nixpkgs/patches/apparmor.diff

   1 diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix
   2 index da8cfac3e07..c6c72cc4e52 100644
   3 --- a/pkgs/os-specific/linux/apparmor/default.nix
   4 +++ b/pkgs/os-specific/linux/apparmor/default.nix
   5 @@ -20,8 +20,8 @@
   6  }:
   7
   8  let
   9 -  apparmor-series = "2.13";
  10 -  apparmor-patchver = "5";
  11 +  apparmor-series = "3.0";
  12 +  apparmor-patchver = "0";
  13    apparmor-version = apparmor-series + "." + apparmor-patchver;
  14
  15    apparmor-meta = component: with stdenv.lib; {
  16 @@ -33,8 +33,8 @@ let
  17    };
  18
  19    apparmor-sources = fetchurl {
  20 -    url = "https://launchpad.net/apparmor/${apparmor-series}/${apparmor-version}/+download/apparmor-${apparmor-version}.tar.gz";
  21 -    sha256 = "05x7r99k00r97v1cq2f711lv6yqzhbl8zp1i1c7kxra4v0a2lzk3";
  22 +    url = "https://launchpad.net/apparmor/${apparmor-series}/${apparmor-series}/+download/apparmor-${apparmor-version}.tar.gz";
  23 +    sha256 = "0pkm8f619c0ra8kpjmarzl9d409dn4sy0kl6mb92gd0ywlgpbzb6";
  24    };
  25
  26    aa-teardown = writeShellScript "aa-teardown" ''
  27 @@ -146,7 +146,7 @@ let
  28
  29      postInstall = ''
  30        sed -i $out/bin/aa-unconfined -e "/my_env\['PATH'\]/d"
  31 -      for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-status aa-unconfined ; do
  32 +      for prog in aa-audit aa-autodep aa-cleanprof aa-complain aa-disable aa-enforce aa-genprof aa-logprof aa-mergeprof aa-unconfined ; do
  33          wrapProgram $out/bin/$prog --prefix PYTHONPATH : "$out/lib/${python.libPrefix}/site-packages:$PYTHONPATH"
  34        done
  35
  36 @@ -156,8 +156,6 @@ let
  37        makeWrapper ${perl}/bin/perl $out/bin/aa-notify --set PERL5LIB ${libapparmor}/${perl.libPrefix} --add-flags $out/bin/aa-notify-wrapped
  38
  39        substituteInPlace $out/bin/aa-remove-unknown \
  40 -       --replace "/usr/bin/aa-status" "$out/bin/aa-status" \
  41 -       --replace "/sbin/modprobe" "${kmod}/bin/modprobe" \
  42         --replace "/lib/apparmor/rc.apparmor.functions" "${apparmor-parser}/lib/apparmor/rc.apparmor.functions"
  43        wrapProgram $out/bin/aa-remove-unknown \
  44         --prefix PATH : ${lib.makeBinPath [gawk]}
  45 @@ -190,7 +188,7 @@ let
  46      prePatch = prePatchCommon;
  47      postPatch = "cd ./binutils";
  48      makeFlags = [ "LANGS=" "USE_SYSTEM=1" ];
  49 -    installFlags = [ "DESTDIR=$(out)" "BINDIR=$(out)/bin" ];
  50 +    installFlags = [ "DESTDIR=$(out)" "BINDIR=$(out)/bin" "SBINDIR=$(out)/bin" ];
  51
  52      inherit doCheck;
  53
  54 @@ -294,7 +292,8 @@ let
  55          # eg. glibc-2.30/lib/gconv/gconv-modules
  56          "r $path/lib/**"
  57        ]
  58 -    }: rootPaths: runCommand "apparmor-closure-rules" {} ''
  59 +    , name ? ""
  60 +    }: rootPaths: runCommand "apparmor-closure-rules${optionalString (name != "") "-${name}"}" {} ''
  61      touch $out
  62      while read -r path
  63      do printf >>$out "%s,\n" ${lib.concatMapStringsSep " " (x: "\"${x}\"") (baseRules ++ additionalRules)}