summary refs log tree commit diff
path: root/pkgs/os-specific/linux/iputils/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/os-specific/linux/iputils/default.nix')
-rw-r--r--pkgs/os-specific/linux/iputils/default.nix48
1 files changed, 35 insertions, 13 deletions
diff --git a/pkgs/os-specific/linux/iputils/default.nix b/pkgs/os-specific/linux/iputils/default.nix
index e12c44888a0..495860ef576 100644
--- a/pkgs/os-specific/linux/iputils/default.nix
+++ b/pkgs/os-specific/linux/iputils/default.nix
@@ -1,12 +1,11 @@
-{ stdenv, fetchFromGitHub
-, meson, ninja, pkgconfig, gettext, libxslt, docbook_xsl_ns
-, libcap, systemd, libidn2
+{ lib, stdenv, fetchFromGitHub
+, meson, ninja, pkg-config, gettext, libxslt, docbook_xsl_ns
+, libcap, libidn2
+, apparmorRulesFromClosure
 }:
 
-with stdenv.lib;
-
 let
-  version = "20200821";
+  version = "20210202";
   sunAsIsLicense = {
     fullName = "AS-IS, SUN MICROSYSTEMS license";
     url = "https://github.com/iputils/iputils/blob/s${version}/rdisc.c";
@@ -18,25 +17,48 @@ in stdenv.mkDerivation rec {
   src = fetchFromGitHub {
     owner = pname;
     repo = pname;
-    rev = "s${version}";
-    sha256 = "1jhbcz75a4ij1myyyi110ma1d8d5hpm3scz9pyw7js6qym50xvh4";
+    rev = version;
+    sha256 = "08j2hfgnfh31vv9rn1ml7090j2lsvm9wdpdz13rz60rmyzrx9dq3";
   };
 
+  outputs = ["out" "apparmor"];
+
   mesonFlags = [
     "-DBUILD_RARPD=true"
     "-DBUILD_TRACEROUTE6=true"
     "-DBUILD_TFTPD=true"
     "-DNO_SETCAP_OR_SUID=true"
     "-Dsystemdunitdir=etc/systemd/system"
+    "-DINSTALL_SYSTEMD_UNITS=true"
   ]
     # Disable idn usage w/musl (https://github.com/iputils/iputils/pull/111):
-    ++ optional stdenv.hostPlatform.isMusl "-DUSE_IDN=false";
+    ++ lib.optional stdenv.hostPlatform.isMusl "-DUSE_IDN=false";
 
-  nativeBuildInputs = [ meson ninja pkgconfig gettext libxslt.bin docbook_xsl_ns ];
-  buildInputs = [ libcap systemd ]
-    ++ optional (!stdenv.hostPlatform.isMusl) libidn2;
+  nativeBuildInputs = [ meson ninja pkg-config gettext libxslt.bin docbook_xsl_ns ];
+  buildInputs = [ libcap ]
+    ++ lib.optional (!stdenv.hostPlatform.isMusl) libidn2;
+  postInstall = ''
+    mkdir $apparmor
+    cat >$apparmor/bin.ping <<EOF
+    include <tunables/global>
+    $out/bin/ping {
+      include <abstractions/base>
+      include <abstractions/consoles>
+      include <abstractions/nameservice>
+      include "${apparmorRulesFromClosure { name = "ping"; }
+       ([libcap] ++ lib.optional (!stdenv.hostPlatform.isMusl) libidn2)}"
+      include <local/bin.ping>
+      capability net_raw,
+      network inet raw,
+      network inet6 raw,
+      mr $out/bin/ping,
+      r $out/share/locale/**,
+      r @{PROC}/@{pid}/environ,
+    }
+    EOF
+  '';
 
-  meta = {
+  meta = with lib; {
     description = "A set of small useful utilities for Linux networking";
     inherit (src.meta) homepage;
     changelog = "https://github.com/iputils/iputils/releases/tag/s${version}";
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-04-26 10:24:49 +0000