1 files changed, 51 insertions, 0 deletions

diff --git a/nixpkgs/pkgs/os-specific/linux/gradm/default.nix b/nixpkgs/pkgs/os-specific/linux/gradm/default.nix
new file mode 100644
index 000000000000..7f64ed227719
--- /dev/null
+++ b/nixpkgs/pkgs/os-specific/linux/gradm/default.nix
@@ -0,0 +1,51 @@
+{ stdenv, fetchurl
+, bison, flex
+, pam
+}:
+
+stdenv.mkDerivation rec {
+  name    = "gradm-${version}";
+  version = "3.1-201608131257";
+
+  src  = fetchurl {
+    url    = "http://grsecurity.net/stable/${name}.tar.gz";
+    sha256 = "0y5565rhil5ciprwz7nx4s4ah7dsxx7zrkg42dbq0mcg8m316xrb";
+  };
+
+  nativeBuildInputs = [ bison flex ];
+  buildInputs = [ pam ];
+
+  enableParallelBuilding = true;
+
+  makeFlags = [
+    "DESTDIR=$(out)"
+    "LEX=${flex}/bin/flex"
+    "MANDIR=/share/man"
+    "MKNOD=true"
+  ];
+
+  preBuild = ''
+    substituteInPlace Makefile \
+      --replace "/usr/bin/" "" \
+      --replace "/usr/include/security/pam_" "${pam}/include/security/pam_"
+
+    substituteInPlace gradm_defs.h \
+      --replace "/sbin/grlearn" "$out/bin/grlearn" \
+      --replace "/sbin/gradm" "$out/bin/gradm" \
+      --replace "/sbin/gradm_pam" "$out/bin/gradm_pam"
+
+    echo 'inherit-learn /nix/store' >>learn_config
+
+    mkdir -p "$out/etc/udev/rules.d"
+  '';
+
+  postInstall = ''rmdir $out/dev'';
+
+  meta = with stdenv.lib; {
+    description = "grsecurity RBAC administration and policy analysis utility";
+    homepage    = "https://grsecurity.net";
+    license     = licenses.gpl2;
+    platforms   = platforms.linux;
+    maintainers = with maintainers; [ thoughtpolice joachifm ];
+  };
+}