tjh.dev
1{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake, kernel, installShellFiles, pkg-config
2, luajit, ncurses, perl, jsoncpp, libb64, openssl, curl, jq, gcc, elfutils, tbb, protobuf, grpc
3, yaml-cpp, nlohmann_json, re2, zstd
4}:
5
6let
7 # Compare with https://github.com/draios/sysdig/blob/dev/cmake/modules/falcosecurity-libs.cmake
8 libsRev = "0.10.5";
9 libsSha256 = "sha256-5a5ePcMHAlniJ8sU/5kKdRp5YkJ6tcr4h5Ru4Oc2kQY=";
10
11 # Compare with https://github.com/falcosecurity/libs/blob/master/cmake/modules/valijson.cmake#L17
12 valijson = fetchFromGitHub {
13 owner = "tristanpenman";
14 repo = "valijson";
15 rev = "v0.6";
16 sha256 = "sha256-ZD19Q2MxMQd3yEKbY90GFCrerie5/jzgO8do4JQDoKM=";
17 };
18
19 driver = fetchFromGitHub {
20 owner = "falcosecurity";
21 repo = "libs";
22 rev = libsRev;
23 sha256 = libsSha256;
24 };
25
26in
27stdenv.mkDerivation rec {
28 pname = "sysdig";
29 version = "0.31.5";
30
31 src = fetchFromGitHub {
32 owner = "draios";
33 repo = "sysdig";
34 rev = version;
35 sha256 = "sha256-RuoPqVulATtn7jSga/8fECs7weNfjt/YFh7iHmfCKjw=";
36 };
37
38 nativeBuildInputs = [ cmake perl installShellFiles pkg-config ];
39 buildInputs = [
40 luajit
41 ncurses
42 libb64
43 openssl
44 curl
45 jq
46 gcc
47 elfutils
48 tbb
49 libb64
50 re2
51 protobuf
52 grpc
53 yaml-cpp
54 jsoncpp
55 nlohmann_json
56 zstd
57 ] ++ lib.optionals (kernel != null) kernel.moduleBuildDependencies;
58
59 hardeningDisable = [ "pic" ];
60
61 postUnpack = ''
62 cp -r ${fetchFromGitHub {
63 owner = "falcosecurity";
64 repo = "libs";
65 rev = libsRev;
66 sha256 = libsSha256;
67 }} libs
68 chmod -R +w libs
69 cp -r ${driver} driver-src
70 chmod -R +w driver-src
71 cmakeFlagsArray+=(
72 "-DFALCOSECURITY_LIBS_SOURCE_DIR=$(pwd)/libs"
73 "-DVALIJSON_INCLUDE=${valijson}/include"
74 "-DDRIVER_SOURCE_DIR=$(pwd)/driver-src/driver"
75 )
76 '';
77
78 cmakeFlags = [
79 "-DUSE_BUNDLED_DEPS=OFF"
80 "-DSYSDIG_VERSION=${version}"
81 "-DUSE_BUNDLED_B64=OFF"
82 "-DUSE_BUNDLED_TBB=OFF"
83 "-DUSE_BUNDLED_RE2=OFF"
84 "-DCREATE_TEST_TARGETS=OFF"
85 ] ++ lib.optional (kernel == null) "-DBUILD_DRIVER=OFF";
86
87 # needed since luajit-2.1.0-beta3
88 env.NIX_CFLAGS_COMPILE = "-DluaL_reg=luaL_Reg -DluaL_getn(L,i)=((int)lua_objlen(L,i))";
89
90 preConfigure = ''
91 if ! grep -q "${libsRev}" cmake/modules/falcosecurity-libs.cmake; then
92 echo "falcosecurity-libs checksum needs to be updated!"
93 exit 1
94 fi
95 cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -lzstd -labsl_synchronization")
96 '' + lib.optionalString (kernel != null) ''
97 export INSTALL_MOD_PATH="$out"
98 export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
99 '';
100
101 postInstall =
102 ''
103 # Fix the bash completion location
104 installShellCompletion --bash $out/etc/bash_completion.d/sysdig
105 rm $out/etc/bash_completion.d/sysdig
106 rmdir $out/etc/bash_completion.d
107 rmdir $out/etc
108 ''
109 + lib.optionalString (kernel != null) ''
110 make install_driver
111 kernel_dev=${kernel.dev}
112 kernel_dev=''${kernel_dev#${builtins.storeDir}/}
113 kernel_dev=''${kernel_dev%%-linux*dev*}
114 if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/scap.ko"; then
115 sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
116 else
117 xz -d $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko.xz
118 sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
119 xz $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
120 fi
121 '';
122
123
124 meta = with lib; {
125 description = "A tracepoint-based system tracing tool for Linux (with clients for other OSes)";
126 license = with licenses; [ asl20 gpl2 mit ];
127 maintainers = [maintainers.raskin];
128 platforms = ["x86_64-linux"] ++ platforms.darwin;
129 broken = kernel != null && versionOlder kernel.version "4.14";
130 homepage = "https://sysdig.com/opensource/";
131 downloadPage = "https://github.com/draios/sysdig/releases";
132 };
133}