nixpkgs/pkgs/tools/security/nsjail/default.nix

41 lines
1.2 KiB
Nix
Raw Normal View History

2018-10-10 22:33:43 +01:00
{ stdenv, fetchFromGitHub, autoconf, bison, flex, libtool, pkgconfig, which
, libnl, protobuf, protobufc, shadow
}:
2015-08-10 18:34:09 +01:00
stdenv.mkDerivation rec {
2017-10-21 23:13:11 +01:00
name = "nsjail-${version}";
version = "2.8";
2015-08-10 18:34:09 +01:00
2017-10-21 23:13:11 +01:00
src = fetchFromGitHub {
owner = "google";
repo = "nsjail";
rev = version;
fetchSubmodules = true;
sha256 = "0cgycj0cz74plmz4asxryqprg6mkzpmnxzqbfsp1wwackinxq5fq";
2015-08-10 18:34:09 +01:00
};
postPatch = ''
substituteInPlace user.cc \
--replace "/usr/bin/newgidmap" "${shadow}/bin/newgidmap" \
--replace "/usr/bin/newuidmap" "${shadow}/bin/newuidmap"
'';
2018-10-10 22:33:43 +01:00
nativeBuildInputs = [ autoconf bison flex libtool pkgconfig which ];
buildInputs = [ libnl protobuf protobufc ];
enableParallelBuilding = true;
2017-10-21 23:13:11 +01:00
2015-08-10 18:34:09 +01:00
installPhase = ''
mkdir -p $out/bin $out/share/man/man1
install nsjail $out/bin/
install nsjail.1 $out/share/man/man1/
2015-08-10 18:34:09 +01:00
'';
2017-10-21 23:13:11 +01:00
meta = with stdenv.lib; {
description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters";
homepage = http://nsjail.com/;
license = licenses.asl20;
maintainers = with maintainers; [ bosu c0bw3b ];
2017-10-21 23:13:11 +01:00
platforms = platforms.linux;
2015-08-10 18:34:09 +01:00
};
}