pkgs/tools/security/nsjail/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

{ stdenv, fetchgit }:

stdenv.mkDerivation rec {
  name = "nsjail-git-2015-08-10";

  src = fetchgit {
    url = https://github.com/google/nsjail;
    rev = "8b951e6c2827386786cde4a124cd1846d25b9404";
    sha256 = "02bmwd48l6ngp0nc65flw395mpj66brx3808d5xd19qn5524lnni";
  };

  installPhase = ''
    mkdir -p $out/bin
    cp nsjail $out/bin
  '';

  meta = {
    description = ''
      A light-weight process isolation tool, making use of Linux namespaces
      and seccomp-bpf syscall filters
      '';
    homepage = http://google.github.io/nsjail;

    license = stdenv.lib.licenses.apsl20;

    maintainers = [ stdenv.lib.maintainers.bosu ];

    platforms = stdenv.lib.platforms.linux;
  };
}