diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/pkgs/tools/security/super/default.nix')
-rw-r--r-- | infra/libkookie/nixpkgs/pkgs/tools/security/super/default.nix | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/infra/libkookie/nixpkgs/pkgs/tools/security/super/default.nix b/infra/libkookie/nixpkgs/pkgs/tools/security/super/default.nix new file mode 100644 index 000000000000..79a7cd839e5b --- /dev/null +++ b/infra/libkookie/nixpkgs/pkgs/tools/security/super/default.nix @@ -0,0 +1,49 @@ +{ stdenv, fetchurl, fetchpatch }: + +stdenv.mkDerivation rec { + name = "super-3.30.0"; + + src = fetchurl { + name = "${name}.tar.gz"; + url = "https://www.ucolick.org/~will/RUE/super/${name}-tar.gz"; + sha256 = "0k476f83w7f45y9jpyxwr00ikv1vhjiq0c26fgjch9hnv18icvwy"; + }; + + prePatch = '' + # do not set sticky bit in nix store + substituteInPlace Makefile.in \ + --replace "-o root" "" \ + --replace 04755 755 + ''; + + patches = [ + ./0001-Remove-references-to-dropped-sys_nerr-sys_errlist-fo.patch + (fetchpatch { + name = "CVE-2014-0470.patch"; + url = "https://salsa.debian.org/debian/super/raw/debian/3.30.0-7/debian/patches/14-Fix-unchecked-setuid-call.patch"; + sha256 = "08m9hw4kyfjv0kqns1cqha4v5hkgp4s4z0q1rgif1fnk14xh7wqh"; + }) + ]; + + NIX_CFLAGS_COMPILE = "-D_GNU_SOURCE"; + + configureFlags = [ + "--sysconfdir=/etc" + "--localstatedir=/var" + ]; + + installFlags = [ "sysconfdir=$(out)/etc" "localstatedir=$(TMPDIR)" ]; + + meta = { + homepage = "https://www.ucolick.org/~will/#super"; + description = "Allows users to execute scripts as if they were root"; + longDescription = + '' + This package provides two commands: 1) “super”, which allows + users to execute commands under a different uid/gid (specified + in /etc/super.tab); and 2) “setuid”, which allows root to + execute a command under a different uid. + ''; + platforms = stdenv.lib.platforms.linux; + }; +} |