pyrox.dev
1{stdenv, fetchurl, which}:
2let
3 s = # Generated upstream information
4 rec {
5 baseName="firejail";
6 version="0.9.52";
7 name="${baseName}-${version}";
8 hash="0w8l8z4j7iph8fp7rchhnfsrik3f00f9v5xr191fp38fphzcj56s";
9 url="https://vorboss.dl.sourceforge.net/project/firejail/firejail/firejail-0.9.52.tar.xz";
10 sha256="0w8l8z4j7iph8fp7rchhnfsrik3f00f9v5xr191fp38fphzcj56s";
11 };
12 buildInputs = [
13 which
14 ];
15in
16stdenv.mkDerivation {
17 inherit (s) name version;
18 inherit buildInputs;
19 src = fetchurl {
20 inherit (s) url sha256;
21 name = "${s.name}.tar.bz2";
22 };
23
24 prePatch = ''
25 # Allow whitelisting ~/.nix-profile
26 substituteInPlace etc/firejail.config --replace \
27 '# follow-symlink-as-user yes' \
28 'follow-symlink-as-user no'
29 '';
30
31 preConfigure = ''
32 sed -e 's@/bin/bash@${stdenv.shell}@g' -i $( grep -lr /bin/bash .)
33 sed -e "s@/bin/cp@$(which cp)@g" -i $( grep -lr /bin/cp .)
34 '';
35
36 preBuild = ''
37 sed -e "s@/etc/@$out/etc/@g" -e "/chmod u+s/d" -i Makefile
38 '';
39
40 meta = {
41 inherit (s) version;
42 description = ''Namespace-based sandboxing tool for Linux'';
43 license = stdenv.lib.licenses.gpl2Plus ;
44 maintainers = [stdenv.lib.maintainers.raskin];
45 platforms = stdenv.lib.platforms.linux;
46 homepage = https://l3net.wordpress.com/projects/firejail/;
47 downloadPage = "http://sourceforge.net/projects/firejail/files/firejail/";
48 };
49}