Conversation
…it2/ Previous homepage returned 404.
Enables instrumentation of the security hooks with BPF programs for implementing dynamic MAC and Audit Policies. The BPF LSM was merged into the Linux kernel 5.7 This has already been enabled in Fedora (version 33 onwards), Ubuntu (Hirsute Hippo), Flatcar Linux, Arch Linux. Distros like Ubuntu don't enable bpf in CONFIG_LSM by default to avoid any performance penalty so similar to that this commit enables CONFIG_BPF_LSM but doesn't add bpf to the default list in CONFIG_LSM, users willing to use this feature could boot with the lsm=...bpf parameter on the kernel https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=641cd7b06c911c5935c34f24850ea18690649917 https://outflux.net/blog/archives/2020/09/21/security-things-in-linux-v5-7/ https://lwn.net/Articles/813057/ flatcar/Flatcar#343 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905975 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983329
Some literal tabs within strings should probably be spaces `\t`, but I'm not familiar enough to make that call.
I've tried to be consistent, using four or eight spaces to line up with existing code.
git: 2.33.1 -> 2.34.0
gnome2.ORBit2: explicitly disable build parallelism due to missing depends
More risky since it affects the inside of strings.
Fix indentation
https://github.com/bmwiedemann/openSUSE/blob/master/packages/m/mariadb-connector-c/mariadb-connector-c.spec#L152 #146340 arch, however, packages it in their mariadb-libs package which provides connector-c so a nixpkgs mariadb maintainer may want to look into that https://archlinux.org/packages/extra/x86_64/mariadb-libs/files/
Contributor
Author
|
Well, we keep getting large rebuilds merged into master which keep delaying this. (e.g. #147343) Going to merge as x86_64-linux rebuild count is <500 |
ofborg
bot
added
10.rebuild-darwin: 0
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation for this change
constitutents: https://hydra.nixos.org/job/nixpkgs/staging-next/unstable#tabs-constituents
jobset: https://hydra.nixos.org/jobset/nixpkgs/staging-next
Staging has returned to regular schedule, these changes will not end up in 21.11 (unless backported)
Previous staging-next: #146259
Things done
sandbox = trueset innix.conf? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)nixos/doc/manual/md-to-db.shto update generated release notes