diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-07-01 11:25:41 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-07-01 11:25:41 +0200 |
commit | 06fc1ec34dbae8bba4673475e64a8241026089f6 (patch) | |
tree | 3e70796a291acc704ef5382f5af4866cab64e537 /pkgs/tools/security | |
parent | 89f8af55f11b01e68cbfc6d10537413140261721 (diff) | |
parent | ce623950ada9e1ef721760f05b9e3a14604fd764 (diff) | |
download | nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.gz nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.bz2 nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.lz nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.xz nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.zst nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.zip |
Merge remote-tracking branch 'origin/master' into staging
Conflicts: pkgs/servers/serfdom/default.nix
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/ecryptfs/default.nix | 35 | ||||
-rw-r--r-- | pkgs/tools/security/gnupg/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/gnupg1/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/meo/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/sudo/default.nix | 40 |
5 files changed, 54 insertions, 31 deletions
diff --git a/pkgs/tools/security/ecryptfs/default.nix b/pkgs/tools/security/ecryptfs/default.nix index d1ed6f420ec3..13046aa0b2d1 100644 --- a/pkgs/tools/security/ecryptfs/default.nix +++ b/pkgs/tools/security/ecryptfs/default.nix @@ -1,18 +1,37 @@ -{stdenv, fetchurl, fuse, python, perl, keyutils, pam, nss, nspr}: +{ stdenv, fetchurl, pkgconfig, perl, keyutils, nss, nspr, python, pam +, intltool, makeWrapper, coreutils, gettext, cryptsetup, lvm2, rsync, which }: + stdenv.mkDerivation { - name = "ecryptfs-82"; + name = "ecryptfs-104"; src = fetchurl { - url = http://launchpad.net/ecryptfs/trunk/82/+download/ecryptfs-utils_82.orig.tar.gz; - sha256 = "1w3swispgp71prz8h56hqby2wwnvam5vllqvc69rn8cf605i69a6"; + url = http://launchpad.net/ecryptfs/trunk/104/+download/ecryptfs-utils_104.orig.tar.gz; + sha256 = "0f3lzpjw97vcdqzzgii03j3knd6pgwn1y0lpaaf46iidaiv0282a"; }; - NIX_CFLAGS_COMPILE = "-I${nspr}/include/nspr -I${nss}/include/nss"; + buildInputs = [ pkgconfig perl nss nspr python pam intltool makeWrapper ]; + propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ]; - buildInputs = [ python perl keyutils pam nss nspr ]; + postInstall = '' + FILES="$(grep -r '/bin/sh' $out/bin | sed 's,:.*,,' | uniq)" + for file in $FILES; do + sed -i $file -e "s,\(/sbin/u\?mount.ecryptfs\(_private\)\?\),$out\1," \ + -e "s,\(/sbin/cryptsetup\),${cryptsetup}\1," \ + -e "s,\(/sbin/dmsetup\),${lvm2}\1," \ + -e 's,/sbin/\(unix_chkpwd\),\1,' + wrapProgram $file \ + --prefix PATH ":" "${coreutils}/bin" \ + --prefix PATH ":" "${gettext}/bin" \ + --prefix PATH ":" "${rsync}/bin" \ + --prefix PATH ":" "${keyutils}/bin" \ + --prefix PATH ":" "${which}/bin" \ + --prefix PATH ":" "$out/bin" + done + ''; - meta = { + meta = with stdenv.lib; { description = "Enterprise-class stacked cryptographic filesystem"; - license = "GPLv2+"; + license = licenses.gpl2Plus; + platforms = platforms.linux; }; } diff --git a/pkgs/tools/security/gnupg/default.nix