pkgs/os-specific/linux/gradm/default.nix at v206 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / os-specific / linux / gradm / default.nix
at v206 52 lines 1.6 kB view raw
 1{ fetchurl, stdenv, bison, flex, pam,
 2  gcc, coreutils, findutils, binutils, bash }:
 3
 4stdenv.mkDerivation rec {
 5  name    = "gradm-${version}";
 6  version = "3.1-201507191652";
 7
 8  src  = fetchurl {
 9    url    = "http://grsecurity.net/stable/${name}.tar.gz";
10    sha256 = "0l3s56wvk5kpd2qppl328x4alh327xnbf271lh1fan84pxbw651g";
11  };
12
13  buildInputs = [ gcc coreutils findutils binutils pam flex bison bash ];
14  preBuild = ''
15    substituteInPlace ./Makefile --replace "/usr/include/security/pam_" "${pam}/include/security/pam_"
16    substituteInPlace ./gradm_defs.h --replace "/sbin/grlearn"   "$out/sbin/grlearn"
17    substituteInPlace ./gradm_defs.h --replace "/sbin/gradm"     "$out/sbin/gradm"
18  '';
19
20  postInstall = ''
21    mkdir -p $out/lib/udev/rules.d
22    cat > $out/lib/udev/rules.d/80-grsec.rules <<EOF
23    ACTION!="add|change", GOTO="permissions_end"
24    KERNEL=="grsec",          MODE="0622"
25    LABEL="permissions_end"
26    EOF
27
28    echo "inherit-learn /nix/store" >> $out/etc/grsec/learn_config
29  '';
30
31  makeFlags =
32    [ "DESTDIR=$(out)"
33      "CC=${gcc}/bin/gcc"
34      "FLEX=${flex}/bin/flex"
35      "BISON=${bison}/bin/bison"
36      "FIND=${findutils}/bin/find"
37      "STRIP=${binutils}/bin/strip"
38      "INSTALL=${coreutils}/bin/install"
39      "MANDIR=/share/man"
40      "MKNOD=true"
41    ];
42
43  enableParallelBuilding = true;
44
45  meta = with stdenv.lib; {
46    description = "grsecurity RBAC administration and policy analysis utility";
47    homepage    = "https://grsecurity.net";
48    license     = licenses.gpl2;
49    platforms   = platforms.linux;
50    maintainers = with maintainers; [ thoughtpolice ];
51  };
52}