diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 0487a8d14433..2e5be38377ea 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -673,6 +673,12 @@ githubId = 3965744; name = "Arthur Lee"; }; + arturcygan = { + email = "arczicygan@gmail.com"; + github = "arcz"; + githubId = 4679721; + name = "Artur Cygan"; + }; artuuge = { email = "artuuge@gmail.com"; github = "artuuge"; diff --git a/pkgs/tools/security/nsjail/default.nix b/pkgs/tools/security/nsjail/default.nix index 27712e4d42f5..4522d0e897af 100644 --- a/pkgs/tools/security/nsjail/default.nix +++ b/pkgs/tools/security/nsjail/default.nix @@ -4,26 +4,24 @@ stdenv.mkDerivation rec { pname = "nsjail"; - version = "2.9"; + version = "3.0"; src = fetchFromGitHub { owner = "google"; repo = "nsjail"; rev = version; fetchSubmodules = true; - sha256 = "0218n0qjb45fawqqfj3gdxgd0fw5k0vxn9iggi0ciljmr9zywkgh"; + sha256 = "1w6x8xcrs0i1y3q41gyq8z3cq9x24qablklc4jiydf855lhqn4dh"; }; - postPatch = '' - substituteInPlace user.cc \ - --replace "/usr/bin/newgidmap" "${shadow}/bin/newgidmap" \ - --replace "/usr/bin/newuidmap" "${shadow}/bin/newuidmap" - ''; - nativeBuildInputs = [ autoconf bison flex libtool pkgconfig which ]; buildInputs = [ libnl protobuf protobufc ]; enableParallelBuilding = true; + preBuild = '' + makeFlagsArray+=(USER_DEFINES='-DNEWUIDMAP_PATH=${shadow}/bin/newuidmap -DNEWGIDMAP_PATH=${shadow}/bin/newgidmap') + ''; + installPhase = '' mkdir -p $out/bin $out/share/man/man1 install nsjail $out/bin/ @@ -34,7 +32,7 @@ stdenv.mkDerivation rec { description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters"; homepage = "http://nsjail.com/"; license = licenses.asl20; - maintainers = with maintainers; [ bosu c0bw3b ]; + maintainers = with maintainers; [ arturcygan bosu c0bw3b ]; platforms = platforms.linux; }; }