commit 006d62f59fbc86380dd5e79a084746e9e7368a98 · pyrox.dev/nixpkgs

-13

pkgs/os-specific/linux/usbguard/daemon_read_only_config.patch

··· 1 - diff --git a/src/Library/ConfigFilePrivate.cpp b/src/Library/ConfigFilePrivate.cpp 2 - index 8aefa65..40914f7 100644 3 - --- a/src/Library/ConfigFilePrivate.cpp 4 - +++ b/src/Library/ConfigFilePrivate.cpp 5 - @@ -51,7 +51,7 @@ namespace usbguard 6 - 7 - void ConfigFilePrivate::open(const std::string& path) 8 - { 9 - - _stream.open(path, std::ios::in|std::ios::out); 10 - + _stream.open(path, std::ios::in); 11 - if (!_stream.is_open()) { 12 - throw std::runtime_error("Can't open " + path); 13 - }

···

+8 -10

pkgs/os-specific/linux/usbguard/default.nix

··· 1 { 2 stdenv, fetchurl, lib, 3 - libxslt, pandoc, pkgconfig, 4 dbus-glib, libcap_ng, libqb, libseccomp, polkit, protobuf, qtbase, qttools, qtsvg, 5 libgcrypt ? null, 6 libsodium ? null 7 }: ··· 11 assert libgcrypt != null -> libsodium == null; 12 13 stdenv.mkDerivation rec { 14 - version = "0.7.0"; 15 name = "usbguard-${version}"; 16 17 - repo = "https://github.com/dkopecek/usbguard"; 18 19 src = fetchurl { 20 url = "${repo}/releases/download/${name}/${name}.tar.gz"; 21 - sha256 = "1e1485a2b47ba3bde9de2851b371d2552a807047a21e0b81553cf80d7f722709"; 22 }; 23 24 - patches = [ 25 - ./daemon_read_only_config.patch 26 - ./documentation.patch 27 - ]; 28 - 29 nativeBuildInputs = [ 30 libxslt 31 pandoc # for rendering documentation 32 pkgconfig 33 ]; ··· 39 libseccomp 40 polkit 41 protobuf 42 43 qtbase 44 qtsvg ··· 61 62 meta = { 63 description = "The USBGuard software framework helps to protect your computer against BadUSB."; 64 - homepage = "https://dkopecek.github.io/usbguard/"; 65 license = licenses.gpl2; 66 maintainers = [ maintainers.tnias ]; 67 };

··· 1 { 2 stdenv, fetchurl, lib, 3 + libxslt, pandoc, asciidoctor, pkgconfig, 4 dbus-glib, libcap_ng, libqb, libseccomp, polkit, protobuf, qtbase, qttools, qtsvg, 5 + audit, 6 libgcrypt ? null, 7 libsodium ? null 8 }: ··· 12 assert libgcrypt != null -> libsodium == null; 13 14 stdenv.mkDerivation rec { 15 + version = "0.7.2"; 16 name = "usbguard-${version}"; 17 18 + repo = "https://github.com/USBGuard/usbguard"; 19 20 src = fetchurl { 21 url = "${repo}/releases/download/${name}/${name}.tar.gz"; 22 + sha256 = "5bd3e5219c590c3ae27b21315bd10b60e823cef64e5deff3305ff5b4087fc2d6"; 23 }; 24 25 nativeBuildInputs = [ 26 libxslt 27 + asciidoctor 28 pandoc # for rendering documentation 29 pkgconfig 30 ]; ··· 36 libseccomp 37 polkit 38 protobuf 39 + audit 40 41 qtbase 42 qtsvg ··· 59 60 meta = { 61 description = "The USBGuard software framework helps to protect your computer against BadUSB."; 62 + homepage = "https://usbguard.github.io/"; 63 license = licenses.gpl2; 64 maintainers = [ maintainers.tnias ]; 65 };

-32

pkgs/os-specific/linux/usbguard/documentation.patch

··· 1 - diff --git a/doc/usbguard-daemon.conf.5.md b/doc/usbguard-daemon.conf.5.md 2 - index ea86ad1..63aec70 100644 3 - --- a/doc/usbguard-daemon.conf.5.md 4 - +++ b/doc/usbguard-daemon.conf.5.md 5 - @@ -30,21 +30,21 @@ The **usbguard-daemon.conf** file is loaded by the USBGuard daemon after it pars 6 - **RestoreControllerDeviceState**=<*boolean*> 7 - : The USBGuard daemon modifies some attributes of controller devices like the default authorization state of new child device instances. Using this setting, you can control whether the daemon will try to restore the attribute values to the state before modification on shutdown. 8 - 9 - +**DeviceManagerBackend**=<*backend*> 10 - +: Which device manager backend implementation to use. Backend should be one of `uevent` (default) or `dummy`. 11 - + 12 - **IPCAllowedUsers**=<*username*> [<*username*> ...] 13 - : A space delimited list of usernames that the daemon will accept IPC connections from. 14 - 15 - **IPCAllowedGroups**=<*groupname*> [<*groupname*> ...] 16 - : A space delimited list of groupnames that the daemon will accept IPC connections from. 17 - 18 - -**IPCAccessControlFiles**=<*path*> 19 - -: Path to a directory holding the IPC access control files. 20 - - 21 - -**DeviceManagerBackend**=<*backend*> 22 - -: Which device manager backend implementation to use. Backend should be one of `uevent` (default) or `dummy`. 23 - - 24 - **IPCAccessControlFiles**=<*path*> 25 - : The files at this location will be interpreted by the daemon as IPC access control definition files. See the **IPC ACCESS CONTROL** section for more details. 26 - 27 - +**DeviceRulesWithPort**=<*boolean*> 28 - +: Generate device specific rules including the "via-port" attribute. 29 - + 30 - **AuditFilePath**=<*filepath*> 31 - : USBGuard audit events log file path. 32 -

···