about summary refs log tree commit diff
path: root/pkgs
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs')
-rw-r--r--pkgs/tools/security/isolate/default.nix49
-rw-r--r--pkgs/top-level/all-packages.nix2
2 files changed, 51 insertions, 0 deletions
diff --git a/pkgs/tools/security/isolate/default.nix b/pkgs/tools/security/isolate/default.nix
new file mode 100644
index 0000000000000..ae975dc78ae94
--- /dev/null
+++ b/pkgs/tools/security/isolate/default.nix
@@ -0,0 +1,49 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, asciidoc
+, libcap
+, installShellFiles
+}:
+
+stdenv.mkDerivation rec {
+  pname = "isolate";
+  version = "1.10";
+
+  src = fetchFromGitHub {
+    owner = "ioi";
+    repo = "isolate";
+    rev = "v${version}";
+    hash = "sha256-fuv9HOw0XkRBRjwAp4b6LpoB5p7a+yo66AcT3B0yQUw=";
+  };
+
+  nativeBuildInputs = [
+    asciidoc
+    installShellFiles
+  ];
+
+  buildInputs = [
+    libcap.dev
+  ];
+
+  buildFlags = [
+    "isolate"
+    "isolate.1"
+  ];
+
+  installPhase = ''
+    runHook preInstall
+
+    install -Dm755 ./isolate $out/bin/isolate
+    installManPage isolate.1
+
+    runHook postInstall
+  '';
+
+  meta = {
+    description = "Sandbox for securely executing untrusted programs";
+    homepage = "https://github.com/ioi/isolate";
+    license = lib.licenses.gpl2Plus;
+    maintainers = with lib.maintainers; [ virchau13 ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 707205567ae4b..587393ac57fdc 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -39695,4 +39695,6 @@ with pkgs;
   duden = callPackage ../applications/misc/duden { };
 
   zf = callPackage ../tools/misc/zf { };
+
+  isolate = callPackage ../tools/security/isolate { };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-08 02:18:31 +0000