nixpkgs/pkgs/os-specific
Vincent Haupert ca0120a4bc systemd: enable BPF_FRAMEWORK by default (withLibBPF=true)
So far, we have been building Systemd without `BPF_FRAMEWORK`. As a
result, some Systemd features like `RestrictNetworkInterfaces=` cannot
work. To make things worse, Systemd doesn't even complain when using a
feature which requires `+BPF_FRAMEWORK`; yet, the option has no effect:

    # systemctl --version | grep -o "\-BPF_FRAMEWORK"
    -BPF_FRAMEWORK
    # systemd-run -t -p RestrictNetworkInterfaces="lo" ping -c 1 8.8.8.8

This commit enables `BPF_FRAMEWORK` by default. This is in line with
other distros (e.g., Fedora). Also note that BPF does not support stack
protector: https://lkml.org/lkml/2020/2/21/1000. To that end, I added a
small `CFLAGS` patch to the BPF building to keep using stack protector
as a default.

I also added an appropriate NixOS test.
2022-08-21 12:22:16 +02:00
..
bsd netbsd.compat: don't use musl's sys/cdefs.h 2022-01-06 14:22:07 +00:00
darwin spacebar: 1.2.1 -> 1.4.0 2022-08-17 12:11:29 -04:00
linux systemd: enable BPF_FRAMEWORK by default (withLibBPF=true) 2022-08-21 12:22:16 +02:00
solo5 solo5: fix paths detection in compiler and linker wrappers. 2022-08-13 07:45:54 -05:00
windows windows.mingw_w64: enable stripping 2022-07-28 21:55:15 +01:00