From fba7d7c4b80eebfeb8d5c2c3ad0f965969e85769 Mon Sep 17 00:00:00 2001 From: Michael Raskin <7c6f434c@mail.ru> Date: Mon, 18 Aug 2014 02:18:20 +0400 Subject: [PATCH] Add Firejail cheap-sandbox-building package --- pkgs/os-specific/linux/firejail/default.nix | 37 +++++++++++++++++++ .../linux/firejail/default.upstream | 3 ++ pkgs/top-level/all-packages.nix | 2 + 3 files changed, 42 insertions(+) create mode 100644 pkgs/os-specific/linux/firejail/default.nix create mode 100644 pkgs/os-specific/linux/firejail/default.upstream diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix new file mode 100644 index 000000000000..c1fa2c26205a --- /dev/null +++ b/pkgs/os-specific/linux/firejail/default.nix @@ -0,0 +1,37 @@ +{stdenv, fetchurl}: +let + s = # Generated upstream information + rec { + baseName="firejail"; + version="0.9.8.1"; + name="${baseName}-${version}"; + hash="0wjanz42k301zdwv06ylnzqrabxy424j0k9dh4i4aqhvihvxr83x"; + url="mirror://sourceforge/project/firejail/firejail/firejail-0.9.8.1.tar.bz2"; + sha256="0wjanz42k301zdwv06ylnzqrabxy424j0k9dh4i4aqhvihvxr83x"; + }; + buildInputs = [ + ]; +in +stdenv.mkDerivation { + inherit (s) name version; + inherit buildInputs; + src = fetchurl { + inherit (s) url sha256; + }; + + preConfigure = '' + sed -e 's@/bin/bash@${stdenv.shell}@g' -i $( grep -lr /bin/bash .) + sed -e '/void fs_var_run(/achar *vrcs = get_link("/var/run/current-system")\;' -i ./src/firejail/fs_var.c + sed -e '/ \/run/iif(vrcs!=NULL){symlink(vrcs, "/var/run/current-system")\;free(vrcs)\;}' -i ./src/firejail/fs_var.c + ''; + + meta = { + inherit (s) version; + description = ''Namespace-based sandboxing tool for Linux''; + license = stdenv.lib.licenses.gpl2Plus ; + maintainers = [stdenv.lib.maintainers.raskin]; + platforms = stdenv.lib.platforms.linux; + homepage = "http://l3net.wordpress.com/projects/firejail/"; + downloadPage = "http://sourceforge.net/projects/firejail/files/firejail/"; + }; +} diff --git a/pkgs/os-specific/linux/firejail/default.upstream b/pkgs/os-specific/linux/firejail/default.upstream new file mode 100644 index 000000000000..4a0037e8aa4b --- /dev/null +++ b/pkgs/os-specific/linux/firejail/default.upstream @@ -0,0 +1,3 @@ +url http://sourceforge.net/projects/firejail/files/firejail/ +version_link '[.]tar[.][a-z0-9]+/download$' +SF_redirect diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 10a2735f082a..5047bd59f34a 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7218,6 +7218,8 @@ let fbterm = callPackage ../os-specific/linux/fbterm { }; + firejail = callPackage ../os-specific/linux/firejail {}; + fuse = callPackage ../os-specific/linux/fuse { }; fxload = callPackage ../os-specific/linux/fxload { };