diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/doas/default.nix')
| -rw-r--r-- | nixpkgs/pkgs/tools/security/doas/default.nix | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/doas/default.nix b/nixpkgs/pkgs/tools/security/doas/default.nix new file mode 100644 index 000000000000..b79dba7c325f --- /dev/null +++ b/nixpkgs/pkgs/tools/security/doas/default.nix @@ -0,0 +1,49 @@ +{ lib +, stdenv +, fetchFromGitHub +, bison +, pam + +, withPAM ? true +, withTimestamp ? true +}: + +stdenv.mkDerivation rec { + pname = "doas"; + version = "6.8.2"; + + src = fetchFromGitHub { + owner = "Duncaen"; + repo = "OpenDoas"; + rev = "v${version}"; + sha256 = "9uOQ2Ta5HzEpbCz2vbqZEEksPuIjL8lvmfmynfqxMeM="; + }; + + # otherwise confuses ./configure + dontDisableStatic = true; + + configureFlags = [ + (lib.optionalString withTimestamp "--with-timestamp") # to allow the "persist" setting + (lib.optionalString (!withPAM) "--without-pam") + ]; + + patches = [ + # Allow doas to discover binaries in /run/current-system/sw/{s,}bin and + # /run/wrappers/bin + ./0001-add-NixOS-specific-dirs-to-safe-PATH.patch + ]; + + postPatch = '' + sed -i '/\(chown\|chmod\)/d' GNUmakefile + ''; + + buildInputs = [ bison pam ]; + + meta = with lib; { + description = "Executes the given command as another user"; + homepage = "https://github.com/Duncaen/OpenDoas"; + license = licenses.isc; + platforms = platforms.linux; + maintainers = with maintainers; [ cole-h cstrahan ]; + }; +} |