From 4e6f5a305492be4d373f4a05e49b238a812f5dc6 Mon Sep 17 00:00:00 2001 From: Bruno Bigras Date: Fri, 30 Oct 2020 16:37:32 -0400 Subject: [PATCH] chrony: 3.5.1 -> 4.0 --- .../chrony/allow-clock_adjtime.patch | 26 ------------------- pkgs/tools/networking/chrony/default.nix | 13 +++------- .../networking/chrony/fix-seccomp-build.patch | 13 ---------- 3 files changed, 4 insertions(+), 48 deletions(-) delete mode 100644 pkgs/tools/networking/chrony/allow-clock_adjtime.patch delete mode 100644 pkgs/tools/networking/chrony/fix-seccomp-build.patch diff --git a/pkgs/tools/networking/chrony/allow-clock_adjtime.patch b/pkgs/tools/networking/chrony/allow-clock_adjtime.patch deleted file mode 100644 index 2fa3baca7221..000000000000 --- a/pkgs/tools/networking/chrony/allow-clock_adjtime.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0cf506c92967c84f9ed83ba9e1be946a7fda6425 Mon Sep 17 00:00:00 2001 -From: Miroslav Lichvar -Date: Mon, 2 Dec 2019 12:47:13 +0100 -Subject: sys_linux: allow clock_adjtime in seccomp filter - -The adjtimex() function in glibc was switched to the clock_adjtime -system call. - -diff --git a/sys_linux.c b/sys_linux.c -index 63eb8f1..fcf89c2 100644 ---- a/sys_linux.c -+++ b/sys_linux.c -@@ -478,8 +478,8 @@ SYS_Linux_EnableSystemCallFilter(int level) - { - const int syscalls[] = { - /* Clock */ -- SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday), -- SCMP_SYS(settimeofday), SCMP_SYS(time), -+ SCMP_SYS(adjtimex), SCMP_SYS(clock_adjtime), SCMP_SYS(clock_gettime), -+ SCMP_SYS(gettimeofday), SCMP_SYS(settimeofday), SCMP_SYS(time), - /* Process */ - SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid), - SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn), --- -cgit v0.10.2 - diff --git a/pkgs/tools/networking/chrony/default.nix b/pkgs/tools/networking/chrony/default.nix index 6c8254c797b7..374036d11a44 100644 --- a/pkgs/tools/networking/chrony/default.nix +++ b/pkgs/tools/networking/chrony/default.nix @@ -1,27 +1,22 @@ { stdenv, fetchurl, pkgconfig, libcap, readline, texinfo, nss, nspr -, libseccomp, pps-tools }: +, libseccomp, pps-tools, gnutls }: assert stdenv.isLinux -> libcap != null; stdenv.mkDerivation rec { pname = "chrony"; - version = "3.5.1"; + version = "4.0"; src = fetchurl { url = "https://download.tuxfamily.org/chrony/${pname}-${version}.tar.gz"; - sha256 = "19ywl8a3lb2id7lcna5hp2g4pjnfwdc9ihr0fk6i9m45vdq2za0v"; + sha256 = "09f6w2x5h5kamb4rhcbaz911q1f730qdalgsn8s48yjyqlafl9xy"; }; - patches = [ - ./allow-clock_adjtime.patch - ./fix-seccomp-build.patch - ]; - postPatch = '' patchShebangs test ''; - buildInputs = [ readline texinfo nss nspr ] + buildInputs = [ readline texinfo nss nspr gnutls ] ++ stdenv.lib.optionals stdenv.isLinux [ libcap libseccomp pps-tools ]; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/tools/networking/chrony/fix-seccomp-build.patch b/pkgs/tools/networking/chrony/fix-seccomp-build.patch deleted file mode 100644 index 6888e7efeb72..000000000000 --- a/pkgs/tools/networking/chrony/fix-seccomp-build.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/sys_linux.c b/sys_linux.c -index 898dc7a7f75..fcd334ecf03 100644 ---- a/sys_linux.c -+++ b/sys_linux.c -@@ -503,7 +503,7 @@ SYS_Linux_EnableSystemCallFilter(int level) - SCMP_SYS(socketcall), - /* General I/O */ - SCMP_SYS(_newselect), SCMP_SYS(close), SCMP_SYS(open), SCMP_SYS(openat), SCMP_SYS(pipe), -- SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(ppoll), SCMP_SYS(pselect6), SCMP_SYS(read), -+ SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(pselect6), SCMP_SYS(read), - SCMP_SYS(futex), SCMP_SYS(select), SCMP_SYS(set_robust_list), SCMP_SYS(write), - /* Miscellaneous */ - SCMP_SYS(getrandom), SCMP_SYS(sysinfo), SCMP_SYS(uname),