dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
ca0120a4bc
nixpkgs/pkgs/os-specific/linux/systemd
History
Vincent Haupert ca0120a4bc systemd: enable BPF_FRAMEWORK by default (withLibBPF=true) 
So far, we have been building Systemd without `BPF_FRAMEWORK`. As a
result, some Systemd features like `RestrictNetworkInterfaces=` cannot
work. To make things worse, Systemd doesn't even complain when using a
feature which requires `+BPF_FRAMEWORK`; yet, the option has no effect:

    # systemctl --version | grep -o "\-BPF_FRAMEWORK"
    -BPF_FRAMEWORK
    # systemd-run -t -p RestrictNetworkInterfaces="lo" ping -c 1 8.8.8.8

This commit enables `BPF_FRAMEWORK` by default. This is in line with
other distros (e.g., Fedora). Also note that BPF does not support stack
protector: https://lkml.org/lkml/2020/2/21/1000. To that end, I added a
small `CFLAGS` patch to the BPF building to keep using stack protector
as a default.

I also added an appropriate NixOS test.
2022-08-21 12:22:16 +02:00
..
0001-Start-device-units-for-uninitialised-encrypted-devic.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0002-Don-t-try-to-unmount-nix-or-nix-store.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0003-Fix-NixOS-containers.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0004-Look-for-fsck-in-the-right-place.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0005-Add-some-NixOS-specific-unit-directories.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0006-Get-rid-of-a-useless-message-in-user-sessions.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0007-hostnamed-localed-timedated-disable-methods-that-cha.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0008-Fix-hwdb-paths.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0010-localectl-use-etc-X11-xkb-for-list-x11.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0012-add-rootprefix-to-lookup-dir-paths.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0013-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0014-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0015-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0016-pkg-config-derive-prefix-from-prefix.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
0017-inherit-systemd-environment-when-calling-generators.patch nixos/systemd: make sure all the device nodes are created in stage1 2022-07-22 10:01:21 +03:00
default.nix systemd: enable BPF_FRAMEWORK by default (withLibBPF=true) 2022-08-21 12:22:16 +02:00