pkgs/tools/security/chaps/default.nix at 22.05-pre

pyrox.dev / nixpkgs
fork atom
lol
fork atom
nixpkgs / pkgs / tools / security / chaps / default.nix
at 22.05-pre 91 lines 3.1 kB view raw
wrap content
Felix Buehler tools/{security/system}: replace name with pname&version 4y ago
051fcdbe
 1{ lib, stdenv, fetchFromGitiles, fetchFromGitHub, fetchurl, trousers, leveldb, unzip
 2, scons, pkg-config, glib, dbus_cplusplus, dbus, protobuf, openssl, snappy, pam
 3}:
 4
 5let
 6  src_chromebase = fetchFromGitiles {
 7    url = "https://chromium.googlesource.com/chromium/src/base";
 8    rev = "2dfe404711e15e24e79799516400c61b2719d7af";
 9    sha256 = "2bd93a3ace4b6767db2c1bd1e16f426c97b8d2133a9cb15f8372b2516cfa65c5";
10  };
11
12  src_gmock = fetchurl {
13    url = "https://googlemock.googlecode.com/files/gmock-1.7.0.zip";
14    sha256 = "0nq98cpnv2jsx2byp4ilam6kydcnziflkc16ikydajmp4mcvpz16";
15  };
16
17  src_platform2 = fetchFromGitiles {
18    url = "https://chromium.googlesource.com/chromiumos/platform2";
19    rev = "e999e989eaa71c3db7314fc7b4e20829b2b5473b";
20    sha256 = "15n1bsv6r7cny7arx0hdb223xzzbk7vkxg2r7xajhl4nsj39adjh";
21  };
22
23in
24
25stdenv.mkDerivation rec {
26  pname = "chaps";
27  version = "0.42-6812";
28
29  src = fetchFromGitHub {
30    owner = "google";
31    repo = "chaps-linux";
32    rev = "989aadc45cdb216ca35b0c97d13fc691576fa1d7";
33    sha256 = "0chk6pnn365d5kcz6vfqx1d0383ksk97icc0lzg0vvb0kvyj0ff1";
34  };
35
36  NIX_CFLAGS_COMPILE = [
37    # readdir_r(3) is deprecated in glibc >= 2.24
38    "-Wno-error=deprecated-declarations"
39    # gcc8 catching polymorphic type error
40    "-Wno-error=catch-value"
41  ];
42
43  patches = [ ./fix_absolute_path.patch  ./fix_environment_variables.patch  ./fix_scons.patch  ./insert_prefetches.patch ];
44
45  postPatch = ''
46    substituteInPlace makefile --replace @@NIXOS_SRC_CHROMEBASE@@ ${src_chromebase}
47    substituteInPlace makefile --replace @@NIXOS_SRC_GMOCK@@ ${src_gmock}
48    substituteInPlace makefile --replace @@NIXOS_SRC_PLATFORM2@@ ${src_platform2}
49    substituteInPlace makefile --replace @@NIXOS_LEVELDB@@ ${leveldb}
50    '';
51
52  nativeBuildInputs = [ unzip scons pkg-config ];
53
54  buildInputs = [ trousers glib dbus_cplusplus dbus protobuf openssl snappy leveldb pam ];
55
56  buildPhase = ''
57    make build
58    '';
59
60  installPhase = ''
61    mkdir -p $out/bin
62    cp ${pname}-${version}/out/chapsd $out/bin/.
63    cp ${pname}-${version}/out/chaps_client $out/bin/.
64
65    mkdir -p $out/lib
66    cp ${pname}-${version}/out/libchaps.so.* $out/lib/.
67    mkdir -p $out/lib/security
68    cp ${pname}-${version}/out/pam_chaps.so $out/lib/security/.
69
70    mkdir -p $out/include
71    cp -r ${pname}-${version}/out/chaps $out/include/.
72
73    mkdir -p $out/etc/dbus-1/system.d
74    cp ${pname}-${version}/out/org.chromium.Chaps.conf $out/etc/dbus-1/system.d/.
75    mkdir -p $out/etc/dbus-1/system-services
76    cp ${pname}-${version}/platform2/chaps/org.chromium.Chaps.service $out/etc/dbus-1/system-services/.
77
78    mkdir -p $out/usr/share/pam-configs/chaps
79    mkdir -p $out/usr/share/man/man8
80    cp ${pname}-${version}/man/* $out/usr/share/man/man8/.
81    '';
82
83  meta = with lib; {
84    description = "PKCS #11 implementation based on trusted platform module (TPM)";
85    homepage = "https://www.chromium.org/developers/design-documents/chaps-technical-design";
86    maintainers = [ maintainers.tstrobel ];
87    platforms = [ "x86_64-linux" ];
88    license = licenses.bsd3;
89    broken = true;  # build failure withn openssl 1.1
90  };
91}