diff options
| author | Azat Bahawi <azat@bahawi.net> | 2022-09-30 00:12:13 +0300 |
|---|---|---|
| committer | Cole Helbling <cole.e.helbling@outlook.com> | 2022-10-15 07:05:10 -0700 |
| commit | be795c6a84846b0dc98fd0ed7466d91a3ce1c8cd (patch) | |
| tree | 35ef66a1f0b6119e6bc14090d6b04012214d8264 /pkgs/tools/security/please | |
| parent | a36ceb869d7d5ffa1777cee9f1b2bf2027904b02 (diff) | |
please: init at 0.5.3
Diffstat (limited to 'pkgs/tools/security/please')
| -rw-r--r-- | pkgs/tools/security/please/default.nix | 48 | ||||
| -rw-r--r-- | pkgs/tools/security/please/nixos-specific.patch | 13 |
2 files changed, 61 insertions, 0 deletions
diff --git a/pkgs/tools/security/please/default.nix b/pkgs/tools/security/please/default.nix new file mode 100644 index 0000000000000..b3317dc2a823b --- /dev/null +++ b/pkgs/tools/security/please/default.nix @@ -0,0 +1,48 @@ +{ lib +, rustPlatform +, fetchFromGitLab +, installShellFiles +, pam +, nixosTests +}: + +rustPlatform.buildRustPackage rec { + pname = "please"; + version = "0.5.3"; + + src = fetchFromGitLab { + owner = "edneville"; + repo = "please"; + rev = "v${version}"; + hash = "sha256-YL0yKIDoFD6Q5gVXOjHiqH2ub7jlhlE/uDKLK1FlE74="; + }; + + cargoHash = "sha256-noZsnFL6G1KcxGY0sn0PvY5nIdx5aOAMErMViIY/7bE="; + + nativeBuildInputs = [ installShellFiles ]; + + buildInputs = [ pam ]; + + patches = [ ./nixos-specific.patch ]; + + postInstall = '' + installManPage man/* + ''; + + meta = with lib; { + description = "A polite regex-first sudo alternative"; + longDescription = '' + Delegate accurate least privilege access with ease. Express easily with a + regex and expose only what is needed and nothing more. Or validate file + edits with pleaseedit. + + Please is written with memory safe rust. Traditional C memory unsafety is + avoided, logic problems may exist but this codebase is relatively small. + ''; + homepage = "https://www.usenix.org.uk/content/please.html"; + changelog = "https://github.com/edneville/please/blob/${src.rev}/CHANGELOG.md"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ azahi ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/tools/security/please/nixos-specific.patch b/pkgs/tools/security/please/nixos-specific.patch new file mode 100644 index 0000000000000..926f815cbfb4d --- /dev/null +++ b/pkgs/tools/security/please/nixos-specific.patch @@ -0,0 +1,13 @@ +diff --git i/src/lib.rs w/src/lib.rs +index fdd69f2..07c794e 100644 +--- i/src/lib.rs ++++ w/src/lib.rs +@@ -1667,7 +1667,7 @@ pub fn search_path(binary: &str) -> Option<String> { + } + } + +- for dir in "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin".split(':') { ++ for dir in "/run/wrappers/bin:/run/current-system/sw/bin:/run/current-system/sw/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin".split(':') { + let path_name = format!("{}/{}", &dir, &binary); + let p = Path::new(&path_name); + |