diff options
author | Austin Seipp <aseipp@pobox.com> | 2014-02-17 08:23:31 -0600 |
---|---|---|
committer | Austin Seipp <aseipp@pobox.com> | 2014-02-21 13:14:11 -0600 |
commit | f1459cd4b0225c07a2a818eb1cf0aad2fe5d16ed (patch) | |
tree | ebcfac36c7efb37c97a1650b98320765ccb2b18c /pkgs/os-specific/linux/gradm | |
parent | 64ddd8671444d603213724d817ac00f7c87dfad0 (diff) |
grsecurity: add gradm-3.0-201401291757
This also ensures the appropriate udev rules are installed. Signed-off-by: Austin Seipp <aseipp@pobox.com>
Diffstat (limited to 'pkgs/os-specific/linux/gradm')
-rw-r--r-- | pkgs/os-specific/linux/gradm/default.nix | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/gradm/default.nix b/pkgs/os-specific/linux/gradm/default.nix new file mode 100644 index 0000000000000..7272b5a22fab1 --- /dev/null +++ b/pkgs/os-specific/linux/gradm/default.nix @@ -0,0 +1,51 @@ +{ fetchurl, stdenv, bison, flex, pam, + gcc, coreutils, findutils, binutils, bash }: + +stdenv.mkDerivation rec { + name = "gradm-${version}"; + version = "3.0-201401291757"; + + src = fetchurl { + url = "http://grsecurity.net/stable/${name}-${version}.tar.gz"; + sha256 = "19p7kaqbvf41scc63n69b5v5xzpw3mbf5zy691rply8hdm7736cw"; + }; + + buildInputs = [ gcc coreutils findutils binutils pam flex bison bash ]; + preBuild = '' + substituteInPlace ./Makefile --replace "/usr/include/security/pam_" "${pam}/include/security/pam_" + substituteInPlace ./gradm_defs.h --replace "/sbin/grlearn" "$out/sbin/grlearn" + substituteInPlace ./gradm_defs.h --replace "/sbin/gradm" "$out/sbin/gradm" + substituteInPlace ./gradm_defs.h --replace "/sbin/gradm_pam" "$out/sbin/gradm_pam" + ''; + + postInstall = '' + mkdir -p $out/lib/udev/rules.d + cat > $out/lib/udev/rules.d/80-grsec.rules <<EOF + ACTION!="add|change", GOTO="permissions_end" + KERNEL=="grsec", MODE="0622" + LABEL="permissions_end" + EOF + ''; + + makeFlags = + [ "DESTDIR=$(out)" + "CC=${gcc}/bin/gcc" + "FLEX=${flex}/bin/flex" + "BISON=${bison}/bin/bison" + "FIND=${findutils}/bin/find" + "STRIP=${binutils}/bin/strip" + "INSTALL=${coreutils}/bin/install" + "MANDIR=/share/man" + "MKNOD=true" + ]; + + enableParallelBuilding = true; + + meta = { + description = "grsecurity RBAC administration and policy analysis utility"; + homepage = "https://grsecurity.net"; + license = stdenv.lib.licenses.gpl2; + platforms = stdenv.lib.platforms.linux; + maintainers = [ stdenv.lib.maintainers.thoughtpolice ]; + }; +} |