pyrox.dev
1{ stdenv
2, lib
3, fetchFromGitHub
4, autoreconfHook
5, installShellFiles
6, nixosTests
7, asciidoc
8, pkg-config
9, libxslt
10, libxml2
11, docbook_xml_dtd_45
12, docbook_xsl
13, dbus-glib
14, libcap_ng
15, libqb
16, libseccomp
17, polkit
18, protobuf
19, audit
20, libsodium
21}:
22
23stdenv.mkDerivation rec {
24 version = "1.1.2";
25 pname = "usbguard";
26
27 src = fetchFromGitHub {
28 owner = "USBGuard";
29 repo = pname;
30 rev = "usbguard-${version}";
31 sha256 = "sha256-uwNoKczmVOMpkU4KcKTOtbcTHiYVGXjk/rVbqMl5pGk=";
32 fetchSubmodules = true;
33 };
34
35 nativeBuildInputs = [
36 autoreconfHook
37 installShellFiles
38 asciidoc
39 pkg-config
40 libxslt # xsltproc
41 libxml2 # xmllint
42 docbook_xml_dtd_45
43 docbook_xsl
44 dbus-glib # gdbus-codegen
45 protobuf # protoc
46 ];
47
48 buildInputs = [
49 dbus-glib
50 libcap_ng
51 libqb
52 libseccomp
53 libsodium
54 polkit
55 protobuf
56 audit
57 ];
58
59 configureFlags = [
60 "--with-bundled-catch"
61 "--with-bundled-pegtl"
62 "--with-dbus"
63 "--with-crypto-library=sodium"
64 "--with-polkit"
65 ];
66
67 enableParallelBuilding = true;
68
69 postInstall = ''
70 installShellCompletion --bash --name usbguard.bash scripts/bash_completion/usbguard
71 installShellCompletion --zsh --name _usbguard scripts/usbguard-zsh-completion
72 '';
73
74 passthru.tests = nixosTests.usbguard;
75
76 meta = with lib; {
77 description = "The USBGuard software framework helps to protect your computer against BadUSB";
78 longDescription = ''
79 USBGuard is a software framework for implementing USB device authorization
80 policies (what kind of USB devices are authorized) as well as method of
81 use policies (how a USB device may interact with the system). Simply put,
82 it is a USB device whitelisting tool.
83 '';
84 homepage = "https://usbguard.github.io/";
85 license = licenses.gpl2Plus;
86 maintainers = [ maintainers.tnias ];
87 };
88}