2023-08-04 22:07:22 +00:00
{ lib
, cmake
, fetchFromGitHub
2024-01-02 11:29:13 +00:00
, fetchpatch
2023-08-04 22:07:22 +00:00
, git
, llvmPackages
, nixosTests
, overrideCC
, perl
, python3
, stdenv
, openssl_1_1
} :
let
buildStdenv = overrideCC stdenv llvmPackages . clangUseLLVM ;
in
buildStdenv . mkDerivation rec {
pname = " o s q u e r y " ;
version = " 5 . 5 . 1 " ;
src = fetchFromGitHub {
owner = " o s q u e r y " ;
repo = " o s q u e r y " ;
rev = version ;
fetchSubmodules = true ;
sha256 = " s h a 2 5 6 - Q 6 P Q V n B j A j A l R 7 2 5 f y n y + R h Q F U N w x W G j L D u S 5 p 9 J K l U = " ;
} ;
patches = [
./Remove-git-reset.patch
./Use-locale.h-instead-of-removed-xlocale.h-header.patch
./Remove-circular-definition-of-AUDIT_FILTER_EXCLUDE.patch
# For current state of compilation against glibc in the clangWithLLVM toolchain, refer to the upstream issue in https://github.com/osquery/osquery/issues/7823.
./Remove-system-controls-table.patch
2024-01-02 11:29:13 +00:00
# osquery uses a vendored boost library that still relies on old standard types (e.g. `std::unary_function`)
# which have been removed as of C++17. The patch is already checked in upstream, but there have been no
# releases yet. Can likely be removed with versions > 5.10.2.
( fetchpatch {
name = " f i x - b u i l d - o n - c l a n g - 1 6 . p a t c h " ;
url = " h t t p s : / / g i t h u b . c o m / o s q u e r y / o s q u e r y / c o m m i t / 2 2 2 9 9 1 a 1 5 b 4 a e 0 a 0 f b 9 1 9 e 4 9 6 5 6 0 3 6 1 6 5 3 6 e 1 b 0 a . p a t c h " ;
hash = " s h a 2 5 6 - P d z E o e R 1 L X V r i 1 C d + 7 K M h K m D C 8 y Z h A x 3 f 1 + 9 t j L J K y o = " ;
} )
2023-08-04 22:07:22 +00:00
] ;
buildInputs = [
llvmPackages . libunwind
] ;
nativeBuildInputs = [
cmake
git
perl
python3
] ;
postPatch = ''
substituteInPlace cmake/install_directives.cmake - - replace " / c o n t r o l " " c o n t r o l "
# This is required to build libarchive with our glibc version
# which provides the ARC4RANDOM_BUF function
substituteInPlace libraries/cmake/source/libarchive/CMakeLists.txt - - replace " t a r g e t _ c o m p i l e _ d e f i n i t i o n s ( t h i r d p a r t y _ l i b a r c h i v e P R I V A T E " " t a r g e t _ c o m p i l e _ d e f i n i t i o n s ( t h i r d p a r t y _ l i b a r c h i v e P R I V A T E H A V E _ A R C 4 R A N D O M _ B U F "
# We need to override this hash because we use our own openssl 1.1 version
substituteInPlace libraries/cmake/formula/openssl/CMakeLists.txt - - replace \
" d 7 9 3 9 c e 6 1 4 0 2 9 c d f f 0 b 6 c 2 0 f 0 e 2 e 5 7 0 3 1 5 8 a 4 8 9 a 7 2 b 2 5 0 7 b 8 b d 5 1 b f 8 c 8 f d 1 0 c a " \
" $ ( s h a 2 5 6 s u m ${ openssl_1_1 . src } | c u t - f 1 ' - d ' ) "
cat libraries/cmake/formula/openssl/CMakeLists.txt
'' ;
# For explanation of these deletions, refer to the ./Use-locale.h-instead-of-removed-xlocale.h-header.patch file.
preConfigure = ''
find libraries/cmake/source - name ' config . h' - exec sed - i ' / #define HAVE_XLOCALE_H 1/d' {} \;
'' ;
cmakeFlags = [
" - D O S Q U E R Y _ V E R S I O N = ${ version } "
" - D O S Q U E R Y _ O P E N S S L _ A R C H I V E _ P A T H = ${ openssl_1_1 . src } "
] ;
postFixup = ''
patchelf - - set-rpath " ${ llvmPackages . libunwind } / l i b : $ ( p a t c h e l f - - p r i n t - r p a t h $ o u t / b i n / o s q u e r y d ) " " $ o u t / b i n / o s q u e r y d "
'' ;
passthru . tests . osquery = nixosTests . osquery ;
meta = with lib ; {
2024-01-13 08:15:51 +00:00
description = " S Q L p o w e r e d o p e r a t i n g s y s t e m i n s t r u m e n t a t i o n , m o n i t o r i n g , a n d a n a l y t i c s " ;
2023-08-04 22:07:22 +00:00
longDescription = ''
The system controls table is not included as it does not presently compile with glibc >= 2 .32 .
For more information , refer to https://github.com/osquery/osquery/issues/7823
'' ;
homepage = " h t t p s : / / o s q u e r y . i o " ;
license = licenses . bsd3 ;
platforms = platforms . linux ;
maintainers = with maintainers ; [ znewman01 lewo ] ;
} ;
}