chrony: 3.5.1 -> 4.0

This commit is contained in:
Bruno Bigras 2020-10-30 16:37:32 -04:00
parent 989b403c7f
commit 4e6f5a3054
3 changed files with 4 additions and 48 deletions

View file

@ -1,26 +0,0 @@
From 0cf506c92967c84f9ed83ba9e1be946a7fda6425 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 2 Dec 2019 12:47:13 +0100
Subject: sys_linux: allow clock_adjtime in seccomp filter
The adjtimex() function in glibc was switched to the clock_adjtime
system call.
diff --git a/sys_linux.c b/sys_linux.c
index 63eb8f1..fcf89c2 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -478,8 +478,8 @@ SYS_Linux_EnableSystemCallFilter(int level)
{
const int syscalls[] = {
/* Clock */
- SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday),
- SCMP_SYS(settimeofday), SCMP_SYS(time),
+ SCMP_SYS(adjtimex), SCMP_SYS(clock_adjtime), SCMP_SYS(clock_gettime),
+ SCMP_SYS(gettimeofday), SCMP_SYS(settimeofday), SCMP_SYS(time),
/* Process */
SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid),
SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn),
--
cgit v0.10.2

View file

@ -1,27 +1,22 @@
{ stdenv, fetchurl, pkgconfig, libcap, readline, texinfo, nss, nspr
, libseccomp, pps-tools }:
, libseccomp, pps-tools, gnutls }:
assert stdenv.isLinux -> libcap != null;
stdenv.mkDerivation rec {
pname = "chrony";
version = "3.5.1";
version = "4.0";
src = fetchurl {
url = "https://download.tuxfamily.org/chrony/${pname}-${version}.tar.gz";
sha256 = "19ywl8a3lb2id7lcna5hp2g4pjnfwdc9ihr0fk6i9m45vdq2za0v";
sha256 = "09f6w2x5h5kamb4rhcbaz911q1f730qdalgsn8s48yjyqlafl9xy";
};
patches = [
./allow-clock_adjtime.patch
./fix-seccomp-build.patch
];
postPatch = ''
patchShebangs test
'';
buildInputs = [ readline texinfo nss nspr ]
buildInputs = [ readline texinfo nss nspr gnutls ]
++ stdenv.lib.optionals stdenv.isLinux [ libcap libseccomp pps-tools ];
nativeBuildInputs = [ pkgconfig ];

View file

@ -1,13 +0,0 @@
diff --git a/sys_linux.c b/sys_linux.c
index 898dc7a7f75..fcd334ecf03 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -503,7 +503,7 @@ SYS_Linux_EnableSystemCallFilter(int level)
SCMP_SYS(socketcall),
/* General I/O */
SCMP_SYS(_newselect), SCMP_SYS(close), SCMP_SYS(open), SCMP_SYS(openat), SCMP_SYS(pipe),
- SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(ppoll), SCMP_SYS(pselect6), SCMP_SYS(read),
+ SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(pselect6), SCMP_SYS(read),
SCMP_SYS(futex), SCMP_SYS(select), SCMP_SYS(set_robust_list), SCMP_SYS(write),
/* Miscellaneous */
SCMP_SYS(getrandom), SCMP_SYS(sysinfo), SCMP_SYS(uname),