summary refs log tree commit diff
path: root/pkgs/tools/security
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2014-07-01 11:25:41 +0200
committerEelco Dolstra <eelco.dolstra@logicblox.com>2014-07-01 11:25:41 +0200
commit06fc1ec34dbae8bba4673475e64a8241026089f6 (patch)
tree3e70796a291acc704ef5382f5af4866cab64e537 /pkgs/tools/security
parent89f8af55f11b01e68cbfc6d10537413140261721 (diff)
parentce623950ada9e1ef721760f05b9e3a14604fd764 (diff)
downloadnixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar
nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.gz
nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.bz2
nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.lz
nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.xz
nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.tar.zst
nixlib-06fc1ec34dbae8bba4673475e64a8241026089f6.zip
Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/servers/serfdom/default.nix
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r--pkgs/tools/security/ecryptfs/default.nix35
-rw-r--r--pkgs/tools/security/gnupg/default.nix4
-rw-r--r--pkgs/tools/security/gnupg1/default.nix4
-rw-r--r--pkgs/tools/security/meo/default.nix2
-rw-r--r--pkgs/tools/security/sudo/default.nix40
5 files changed, 54 insertions, 31 deletions
diff --git a/pkgs/tools/security/ecryptfs/default.nix b/pkgs/tools/security/ecryptfs/default.nix
index d1ed6f420ec3..13046aa0b2d1 100644
--- a/pkgs/tools/security/ecryptfs/default.nix
+++ b/pkgs/tools/security/ecryptfs/default.nix
@@ -1,18 +1,37 @@
-{stdenv, fetchurl, fuse, python, perl, keyutils, pam, nss, nspr}:
+{ stdenv, fetchurl, pkgconfig, perl, keyutils, nss, nspr, python, pam
+, intltool, makeWrapper, coreutils, gettext, cryptsetup, lvm2, rsync, which }:
+
 stdenv.mkDerivation {
-  name = "ecryptfs-82";
+  name = "ecryptfs-104";
 
   src = fetchurl {
-    url = http://launchpad.net/ecryptfs/trunk/82/+download/ecryptfs-utils_82.orig.tar.gz;
-    sha256 = "1w3swispgp71prz8h56hqby2wwnvam5vllqvc69rn8cf605i69a6";
+    url = http://launchpad.net/ecryptfs/trunk/104/+download/ecryptfs-utils_104.orig.tar.gz;
+    sha256 = "0f3lzpjw97vcdqzzgii03j3knd6pgwn1y0lpaaf46iidaiv0282a";
   };
 
-  NIX_CFLAGS_COMPILE = "-I${nspr}/include/nspr -I${nss}/include/nss";
+  buildInputs = [ pkgconfig perl nss nspr python pam intltool makeWrapper ];
+  propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ];
 
-  buildInputs = [ python perl keyutils pam nss nspr ];
+  postInstall = ''
+    FILES="$(grep -r '/bin/sh' $out/bin | sed 's,:.*,,' | uniq)"
+    for file in $FILES; do
+      sed -i $file -e "s,\(/sbin/u\?mount.ecryptfs\(_private\)\?\),$out\1," \
+        -e "s,\(/sbin/cryptsetup\),${cryptsetup}\1," \
+        -e "s,\(/sbin/dmsetup\),${lvm2}\1," \
+        -e 's,/sbin/\(unix_chkpwd\),\1,'
+      wrapProgram $file \
+        --prefix PATH ":" "${coreutils}/bin" \
+        --prefix PATH ":" "${gettext}/bin" \
+        --prefix PATH ":" "${rsync}/bin" \
+        --prefix PATH ":" "${keyutils}/bin" \
+        --prefix PATH ":" "${which}/bin" \
+        --prefix PATH ":" "$out/bin"
+    done
+  '';
 
-  meta = {
+  meta = with stdenv.lib; {
     description = "Enterprise-class stacked cryptographic filesystem";
-    license = "GPLv2+";
+    license = licenses.gpl2Plus;
+    platforms = platforms.linux;
   };
 }
diff --git a/pkgs/tools/security/gnupg/default.nix b/pkgs/tools/security/gnupg/default.nix
index f242c3f323ae..9b8d33b6b696 100644
--- a/pkgs/tools/security/gnupg/default.nix
+++ b/pkgs/tools/security/gnupg/default.nix
@@ -13,11 +13,11 @@ assert useUsb -> (libusb != null);
 assert useCurl -> (curl != null);
 
 stdenv.mkDerivation rec {
-  name = "gnupg-2.0.22";
+  name = "gnupg-2.0.24";
 
