tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / by-name / bu / bubblewrap / package.nix
at devShellTools-shell 57 lines 1.1 kB view raw
1{ 2 lib, 3 stdenv, 4 fetchFromGitHub, 5 docbook_xsl, 6 libxslt, 7 meson, 8 ninja, 9 pkg-config, 10 bash-completion, 11 libcap, 12 libselinux, 13}: 14 15stdenv.mkDerivation rec { 16 pname = "bubblewrap"; 17 version = "0.11.0"; 18 19 src = fetchFromGitHub { 20 owner = "containers"; 21 repo = "bubblewrap"; 22 rev = "v${version}"; 23 hash = "sha256-8IDMLQPeO576N1lizVudXUmTV6hNOiowjzRpEWBsZ+U="; 24 }; 25 26 postPatch = '' 27 substituteInPlace tests/libtest.sh \ 28 --replace "/var/tmp" "$TMPDIR" 29 ''; 30 31 nativeBuildInputs = [ 32 docbook_xsl 33 libxslt 34 meson 35 ninja 36 pkg-config 37 ]; 38 39 buildInputs = [ 40 bash-completion 41 libcap 42 libselinux 43 ]; 44 45 # incompatible with Nix sandbox 46 doCheck = false; 47 48 meta = with lib; { 49 changelog = "https://github.com/containers/bubblewrap/releases/tag/${src.rev}"; 50 description = "Unprivileged sandboxing tool"; 51 homepage = "https://github.com/containers/bubblewrap"; 52 license = licenses.lgpl2Plus; 53 maintainers = with maintainers; [ dotlambda ]; 54 platforms = platforms.linux; 55 mainProgram = "bwrap"; 56 }; 57}