chromium: Don't use the sandbox patch on v21.

The patch doesn't apply in version 22 and newer, because mode 1 sandboxes are
connsidered "legacy" (well, apart from the fact that I'd personally prefer BPF
anyway), for reasons I wasn't able to find, yet. But let's proceed on BPF
integration and thus gain more insight on the exact reasons.
This commit is contained in:
aszlig 2012-08-26 07:36:57 +02:00
parent b1a6a98139
commit c67d8bcabe
No known key found for this signature in database
GPG Key ID: D0EBD0EC8C2DC961

View File

@ -77,6 +77,10 @@ let
xdg_utils yasm zlib
];
needSeccompPatch =
stdenv.lib.versionOlder sourceInfo.version "22.0.0.0"
&& !config.selinux;
in stdenv.mkDerivation rec {
name = "${packageName}-${version}";
packageName = "chromium";
@ -108,7 +112,7 @@ in stdenv.mkDerivation rec {
prePatch = "patchShebangs .";
patches = stdenv.lib.optional (!config.selinux) ./enable_seccomp.patch
patches = stdenv.lib.optional needSeccompPatch ./enable_seccomp.patch
++ stdenv.lib.optional config.cups ./cups_allow_deprecated.patch
++ stdenv.lib.optional config.pulseaudio ./pulseaudio_array_bounds.patch;