commit fcbcbc15456dd28b37b615bc22f8bea9465ee7d4 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #138293 from onny/orjail

authored by Sandro and committed by GitHub 4 years ago fcbcbc15 607285bc

+57

2 changed files

expand all

unified split

pkgs

tools

security

orjail

default.nix

top-level

all-packages.nix

+55

pkgs/tools/security/orjail/default.nix

··· 1 + { lib 2 + , stdenv 3 + , fetchFromGitHub 4 + , tor 5 + , firejail 6 + , iptables 7 + , makeWrapper 8 + }: 9 + 10 + stdenv.mkDerivation rec { 11 + pname = "orjail"; 12 + version = "1.1"; 13 + 14 + src = fetchFromGitHub { 15 + owner = pname; 16 + repo = pname; 17 + rev = "v${version}"; 18 + sha256 = "06bwqb3l7syy4c1d8xynxwakmdxvm3qfm8r834nidsknvpdckd9z"; 19 + }; 20 + 21 + nativeBuildInputs = [ makeWrapper ]; 22 + 23 + postPatch = '' 24 + patchShebangs make-helper.bsh 25 + mkdir bin 26 + mv usr/sbin/orjail bin/orjail 27 + rm -r usr 28 + ''; 29 + 30 + makeFlags = [ 31 + "DESTDIR=${placeholder "out"}" 32 + ]; 33 + 34 + postInstall = '' 35 + # Specify binary paths: tor, firejail, iptables 36 + # mktemp fails with /tmp path prefix, will work without it anyway 37 + # https://github.com/orjail/orjail/issues/78 38 + # firejail will fail reading /etc/hosts, therefore remove --hostname arg 39 + # https://github.com/netblue30/firejail/issues/2758 40 + substituteInPlace $out/bin/orjail \ 41 + --replace ''$'TORBIN=\n' ''$'TORBIN=${tor}/bin/tor\n' \ 42 + --replace ''$'FIREJAILBIN=\n' ''$'FIREJAILBIN=${firejail}/bin/firejail\n' \ 43 + --replace 'iptables -' '${iptables}/bin/iptables -' \ 44 + --replace 'mktemp /tmp/' 'mktemp ' \ 45 + --replace '--hostname=host ' "" 46 + ''; 47 + 48 + meta = with lib; { 49 + description = "Force programs to exclusively use tor network"; 50 + homepage = "https://github.com/orjail/orjail"; 51 + license = licenses.wtfpl; 52 + maintainers = with maintainers; [ onny ]; 53 + platforms = platforms.linux; 54 + }; 55 + }

pkgs/top-level/all-packages.nix

··· 3537 3537 3538 3538 oneshot = callPackage ../tools/networking/oneshot { }; 3539 3539 3540 + orjail = callPackage ../tools/security/orjail { }; 3541 + 3540 3542 online-judge-tools = with python3.pkgs; toPythonApplication online-judge-tools; 3541 3543 3542 3544 xkbd = callPackage ../applications/misc/xkbd { };