pkgs/os-specific/linux/pam_usb/default.nix at netboot-syslinux-multiplatform · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / os-specific / linux / pam_usb / default.nix

at netboot-syslinux-multiplatform 81 lines 2.3 kB view raw

 1{ lib, stdenv, fetchurl, makeWrapper, dbus, libxml2, pam, pkg-config, pmount, python2Packages, writeScript, runtimeShell }:
 2
 3let
 4
 5  # Search in the environment if the same program exists with a set uid or
 6  # set gid bit.  If it exists, run the first program found, otherwise run
 7  # the default binary.
 8  useSetUID = drv: path:
 9    let
10      name = baseNameOf path;
11      bin = "${drv}${path}";
12    in assert name != "";
13      writeScript "setUID-${name}" ''
14        #!${runtimeShell}
15        inode=$(stat -Lc %i ${bin})
16        for file in $(type -ap ${name}); do
17          case $(stat -Lc %a $file) in
18            ([2-7][0-7][0-7][0-7])
19              if test -r "$file".real; then
20                orig=$(cat "$file".real)
21                if test $inode = $(stat -Lc %i "$orig"); then
22                  exec "$file" "$@"
23                fi
24              fi;;
25          esac
26        done
27        exec ${bin} "$@"
28      '';
29
30  pmountBin = useSetUID pmount "/bin/pmount";
31  pumountBin = useSetUID pmount "/bin/pumount";
32  inherit (python2Packages) python dbus-python;
33in
34
35stdenv.mkDerivation rec {
36  pname = "pam_usb";
37  version = "0.5.0";
38
39  src = fetchurl {
40    url = "mirror://sourceforge/pamusb/pam_usb-${version}.tar.gz";
41    sha256 = "1g1w0s9d8mfld8abrn405ll5grv3xgs0b0hsganrz6qafdq9j7q1";
42  };
43
44  nativeBuildInputs = [
45    makeWrapper
46    pkg-config
47  ];
48
49  buildInputs = [
50    # pam_usb dependencies
51    dbus libxml2 pam pmount
52    # pam_usb's tools dependencies
53    python
54    # cElementTree is included with python 2.5 and later.
55  ];
56
57  preBuild = ''
58    makeFlagsArray=(DESTDIR=$out)
59    substituteInPlace ./src/volume.c \
60      --replace 'pmount' '${pmountBin}' \
61      --replace 'pumount' '${pumountBin}'
62  '';
63
64  # pmount is append to the PATH because pmounts binaries should have a set uid bit.
65  postInstall = ''
66    mv $out/usr/* $out/. # fix color */
67    rm -rf $out/usr
68    for prog in $out/bin/pamusb-conf $out/bin/pamusb-agent; do
69      substituteInPlace $prog --replace '/usr/bin/env python' '/bin/python'
70      wrapProgram $prog \
71        --prefix PYTHONPATH : "$(toPythonPath ${dbus-python})"
72    done
73  '';
74
75  meta = {
76    homepage = "http://pamusb.org/";
77    description = "Authentication using USB Flash Drives";
78    license = lib.licenses.gpl2;
79    platforms = lib.platforms.linux;
80  };
81}