2021-01-11 07:54:33 +00:00
|
|
|
{ lib, stdenv, fetchFromGitHub, autoconf, bison, flex, libtool, pkgconfig, which
|
2018-12-04 21:47:48 +00:00
|
|
|
, libnl, protobuf, protobufc, shadow
|
|
|
|
}:
|
2015-08-10 18:34:09 +01:00
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
2019-08-15 13:41:18 +01:00
|
|
|
pname = "nsjail";
|
2020-07-23 16:49:56 +01:00
|
|
|
version = "3.0";
|
2015-08-10 18:34:09 +01:00
|
|
|
|
2017-10-21 23:13:11 +01:00
|
|
|
src = fetchFromGitHub {
|
|
|
|
owner = "google";
|
|
|
|
repo = "nsjail";
|
|
|
|
rev = version;
|
|
|
|
fetchSubmodules = true;
|
2020-07-23 16:49:56 +01:00
|
|
|
sha256 = "1w6x8xcrs0i1y3q41gyq8z3cq9x24qablklc4jiydf855lhqn4dh";
|
2015-08-10 18:34:09 +01:00
|
|
|
};
|
|
|
|
|
2018-10-10 22:33:43 +01:00
|
|
|
nativeBuildInputs = [ autoconf bison flex libtool pkgconfig which ];
|
|
|
|
buildInputs = [ libnl protobuf protobufc ];
|
2017-11-04 19:02:23 +00:00
|
|
|
enableParallelBuilding = true;
|
2017-10-21 23:13:11 +01:00
|
|
|
|
2020-07-23 16:49:56 +01:00
|
|
|
preBuild = ''
|
|
|
|
makeFlagsArray+=(USER_DEFINES='-DNEWUIDMAP_PATH=${shadow}/bin/newuidmap -DNEWGIDMAP_PATH=${shadow}/bin/newgidmap')
|
|
|
|
'';
|
|
|
|
|
2015-08-10 18:34:09 +01:00
|
|
|
installPhase = ''
|
2017-11-04 19:02:23 +00:00
|
|
|
mkdir -p $out/bin $out/share/man/man1
|
|
|
|
install nsjail $out/bin/
|
|
|
|
install nsjail.1 $out/share/man/man1/
|
2015-08-10 18:34:09 +01:00
|
|
|
'';
|
|
|
|
|
2021-01-11 07:54:33 +00:00
|
|
|
meta = with lib; {
|
2017-10-21 23:13:11 +01:00
|
|
|
description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters";
|
2020-04-01 02:11:51 +01:00
|
|
|
homepage = "http://nsjail.com/";
|
2017-11-04 19:02:23 +00:00
|
|
|
license = licenses.asl20;
|
2020-07-23 16:49:56 +01:00
|
|
|
maintainers = with maintainers; [ arturcygan bosu c0bw3b ];
|
2017-10-21 23:13:11 +01:00
|
|
|
platforms = platforms.linux;
|
2015-08-10 18:34:09 +01:00
|
|
|
};
|
|
|
|
}
|