tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / tools / security / sudo / default.nix
at release-18.03 82 lines 2.2 kB view raw
1{ stdenv, fetchurl, coreutils, pam, groff, sssd 2, sendmailPath ? "/run/wrappers/bin/sendmail" 3, withInsults ? false 4, withSssd ? false 5}: 6 7stdenv.mkDerivation rec { 8 name = "sudo-1.8.22"; 9 10 src = fetchurl { 11 urls = 12 [ "ftp://ftp.sudo.ws/pub/sudo/${name}.tar.gz" 13 "ftp://ftp.sudo.ws/pub/sudo/OLD/${name}.tar.gz" 14 ]; 15 sha256 = "00pxp74xkwdcmrjwy55j0k8p684jk1zx3nzdc11v30q8q8kwnmkj"; 16 }; 17 18 prePatch = '' 19 # do not set sticky bit in nix store 20 substituteInPlace src/Makefile.in --replace 04755 0755 21 ''; 22 23 configureFlags = [ 24 "--with-env-editor" 25 "--with-editor=/run/current-system/sw/bin/nano" 26 "--with-rundir=/run/sudo" 27 "--with-vardir=/var/db/sudo" 28 "--with-logpath=/var/log/sudo.log" 29 "--with-iologdir=/var/log/sudo-io" 30 "--with-sendmail=${sendmailPath}" 31 "--enable-tmpfiles.d=no" 32 ] ++ stdenv.lib.optional withInsults [ 33 "--with-insults" 34 "--with-all-insults" 35 ] ++ stdenv.lib.optional withSssd [ 36 "--with-sssd" 37 "--with-sssd-lib=${sssd}/lib" 38 ]; 39 40 configureFlagsArray = [ 41 "--with-passprompt=[sudo] password for %p: " # intentional trailing space 42 ]; 43 44 postConfigure = 45 '' 46 cat >> pathnames.h <<'EOF' 47 #undef _PATH_MV 48 #define _PATH_MV "${coreutils}/bin/mv" 49 EOF 50 makeFlags="install_uid=$(id -u) install_gid=$(id -g)" 51 installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc rundir=$TMPDIR/dummy vardir=$TMPDIR/dummy" 52 ''; 53 54 buildInputs = [ coreutils pam groff ]; 55 56 enableParallelBuilding = true; 57 58 postInstall = 59 '' 60 rm -f $out/share/doc/sudo/ChangeLog 61 ''; 62 63 meta = { 64 description = "A command to run commands as root"; 65 66 longDescription = 67 '' 68 Sudo (su "do") allows a system administrator to delegate 69 authority to give certain users (or groups of users) the ability 70 to run some (or all) commands as root or another user while 71 providing an audit trail of the commands and their arguments. 72 ''; 73 74 homepage = https://www.sudo.ws/; 75 76 license = https://www.sudo.ws/sudo/license.html; 77 78 maintainers = [ stdenv.lib.maintainers.eelco ]; 79 80 platforms = stdenv.lib.platforms.linux; 81 }; 82}