prior to this, building with iptables-1.8.9 failed with
> make[2]: Entering directory '/tmp/nix-shell.okX50g/tmp.O3HX8QruLZ/source/src/usr/iptables'
> gcc -Wall -pedantic -std=gnu11 -O2 -I../.. -I/nix/store/h6saqb0001ps7mwi1c40m90f53af1hpj-iptables-1.8.9-dev/include -D_INIT=libxt_JOOL_SIIT_init -fPIC -c -o libxt_JOOL_SIIT.o libxt_JOOL_SIIT.c;
> gcc -shared -fPIC -o libxt_JOOL_SIIT.so libxt_JOOL_SIIT.o;
> /nix/store/f4qnwzv6y0nq8lix33jr5ykkyybs6fxf-binutils-2.40/bin/ld: libxt_JOOL_SIIT.o: in function `_init':
> libxt_JOOL_SIIT.c:(.text+0x150): multiple definition of `_init'; /nix/store/1n2l5law9g3b77hcfyp50vrhhssbrj5g-glibc-2.37-8/lib/crti.o:(.init+0x0): first defined here
> collect2: error: ld returned 1 exit status
> make[2]: *** [Makefile:37: libxt_JOOL_SIIT.so] Error 1
This adds the upstream fix from 490ddb0933
continuation of #109595
pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.
python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
I don't think this really makes sense, because upstream doesn't list any constraints on supported kernel versions, and worst case it'll just fail to build.
The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow