grsecurity: work around #19698
This is a temporary work-around to fix using grsecurity on NixOS with the new kernelPackages/kernelPatches machinery. For whatever reason, when `security.grsecurity.enable = true`, the grsec patch ends up being applied twice, causing the kernel build to fail. Until the root cause of this is identified, we hack around it by simply pruning duplicate patches in the grsec kernel builder. Closes #19698
This commit is contained in:
parent
2406387fd6
commit
6d1bf921fa
@ -21,7 +21,7 @@ assert (kernel.version == grsecPatch.kver);
|
||||
|
||||
overrideDerivation (kernel.override {
|
||||
inherit modDirVersion;
|
||||
kernelPatches = [ grsecPatch ] ++ kernelPatches ++ (kernel.kernelPatches or []);
|
||||
kernelPatches = lib.unique ([ grsecPatch ] ++ kernelPatches ++ (kernel.kernelPatches or []));
|
||||
extraConfig = ''
|
||||
GRKERNSEC y
|
||||
PAX y
|
||||
|
Loading…
Reference in New Issue
Block a user