bind: Disable seccomp on non-x86

The list of permitted syscalls in the seccomp sandbox is only defined
for x86. It fails to build otherwise:

````
In file included from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/magic.h:23:0,
                 from /tmp/nix-build-bind-9.10.4-P3.drv-0/bind-9.10.4-P3/lib/isc/include/isc/app.h:89,
                 from ./main.c:26:
./main.c: In function 'setup_seccomp':
./main.c:848:17: error: 'scmp_syscalls' undeclared (first use in this function)
  INSIST((sizeof(scmp_syscalls) / sizeof(int)) ==
````
This commit is contained in:
Tuomas Tynkkynen 2016-10-16 23:37:48 +03:00
parent 025c74f248
commit b4d8f8b8e2

View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, openssl, libtool, perl, libxml2
{ stdenv, lib, fetchurl, openssl, libtool, perl, libxml2
, libseccomp ? null }:
let version = "9.10.4-P3"; in
@ -33,8 +33,7 @@ stdenv.mkDerivation rec {
"--without-pkcs11"
"--without-purify"
"--without-python"
"--enable-seccomp"
];
] ++ lib.optional (stdenv.isi686 || stdenv.isx86_64) "--enable-seccomp";
postInstall = ''
moveToOutput bin/bind9-config $dev