public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

selinux: Use fstack-protector=all

Browse Source
This commit is contained in:
William A. Kennington III 2015-07-31 13:02:41 -07:00
parent c06b1d84f1
commit f6e554f288
4 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/os-specific/linux/checkpolicy/default.nix
View File

@ -13,6 +13,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ bison flex ]; nativeBuildInputs = [ bison flex ];
buildInputs = [ libsepol ]; buildInputs = [ libsepol ];
NIX_CFLAGS_COMPILE = "-fstack-protector-all";
# Don't build tests # Don't build tests
postPatch = '' postPatch = ''
sed -i '/-C test/d' Makefile sed -i '/-C test/d' Makefile

4
pkgs/os-specific/linux/libselinux/default.nix
View File

@ -19,12 +19,12 @@ stdenv.mkDerivation rec {
buildInputs = [ pkgconfig libsepol pcre ] buildInputs = [ pkgconfig libsepol pcre ]
++ optionals enablePython [ swig python ]; ++ optionals enablePython [ swig python ];
NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89";
postPatch = optionalString enablePython '' postPatch = optionalString enablePython ''
sed -i -e 's|\$(LIBDIR)/libsepol.a|${libsepol}/lib/libsepol.a|' src/Makefile sed -i -e 's|\$(LIBDIR)/libsepol.a|${libsepol}/lib/libsepol.a|' src/Makefile
''; '';
NIX_CFLAGS_COMPILE = "-std=gnu89";
preBuild = '' preBuild = ''
# Build fails without this precreated # Build fails without this precreated
mkdir -p $out/include mkdir -p $out/include

4
pkgs/os-specific/linux/libsemanage/default.nix
View File

@ -13,13 +13,13 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ bison flex ]; nativeBuildInputs = [ bison flex ];
buildInputs = [ libsepol libselinux ustr bzip2 libaudit ]; buildInputs = [ libsepol libselinux ustr bzip2 libaudit ];
NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89";
preBuild = '' preBuild = ''
makeFlagsArray+=("PREFIX=$out") makeFlagsArray+=("PREFIX=$out")
makeFlagsArray+=("DESTDIR=$out") makeFlagsArray+=("DESTDIR=$out")
''; '';
NIX_CFLAGS_COMPILE = "-fstack-protector-all -std=gnu89";
meta = libsepol.meta // { meta = libsepol.meta // {
description = "Policy management tools for SELinux"; description = "Policy management tools for SELinux";
license = stdenv.lib.licenses.lgpl21; license = stdenv.lib.licenses.lgpl21;

2
pkgs/os-specific/linux/libsepol/default.nix
View File

@ -13,6 +13,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ flex ]; nativeBuildInputs = [ flex ];
NIX_CFLAGS_COMPILE = "-fstack-protector-all";
preBuild = '' preBuild = ''
makeFlagsArray+=("PREFIX=$out") makeFlagsArray+=("PREFIX=$out")
makeFlagsArray+=("DESTDIR=$out") makeFlagsArray+=("DESTDIR=$out")