lol
1{ lib
2, cmake
3, fetchFromGitHub
4, git
5, llvmPackages
6, nixosTests
7, overrideCC
8, perl
9, python3
10, stdenv
11, openssl_1_1
12}:
13
14let
15 buildStdenv = overrideCC stdenv llvmPackages.clangUseLLVM;
16in
17buildStdenv.mkDerivation rec {
18 pname = "osquery";
19 version = "5.5.1";
20
21 src = fetchFromGitHub {
22 owner = "osquery";
23 repo = "osquery";
24 rev = version;
25 fetchSubmodules = true;
26 sha256 = "sha256-Q6PQVnBjAjAlR725fyny+RhQFUNwxWGjLDuS5p9JKlU=";
27 };
28
29 patches = [
30 ./Remove-git-reset.patch
31 ./Use-locale.h-instead-of-removed-xlocale.h-header.patch
32 ./Remove-circular-definition-of-AUDIT_FILTER_EXCLUDE.patch
33 # For current state of compilation against glibc in the clangWithLLVM toolchain, refer to the upstream issue in https://github.com/osquery/osquery/issues/7823.
34 ./Remove-system-controls-table.patch
35 ];
36
37
38 buildInputs = [
39 llvmPackages.libunwind
40 ];
41 nativeBuildInputs = [
42 cmake
43 git
44 perl
45 python3
46 ];
47
48 postPatch = ''
49 substituteInPlace cmake/install_directives.cmake --replace "/control" "control"
50 # This is required to build libarchive with our glibc version
51 # which provides the ARC4RANDOM_BUF function
52 substituteInPlace libraries/cmake/source/libarchive/CMakeLists.txt --replace " target_compile_definitions(thirdparty_libarchive PRIVATE" " target_compile_definitions(thirdparty_libarchive PRIVATE HAVE_ARC4RANDOM_BUF"
53 # We need to override this hash because we use our own openssl 1.1 version
54 substituteInPlace libraries/cmake/formula/openssl/CMakeLists.txt --replace \
55 "d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca" \
56 "$(sha256sum ${openssl_1_1.src} | cut -f1 '-d ')"
57 cat libraries/cmake/formula/openssl/CMakeLists.txt
58 '';
59
60 # For explanation of these deletions, refer to the ./Use-locale.h-instead-of-removed-xlocale.h-header.patch file.
61 preConfigure = ''
62 find libraries/cmake/source -name 'config.h' -exec sed -i '/#define HAVE_XLOCALE_H 1/d' {} \;
63 '';
64
65 cmakeFlags = [
66 "-DOSQUERY_VERSION=${version}"
67 "-DOSQUERY_OPENSSL_ARCHIVE_PATH=${openssl_1_1.src}"
68 ];
69
70 postFixup = ''
71 patchelf --set-rpath "${llvmPackages.libunwind}/lib:$(patchelf --print-rpath $out/bin/osqueryd)" "$out/bin/osqueryd"
72 '';
73
74 passthru.tests.osquery = nixosTests.osquery;
75
76 meta = with lib; {
77 description = "SQL powered operating system instrumentation, monitoring, and analytics.";
78 longDescription = ''
79 The system controls table is not included as it does not presently compile with glibc >= 2.32.
80 For more information, refer to https://github.com/osquery/osquery/issues/7823
81 '';
82 homepage = "https://osquery.io";
83 license = licenses.bsd3;
84 platforms = platforms.linux;
85 maintainers = with maintainers; [ znewman01 lewo ];
86 };
87}