89 lines
2.1 KiB
Nix
89 lines
2.1 KiB
Nix
{
|
|
lib,
|
|
fetchFromGitLab,
|
|
libseccomp,
|
|
mandoc,
|
|
nix-update-script,
|
|
pkg-config,
|
|
rustPlatform,
|
|
scdoc,
|
|
sydbox,
|
|
testers,
|
|
}:
|
|
|
|
rustPlatform.buildRustPackage rec {
|
|
pname = "sydbox";
|
|
version = "3.28.3";
|
|
|
|
outputs = [
|
|
"out"
|
|
"man"
|
|
];
|
|
|
|
src = fetchFromGitLab {
|
|
domain = "gitlab.exherbo.org";
|
|
owner = "Sydbox";
|
|
repo = "sydbox";
|
|
rev = "refs/tags/v${version}";
|
|
hash = "sha256-9IegNFkOWYt+jdpN0rk4S/qyD/NSPaSqmFnMmCl/3Tk=";
|
|
};
|
|
|
|
cargoHash = "sha256-6/D//mkPDRW01SCLmQGWwFCClZ84aJUPhleWGVCJaKM=";
|
|
|
|
nativeBuildInputs = [
|
|
mandoc
|
|
pkg-config
|
|
scdoc
|
|
];
|
|
|
|
buildInputs = [ libseccomp ];
|
|
|
|
makeFlags = [ "PREFIX=${placeholder "out"}" ];
|
|
|
|
checkFlags = [
|
|
# rm -rf tmpdir: Os { code: 2, kind: NotFound, message: "No such file or directory" }
|
|
"--skip=fs::tests::test_relative_symlink_resolution"
|
|
# Failed to write C source file!: Os { code: 13, kind: PermissionDenied, message: "Permission denied" }
|
|
"--skip=proc::tests::test_proc_set_at_secure_test_32bit_dynamic"
|
|
# /bin/false: Os { code: 2, kind: NotFound, message: "No such file or directory" }
|
|
"--skip=syd_test"
|
|
|
|
# Endlessly stall. Maybe a sandbox issue?
|
|
"--skip=caps"
|
|
"--skip=landlock::compat::Compatible::set_compatibility"
|
|
"--skip=landlock::fs::PathBeneath"
|
|
"--skip=landlock::fs::PathFd"
|
|
"--skip=landlock::fs::path_beneath_rules"
|
|
"--skip=proc::proc_cmdline"
|
|
"--skip=proc::proc_comm"
|
|
];
|
|
|
|
# TODO: Have these directories be created upstream similar to the vim files
|
|
postInstall = ''
|
|
mkdir -p $out/share/man/man{1,2,5,7}
|
|
|
|
make $makeFlags install-{man,vim}
|
|
'';
|
|
|
|
passthru = {
|
|
tests.version = testers.testVersion {
|
|
package = sydbox;
|
|
command = "syd -V";
|
|
};
|
|
|
|
updateScript = nix-update-script { };
|
|
};
|
|
|
|
meta = {
|
|
description = "seccomp-based application sandbox";
|
|
homepage = "https://gitlab.exherbo.org/sydbox/sydbox";
|
|
changelog = "https://gitlab.exherbo.org/sydbox/sydbox/-/blob/v${version}/ChangeLog.md";
|
|
license = lib.licenses.gpl3Plus;
|
|
maintainers = with lib.maintainers; [
|
|
mvs
|
|
getchoo
|
|
];
|
|
mainProgram = "syd";
|
|
platforms = lib.platforms.linux;
|
|
};
|
|
}
|