pkgs/by-name/gr/gradm/package.nix at devShellTools-shell

tjh.dev / nixpkgs

fork atom

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

fork atom

nixpkgs / pkgs / by-name / gr / gradm / package.nix

at devShellTools-shell 66 lines 1.4 kB view raw

wrap content

 1{
 2  lib,
 3  stdenv,
 4  fetchurl,
 5  bison,
 6  flex,
 7  pam,
 8  udevCheckHook,
 9}:
10
11stdenv.mkDerivation (finalAttrs: {
12  pname = "gradm";
13  version = "3.1-202111052217";
14
15  src = fetchurl {
16    url = "https://grsecurity.net/stable/gradm-${finalAttrs.version}.tar.gz";
17    hash = "sha256-JFkpDzZ6R8ihzk6i7Ag1l5nqM9wV7UQ2Q5WWzogoT7k=";
18  };
19
20  nativeBuildInputs = [
21    bison
22    flex
23    udevCheckHook
24  ];
25
26  buildInputs = [ pam ];
27
28  enableParallelBuilding = true;
29
30  makeFlags = [
31    "DESTDIR=${placeholder "out"}"
32    "LEX=${flex}/bin/flex"
33    "MANDIR=/share/man"
34    "MKNOD=true"
35  ];
36
37  preBuild = ''
38    substituteInPlace Makefile \
39      --replace "/usr/bin/" "" \
40      --replace "/usr/include/security/pam_" "${pam}/include/security/pam_"
41
42    substituteInPlace gradm_defs.h \
43      --replace "/sbin/grlearn" "$out/bin/grlearn" \
44      --replace "/sbin/gradm" "$out/bin/gradm" \
45      --replace "/sbin/gradm_pam" "$out/bin/gradm_pam"
46
47    echo 'inherit-learn /nix/store' >>learn_config
48
49    mkdir -p "$out/etc/udev/rules.d"
50  '';
51
52  doInstallCheck = true;
53
54  postInstall = "rmdir $out/dev";
55
56  meta = {
57    description = "grsecurity RBAC administration and policy analysis utility";
58    homepage = "https://grsecurity.net";
59    license = lib.licenses.gpl2Only;
60    platforms = lib.platforms.linux;
61    maintainers = with lib.maintainers; [
62      thoughtpolice
63      joachifm
64    ];
65  };
66})