diff --git a/pkgs/tools/security/nsjail/001-fix-bison-link-error.patch b/pkgs/tools/security/nsjail/001-fix-bison-link-error.patch new file mode 100644 index 00000000000..427cea5b02b --- /dev/null +++ b/pkgs/tools/security/nsjail/001-fix-bison-link-error.patch @@ -0,0 +1,30 @@ +From 8e309a0af0851ab54ca7c6d51b6f3d19ee42c8ee Mon Sep 17 00:00:00 2001 +From: Evangelos Foutras +Date: Wed, 17 Mar 2021 16:36:40 +0200 +Subject: [PATCH] Replace YYUSE call with void cast in src/parser.y + +The YYUSE macro was renamed to YY_USE in bison 3.7.5; we might as well +avoid using it altogether and cast the unused variable to void instead. + +Fixes the following linker error: + +/usr/bin/ld: kafel/libkafel.a(libkafel.o): in function `kafel_yyerror': +arm_syscalls.c:(.text+0x6984): undefined reference to `YYUSE' +--- + src/parser.y | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/parser.y b/src/parser.y +index e0f109c..0e01373 100644 +--- a/kafel/src/parser.y ++++ b/kafel/src/parser.y +@@ -420,8 +420,8 @@ const_def + + void yyerror(YYLTYPE * loc, struct kafel_ctxt* ctxt, yyscan_t scanner, + const char *msg) { ++ (void)scanner; /* suppress unused-parameter warning */ + if (!ctxt->lexical_error) { +- YYUSE(scanner); + if (loc->filename != NULL) { + append_error(ctxt, "%s:%d:%d: %s", loc->filename, loc->first_line, loc->first_column, msg); + } else { diff --git a/pkgs/tools/security/nsjail/default.nix b/pkgs/tools/security/nsjail/default.nix index d48564ce95b..568113368a0 100644 --- a/pkgs/tools/security/nsjail/default.nix +++ b/pkgs/tools/security/nsjail/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation rec { pname = "nsjail"; - version = "3.0"; + version = "3.0"; # Bumping? Remove the bison patch. src = fetchFromGitHub { owner = "google"; @@ -18,6 +18,11 @@ stdenv.mkDerivation rec { buildInputs = [ libnl protobuf protobufc ]; enableParallelBuilding = true; + patches = [ + # To remove after bumping 3.0 + ./001-fix-bison-link-error.patch + ]; + preBuild = '' makeFlagsArray+=(USER_DEFINES='-DNEWUIDMAP_PATH=${shadow}/bin/newuidmap -DNEWGIDMAP_PATH=${shadow}/bin/newgidmap') '';