commit 957db96d53a6167262f4a5fa234e21a6e92140f0 · pyrox.dev/nixpkgs

+8 -2

nixos/tests/apparmor.nix

···

       1
       1
       -
       import ./make-test-python.nix ({ pkgs, ... } : {

     

       1
       1
       +
       import ./make-test-python.nix ({ pkgs, lib, ... } : {

     

       2
       2
        
         name = "apparmor";

     

       3
       3
        
         meta.maintainers = with lib.maintainers; [ julm ];

     

       4
       4
        
       

     
···

       27
       27
        
             # 4. Using `diff` against the expected output.

     

       28
       28
        
             with subtest("apparmorRulesFromClosure"):

     

       29
       29
        
                 machine.succeed(

     

       30
       30
       -
                     "${pkgs.diffutils}/bin/diff ${pkgs.writeText "expected.rules" ''

     

       30
       30
       +
                     "${pkgs.diffutils}/bin/diff -u ${pkgs.writeText "expected.rules" ''

     

       31
       31
        
                         mr ${pkgs.bash}/lib/**.so*,

     

       32
       32
        
                         r ${pkgs.bash},

     

       33
       33
        
                         r ${pkgs.bash}/etc/**,

     
···

       64
       64
        
                         r ${pkgs.libunistring}/lib/**,

     

       65
       65
        
                         r ${pkgs.libunistring}/share/**,

     

       66
       66
        
                         x ${pkgs.libunistring}/foo/**,

     

       67
       67
       +
                         mr ${pkgs.glibc.libgcc}/lib/**.so*,

     

       68
       68
       +
                         r ${pkgs.glibc.libgcc},

     

       69
       69
       +
                         r ${pkgs.glibc.libgcc}/etc/**,

     

       70
       70
       +
                         r ${pkgs.glibc.libgcc}/lib/**,

     

       71
       71
       +
                         r ${pkgs.glibc.libgcc}/share/**,

     

       72
       72
       +
                         x ${pkgs.glibc.libgcc}/foo/**,

     

       67
       73
        
                     ''} ${pkgs.runCommand "actual.rules" { preferLocalBuild = true; } ''

     

       68
       74
        
                         ${pkgs.gnused}/bin/sed -e 's:^[^ ]* ${builtins.storeDir}/[^,/-]*-\([^/,]*\):\1 \0:' ${

     

       69
       75
        
                             pkgs.apparmorRulesFromClosure {

+2 -2

pkgs/os-specific/linux/apparmor/default.nix

···

       22
       22
        
       }:

     

       23
       23
        
       

     

       24
       24
        
       let

     

       25
       25
       -
         apparmor-version = "3.1.3";

     

       25
       25
       +
         apparmor-version = "3.1.4";

     

       26
       26
        
       

     

       27
       27
        
         apparmor-meta = component: with lib; {

     

       28
       28
        
           homepage = "https://apparmor.net/";

     
···

       36
       36
        
           owner = "apparmor";

     

       37
       37
        
           repo = "apparmor";

     

       38
       38
        
           rev = "v${apparmor-version}";

     

       39
       39
       -
           hash = "sha256-6N1BStOXKui6BxSriWVoOkvyGRUJ4btsloHh/SsG/JE=";

     

       39
       39
       +
           hash = "sha256-YWPdIUd+2x74tqiW+YX8NKh3jxSKhD+5zdiDMjhPzpE=";

     

       40
       40
        
         };

     

       41
       41
        
       

     

       42
       42
        
         aa-teardown = writeShellScript "aa-teardown" ''