summary refs log tree commit diff
path: root/pkgs/os-specific/linux/libcap/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/os-specific/linux/libcap/default.nix')
-rw-r--r--pkgs/os-specific/linux/libcap/default.nix46
1 files changed, 37 insertions, 9 deletions
diff --git a/pkgs/os-specific/linux/libcap/default.nix b/pkgs/os-specific/linux/libcap/default.nix
index c8484babcdf..13d2fb7f5c5 100644
--- a/pkgs/os-specific/linux/libcap/default.nix
+++ b/pkgs/os-specific/linux/libcap/default.nix
@@ -1,27 +1,55 @@
-{ stdenv, fetchurl, attr, perl }:
+{ stdenv, fetchurl, attr, perl, pam ? null }:
+assert pam != null -> stdenv.isLinux;
 
 stdenv.mkDerivation rec {
   name = "libcap-${version}";
-  version = "2.24";
+  version = "2.25";
 
   src = fetchurl {
     url = "mirror://kernel/linux/libs/security/linux-privs/libcap2/${name}.tar.xz";
-    sha256 = "0rbc9qbqs5bp9am9s9g83wxj5k4ixps2agy9dxr1v1fwg27mdr6f";
+    sha256 = "0qjiqc5pknaal57453nxcbz3mn1r4hkyywam41wfcglq3v2qlg39";
   };
 
-  outputs = [ "dev" "out" ];
+  outputs = [ "dev" "lib" "doc" "out" ]
+    ++ stdenv.lib.optional (pam != null) "pam";
 
   nativeBuildInputs = [ perl ];
+
+  buildInputs = [ pam ];
+
   propagatedBuildInputs = [ attr ];
 
-  preConfigure = "cd libcap";
+  makeFlags = [
+    "lib=lib"
+    (stdenv.lib.optional (pam != null) "PAM_CAP=yes")
+  ];
+
+  prePatch = ''
+    # use relative bash path
+    substituteInPlace progs/capsh.c --replace "/bin/bash" "bash"
+
+    # ensure capsh can find bash in $PATH
+    substituteInPlace progs/capsh.c --replace execve execvpe
+  '';
+
+  preInstall = ''
+    substituteInPlace Make.Rules \
+      --replace 'prefix=/usr' "prefix=$lib" \
+      --replace 'exec_prefix=' "exec_prefix=$out" \
+      --replace 'lib_prefix=$(exec_prefix)' "lib_prefix=$lib" \
+      --replace 'inc_prefix=$(prefix)' "inc_prefix=$dev" \
+      --replace 'man_prefix=$(prefix)' "man_prefix=$doc"
+  '';
 
-  makeFlags = "lib=lib prefix=$(out)";
+  installFlags = "RAISE_SETFCAP=no";
 
   postInstall = ''
-    rm "$out"/lib/*.a
-    mkdir -p "$dev/share/doc/${name}"
-    cp ../License "$dev/share/doc/${name}/License"
+    rm "$lib"/lib/*.a
+    mkdir -p "$doc/share/doc/${name}"
+    cp License "$doc/share/doc/${name}/"
+  '' + stdenv.lib.optionalString (pam != null) ''
+    mkdir -p "$pam/lib/security"
+    mv "$lib"/lib/security "$pam/lib"
   '';
 
   meta = {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-30 08:46:26 +0000