tjh.dev
nixpkgs mirror (for testing)
github.com/NixOS/nixpkgs
nix
1{
2 lib,
3 makeWrapper,
4 gawk,
5 perl,
6 runtimeShellPackage,
7 stdenv,
8 which,
9 linuxHeaders ? stdenv.cc.libc.linuxHeaders,
10 python3Packages,
11 buildPackages,
12
13 # apparmor deps
14 apparmor-parser,
15 apparmor-teardown,
16}:
17let
18 inherit (python3Packages) libapparmor;
19in
20python3Packages.buildPythonApplication {
21 pname = "apparmor-utils";
22 inherit (libapparmor) version src;
23
24 postPatch = ''
25 patchShebangs common
26 cd utils
27
28 substituteInPlace aa-remove-unknown \
29 --replace-fail "/lib/apparmor/rc.apparmor.functions" "${apparmor-parser}/lib/apparmor/rc.apparmor.functions"
30 substituteInPlace Makefile \
31 --replace-fail "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h"
32 sed -i -E 's/^(DESTDIR|BINDIR|PYPREFIX)=.*//g' Makefile
33 sed -i aa-unconfined -e "/my_env\['PATH'\]/d"
34 ''
35 + (lib.optionalString stdenv.hostPlatform.isMusl ''
36 sed -i Makefile -e "/\<vim\>/d"
37 '');
38
39 pyproject = false;
40 strictDeps = true;
41
42 doCheck = true;
43
44 nativeBuildInputs = [
45 makeWrapper
46 which
47 python3Packages.setuptools
48 ];
49
50 buildInputs = [
51 perl
52 runtimeShellPackage
53 ];
54
55 pythonPath = [
56 python3Packages.notify2
57 python3Packages.psutil
58 libapparmor
59 ];
60
61 makeFlags = [
62 "LANGS="
63 "POD2MAN=${lib.getExe' buildPackages.perl "pod2man"}"
64 "POD2HTML=${lib.getExe' buildPackages.perl "pod2html"}"
65 "MANDIR=share/man"
66 ];
67
68 installFlags = [
69 "DESTDIR=$(out)"
70 "BINDIR=$(out)/bin"
71 "VIM_INSTALL_PATH=$(out)/share"
72 "PYPREFIX="
73 ];
74
75 postInstall = ''
76 wrapProgram $out/bin/aa-remove-unknown \
77 --prefix PATH : ${lib.makeBinPath [ gawk ]}
78
79 ln -s ${lib.getExe apparmor-teardown} $out/bin/aa-teardown
80 '';
81
82 meta = libapparmor.meta // {
83 description = "Mandatory access control system - script user-land utilities";
84 };
85}