diff options
| author | xeji <xeji@cat3.de> | 2018-03-15 23:57:19 +0100 |
|---|---|---|
| committer | xeji <xeji@cat3.de> | 2018-03-23 14:30:02 +0100 |
| commit | f7fe3f51840d6d978cb644ce209ce3466de480eb (patch) | |
| tree | 66d626b72bc8b5a7ca89ea2da9a71e0f405c60b1 /pkgs/os-specific/linux/selinux-sandbox | |
| parent | 905f4725562b8cf07d1a75fd6e5d6573d5cb5520 (diff) | |
| download | nixlib-f7fe3f51840d6d978cb644ce209ce3466de480eb.tar nixlib-f7fe3f51840d6d978cb644ce209ce3466de480eb.tar.gz nixlib-f7fe3f51840d6d978cb644ce209ce3466de480eb.tar.bz2 nixlib-f7fe3f51840d6d978cb644ce209ce3466de480eb.tar.lz nixlib-f7fe3f51840d6d978cb644ce209ce3466de480eb.tar.xz nixlib-f7fe3f51840d6d978cb644ce209ce3466de480eb.tar.zst nixlib-f7fe3f51840d6d978cb644ce209ce3466de480eb.zip | |
selinux-sandbox: init at 2.7
Diffstat (limited to 'pkgs/os-specific/linux/selinux-sandbox')
| -rw-r--r-- | pkgs/os-specific/linux/selinux-sandbox/default.nix | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/selinux-sandbox/default.nix b/pkgs/os-specific/linux/selinux-sandbox/default.nix new file mode 100644 index 000000000000..71d2ee6e80af --- /dev/null +++ b/pkgs/os-specific/linux/selinux-sandbox/default.nix @@ -0,0 +1,61 @@ +{ stdenv, fetchurl, bash, coreutils, python3 +, libcap_ng, policycoreutils, selinux-python, dbus +, xorgserver, openbox, xmodmap }: + +# this is python3 only as it depends on selinux-python + +with stdenv.lib; +with python3.pkgs; + +stdenv.mkDerivation rec { + name = "selinux-sandbox-${version}"; + version = "2.7"; + se_release = "20170804"; + + src = fetchurl { + url = "https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${se_release}/selinux-sandbox-${version}.tar.gz"; + sha256 = "0hf5chm90iapb42njaps6p5460ys3ajh5446ja544vdbh01n544l"; + }; + + nativeBuildInputs = [ wrapPython ]; + buildInputs = [ bash coreutils libcap_ng policycoreutils python3 xorgserver openbox xmodmap dbus ]; + propagatedBuildInputs = [ pygobject3 selinux-python ]; + + postPatch = '' + # Fix setuid install + substituteInPlace Makefile --replace "-m 4755" "-m 755" + substituteInPlace sandboxX.sh \ + --replace "#!/bin/sh" "#!${bash}/bin/sh" \ + --replace "/usr/share/sandbox/start" "${placeholder "out"}/share/sandbox/start" \ + --replace "/usr/bin/cut" "${coreutils}/bin/cut" \ + --replace "/usr/bin/Xephyr" "${xorgserver}/bin/Xepyhr" \ + --replace "secon" "${policycoreutils}/bin/secon" + substituteInPlace sandbox \ + --replace "/usr/sbin/seunshare" "$out/bin/seunshare" \ + --replace "/usr/share/sandbox" "$out/share/sandbox" \ + --replace "/usr/share/locale" "${policycoreutils}/share/locale" \ + --replace "/usr/bin/openbox" "${openbox}/bin/openbox" \ + --replace "#!/bin/sh" "#!${bash}/bin/sh" \ + --replace "dbus-" "${dbus}/bin/dbus-" \ + --replace "/usr/bin/xmodmap" "${xmodmap}/bin/xmodmap" \ + --replace "/usr/bin/shred" "${coreutils}/bin/shred" \ + --replace "/usr/bin/test" "${coreutils}/bin/test" \ + ''; + + preBuild = '' + makeFlagsArray+=("PREFIX=$out") + makeFlagsArray+=("DESTDIR=$out") + ''; + + postFixup = '' + wrapPythonPrograms + ''; + + meta = { + description = "SELinux sandbox utility"; + license = licenses.gpl2; + homepage = https://selinuxproject.org; + platforms = platforms.linux; + }; +} + |