From 399f5ea75edae655527781a62f6907974cd07625 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 13 May 2020 22:11:32 +1000 Subject: [PATCH 1/5] cri-o: remove propagated inputs, update buildtags --- pkgs/applications/virtualization/cri-o/default.nix | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/virtualization/cri-o/default.nix b/pkgs/applications/virtualization/cri-o/default.nix index 14cac153399..3796b8857b7 100644 --- a/pkgs/applications/virtualization/cri-o/default.nix +++ b/pkgs/applications/virtualization/cri-o/default.nix @@ -6,8 +6,6 @@ , gpgme , installShellFiles , libapparmor -, libassuan -, libgpgerror , libseccomp , libselinux , lvm2 @@ -32,15 +30,15 @@ buildGoModule rec { btrfs-progs gpgme libapparmor - libassuan - libgpgerror libseccomp libselinux lvm2 ] ++ stdenv.lib.optionals (glibc != null) [ glibc glibc.static ]; - BUILDTAGS = "apparmor seccomp selinux containers_image_ostree_stub"; + BUILDTAGS = "apparmor seccomp selinux containers_image_openpgp containers_image_ostree_stub"; buildPhase = '' + patchShebangs . + sed -i '/version.buildDate/d' Makefile make binaries docs BUILDTAGS="$BUILDTAGS" From e142fbb3f7545863268b82440cb16bf1266add86 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 13 May 2020 21:37:47 +1000 Subject: [PATCH 2/5] podman: add libapparmor, libselinux --- pkgs/applications/virtualization/podman/default.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/virtualization/podman/default.nix b/pkgs/applications/virtualization/podman/default.nix index 995d571a192..e88e0a60c5e 100644 --- a/pkgs/applications/virtualization/podman/default.nix +++ b/pkgs/applications/virtualization/podman/default.nix @@ -6,7 +6,9 @@ , gpgme , lvm2 , btrfs-progs +, libapparmor , libseccomp +, libselinux , systemd , go-md2man , nixosTests @@ -29,7 +31,15 @@ buildGoModule rec { nativeBuildInputs = [ pkg-config go-md2man installShellFiles ]; - buildInputs = stdenv.lib.optionals stdenv.isLinux [ btrfs-progs libseccomp gpgme lvm2 systemd ]; + buildInputs = stdenv.lib.optionals stdenv.isLinux [ + btrfs-progs + gpgme + libapparmor + libseccomp + libselinux + lvm2 + systemd + ]; buildPhase = '' patchShebangs . From b57ae988643eed4d05e5b2671e42abb054edee0a Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 13 May 2020 21:37:48 +1000 Subject: [PATCH 3/5] runc: add libselinux, update buildtags --- pkgs/applications/virtualization/runc/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/virtualization/runc/default.nix b/pkgs/applications/virtualization/runc/default.nix index 95db2a1d9e9..1bf6b3d574a 100644 --- a/pkgs/applications/virtualization/runc/default.nix +++ b/pkgs/applications/virtualization/runc/default.nix @@ -8,6 +8,7 @@ , libapparmor , apparmor-parser , libseccomp +, libselinux }: buildGoPackage rec { @@ -25,9 +26,11 @@ buildGoPackage rec { outputs = [ "out" "man" ]; nativeBuildInputs = [ go-md2man installShellFiles pkg-config which ]; - buildInputs = [ libseccomp libapparmor apparmor-parser ]; - makeFlags = [ "BUILDTAGS+=seccomp" "BUILDTAGS+=apparmor" ]; + buildInputs = [ libselinux libseccomp libapparmor apparmor-parser ]; + + # these will be the default in the next release + makeFlags = [ "BUILDTAGS+=seccomp" "BUILDTAGS+=apparmor" "BUILDTAGS+=selinux" ]; buildPhase = '' cd go/src/${goPackagePath} From 65be068b0b4ea88f9636a28a472fd2f28dfcc967 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 13 May 2020 21:37:48 +1000 Subject: [PATCH 4/5] buildah: remove propagated input, add libapparmor --- pkgs/development/tools/buildah/default.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/buildah/default.nix b/pkgs/development/tools/buildah/default.nix index 0171dfc0543..d033fe52e6c 100644 --- a/pkgs/development/tools/buildah/default.nix +++ b/pkgs/development/tools/buildah/default.nix @@ -4,9 +4,9 @@ , installShellFiles , pkg-config , gpgme -, libgpgerror , lvm2 , btrfs-progs +, libapparmor , libselinux , libseccomp }: @@ -27,9 +27,18 @@ buildGoModule rec { vendorSha256 = null; nativeBuildInputs = [ installShellFiles pkg-config ]; - buildInputs = [ gpgme libgpgerror lvm2 btrfs-progs libselinux libseccomp ]; + + buildInputs = [ + btrfs-progs + gpgme + libapparmor + libseccomp + libselinux + lvm2 + ]; buildPhase = '' + patchShebangs . make GIT_COMMIT="unknown" make -C docs ''; From f28b0d64ad4567bd0968f025cc7dd13fa6b32230 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Wed, 13 May 2020 22:11:34 +1000 Subject: [PATCH 5/5] skopeo: remove outdated/propagated inputs --- pkgs/development/tools/skopeo/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/skopeo/default.nix b/pkgs/development/tools/skopeo/default.nix index e9fc9a969a7..5532c3088e0 100644 --- a/pkgs/development/tools/skopeo/default.nix +++ b/pkgs/development/tools/skopeo/default.nix @@ -3,11 +3,9 @@ , fetchFromGitHub , runCommand , gpgme -, libgpgerror , lvm2 , btrfs-progs , pkg-config -, libselinux , go-md2man , installShellFiles , makeWrapper @@ -41,8 +39,9 @@ buildGoModule { excludedPackages = [ "integration" ]; nativeBuildInputs = [ pkg-config go-md2man installShellFiles makeWrapper ]; + buildInputs = [ gpgme ] - ++ stdenv.lib.optionals stdenv.isLinux [ libgpgerror lvm2 btrfs-progs libselinux ]; + ++ stdenv.lib.optionals stdenv.isLinux [ lvm2 btrfs-progs ]; buildFlagsArray = '' -ldflags=