From c67d8bcabe33e7dd8effa25510f4aca3a2442ce1 Mon Sep 17 00:00:00 2001 From: aszlig Date: Sun, 26 Aug 2012 07:36:57 +0200 Subject: [PATCH] chromium: Don't use the sandbox patch on v21. The patch doesn't apply in version 22 and newer, because mode 1 sandboxes are connsidered "legacy" (well, apart from the fact that I'd personally prefer BPF anyway), for reasons I wasn't able to find, yet. But let's proceed on BPF integration and thus gain more insight on the exact reasons. --- pkgs/applications/networking/browsers/chromium/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix index 5949be2a4c80..f9424f4d614a 100644 --- a/pkgs/applications/networking/browsers/chromium/default.nix +++ b/pkgs/applications/networking/browsers/chromium/default.nix @@ -77,6 +77,10 @@ let xdg_utils yasm zlib ]; + needSeccompPatch = + stdenv.lib.versionOlder sourceInfo.version "22.0.0.0" + && !config.selinux; + in stdenv.mkDerivation rec { name = "${packageName}-${version}"; packageName = "chromium"; @@ -108,7 +112,7 @@ in stdenv.mkDerivation rec { prePatch = "patchShebangs ."; - patches = stdenv.lib.optional (!config.selinux) ./enable_seccomp.patch + patches = stdenv.lib.optional needSeccompPatch ./enable_seccomp.patch ++ stdenv.lib.optional config.cups ./cups_allow_deprecated.patch ++ stdenv.lib.optional config.pulseaudio ./pulseaudio_array_bounds.patch;