nixpkgs/pkgs/os-specific/linux/sssd/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

110 lines
3.7 KiB
Nix
Raw Normal View History

{ lib, stdenv, fetchFromGitHub, autoreconfHook, makeWrapper, glibc, augeas, dnsutils, c-ares, curl,
cyrus_sasl, ding-libs, libnl, libunistring, nss, samba, nfs-utils, doxygen,
python3, pam, popt, talloc, tdb, tevent, pkg-config, ldb, openldap,
pcre2, libkrb5, cifs-utils, glib, keyutils, dbus, fakeroot, libxslt, libxml2,
libuuid, systemd, nspr, check, cmocka, uid_wrapper, p11-kit,
2022-05-18 11:05:12 +00:00
nss_wrapper, ncurses, Po4a, http-parser, jansson, jose,
docbook_xsl, docbook_xml_dtd_44,
2021-12-13 08:24:56 +00:00
nixosTests,
withSudo ? false }:
let
docbookFiles = "${docbook_xsl}/share/xml/docbook-xsl/catalog.xml:${docbook_xml_dtd_44}/xml/dtd/docbook/catalog.xml";
in
2017-02-10 17:47:13 +00:00
stdenv.mkDerivation rec {
pname = "sssd";
2023-05-07 05:39:33 +00:00
version = "2.9.0";
src = fetchFromGitHub {
owner = "SSSD";
repo = pname;
rev = version;
2023-05-07 05:39:33 +00:00
sha256 = "sha256-H9Snh2RzbnjGPqvC9fJHeZvAkGX/O/vmVsl143yb194=";
};
postPatch = ''
patchShebangs ./sbus_generate.sh.in
'';
2017-02-10 17:47:13 +00:00
# Something is looking for <libxml/foo.h> instead of <libxml2/libxml/foo.h>
env.NIX_CFLAGS_COMPILE = "-I${libxml2.dev}/include/libxml2";
2017-02-10 17:47:13 +00:00
preConfigure = ''
export SGML_CATALOG_FILES="${docbookFiles}"
export PYTHONPATH=$(find ${python3.pkgs.python-ldap} -type d -name site-packages)
export PATH=$PATH:${openldap}/libexec
configureFlagsArray=(
--prefix=$out
--sysconfdir=/etc
--localstatedir=/var
--enable-pammoddir=$out/lib/security
--with-os=fedora
--with-pid-path=/run
--with-python3-bindings
--with-syslog=journald
--without-selinux
--without-semanage
--with-xml-catalog-path=''${SGML_CATALOG_FILES%%:*}
--with-ldb-lib-dir=$out/modules/ldb
--with-nscd=${glibc.bin}/sbin/nscd
)
2021-01-15 14:45:37 +00:00
'' + lib.optionalString withSudo ''
configureFlagsArray+=("--with-sudo")
'';
enableParallelBuilding = true;
# Disable parallel install due to missing depends:
# libtool: error: error: relink '_py3sss.la' with the above command before installing i
enableParallelInstalling = false;
nativeBuildInputs = [ autoreconfHook makeWrapper pkg-config doxygen ];
2017-10-23 16:38:02 +00:00
buildInputs = [ augeas dnsutils c-ares curl cyrus_sasl ding-libs libnl libunistring nss
samba nfs-utils p11-kit python3 popt
talloc tdb tevent ldb pam openldap pcre2 libkrb5
cifs-utils glib keyutils dbus fakeroot libxslt libxml2
libuuid python3.pkgs.python-ldap systemd nspr check cmocka uid_wrapper
2022-05-18 11:05:12 +00:00
nss_wrapper ncurses Po4a http-parser jansson jose ];
makeFlags = [
"SGML_CATALOG_FILES=${docbookFiles}"
];
installFlags = [
"sysconfdir=$(out)/etc"
"localstatedir=$(out)/var"
"pidpath=$(out)/run"
"sss_statedir=$(out)/var/lib/sss"
"logpath=$(out)/var/log/sssd"
"pubconfpath=$(out)/var/lib/sss/pubconf"
"dbpath=$(out)/var/lib/sss/db"
"mcpath=$(out)/var/lib/sss/mc"
"pipepath=$(out)/var/lib/sss/pipes"
"gpocachepath=$(out)/var/lib/sss/gpo_cache"
"secdbpath=$(out)/var/lib/sss/secrets"
"initdir=$(out)/rc.d/init"
];
postInstall = ''
rm -rf "$out"/run
rm -rf "$out"/rc.d
rm -f "$out"/modules/ldb/memberof.la
find "$out" -depth -type d -exec rmdir --ignore-fail-on-non-empty {} \;
'';
postFixup = ''
for f in $out/bin/sss{ctl,_cache,_debuglevel,_override,_seed}; do
wrapProgram $f --prefix LDB_MODULES_PATH : $out/modules/ldb
done
'';
2021-12-13 08:24:56 +00:00
passthru.tests = { inherit (nixosTests) sssd sssd-ldap; };
meta = with lib; {
description = "System Security Services Daemon";
homepage = "https://sssd.io/";
changelog = "https://sssd.io/release-notes/sssd-${version}.html";
license = licenses.gpl3Plus;
2017-02-10 17:47:13 +00:00
platforms = platforms.linux;
maintainers = with maintainers; [ illustris ];
};
}