.optional (stdenv.hostPlatform.isLinux && stdenv.hostPlatform.isGnu) [ ./0018-timesyncd-disable-NSCD-when-DNSSEC-validation-is-dis.patch - ] ++ lib.optional (stdenv.hostPlatform.isPower || stdenv.hostPlatform.isRiscV || stdenv.hostPlatform.isMips) [ - # Fixed upstream and included in the main and stable branches. Can be dropped - # when bumping to >= v255.5. - # https://github.com/systemd/systemd/issues/30448 - # https://github.com/NixOS/nixpkgs/pull/282607 - (fetchpatch { - url = "https://github.com/systemd/systemd/commit/8040fa55a1cbc34dede3205a902095ecd26c21e3.patch"; - sha256 = "0c6z7bsndbkb8m130jnjpsl138sfv3q171726n5vkyl2n9ihnavk"; - }) ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -417,6 +407,7 @@ stdenv.mkDerivation (finalAttrs: { ''; outputs = [ "out" "dev" ] ++ (lib.optional (!buildLibsOnly) "man"); + separateDebugInfo = true; hardeningDisable = [ # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111523 @@ -510,6 +501,12 @@ stdenv.mkDerivation (finalAttrs: { (lib.mesonOption "default-hierarchy" "unified") (lib.mesonOption "kmod-path" "${kmod}/bin/kmod") + # Attempts to check /usr/sbin and that fails in macOS sandbox because + # permission is denied. If /usr/sbin is not a symlink, it defaults to true. + # We set it to false since stdenv moves sbin/* to bin and creates a symlink, + # that is, we do not have split bin. + (lib.mesonOption "split-bin" "false") + # D-Bus (lib.mesonOption "dbuspolicydir" "${placeholder "out"}/share/dbus-1/system.d") (lib.mesonOption "dbussessionservicedir" "${placeholder "out"}/share/dbus-1/services") @@ -562,7 +559,7 @@ stdenv.mkDerivation (finalAttrs: { (lib.mesonEnable "zlib" withCompression) # NSS - (lib.mesonEnable "nss-mymachines" withNss) + (lib.mesonEnable "nss-mymachines" (withNss && withMachined)) (lib.mesonEnable "nss-resolve" withNss) (lib.mesonBool "nss-myhostname" withNss) (lib.mesonBool "nss-systemd" withNss) @@ -574,7 +571,7 @@ stdenv.mkDerivation (finalAttrs: { # FIDO2 (lib.mesonEnable "libfido2" withFido2) - (lib.mesonEnable "openssl" withFido2) + (lib.mesonEnable "openssl" (withHomed || withFido2 || withSysupdate)) # Password Quality (lib.mesonEnable "pwquality" withPasswordQuality) @@ -599,6 +596,7 @@ stdenv.mkDerivation (finalAttrs: { (lib.mesonEnable "libiptc" withIptables) (lib.mesonEnable "repart" withRepart) (lib.mesonEnable "sysupdate" withSysupdate) + (lib.mesonEnable "seccomp" withLibseccomp) (lib.mesonEnable "selinux" withSelinux) (lib.mesonEnable "tpm2" withTpm2Tss) (lib.mesonEnable "pcre2" withPCRE2) @@ -823,6 +821,9 @@ stdenv.mkDerivation (finalAttrs: { substituteInPlace $i --replace /bin/false ${coreutils}/bin/false done + # For compatibility with dependents that use sbin instead of bin. + ln -s bin "$out/sbin" + rm -rf $out/etc/rpm '' + lib.optionalString (!withKernelInstall) '' # "kernel-install" shouldn't be used on NixOS. @@ -925,8 +926,9 @@ stdenv.mkDerivation (finalAttrs: { maintainers = with lib.maintainers; [ flokli kloenk ]; platforms = lib.platforms.linux; priority = 10; - badPlatforms = [ lib.systems.inspect.platformPatterns.isStatic ]; - # https://github.com/systemd/systemd/issues/20600#issuecomment-912338965 - broken = stdenv.hostPlatform.isStatic; + badPlatforms = [ + # https://github.com/systemd/systemd/issues/20600#issuecomment-912338965 + lib.systems.inspect.platformPatterns.isStatic + ]; }; }) |