colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

landlock-sandboxer: build against latest compatible linux

Browse Source
This commit is contained in:
Colin 2024-01-31 17:45:46 +00:00
parent 1d72e13a98
commit 2d4fc4f274
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkgs/additional/landlock-sandboxer/default.nix
View File

@ -1,9 +1,14 @@
# N.B.: landlock is a relatively new thing as of 2024/01;
# `pkgs.linux` is kinda old.
# may want to use `linux_latest`, here and everywhere, if you find landlock to be lacking.
# N.B.: landlock is a relatively new thing as of 2024/01, and undergoing ABI revisions.
# the ABI is versioned, and the sandboxer will work when run against either a newer or older kernel than it was built from,
# but it will complain (stderr) if the kernel announces an ABI version greater than that which the sandboxer knows of.
# so, build against the latest linux we can.
{ stdenv
, linux
, linuxKernel
}:
let
# linux = linuxKernel.kernels.linux_6_7; # build fails
linux = linuxKernel.kernels.linux_6_6;
in
stdenv.mkDerivation rec {
pname = "landlock-sandboxer";
version = linux.version;