JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4a7f99d55d
nixpkgs/pkgs/tools/security/ecryptfs/default.nix
Profpatsch 4a7f99d55d treewide: with stdenv.lib; in meta -> with lib; 
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00

68 lines
2.7 KiB
Nix
Raw Blame History

{ lib, stdenv, fetchurl, pkgconfig, perl, util-linux, keyutils, nss, nspr, python2, pam, enablePython ? false
, intltool, makeWrapper, coreutils, bash, gettext, cryptsetup, lvm2, rsync, which, lsof }:
stdenv.mkDerivation rec {
pname = "ecryptfs";
version = "111";
src = fetchurl {
url = "https://launchpad.net/ecryptfs/trunk/${version}/+download/ecryptfs-utils_${version}.orig.tar.gz";
sha256 = "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i";
};
# TODO: replace wrapperDir below with from <nixos> config.security.wrapperDir;
wrapperDir = "/run/wrappers/bin";
postPatch = ''
FILES="$(grep -r '/bin/sh' src/utils -l; find src -name \*.c)"
for file in $FILES; do
substituteInPlace "$file" \
--replace /bin/mount ${util-linux}/bin/mount \
--replace /bin/umount ${util-linux}/bin/umount \
--replace /sbin/mount.ecryptfs_private ${wrapperDir}/mount.ecryptfs_private \
--replace /sbin/umount.ecryptfs_private ${wrapperDir}/umount.ecryptfs_private \
--replace /sbin/mount.ecryptfs $out/sbin/mount.ecryptfs \
--replace /sbin/umount.ecryptfs $out/sbin/umount.ecryptfs \
--replace /usr/bin/ecryptfs-rewrite-file $out/bin/ecryptfs-rewrite-file \
--replace /usr/bin/ecryptfs-mount-private $out/bin/ecryptfs-mount-private \
--replace /usr/bin/ecryptfs-setup-private $out/bin/ecryptfs-setup-private \
--replace /sbin/cryptsetup ${cryptsetup}/sbin/cryptsetup \
--replace /sbin/dmsetup ${lvm2}/sbin/dmsetup \
--replace /sbin/unix_chkpwd ${wrapperDir}/unix_chkpwd \
--replace /bin/bash ${bash}/bin/bash
done
'';
configureFlags = stdenv.lib.optionals (!enablePython) [ "--disable-pywrap" ];
nativeBuildInputs = [ pkgconfig ]
# if python2 support is requested, it is needed at builtime as well as runtime.
++ stdenv.lib.optionals (enablePython) [ python2 ]
;
buildInputs = [ perl nss nspr pam intltool makeWrapper ]
++ stdenv.lib.optionals (enablePython) [ python2 ]
;
propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ];
postInstall = ''
FILES="$(grep -r '/bin/sh' $out/bin -l)"
for file in $FILES; do
wrapProgram $file \
--prefix PATH ":" "${coreutils}/bin" \
--prefix PATH ":" "${gettext}/bin" \
--prefix PATH ":" "${rsync}/bin" \
--prefix PATH ":" "${keyutils}/bin" \
--prefix PATH ":" "${which}/bin" \
--prefix PATH ":" "${lsof}/bin" \
--prefix PATH ":" "$out/bin"
done
'';
meta = with lib; {
description = "Enterprise-class stacked cryptographic filesystem";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ obadz ];
platforms = platforms.linux;
};
}
Reference in New Issue View Git Blame Copy Permalink