1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
{ stdenv, fetchurl
, autoconf, automake, libtool, makeWrapper
, perl, bison, flex, glibc, gettext, which, rpm, LocaleGettext
, bash, pam, TermReadKey, RpcXML, swig, python}:
stdenv.mkDerivation rec {
name = "apparmor-${version}";
version = "2.8.4";
src = fetchurl {
url = "http://launchpad.net/apparmor/2.8/${version}/+download/${name}.tar.gz";
sha256 = "1mki4c44ljmr7dpn55grzn33929kdjx149jx00s80yp1war83jwq";
};
buildInputs = [
autoconf automake libtool perl bison flex gettext which rpm
LocaleGettext pam TermReadKey RpcXML swig makeWrapper python ];
prePatch = ''
substituteInPlace libraries/libapparmor/src/Makefile.in --replace "/usr/include" "${glibc}/include"
substituteInPlace libraries/libapparmor/src/Makefile.am --replace "/usr/include" "${glibc}/include"
substituteInPlace common/Make.rules --replace "/usr/bin/pod2man" "${perl}/bin/pod2man"
substituteInPlace common/Make.rules --replace "/usr/bin/pod2html" "${perl}/bin/pod2html"
substituteInPlace common/Make.rules --replace "cpp -dM" "cpp -dM -I${glibc}/include"
substituteInPlace parser/Makefile --replace "/usr/bin/bison" "${bison}/bin/bison"
substituteInPlace parser/Makefile --replace "/usr/bin/flex" "${flex}/bin/flex"
substituteInPlace parser/Makefile --replace "/usr/include/bits/socket.h" "${glibc}/include/bits/socket.h"
substituteInPlace parser/Makefile --replace "/usr/include/linux/capability.h" "${glibc}/include/linux/capability.h"
#substituteInPlace parser/utils/vim/Makefile --replace "/usr/include/linux/capability.h" "${glibc}/include/linux/capability.h"
# for some reason pdf documentation doesn't build
substituteInPlace parser/Makefile --replace "manpages htmlmanpages pdf" "manpages htmlmanpages"
substituteInPlace parser/tst/gen-xtrans.pl --replace "/usr/bin/perl" "${perl}/bin/perl"
substituteInPlace parser/tst/Makefile --replace "/usr/bin/prove" "${perl}/bin/prove"
substituteInPlace parser/tst/Makefile --replace "./caching.sh" "${bash}/bin/bash ./caching.sh"
'';
patches = ./capability.patch;
buildPhase =''
PERL5LIB=$PERL5LIB:$out/lib/perl5/site_perl:$out/lib
cd libraries/libapparmor
./autogen.sh
./configure --prefix=$out --with-perl # see below
make
make check
make install
mkdir -p $out/lib/perl5/site_perl/
cp swig/perl/LibAppArmor.pm $out/lib/perl5/site_perl/
cp swig/perl/LibAppArmor.bs $out/lib/perl5/site_perl/
# this is automatically copied elsewhere....
cd ../../utils
make
make install DESTDIR=$out BINDIR=$out/bin VENDOR_PERL=/lib/perl5/site_perl
cd ../parser
make
make install DESTDIR=$out DISTRO=unknown
# cd ../changehat/mod_apparmor
# make # depends on libapparmor having been built first
# make install
cd ../changehat/pam_apparmor
make # depends on libapparmor having been built first
make install DESTDIR=$out
cd ../../profiles
LD_LIBRARY_PATH=$out/lib make
#LD_LIBRARY_PATH=$out/lib make check # depends on the parser having been built first
make install DESTDIR=$out
cd ..
cp -r kernel-patches $out
'';
installPhase = let
perlVersion = (builtins.parseDrvName perl.name).version;
in ''
for i in $out/bin/*; do
wrapProgram $i --prefix PERL5LIB : \
"$PERL5LIB:$out/lib/perl5/${perlVersion}/${stdenv.system}-thread-multi/"
done
'';
meta = with stdenv.lib; {
homepage = http://apparmor.net/;
description = "Linux application security system";
license = licenses.gpl2;
maintainers = [ maintainers.phreedom maintainers.thoughtpolice ];
platforms = platforms.linux;
};
}
|