   src = fetchurl {
     url = "mirror://gnupg/gnupg/${name}.tar.bz2";
-    sha256 = "0lg210acj2rxq291q4cwamg9gx6gh2prb1xa93y5jhw5b6r0lza3";
+    sha256 = "0ch2hbindk832cy7ca00a7whw84ndm0nhqrl24a5fw4ldkca2x6r";
   };
 
   buildInputs
diff --git a/pkgs/tools/security/gnupg1/default.nix b/pkgs/tools/security/gnupg1/default.nix
index 362ec3a25bbd..a25ae35b6cc9 100644
--- a/pkgs/tools/security/gnupg1/default.nix
+++ b/pkgs/tools/security/gnupg1/default.nix
@@ -1,11 +1,11 @@
 { stdenv, fetchurl, readline, bzip2 }:
 
 stdenv.mkDerivation rec {
-  name = "gnupg-1.4.16";
+  name = "gnupg-1.4.17";
 
   src = fetchurl {
     url = "mirror://gnupg/gnupg/${name}.tar.bz2";
-    sha256 = "0bsa1yqa3ybhvmc4ys73amdpcmckrlq1fsxjl2980cxada778fvv";
+    sha256 = "0nvv1bd8v13gh2m1429azws7ks0ix9y1yv87ak9k9i1dsqcrvpg6";
   };
 
   buildInputs = [ readline bzip2 ];
diff --git a/pkgs/tools/security/meo/default.nix b/pkgs/tools/security/meo/default.nix
index 820919d1a2ef..2dfdf466c28a 100644
--- a/pkgs/tools/security/meo/default.nix
+++ b/pkgs/tools/security/meo/default.nix
@@ -5,7 +5,7 @@ stdenv.mkDerivation {
   
   src = fetchhg {
     url = http://oss.stamfest.net/hg/meo;
-    tag = "b48e5f16cff8";
+    rev = "b48e5f16cff8";
     sha256 = "0ifg7y28s89i9gwda6fyj1jbrykbcvq8bf1m6rxmdcv5afi3arbq";
   };
 
diff --git a/pkgs/tools/security/sudo/default.nix b/pkgs/tools/security/sudo/default.nix
index b4c2d7f1c1fa..ab46af5a1cd9 100644
--- a/pkgs/tools/security/sudo/default.nix
+++ b/pkgs/tools/security/sudo/default.nix
@@ -11,39 +11,43 @@ stdenv.mkDerivation rec {
     sha256 = "002l6h27pnhb77b65frhazbhknsxvrsnkpi43j7i0qw1lrgi7nkf";
   };
 
-  postConfigure = ''
-    cat >> pathnames.h <<EOF
-    #undef  _PATH_SUDO_LOGFILE
-    #define _PATH_SUDO_LOGFILE "/var/log/sudo.log"
-    #undef  _PATH_SUDO_TIMEDIR
-    #define _PATH_SUDO_TIMEDIR "/run/sudo"
-    #undef  _PATH_VI
-    #define _PATH_VI "/run/current-system/sw/bin/nano"
-    #undef  _PATH_MV
-    #define _PATH_MV "${coreutils}/bin/mv"
+  configureFlags = [
+    "--with-env-editor"
+    "--with-editor=/run/current-system/sw/bin/nano"
+    "--with-rundir=/var/run"
+    "--with-vardir=/var/db/sudo"
+    "--with-logpath=/var/log/sudo.log"
+  ];
+
+  postConfigure =
+    ''
+    cat >> pathnames.h <<'EOF'
+      #undef _PATH_MV
+      #define _PATH_MV "${coreutils}/bin/mv"
     EOF
-
     makeFlags="install_uid=$(id -u) install_gid=$(id -g)"
-    installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc timedir=$TMPDIR/dummy"
-  '';
+    installFlags="sudoers_uid=$(id -u) sudoers_gid=$(id -g) sysconfdir=$out/etc rundir=$TMPDIR/dummy vardir=$TMPDIR/dummy"
+    '';
 
   buildInputs = [ coreutils pam groff ];
 
   enableParallelBuilding = true;
 
-  postInstall = ''
-    rm $out/share/doc/sudo/ChangeLog
-  '';
+  postInstall = 
+    ''
+    rm -f $out/share/doc/sudo/ChangeLog
+    '';
 
   meta = {
     description = "A command to run commands as root";
 
-    longDescription = ''
+    longDescription = 
+      ''
       Sudo (su "do") allows a system administrator to delegate
       authority to give certain users (or groups of users) the ability
       to run some (or all) commands as root or another user while
       providing an audit trail of the commands and their arguments.
-    '';
+      '';
 
     homepage = http://www.sudo.ws/;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-04 06:43:47 +0000