diff options
Diffstat (limited to 'pkgs/os-specific/linux/libcap/default.nix')
-rw-r--r-- | pkgs/os-specific/linux/libcap/default.nix | 36 |
1 files changed, 20 insertions, 16 deletions
diff --git a/pkgs/os-specific/linux/libcap/default.nix b/pkgs/os-specific/linux/libcap/default.nix index 174f1be99db..47fa7c05e79 100644 --- a/pkgs/os-specific/linux/libcap/default.nix +++ b/pkgs/os-specific/linux/libcap/default.nix @@ -1,36 +1,39 @@ -{ stdenv, buildPackages, fetchurl, attr, perl, pam }: +{ stdenv, lib, buildPackages, fetchurl, attr, perl, runtimeShell +, usePam ? !isStatic, pam ? null +, isStatic ? stdenv.hostPlatform.isStatic +}: + +assert usePam -> pam != null; stdenv.mkDerivation rec { pname = "libcap"; - version = "2.27"; + version = "2.48"; src = fetchurl { url = "mirror://kernel/linux/libs/security/linux-privs/libcap2/${pname}-${version}.tar.xz"; - sha256 = "0sj8kidl7qgf2qwxcbw1vadnlb30y4zvjzxswsmfdghq04npkhfs"; + sha256 = "sha256-TelZDuCah8KC1Vhzf/tbYXXMv9JtWArdEN9E0PBH9sI="; }; - outputs = [ "out" "dev" "lib" "man" "doc" "pam" ]; + outputs = [ "out" "dev" "lib" "man" "doc" ] + ++ lib.optional usePam "pam"; depsBuildBuild = [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ perl ]; - buildInputs = [ pam ]; + buildInputs = lib.optional usePam pam; propagatedBuildInputs = [ attr ]; makeFlags = [ "lib=lib" - "PAM_CAP=yes" + "PAM_CAP=${if usePam then "yes" else "no"}" "BUILD_CC=$(CC_FOR_BUILD)" "CC:=$(CC)" - ]; + ] ++ lib.optional isStatic "SHARED=no"; prePatch = '' - # use relative bash path - substituteInPlace progs/capsh.c --replace "/bin/bash" "bash" - - # ensure capsh can find bash in $PATH - substituteInPlace progs/capsh.c --replace execve execvpe + # use full path to bash + substituteInPlace progs/capsh.c --replace "/bin/bash" "${runtimeShell}" # set prefixes substituteInPlace Make.Rules \ @@ -44,17 +47,18 @@ stdenv.mkDerivation rec { installFlags = [ "RAISE_SETFCAP=no" ]; postInstall = '' - rm "$lib"/lib/*.a + ${lib.optionalString (!isStatic) ''rm "$lib"/lib/*.a''} mkdir -p "$doc/share/doc/${pname}-${version}" cp License "$doc/share/doc/${pname}-${version}/" - '' + stdenv.lib.optionalString (pam != null) '' + '' + lib.optionalString usePam '' mkdir -p "$pam/lib/security" mv "$lib"/lib/security "$pam/lib" ''; meta = { description = "Library for working with POSIX capabilities"; - platforms = stdenv.lib.platforms.linux; - license = stdenv.lib.licenses.bsd3; + homepage = "https://sites.google.com/site/fullycapable"; + platforms = lib.platforms.linux; + license = lib.licenses.bsd3; }; } |