pkgs/os-specific/linux/sssd/default.nix at devShellTools-shell

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / os-specific / linux / sssd / default.nix
at devShellTools-shell 222 lines 4.4 kB view raw
wrap content
  1{
  2  lib,
  3  stdenv,
  4  fetchFromGitHub,
  5  autoreconfHook,
  6  makeWrapper,
  7  glibc,
  8  adcli,
  9  augeas,
 10  dnsutils,
 11  c-ares,
 12  curl,
 13  cyrus_sasl,
 14  ding-libs,
 15  libnl,
 16  libunistring,
 17  nss,
 18  samba,
 19  nfs-utils,
 20  doxygen,
 21  python3,
 22  pam,
 23  popt,
 24  talloc,
 25  tdb,
 26  tevent,
 27  pkg-config,
 28  ldb,
 29  openldap,
 30  pcre2,
 31  libkrb5,
 32  cifs-utils,
 33  glib,
 34  keyutils,
 35  dbus,
 36  fakeroot,
 37  libxslt,
 38  libxml2,
 39  libuuid,
 40  systemd,
 41  nspr,
 42  check,
 43  cmocka,
 44  uid_wrapper,
 45  p11-kit,
 46  nss_wrapper,
 47  ncurses,
 48  Po4a,
 49  jansson,
 50  jose,
 51  docbook_xsl,
 52  docbook_xml_dtd_45,
 53  testers,
 54  nix-update-script,
 55  nixosTests,
 56  withSudo ? false,
 57}:
 58
 59let
 60  docbookFiles = "${docbook_xsl}/share/xml/docbook-xsl/catalog.xml:${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml";
 61in
 62stdenv.mkDerivation (finalAttrs: {
 63  pname = "sssd";
 64  version = "2.9.7";
 65
 66  src = fetchFromGitHub {
 67    owner = "SSSD";
 68    repo = "sssd";
 69    tag = finalAttrs.version;
 70    hash = "sha256-29KTvwm9ei1Z7yTSYmzcZtZMVvZpFWIlcLMlvRyWp/w=";
 71  };
 72
 73  postPatch = ''
 74    patchShebangs ./sbus_generate.sh.in
 75  '';
 76
 77  # Something is looking for <libxml/foo.h> instead of <libxml2/libxml/foo.h>
 78  env.NIX_CFLAGS_COMPILE = toString [
 79    "-DRENEWAL_PROG_PATH=\"${adcli}/bin/adcli\""
 80    "-I${libxml2.dev}/include/libxml2"
 81  ];
 82
 83  preConfigure = ''
 84    export SGML_CATALOG_FILES="${docbookFiles}"
 85    export PATH=$PATH:${openldap}/libexec
 86
 87    configureFlagsArray=(
 88      --prefix=$out
 89      --sysconfdir=/etc
 90      --localstatedir=/var
 91      --enable-pammoddir=$out/lib/security
 92      --with-os=fedora
 93      --with-pid-path=/run
 94      --with-python3-bindings
 95      --with-syslog=journald
 96      --without-selinux
 97      --without-semanage
 98      --with-xml-catalog-path=''${SGML_CATALOG_FILES%%:*}
 99      --with-ldb-lib-dir=$out/modules/ldb
100      --with-nscd=${glibc.bin}/sbin/nscd
101    )
102  ''
103  + lib.optionalString withSudo ''
104    configureFlagsArray+=("--with-sudo")
105  '';
106
107  enableParallelBuilding = true;
108  # Disable parallel install due to missing depends:
109  #   libtool:   error: error: relink '_py3sss.la' with the above command before installing i
110  enableParallelInstalling = false;
111  nativeBuildInputs = [
112    autoreconfHook
113    makeWrapper
114    pkg-config
115    doxygen
116  ];
117  buildInputs = [
118    augeas
119    dnsutils
120    c-ares
121    curl
122    cyrus_sasl
123    ding-libs
124    libnl
125    libunistring
126    nss
127    samba
128    nfs-utils
129    p11-kit
130    (python3.withPackages (
131      p: with p; [
132        distutils
133        python-ldap
134      ]
135    ))
136    popt
137    talloc
138    tdb
139    tevent
140    ldb
141    pam
142    openldap
143    pcre2
144    libkrb5
145    cifs-utils
146    glib
147    keyutils
148    dbus
149    fakeroot
150    libxslt
151    libxml2
152    libuuid
153    systemd
154    nspr
155    check
156    cmocka
157    uid_wrapper
158    nss_wrapper
159    ncurses
160    Po4a
161    jansson
162    jose
163  ];
164
165  makeFlags = [
166    "SGML_CATALOG_FILES=${docbookFiles}"
167  ];
168
169  installFlags = [
170    "sysconfdir=$(out)/etc"
171    "localstatedir=$(out)/var"
172    "pidpath=$(out)/run"
173    "sss_statedir=$(out)/var/lib/sss"
174    "logpath=$(out)/var/log/sssd"
175    "pubconfpath=$(out)/var/lib/sss/pubconf"
176    "dbpath=$(out)/var/lib/sss/db"
177    "mcpath=$(out)/var/lib/sss/mc"
178    "pipepath=$(out)/var/lib/sss/pipes"
179    "gpocachepath=$(out)/var/lib/sss/gpo_cache"
180    "secdbpath=$(out)/var/lib/sss/secrets"
181    "initdir=$(out)/rc.d/init"
182  ];
183
184  postInstall = ''
185    rm -rf "$out"/run
186    rm -rf "$out"/rc.d
187    rm -f "$out"/modules/ldb/memberof.la
188    find "$out" -depth -type d -exec rmdir --ignore-fail-on-non-empty {} \;
189  '';
190  postFixup = ''
191    for f in $out/bin/sss{ctl,_cache,_debuglevel,_override,_seed}; do
192      wrapProgram $f --prefix LDB_MODULES_PATH : $out/modules/ldb
193    done
194  '';
195
196  passthru = {
197    tests = {
198      inherit (nixosTests) sssd sssd-ldap;
199      pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
200      version = testers.testVersion {
201        package = finalAttrs.finalPackage;
202        command = "sssd --version";
203      };
204    };
205    updateScript = nix-update-script { };
206  };
207
208  meta = with lib; {
209    description = "System Security Services Daemon";
210    homepage = "https://sssd.io/";
211    changelog = "https://sssd.io/release-notes/sssd-${finalAttrs.version}.html";
212    license = licenses.gpl3Plus;
213    platforms = platforms.linux;
214    maintainers = with maintainers; [ illustris ];
215    pkgConfigModules = [
216      "ipa_hbac"
217      "sss_certmap"
218      "sss_idmap"
219      "sss_nss_idmap"
220    ];
221  };
222})