diff options
author | Azat Bahawi <azat@bahawi.net> | 2022-09-30 00:12:13 +0300 |
---|---|---|
committer | Cole Helbling <cole.e.helbling@outlook.com> | 2022-10-15 07:05:10 -0700 |
commit | be795c6a84846b0dc98fd0ed7466d91a3ce1c8cd (patch) | |
tree | 35ef66a1f0b6119e6bc14090d6b04012214d8264 /pkgs | |
parent | a36ceb869d7d5ffa1777cee9f1b2bf2027904b02 (diff) |
please: init at 0.5.3
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/tools/security/please/default.nix | 48 | ||||
-rw-r--r-- | pkgs/tools/security/please/nixos-specific.patch | 13 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
3 files changed, 63 insertions, 0 deletions
diff --git a/pkgs/tools/security/please/default.nix b/pkgs/tools/security/please/default.nix new file mode 100644 index 0000000000000..b3317dc2a823b --- /dev/null +++ b/pkgs/tools/security/please/default.nix @@ -0,0 +1,48 @@ +{ lib +, rustPlatform +, fetchFromGitLab +, installShellFiles +, pam +, nixosTests +}: + +rustPlatform.buildRustPackage rec { + pname = "please"; + version = "0.5.3"; + + src = fetchFromGitLab { + owner = "edneville"; + repo = "please"; + rev = "v${version}"; + hash = "sha256-YL0yKIDoFD6Q5gVXOjHiqH2ub7jlhlE/uDKLK1FlE74="; + }; + + cargoHash = "sha256-noZsnFL6G1KcxGY0sn0PvY5nIdx5aOAMErMViIY/7bE="; + + nativeBuildInputs = [ installShellFiles ]; + + buildInputs = [ pam ]; + + patches = [ ./nixos-specific.patch ]; + + postInstall = '' + installManPage man/* + ''; + + meta = with lib; { + description = "A polite regex-first sudo alternative"; + longDescription = '' + Delegate accurate least privilege access with ease. Express easily with a + regex and expose only what is needed and nothing more. Or validate file + edits with pleaseedit. + + Please is written with memory safe rust. Traditional C memory unsafety is + avoided, logic problems may exist but this codebase is relatively small. + ''; + homepage = "https://www.usenix.org.uk/content/please.html"; + changelog = "https://github.com/edneville/please/blob/${src.rev}/CHANGELOG.md"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ azahi ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/tools/security/please/nixos-specific.patch b/pkgs/tools/security/please/nixos-specific.patch new file mode 100644 index 0000000000000..926f815cbfb4d --- /dev/null +++ b/pkgs/tools/security/please/nixos-specific.patch @@ -0,0 +1,13 @@ +diff --git i/src/lib.rs w/src/lib.rs +index fdd69f2..07c794e 100644 +--- i/src/lib.rs ++++ w/src/lib.rs +@@ -1667,7 +1667,7 @@ pub fn search_path(binary: &str) -> Option<String> { + } + } + +- for dir in "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin".split(':') { ++ for dir in "/run/wrappers/bin:/run/current-system/sw/bin:/run/current-system/sw/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin".split(':') { + let path_name = format!("{}/{}", &dir, &binary); + let p = Path::new(&path_name); + diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 37bd664ea144e..c7b61d7112f43 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10248,6 +10248,8 @@ with pkgs; playbar2 = libsForQt5.callPackage ../applications/audio/playbar2 { }; + please = callPackage ../tools/security/please { }; + plecost = callPackage ../tools/security/plecost { }; plujain-ramp = callPackage ../applications/audio/plujain-ramp { }; |