Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 86de155951a0
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: f2e1e7f3cd9f
Choose a head ref
  • 2 commits
  • 1 file changed
  • 2 contributors

Commits on Jun 10, 2017

  1. Update runc to 1.0.0-rc3 

    - Fix compilation problems
- Remove patches as those are included in the sources now

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
    @vdemeester
    vdemeester committed Jun 10, 2017
    Copy the full SHA
    46b00e0 View commit details

  2. Merge pull request #26503 from vdemeester/update-runc 

    Update runc to 1.0.0-rc3
    @Mic92
    Mic92 authored Jun 10, 2017
    Copy the full SHA
    f2e1e7f View commit details
Showing with 11 additions and 17 deletions.
  1. +11 −17 pkgs/applications/virtualization/runc/default.nix
28 changes: 11 additions & 17 deletions pkgs/applications/virtualization/runc/default.nix
View file
Original file line number Diff line number Diff line change
@@ -5,30 +5,15 @@ with lib;

stdenv.mkDerivation rec {
name = "runc-${version}";
version = "1.0.0-rc2";
version = "1.0.0-rc3";

src = fetchFromGitHub {
owner = "opencontainers";
repo = "runc";
rev = "v${version}";
sha256 = "06bxc4g3frh4i1lkzvwdcwmzmr0i52rz4a4pij39s15zaigm79wk";
sha256 = "14hdhnni0rz3g0bhcaq95zn2zrhyds0mq2pm2padbamg4bgq4r1c";
};

patches = [
# Two patches to fix CVE-2016-9962
# From https://bugzilla.suse.com/show_bug.cgi?id=1012568
(fetchpatch {
name = "0001-libcontainer-nsenter-set-init-processes-as-non-dumpa.patch";
url = "https://bugzilla.suse.com/attachment.cgi?id=709048&action=diff&context=patch&collapsed=&headers=1&format=raw";
sha256 = "1cfsmsyhc45a2929825mdaql0mrhhbrgdm54ly0957j2f46072ck";
})
(fetchpatch {
name = "0002-libcontainer-init-only-pass-stateDirFd-when-creating.patch";
url = "https://bugzilla.suse.com/attachment.cgi?id=709049&action=diff&context=patch&collapsed=&headers=1&format=raw";
sha256 = "1ykwg1mbvsxsnsrk9a8i4iadma1g0rgdmaj19dvif457hsnn31wl";
})
];

outputs = [ "out" "man" ];

hardeningDisable = ["fortify"];
@@ -37,7 +22,16 @@ stdenv.mkDerivation rec {

makeFlags = ''BUILDTAGS+=seccomp BUILDTAGS+=apparmor'';

preConfigure = ''
# Extract the source
cd "$NIX_BUILD_TOP"
mkdir -p "go/src/github.com/opencontainers"
mv "$sourceRoot" "go/src/github.com/opencontainers/runc"
export GOPATH=$NIX_BUILD_TOP/go:$GOPATH
'';

preBuild = ''
cd go/src/github.com/opencontainers/runc
patchShebangs .
substituteInPlace libcontainer/apparmor/apparmor.go \
--replace /sbin/apparmor_parser ${apparmor-parser}/bin/apparmor_parser