diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-01-07 02:18:36 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-01-07 02:18:47 +0000 |
commit | 36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2 (patch) | |
tree | b3faaf573407b32aa645237a4d16b82778a39a92 /nixpkgs/pkgs/os-specific/linux/selinux-sandbox | |
parent | 4e31070265257dc67d120c27e0f75c2344fdfa9a (diff) | |
parent | abf060725d7614bd3b9f96764262dfbc2f9c2199 (diff) | |
download | nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.gz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.bz2 nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.lz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.xz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.zst nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.zip |
Add 'nixpkgs/' from commit 'abf060725d7614bd3b9f96764262dfbc2f9c2199'
git-subtree-dir: nixpkgs git-subtree-mainline: 4e31070265257dc67d120c27e0f75c2344fdfa9a git-subtree-split: abf060725d7614bd3b9f96764262dfbc2f9c2199
Diffstat (limited to 'nixpkgs/pkgs/os-specific/linux/selinux-sandbox')
-rw-r--r-- | nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix b/nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix new file mode 100644 index 000000000000..71d2ee6e80af --- /dev/null +++ b/nixpkgs/pkgs/os-specific/linux/selinux-sandbox/default.nix @@ -0,0 +1,61 @@ +{ stdenv, fetchurl, bash, coreutils, python3 +, libcap_ng, policycoreutils, selinux-python, dbus +, xorgserver, openbox, xmodmap }: + +# this is python3 only as it depends on selinux-python + +with stdenv.lib; +with python3.pkgs; + +stdenv.mkDerivation rec { + name = "selinux-sandbox-${version}"; + version = "2.7"; + se_release = "20170804"; + + src = fetchurl { + url = "https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${se_release}/selinux-sandbox-${version}.tar.gz"; + sha256 = "0hf5chm90iapb42njaps6p5460ys3ajh5446ja544vdbh01n544l"; + }; + + nativeBuildInputs = [ wrapPython ]; + buildInputs = [ bash coreutils libcap_ng policycoreutils python3 xorgserver openbox xmodmap dbus ]; + propagatedBuildInputs = [ pygobject3 selinux-python ]; + + postPatch = '' + # Fix setuid install + substituteInPlace Makefile --replace "-m 4755" "-m 755" + substituteInPlace sandboxX.sh \ + --replace "#!/bin/sh" "#!${bash}/bin/sh" \ + --replace "/usr/share/sandbox/start" "${placeholder "out"}/share/sandbox/start" \ + --replace "/usr/bin/cut" "${coreutils}/bin/cut" \ + --replace "/usr/bin/Xephyr" "${xorgserver}/bin/Xepyhr" \ + --replace "secon" "${policycoreutils}/bin/secon" + substituteInPlace sandbox \ + --replace "/usr/sbin/seunshare" "$out/bin/seunshare" \ + --replace "/usr/share/sandbox" "$out/share/sandbox" \ + --replace "/usr/share/locale" "${policycoreutils}/share/locale" \ + --replace "/usr/bin/openbox" "${openbox}/bin/openbox" \ + --replace "#!/bin/sh" "#!${bash}/bin/sh" \ + --replace "dbus-" "${dbus}/bin/dbus-" \ + --replace "/usr/bin/xmodmap" "${xmodmap}/bin/xmodmap" \ + --replace "/usr/bin/shred" "${coreutils}/bin/shred" \ + --replace "/usr/bin/test" "${coreutils}/bin/test" \ + ''; + + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") + ''; + + postFixup = '' + wrapPythonPrograms + ''; + + meta = { + description = "SELinux sandbox utility"; + license = licenses.gpl2; + homepage = https://selinuxproject.org; + platforms = platforms.linux; + }; +} + |