pkgs/os-specific/linux/sssd/default.nix at 25.11-pre

pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / pkgs / os-specific / linux / sssd / default.nix
at 25.11-pre 223 lines 4.5 kB view raw
wrap content
Benjamin Staffin sssd: build with python3.12 1 year ago
76e0aadb
  1{
  2  lib,
  3  stdenv,
  4  fetchFromGitHub,
  5  autoreconfHook,
  6  makeWrapper,
  7  glibc,
  8  adcli,
  9  augeas,
 10  dnsutils,
 11  c-ares,
 12  curl,
 13  cyrus_sasl,
 14  ding-libs,
 15  libnl,
 16  libunistring,
 17  nss,
 18  samba,
 19  nfs-utils,
 20  doxygen,
 21  python3,
 22  pam,
 23  popt,
 24  talloc,
 25  tdb,
 26  tevent,
 27  pkg-config,
 28  ldb,
 29  openldap,
 30  pcre2,
 31  libkrb5,
 32  cifs-utils,
 33  glib,
 34  keyutils,
 35  dbus,
 36  fakeroot,
 37  libxslt,
 38  libxml2,
 39  libuuid,
 40  systemd,
 41  nspr,
 42  check,
 43  cmocka,
 44  uid_wrapper,
 45  p11-kit,
 46  nss_wrapper,
 47  ncurses,
 48  Po4a,
 49  jansson,
 50  jose,
 51  docbook_xsl,
 52  docbook_xml_dtd_45,
 53  testers,
 54  nix-update-script,
 55  nixosTests,
 56  withSudo ? false,
 57}:
 58
 59let
 60  docbookFiles = "${docbook_xsl}/share/xml/docbook-xsl/catalog.xml:${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml";
 61in
 62stdenv.mkDerivation (finalAttrs: {
 63  pname = "sssd";
 64  version = "2.9.5";
 65
 66  src = fetchFromGitHub {
 67    owner = "SSSD";
 68    repo = "sssd";
 69    tag = finalAttrs.version;
 70    hash = "sha256-wr6qFgM5XN3aizYVquj0xF+mVRgrkLWWhA3/gQOK8hQ=";
 71  };
 72
 73  postPatch = ''
 74    patchShebangs ./sbus_generate.sh.in
 75  '';
 76
 77  # Something is looking for <libxml/foo.h> instead of <libxml2/libxml/foo.h>
 78  env.NIX_CFLAGS_COMPILE = toString [
 79    "-DRENEWAL_PROG_PATH=\"${adcli}/bin/adcli\""
 80    "-I${libxml2.dev}/include/libxml2"
 81  ];
 82
 83  preConfigure =
 84    ''
 85      export SGML_CATALOG_FILES="${docbookFiles}"
 86      export PATH=$PATH:${openldap}/libexec
 87
 88      configureFlagsArray=(
 89        --prefix=$out
 90        --sysconfdir=/etc
 91        --localstatedir=/var
 92        --enable-pammoddir=$out/lib/security
 93        --with-os=fedora
 94        --with-pid-path=/run
 95        --with-python3-bindings
 96        --with-syslog=journald
 97        --without-selinux
 98        --without-semanage
 99        --with-xml-catalog-path=''${SGML_CATALOG_FILES%%:*}
100        --with-ldb-lib-dir=$out/modules/ldb
101        --with-nscd=${glibc.bin}/sbin/nscd
102      )
103    ''
104    + lib.optionalString withSudo ''
105      configureFlagsArray+=("--with-sudo")
106    '';
107
108  enableParallelBuilding = true;
109  # Disable parallel install due to missing depends:
110  #   libtool:   error: error: relink '_py3sss.la' with the above command before installing i
111  enableParallelInstalling = false;
112  nativeBuildInputs = [
113    autoreconfHook
114    makeWrapper
115    pkg-config
116    doxygen
117  ];
118  buildInputs = [
119    augeas
120    dnsutils
121    c-ares
122    curl
123    cyrus_sasl
124    ding-libs
125    libnl
126    libunistring
127    nss
128    samba
129    nfs-utils
130    p11-kit
131    (python3.withPackages (
132      p: with p; [
133        distutils
134        python-ldap
135      ]
136    ))
137    popt
138    talloc
139    tdb
140    tevent
141    ldb
142    pam
143    openldap
144    pcre2
145    libkrb5
146    cifs-utils
147    glib
148    keyutils
149    dbus
150    fakeroot
151    libxslt
152    libxml2
153    libuuid
154    systemd
155    nspr
156    check
157    cmocka
158    uid_wrapper
159    nss_wrapper
160    ncurses
161    Po4a
162    jansson
163    jose
164  ];
165
166  makeFlags = [
167    "SGML_CATALOG_FILES=${docbookFiles}"
168  ];
169
170  installFlags = [
171    "sysconfdir=$(out)/etc"
172    "localstatedir=$(out)/var"
173    "pidpath=$(out)/run"
174    "sss_statedir=$(out)/var/lib/sss"
175    "logpath=$(out)/var/log/sssd"
176    "pubconfpath=$(out)/var/lib/sss/pubconf"
177    "dbpath=$(out)/var/lib/sss/db"
178    "mcpath=$(out)/var/lib/sss/mc"
179    "pipepath=$(out)/var/lib/sss/pipes"
180    "gpocachepath=$(out)/var/lib/sss/gpo_cache"
181    "secdbpath=$(out)/var/lib/sss/secrets"
182    "initdir=$(out)/rc.d/init"
183  ];
184
185  postInstall = ''
186    rm -rf "$out"/run
187    rm -rf "$out"/rc.d
188    rm -f "$out"/modules/ldb/memberof.la
189    find "$out" -depth -type d -exec rmdir --ignore-fail-on-non-empty {} \;
190  '';
191  postFixup = ''
192    for f in $out/bin/sss{ctl,_cache,_debuglevel,_override,_seed}; do
193      wrapProgram $f --prefix LDB_MODULES_PATH : $out/modules/ldb
194    done
195  '';
196
197  passthru = {
198    tests = {
199      inherit (nixosTests) sssd sssd-ldap;
200      pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
201      version = testers.testVersion {
202        package = finalAttrs.finalPackage;
203        command = "sssd --version";
204      };
205    };
206    updateScript = nix-update-script { };
207  };
208
209  meta = with lib; {
210    description = "System Security Services Daemon";
211    homepage = "https://sssd.io/";
212    changelog = "https://sssd.io/release-notes/sssd-${finalAttrs.version}.html";
213    license = licenses.gpl3Plus;
214    platforms = platforms.linux;
215    maintainers = with maintainers; [ illustris ];
216    pkgConfigModules = [
217      "ipa_hbac"
218      "sss_certmap"
219      "sss_idmap"
220      "sss_nss_idmap"
221    ];
222  };
223})