aboutsummaryrefslogtreecommitdiff
path: root/nixpkgs/pkgs/tools/security/nsjail/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/tools/security/nsjail/default.nix')
-rw-r--r--nixpkgs/pkgs/tools/security/nsjail/default.nix16
1 files changed, 7 insertions, 9 deletions
diff --git a/nixpkgs/pkgs/tools/security/nsjail/default.nix b/nixpkgs/pkgs/tools/security/nsjail/default.nix
index 27712e4d42f..4522d0e897a 100644
--- a/nixpkgs/pkgs/tools/security/nsjail/default.nix
+++ b/nixpkgs/pkgs/tools/security/nsjail/default.nix
@@ -4,26 +4,24 @@
stdenv.mkDerivation rec {
pname = "nsjail";
- version = "2.9";
+ version = "3.0";
src = fetchFromGitHub {
owner = "google";
repo = "nsjail";
rev = version;
fetchSubmodules = true;
- sha256 = "0218n0qjb45fawqqfj3gdxgd0fw5k0vxn9iggi0ciljmr9zywkgh";
+ sha256 = "1w6x8xcrs0i1y3q41gyq8z3cq9x24qablklc4jiydf855lhqn4dh";
};
- postPatch = ''
- substituteInPlace user.cc \
- --replace "/usr/bin/newgidmap" "${shadow}/bin/newgidmap" \
- --replace "/usr/bin/newuidmap" "${shadow}/bin/newuidmap"
- '';
-
nativeBuildInputs = [ autoconf bison flex libtool pkgconfig which ];
buildInputs = [ libnl protobuf protobufc ];
enableParallelBuilding = true;
+ preBuild = ''
+ makeFlagsArray+=(USER_DEFINES='-DNEWUIDMAP_PATH=${shadow}/bin/newuidmap -DNEWGIDMAP_PATH=${shadow}/bin/newgidmap')
+ '';
+
installPhase = ''
mkdir -p $out/bin $out/share/man/man1
install nsjail $out/bin/
@@ -34,7 +32,7 @@ stdenv.mkDerivation rec {
description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters";
homepage = "http://nsjail.com/";
license = licenses.asl20;
- maintainers = with maintainers; [ bosu c0bw3b ];
+ maintainers = with maintainers; [ arturcygan bosu c0bw3b ];
platforms = platforms.linux;
};
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 09:43:20 +0000