b/pkgs/tools/security/gnupg/default.nix index f242c3f323ae..9b8d33b6b696 100644 --- a/pkgs/tools/security/gnupg/default.nix +++ b/pkgs/tools/security/gnupg/default.nix @@ -13,11 +13,11 @@ assert useUsb -> (libusb != null); assert useCurl -> (curl != null); stdenv.mkDerivation rec { - name = "gnupg-2.0.22"; + name = "gnupg-2.0.24"; src = fetchurl { url = "mirror://gnupg/gnupg/${name}.tar.bz2"; - sha256 = "0lg210acj2rxq291q4cwamg9gx6gh2prb1xa93y5jhw5b6r0lza3"; + sha256 = "0ch2hbindk832cy7ca00a7whw84ndm0nhqrl24a5fw4ldkca2x6r"; }; buildInputs diff --git a/pkgs/tools/security/gnupg1/default.nix b/pkgs/tools/security/gnupg1/default.nix index 362ec3a25bbd..a25ae35b6cc9 100644 --- a/pkgs/tools/security/gnupg1/default.nix +++ b/pkgs/tools/security/gnupg1/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, readline, bzip2 }: stdenv.mkDerivation rec { - name = "gnupg-1.4.16"; + name = "gnupg-1.4.17"; src = fetchurl { url = "mirror://gnupg/gnupg/${name}.tar.bz2"; - sha256 = "0bsa1yqa3ybhvmc4ys73amdpcmckrlq1fsxjl2980cxada778fvv"; + sha256 = "0nvv1bd8v13gh2m1429azws7ks0ix9y1yv87ak9k9i1dsqcrvpg6"; }; buildInputs = [ readline bzip2 ]; diff --git a/pkgs/tools/security/meo/default.nix b/pkgs/tools/security/meo/default.nix index 820919d1a2ef..2dfdf466c28a 100644 --- a/pkgs/tools/security/meo/default.nix +++ b/pkgs/tools/security/meo/default.nix @@ -5,7 +5,7 @@ stdenv.mkDerivation { src = fetchhg { url = http://oss.stamfest.net/hg/meo; - tag = "b48e5f16cff8"; + rev = "b48e5f16cff8"; sha256 = "0ifg7y28s89i9gwda6fyj1jbrykbcvq8bf1m6rxmdcv5afi3arbq"; }; diff --git a/pkgs/tools/security/sudo/default.nix b/pkgs/tools/security/sudo/default.nix index b4c2d7f1c1fa..ab46af5a1cd9 100644 --- a/pkgs/tools/security/sudo/default.nix +++ b/pkgs/tools/security/sudo/default.nix @@ -11,39 +11,43 @@ stdenv.mkDerivation rec { sha256 = "002l6h27pnhb77b65frhazbhknsxvrsnkpi43j7i0qw1lrgi7nkf"; }; - postConfigure = '' - cat >> pathnames.h <<EOF - #undef _PATH_SUDO_LOGFILE - #define _PATH_SUDO_LOGFILE "/var/log/sudo.log" - #undef _PATH_SUDO_TIMEDIR - #define _PATH_SUDO_TIMEDIR "/run/sudo" - #undef _PATH_VI - #define _PATH_VI "/run/current-system/sw/bin/nano" - #undef _PATH_MV - #define _PATH_MV "${coreutils}/bin/mv" + configureFlags = [ + "--with-env-editor" + "--with-editor=/run/current-system/sw/bin/nano" + "--with-rundir=/var/run" + "--with-vardir=/var/db/sudo" + "--with-logpath=/var/log/sudo.log" + ]; + + postConfigure = + '' + cat >> pathnames.h <<'EOF' + #undef _PATH_MV + #define _PATH_MV "${coreutils}/bin/mv" EOF - makeFlags="install_uid=$(id -u) install_gid=$(id -g)" - installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc timedir=$TMPDIR/dummy" - ''; + installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc rundir=$TMPDIR/dummy vardir=$TMPDIR/dummy" + ''; buildInputs = [ coreutils pam groff ]; enableParallelBuilding = true; - postInstall = '' - rm $out/share/doc/sudo/ChangeLog - ''; + postInstall = + '' + rm -f $out/share/doc/sudo/ChangeLog + ''; meta = { description = "A command to run commands as root"; - longDescription = '' + longDescription = + '' Sudo (su "do") allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. - ''; + ''; homepage = http://www.sudo.ws/; |