pkgs/os-specific/linux/audit/default.nix at 22.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / os-specific / linux / audit / default.nix
at 22.05-pre 82 lines 2.9 kB view raw
 1{
 2  lib, stdenv, buildPackages, fetchurl, fetchpatch,
 3  runCommand,
 4  autoconf, automake, libtool,
 5  enablePython ? false, python ? null,
 6}:
 7
 8assert enablePython -> python != null;
 9
10stdenv.mkDerivation rec {
11  pname = "audit";
12  version = "2.8.5"; # at the next release, remove the patches below!
13
14  src = fetchurl {
15    url = "https://people.redhat.com/sgrubb/audit/audit-${version}.tar.gz";
16    sha256 = "1dzcwb2q78q7x41shcachn7f4aksxbxd470yk38zh03fch1l2p8f";
17  };
18
19  outputs = [ "bin" "dev" "out" "man" ];
20
21  depsBuildBuild = [ buildPackages.stdenv.cc ];
22  nativeBuildInputs = lib.optionals stdenv.hostPlatform.isMusl
23    [ autoconf automake libtool ];
24  buildInputs = lib.optional enablePython python;
25
26  configureFlags = [
27    # z/OS plugin is not useful on Linux,
28    # and pulls in an extra openldap dependency otherwise
29    "--disable-zos-remote"
30    (if enablePython then "--with-python" else "--without-python")
31    "--with-arm"
32    "--with-aarch64"
33  ];
34
35  enableParallelBuilding = true;
36
37  # TODO: Remove the musl patches when
38  #         https://github.com/linux-audit/audit-userspace/pull/25
39  #       is available with the next release.
40  patches = [
41    ./patches/weak-symbols.patch
42    (fetchpatch {
43      # upstream build fix against -fno-common compilers like >=gcc-10
44      url = "https://github.com/linux-audit/audit-userspace/commit/017e6c6ab95df55f34e339d2139def83e5dada1f.patch";
45      sha256 = "100xa1rzkv0mvhjbfgpfm72f7c4p68syflvgc3xm6pxgrqqmfq8h";
46    })
47  ]
48  ++ lib.optional stdenv.hostPlatform.isMusl [
49    (
50      let patch = fetchpatch {
51            url = "https://github.com/linux-audit/audit-userspace/commit/d579a08bb1cde71f939c13ac6b2261052ae9f77e.patch";
52            name = "Add-substitue-functions-for-strndupa-rawmemchr.patch";
53            sha256 = "015bvzflg1s1k5viap30nznlpjj44a66khyc8yq0waa68qwvdlsd";
54          };
55      in
56        runCommand "Add-substitue-functions-for-strndupa-rawmemchr.patch-fix-copyright-merge-conflict" {} ''
57          cp ${patch} $out
58          substituteInPlace $out --replace \
59              '-* Copyright (c) 2007-09,2011-16,2018 Red Hat Inc., Durham, North Carolina.' \
60              '-* Copyright (c) 2007-09,2011-16 Red Hat Inc., Durham, North Carolina.'
61        ''
62    )
63  ];
64
65  prePatch = ''
66    sed -i 's,#include <sys/poll.h>,#include <poll.h>\n#include <limits.h>,' audisp/audispd.c
67  ''
68  # According to https://stackoverflow.com/questions/13089166
69  # --whole-archive linker flag is required to be sure that linker
70  # correctly chooses strong version of symbol regardless of order of
71  # object files at command line.
72  + lib.optionalString stdenv.hostPlatform.isStatic ''
73    export LDFLAGS=-Wl,--whole-archive
74  '';
75  meta = {
76    description = "Audit Library";
77    homepage = "https://people.redhat.com/sgrubb/audit/";
78    license = lib.licenses.gpl2;
79    platforms = lib.platforms.linux;
80    maintainers = with lib.maintainers; [ ];
81  };
82}