tjh.dev / nixpkgs
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / os-specific / linux / sysdig / default.nix
at devShellTools-shell 203 lines 5.3 kB view raw
1{ 2 lib, 3 stdenv, 4 fetchFromGitHub, 5 cmake, 6 kernel, 7 installShellFiles, 8 pkg-config, 9 luajit, 10 ncurses, 11 perl, 12 jsoncpp, 13 openssl, 14 curl, 15 jq, 16 gcc, 17 elfutils, 18 tbb, 19 protobuf, 20 grpc, 21 yaml-cpp, 22 nlohmann_json, 23 re2, 24 zstd, 25 uthash, 26 clang, 27 libbpf, 28 bpftools, 29 fetchurl, 30}: 31 32let 33 # Compare with https://github.com/draios/sysdig/blob/0.38.1/cmake/modules/falcosecurity-libs.cmake 34 libsRev = "0.17.2"; 35 libsHash = "sha256-BTLXtdU7GjOJReaycHvXkSd2vtybnCn0rTR7OEsvaMQ="; 36 37 # Compare with https://github.com/falcosecurity/libs/blob/0.17.2/cmake/modules/valijson.cmake 38 valijson = fetchFromGitHub { 39 owner = "tristanpenman"; 40 repo = "valijson"; 41 rev = "v1.0.2"; 42 hash = "sha256-wvFdjsDtKH7CpbEpQjzWtLC4RVOU9+D2rSK0Xo1cJqo="; 43 }; 44 45 # https://github.com/draios/sysdig/blob/0.38.1/cmake/modules/driver.cmake 46 driver = fetchFromGitHub { 47 owner = "falcosecurity"; 48 repo = "libs"; 49 rev = "7.2.0+driver"; 50 hash = "sha256-FIlnJsNgofGo4HETEEpW28wpC3U9z5AZprwFR5AgFfA="; 51 }; 52 53 # "main.c" from master after (https://github.com/falcosecurity/libs/pull/1884) 54 # Remove when an upstream release includes the driver update 55 driverKernel610MainC = fetchurl { 56 url = "https://raw.githubusercontent.com/falcosecurity/libs/fa26daf65bb4117ecfe099fcad48ea75fe86d8bb/driver/main.c"; 57 hash = "sha256-VI/tOSXs5OcEDehSqICF3apmSnwe4QCmbkHz+DGH4uM="; 58 }; 59 60 version = "0.38.1"; 61in 62stdenv.mkDerivation { 63 pname = "sysdig"; 64 inherit version; 65 66 src = fetchFromGitHub { 67 owner = "draios"; 68 repo = "sysdig"; 69 rev = version; 70 hash = "sha256-oufRTr5TFdpF50pmem2L3bBFIfwxCR8f1xi0A328iHo="; 71 }; 72 73 nativeBuildInputs = [ 74 cmake 75 perl 76 installShellFiles 77 pkg-config 78 ]; 79 buildInputs = [ 80 luajit 81 ncurses 82 openssl 83 curl 84 jq 85 tbb 86 re2 87 protobuf 88 grpc 89 yaml-cpp 90 jsoncpp 91 nlohmann_json 92 zstd 93 uthash 94 ] 95 ++ lib.optionals stdenv.isLinux [ 96 bpftools 97 elfutils 98 libbpf 99 clang 100 gcc 101 ] 102 ++ lib.optionals (kernel != null) kernel.moduleBuildDependencies; 103 104 hardeningDisable = [ 105 "pic" 106 "zerocallusedregs" 107 ]; 108 109 postUnpack = '' 110 cp -r ${ 111 fetchFromGitHub { 112 owner = "falcosecurity"; 113 repo = "libs"; 114 rev = libsRev; 115 hash = libsHash; 116 } 117 } libs 118 chmod -R +w libs 119 120 substituteInPlace libs/userspace/libscap/libscap.pc.in libs/userspace/libsinsp/libsinsp.pc.in \ 121 --replace-fail "\''${prefix}/@CMAKE_INSTALL_LIBDIR@" "@CMAKE_INSTALL_FULL_LIBDIR@" \ 122 --replace-fail "\''${prefix}/@CMAKE_INSTALL_INCLUDEDIR@" "@CMAKE_INSTALL_FULL_INCLUDEDIR@" 123 124 cp -r ${driver} driver-src 125 chmod -R +w driver-src 126 cp ${driverKernel610MainC} driver-src/driver/main.c 127 128 cmakeFlagsArray+=( 129 "-DFALCOSECURITY_LIBS_SOURCE_DIR=$(pwd)/libs" 130 "-DDRIVER_SOURCE_DIR=$(pwd)/driver-src/driver" 131 ) 132 ''; 133 134 cmakeFlags = [ 135 "-DUSE_BUNDLED_DEPS=OFF" 136 "-DSYSDIG_VERSION=${version}" 137 "-DUSE_BUNDLED_B64=OFF" 138 "-DUSE_BUNDLED_TBB=OFF" 139 "-DUSE_BUNDLED_RE2=OFF" 140 "-DUSE_BUNDLED_JSONCPP=OFF" 141 "-DCREATE_TEST_TARGETS=OFF" 142 "-DVALIJSON_INCLUDE=${valijson}/include" 143 "-DUTHASH_INCLUDE=${uthash}/include" 144 ] 145 ++ lib.optional (kernel == null) "-DBUILD_DRIVER=OFF"; 146 147 env.NIX_CFLAGS_COMPILE = 148 # fix compiler warnings been treated as errors 149 "-Wno-error"; 150 151 preConfigure = '' 152 if ! grep -q "${libsRev}" cmake/modules/falcosecurity-libs.cmake; then 153 echo "falcosecurity-libs checksum needs to be updated!" 154 exit 1 155 fi 156 cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -lzstd -labsl_synchronization") 157 '' 158 + lib.optionalString (kernel != null) '' 159 export INSTALL_MOD_PATH="$out" 160 export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" 161 ''; 162 163 postInstall = 164 lib.optionalString stdenv.isLinux '' 165 # Fix the bash completion location 166 installShellCompletion --bash $out/etc/bash_completion.d/sysdig 167 rm $out/etc/bash_completion.d/sysdig 168 rmdir $out/etc/bash_completion.d 169 rmdir $out/etc 170 '' 171 + lib.optionalString (kernel != null) '' 172 make install_driver 173 kernel_dev=${kernel.dev} 174 kernel_dev=''${kernel_dev#${builtins.storeDir}/} 175 kernel_dev=''${kernel_dev%%-linux*dev*} 176 if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/scap.ko"; then 177 sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko 178 else 179 for i in $out/lib/modules/${kernel.modDirVersion}/{extra,updates}/scap.ko.xz; do 180 if test -f "$i"; then 181 xz -d $i 182 sed -i "s#$kernel_dev#................................#g" ''${i%.xz} 183 xz -9 ''${i%.xz} 184 fi 185 done 186 fi 187 ''; 188 189 meta = { 190 description = "Tracepoint-based system tracing tool for Linux (with clients for other OSes)"; 191 license = with lib.licenses; [ 192 asl20 193 gpl2Only 194 mit 195 ]; 196 maintainers = with lib.maintainers; [ raskin ]; 197 platforms = lib.platforms.linux ++ lib.platforms.darwin; 198 broken = 199 kernel != null && ((lib.versionOlder kernel.version "4.14") || kernel.isHardened || kernel.isZen); 200 homepage = "https://sysdig.com/opensource/"; 201 downloadPage = "https://github.com/draios/sysdig/releases"; 202 }; 203}