diff options
author | Ivan Kozik <ivan@ludios.org> | 2019-06-19 20:29:46 +0000 |
---|---|---|
committer | Ivan Kozik <ivan@ludios.org> | 2019-06-20 13:49:47 +0000 |
commit | f2ea45461767eef7b1c03d130342902e4070fe45 (patch) | |
tree | 1d686a9afa52503e0e950983af4bdc85a29fb218 | |
parent | f399f890dd4f8b79840cbf59f2b7e7577980ee18 (diff) | |
download | nixpkgs-f2ea45461767eef7b1c03d130342902e4070fe45.tar nixpkgs-f2ea45461767eef7b1c03d130342902e4070fe45.tar.gz nixpkgs-f2ea45461767eef7b1c03d130342902e4070fe45.tar.bz2 nixpkgs-f2ea45461767eef7b1c03d130342902e4070fe45.tar.lz nixpkgs-f2ea45461767eef7b1c03d130342902e4070fe45.tar.xz nixpkgs-f2ea45461767eef7b1c03d130342902e4070fe45.tar.zst nixpkgs-f2ea45461767eef7b1c03d130342902e4070fe45.zip |
usbguard-nox: init at 0.7.4
This is just usbguard without the Qt GUI that brings in Qt dependencies. Remove pandoc to reduce closure size. The usbguard build appears to use it only for spell checking. Remove asciidoctor because 0.7.1 switched to asciidoc. But don't add a dependency on asciidoc, because that causes the build fails on external DTDs.
-rw-r--r-- | nixos/modules/services/security/usbguard.nix | 14 | ||||
-rw-r--r-- | pkgs/os-specific/linux/usbguard/default.nix | 25 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 4 |
3 files changed, 28 insertions, 15 deletions
diff --git a/nixos/modules/services/security/usbguard.nix b/nixos/modules/services/security/usbguard.nix index 88d2f69db57..20d5e3b28eb 100644 --- a/nixos/modules/services/security/usbguard.nix +++ b/nixos/modules/services/security/usbguard.nix @@ -39,6 +39,16 @@ in { services.usbguard = { enable = mkEnableOption "USBGuard daemon"; + package = mkOption { + type = types.package; + default = pkgs.usbguard; + defaultText = "pkgs.usbguard"; + description = '' + The usbguard package to use. If you do not need the Qt GUI, use + <literal>pkgs.usbguard-nox</literal> to save disk space. + ''; + }; + ruleFile = mkOption { type = types.path; default = "/var/lib/usbguard/rules.conf"; @@ -179,7 +189,7 @@ in { config = mkIf cfg.enable { - environment.systemPackages = [ pkgs.usbguard ]; + environment.systemPackages = [ cfg.package ]; systemd.services.usbguard = { description = "USBGuard daemon"; @@ -195,7 +205,7 @@ in { serviceConfig = { Type = "simple"; - ExecStart = ''${pkgs.usbguard}/bin/usbguard-daemon -P -k -c ${daemonConfFile}''; + ExecStart = ''${cfg.package}/bin/usbguard-daemon -P -k -c ${daemonConfFile}''; Restart = "on-failure"; }; }; diff --git a/pkgs/os-specific/linux/usbguard/default.nix b/pkgs/os-specific/linux/usbguard/default.nix index 3df0023bd67..1c5678b81e0 100644 --- a/pkgs/os-specific/linux/usbguard/default.nix +++ b/pkgs/os-specific/linux/usbguard/default.nix @@ -1,8 +1,11 @@ { stdenv, fetchurl, lib, - libxslt, pandoc, asciidoctor, pkgconfig, - dbus-glib, libcap_ng, libqb, libseccomp, polkit, protobuf, qtbase, qttools, qtsvg, - audit, + pkgconfig, libxml2, libxslt, + dbus-glib, libcap_ng, libqb, libseccomp, polkit, protobuf, audit, + withGui ? true, + qtbase ? null, + qttools ? null, + qtsvg ? null, libgcrypt ? null, libsodium ? null }: @@ -23,10 +26,9 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ - libxslt - asciidoctor - pandoc # for rendering documentation pkgconfig + libxslt # xsltproc + libxml2 # xmllint ]; buildInputs = [ @@ -37,23 +39,20 @@ stdenv.mkDerivation rec { polkit protobuf audit - - qtbase - qtsvg - qttools ] ++ (lib.optional (libgcrypt != null) libgcrypt) - ++ (lib.optional (libsodium != null) libsodium); + ++ (lib.optional (libsodium != null) libsodium) + ++ (lib.optionals withGui [ qtbase qtsvg qttools ]); configureFlags = [ "--with-bundled-catch" "--with-bundled-pegtl" "--with-dbus" - "--with-gui-qt=qt5" "--with-polkit" ] ++ (lib.optional (libgcrypt != null) "--with-crypto-library=gcrypt") - ++ (lib.optional (libsodium != null) "--with-crypto-library=sodium"); + ++ (lib.optional (libsodium != null) "--with-crypto-library=sodium") + ++ (lib.optional withGui "--with-gui-qt=qt5"); enableParallelBuilding = true; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 55d194263ab..e11781e91e9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -16057,6 +16057,10 @@ in libgcrypt = null; }; + usbguard-nox = usbguard.override { + withGui = false; + }; + usbutils = callPackage ../os-specific/linux/usbutils { }; usermount = callPackage ../os-specific/linux/usermount { }; |