pyrox.dev
1{ lib, stdenv, fetchFromGitHub, autoreconfHook, glibc, augeas, dnsutils, c-ares, curl,
2 cyrus_sasl, ding-libs, libnl, libunistring, nss, samba, nfs-utils, doxygen,
3 python, python3, pam, popt, talloc, tdb, tevent, pkg-config, ldb, openldap,
4 pcre2, libkrb5, cifs-utils, glib, keyutils, dbus, fakeroot, libxslt, libxml2,
5 libuuid, ldap, systemd, nspr, check, cmocka, uid_wrapper, p11-kit,
6 nss_wrapper, ncurses, Po4a, http-parser, jansson,
7 docbook_xsl, docbook_xml_dtd_44,
8 withSudo ? false }:
9
10let
11 docbookFiles = "${docbook_xsl}/share/xml/docbook-xsl/catalog.xml:${docbook_xml_dtd_44}/xml/dtd/docbook/catalog.xml";
12in
13stdenv.mkDerivation rec {
14 pname = "sssd";
15 version = "2.6.0";
16
17 src = fetchFromGitHub {
18 owner = "SSSD";
19 repo = pname;
20 rev = version;
21 sha256 = "1ik0x0b7s38d7n0aqhl31r0asxw6qcdb31hx9qydk87yg3n6rziv";
22 };
23
24 postPatch = ''
25 patchShebangs ./sbus_generate.sh.in
26 '';
27
28 # Something is looking for <libxml/foo.h> instead of <libxml2/libxml/foo.h>
29 NIX_CFLAGS_COMPILE = "-I${libxml2.dev}/include/libxml2";
30
31 preConfigure = ''
32 export SGML_CATALOG_FILES="${docbookFiles}"
33 export PYTHONPATH=${ldap}/lib/python2.7/site-packages
34 export PATH=$PATH:${openldap}/libexec
35
36 configureFlagsArray=(
37 --prefix=$out
38 --sysconfdir=/etc
39 --localstatedir=/var
40 --enable-pammoddir=$out/lib/security
41 --with-os=fedora
42 --with-pid-path=/run
43 --with-python2-bindings
44 --with-python3-bindings
45 --with-syslog=journald
46 --without-selinux
47 --without-semanage
48 --with-xml-catalog-path=''${SGML_CATALOG_FILES%%:*}
49 --with-ldb-lib-dir=$out/modules/ldb
50 --with-nscd=${glibc.bin}/sbin/nscd
51 )
52 '' + lib.optionalString withSudo ''
53 configureFlagsArray+=("--with-sudo")
54 '';
55
56 enableParallelBuilding = true;
57 nativeBuildInputs = [ autoreconfHook pkg-config doxygen ];
58 buildInputs = [ augeas dnsutils c-ares curl cyrus_sasl ding-libs libnl libunistring nss
59 samba nfs-utils p11-kit python python3 popt
60 talloc tdb tevent ldb pam openldap pcre2 libkrb5
61 cifs-utils glib keyutils dbus fakeroot libxslt libxml2
62 libuuid ldap systemd nspr check cmocka uid_wrapper
63 nss_wrapper ncurses Po4a http-parser jansson ];
64
65 makeFlags = [
66 "SGML_CATALOG_FILES=${docbookFiles}"
67 ];
68
69 installFlags = [
70 "sysconfdir=$(out)/etc"
71 "localstatedir=$(out)/var"
72 "pidpath=$(out)/run"
73 "sss_statedir=$(out)/var/lib/sss"
74 "logpath=$(out)/var/log/sssd"
75 "pubconfpath=$(out)/var/lib/sss/pubconf"
76 "dbpath=$(out)/var/lib/sss/db"
77 "mcpath=$(out)/var/lib/sss/mc"
78 "pipepath=$(out)/var/lib/sss/pipes"
79 "gpocachepath=$(out)/var/lib/sss/gpo_cache"
80 "secdbpath=$(out)/var/lib/sss/secrets"
81 "initdir=$(out)/rc.d/init"
82 ];
83
84 postInstall = ''
85 rm -rf "$out"/run
86 rm -rf "$out"/rc.d
87 rm -f "$out"/modules/ldb/memberof.la
88 find "$out" -depth -type d -exec rmdir --ignore-fail-on-non-empty {} \;
89 '';
90
91 meta = with lib; {
92 description = "System Security Services Daemon";
93 homepage = "https://sssd.io/";
94 changelog = "https://sssd.io/release-notes/sssd-${version}.html";
95 license = licenses.gpl3Plus;
96 platforms = platforms.linux;
97 maintainers = with maintainers; [ e-user illustris ];
98 };
99}