pkgs/tools/security/ecryptfs/default.nix at 15.09-beta

pyrox.dev / nixpkgs
fork atom
lol
fork atom
nixpkgs / pkgs / tools / security / ecryptfs / default.nix
at 15.09-beta 57 lines 2.4 kB view raw
wrap content
obadz ecryptfs: 10y ago
172522e1
 1{ stdenv, fetchurl, pkgconfig, perl, utillinux, keyutils, nss, nspr, python, pam
 2, intltool, makeWrapper, coreutils, bash, gettext, cryptsetup, lvm2, rsync, which, lsof }:
 3
 4stdenv.mkDerivation rec {
 5  name = "ecryptfs-${version}";
 6  version = "108";
 7
 8  src = fetchurl {
 9    url = "http://launchpad.net/ecryptfs/trunk/${version}/+download/ecryptfs-utils_${version}.orig.tar.gz";
10    sha256 = "1pfpzc907m4qi5h2rxmkqq072c6g22pik2rilj4bl4qishd8p0sj";
11  };
12
13  #TODO: replace wrapperDir below with from <nixos> config.security.wrapperDir;
14  postPatch = ''
15    FILES="$(grep -r '/bin/sh' src/utils -l; find src -name \*.c)"
16    for file in $FILES; do
17      substituteInPlace "$file" \
18        --replace /sbin/mount.ecryptfs_private /var/setuid-wrappers/mount.ecryptfs_private \
19        --replace /sbin/umount.ecryptfs_private /var/setuid-wrappers/umount.ecryptfs_private \
20        --replace /sbin/mount.ecryptfs $out/sbin/mount.ecryptfs \
21        --replace /sbin/umount.ecryptfs $out/sbin/umount.ecryptfs \
22        --replace /usr/bin/ecryptfs-rewrite-file $out/bin/ecryptfs-rewrite-file \
23        --replace /usr/bin/ecryptfs-mount-private $out/bin/ecryptfs-mount-private \
24        --replace /usr/bin/ecryptfs-setup-private $out/bin/ecryptfs-setup-private \
25        --replace /sbin/cryptsetup ${cryptsetup}/sbin/cryptsetup \
26        --replace /sbin/dmsetup ${lvm2}/sbin/dmsetup \
27        --replace /bin/mount ${utillinux}/bin/mount \
28        --replace /bin/umount ${utillinux}/bin/umount \
29        --replace /sbin/unix_chkpwd /var/setuid-wrappers/unix_chkpwd \
30        --replace /bin/bash ${bash}/bin/bash
31    done
32  '';
33
34  buildInputs = [ pkgconfig perl nss nspr python pam intltool makeWrapper ];
35  propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ];
36
37  postInstall = ''
38    FILES="$(grep -r '/bin/sh' $out/bin -l)"
39    for file in $FILES; do
40      wrapProgram $file \
41        --prefix PATH ":" "${coreutils}/bin" \
42        --prefix PATH ":" "${gettext}/bin" \
43        --prefix PATH ":" "${rsync}/bin" \
44        --prefix PATH ":" "${keyutils}/bin" \
45        --prefix PATH ":" "${which}/bin" \
46        --prefix PATH ":" "${lsof}/bin" \
47        --prefix PATH ":" "$out/bin"
48    done
49  '';
50
51  meta = with stdenv.lib; {
52    description = "Enterprise-class stacked cryptographic filesystem";
53    license = licenses.gpl2Plus;
54    maintainers = [ maintainers.obadz ];
55    platforms = platforms.linux;
56  };
57}