nsjail: 2.9 -> 3.0

1 files changed, 7 insertions, 9 deletions

diff --git a/pkgs/tools/security/nsjail/default.nix b/pkgs/tools/security/nsjail/default.nix
index 27712e4d42f51..4522d0e897af7 100644
--- a/pkgs/tools/security/nsjail/default.nix
+++ b/pkgs/tools/security/nsjail/default.nix
@@ -4,26 +4,24 @@
 
 stdenv.mkDerivation rec {
   pname = "nsjail";
-  version = "2.9";
+  version = "3.0";
 
   src = fetchFromGitHub {
     owner           = "google";
     repo            = "nsjail";
     rev             = version;
     fetchSubmodules = true;
-    sha256          = "0218n0qjb45fawqqfj3gdxgd0fw5k0vxn9iggi0ciljmr9zywkgh";
+    sha256          = "1w6x8xcrs0i1y3q41gyq8z3cq9x24qablklc4jiydf855lhqn4dh";
   };
 
-  postPatch = ''
-    substituteInPlace user.cc \
-      --replace "/usr/bin/newgidmap" "${shadow}/bin/newgidmap" \
-      --replace "/usr/bin/newuidmap" "${shadow}/bin/newuidmap"
-  '';
-
   nativeBuildInputs = [ autoconf bison flex libtool pkgconfig which ];
   buildInputs = [ libnl protobuf protobufc ];
   enableParallelBuilding = true;
 
+  preBuild = ''
+    makeFlagsArray+=(USER_DEFINES='-DNEWUIDMAP_PATH=${shadow}/bin/newuidmap -DNEWGIDMAP_PATH=${shadow}/bin/newgidmap')
+  '';
+
   installPhase = ''
     mkdir -p $out/bin $out/share/man/man1
     install nsjail $out/bin/
@@ -34,7 +32,7 @@ stdenv.mkDerivation rec {
     description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters";
     homepage    = "http://nsjail.com/";
     license     = licenses.asl20;
-    maintainers = with maintainers; [ bosu c0bw3b ];
+    maintainers = with maintainers; [ arturcygan bosu c0bw3b ];
     platforms   = platforms.linux;
   };
 }