From 0c48c4a9865784b8936a2f5aab28d9154457448e Mon Sep 17 00:00:00 2001
From: Danil Suetin <suetin085@gmail.com>
Date: Mon, 3 Apr 2023 21:34:21 +0700
Subject: doas-sudo-shim: init at 0.1.1

---
 pkgs/tools/security/doas-sudo-shim/default.nix | 54 ++++++++++++++++++++++++++
 pkgs/top-level/all-packages.nix                |  2 +
 2 files changed, 56 insertions(+)
 create mode 100644 pkgs/tools/security/doas-sudo-shim/default.nix

(limited to 'pkgs')

diff --git a/pkgs/tools/security/doas-sudo-shim/default.nix b/pkgs/tools/security/doas-sudo-shim/default.nix
new file mode 100644
index 0000000000000..80b913d4cc9eb
--- /dev/null
+++ b/pkgs/tools/security/doas-sudo-shim/default.nix
@@ -0,0 +1,54 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, runCommand
+, asciidoctor
+, coreutils
+, gawk
+, glibc
+, util-linux
+, bash
+, makeBinaryWrapper
+, doas-sudo-shim
+}:
+
+stdenv.mkDerivation rec {
+  pname = "doas-sudo-shim";
+  version = "0.1.1";
+
+  src = fetchFromGitHub {
+    owner = "jirutka";
+    repo = "doas-sudo-shim";
+    rev = "v${version}";
+    sha256 = "QYVqGxeWC7Tiz8aNY/LukwG4EW0km/RunGEfkzY/A38=";
+  };
+
+  nativeBuildInputs = [ asciidoctor makeBinaryWrapper ];
+  buildInputs = [ bash coreutils gawk glibc util-linux ];
+
+  dontConfigure = true;
+  dontBuild = true;
+
+  installFlags = [ "DESTDIR=$(out)" "PREFIX=\"\"" ];
+
+  postInstall = ''
+    wrapProgram $out/bin/sudo \
+      --prefix PATH : ${lib.makeBinPath [ bash coreutils gawk glibc util-linux ]}
+  '';
+
+  passthru.tests = {
+    helpTest = runCommand "${pname}-helpTest" {} ''
+      ${doas-sudo-shim}/bin/sudo -h > $out
+      grep -q "Execute a command as another user using doas(1)" $out
+    '';
+  };
+
+  meta = with lib; {
+    description = "A shim for the sudo command that utilizes doas";
+    homepage = "https://github.com/jirutka/doas-sudo-shim";
+    license = licenses.isc;
+    mainProgram = "sudo";
+    maintainers = with maintainers; [ dsuetin ];
+    platforms = platforms.linux;
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 00de72fa70b65..440b715192e7c 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -6770,6 +6770,8 @@ with pkgs;
 
   doas = callPackage ../tools/security/doas { };
 
+  doas-sudo-shim = callPackage ../tools/security/doas-sudo-shim { };
+
   docbook2x = callPackage ../tools/typesetting/docbook2x { };
 
   docbook2mdoc = callPackage ../tools/misc/docbook2mdoc { };
-- 
cgit 1.4.1