apparmor: switch to pname+version, minor formatting, cleanups

2021-11-07 17:34:40 +01:00 · 2021-11-07 17:34:40 +01:00 · 0f2734ac04
commit 0f2734ac04
parent 0d741d0bc6
1 changed files with 54 additions and 27 deletions
--- a/pkgs/os-specific/linux/apparmor/default.nix
+++ b/pkgs/os-specific/linux/apparmor/default.nix
@ -45,10 +45,11 @@ let
  prePatchCommon = ''
    chmod a+x ./common/list_capabilities.sh ./common/list_af_names.sh
    patchShebangs ./common/list_capabilities.sh ./common/list_af_names.sh
-    substituteInPlace ./common/Make.rules --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man"
-    substituteInPlace ./common/Make.rules --replace "/usr/bin/pod2html" "${buildPackages.perl}/bin/pod2html"
-    substituteInPlace ./common/Make.rules --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h"
-    substituteInPlace ./common/Make.rules --replace "/usr/share/man" "share/man"
+    substituteInPlace ./common/Make.rules \
+      --replace "/usr/bin/pod2man" "${buildPackages.perl}/bin/pod2man" \
+      --replace "/usr/bin/pod2html" "${buildPackages.perl}/bin/pod2html" \
+      --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" \
+      --replace "/usr/share/man" "share/man"
  '';

  patches = lib.optionals stdenv.hostPlatform.isMusl [
@ -66,7 +67,9 @@ let
  # FIXME: convert these to a single multiple-outputs package?

  libapparmor = stdenv.mkDerivation {
-    name = "libapparmor-${apparmor-version}";
+    pname = "libapparmor";
+    version = apparmor-version;
+
    src = apparmor-sources;

   # checking whether python bindings are enabled... yes
@ -85,8 +88,7 @@ let
      perl
    ] ++ lib.optional withPython python3;

-    buildInputs = []
-      ++ lib.optional withPerl perl
+    buildInputs = lib.optional withPerl perl
      ++ lib.optional withPython python3;

    # required to build apparmor-parser
@ -100,7 +102,10 @@ let
    '';
    inherit patches;

-    postPatch = "cd ./libraries/libapparmor";
+    postPatch = ''
+      cd ./libraries/libapparmor
+    '';
+
    # https://gitlab.com/apparmor/apparmor/issues/1
    configureFlags = [
      (lib.withFeature withPerl "perl")
@ -120,7 +125,9 @@ let
  };

  apparmor-utils = stdenv.mkDerivation {
-    name = "apparmor-utils-${apparmor-version}";
+    pname = "apparmor-utils";
+    version = apparmor-version;
+
    src = apparmor-sources;

    strictDeps = true;
@ -140,9 +147,9 @@ let
      lib.optionalString stdenv.hostPlatform.isMusl ''
        sed -i ./utils/Makefile -e "/\<vim\>/d"
      '' + ''
-      substituteInPlace ./utils/apparmor/easyprof.py --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser"
-      substituteInPlace ./utils/apparmor/aa.py --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser"
-      substituteInPlace ./utils/logprof.conf --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser"
+      for file in utils/apparmor/easyprof.py utils/apparmor/aa.py utils/logprof.conf; do
+        substituteInPlace $file --replace "/sbin/apparmor_parser" "${apparmor-parser}/bin/apparmor_parser"
+      done
    '';
    inherit patches;
    postPatch = "cd ./utils";
@ -162,7 +169,7 @@ let
      substituteInPlace $out/bin/aa-remove-unknown \
       --replace "/lib/apparmor/rc.apparmor.functions" "${apparmor-parser}/lib/apparmor/rc.apparmor.functions"
      wrapProgram $out/bin/aa-remove-unknown \
-       --prefix PATH : ${lib.makeBinPath [gawk]}
+       --prefix PATH : ${lib.makeBinPath [ gawk ]}

      ln -s ${aa-teardown} $out/bin/aa-teardown
    '';
@ -175,7 +182,9 @@ let
  };

  apparmor-bin-utils = stdenv.mkDerivation {
-    name = "apparmor-bin-utils-${apparmor-version}";
+    pname = "apparmor-bin-utils";
+    version = apparmor-version;
+
    src = apparmor-sources;

    nativeBuildInputs = [
@ -190,7 +199,9 @@ let
    ];

    prePatch = prePatchCommon;
-    postPatch = "cd ./binutils";
+    postPatch = ''
+      cd ./binutils
+    '';
    makeFlags = [ "LANGS=" "USE_SYSTEM=1" ];
    installFlags = [ "DESTDIR=$(out)" "BINDIR=$(out)/bin" "SBINDIR=$(out)/bin" ];

@ -200,7 +211,9 @@ let
  };

  apparmor-parser = stdenv.mkDerivation {
-    name = "apparmor-parser-${apparmor-version}";
+    name = "apparmor-parser";
+    version = apparmor-version;
+
    src = apparmor-sources;

    nativeBuildInputs = [ bison flex which ];
@ -208,17 +221,20 @@ let
    buildInputs = [ libapparmor ];

    prePatch = prePatchCommon + ''
-      substituteInPlace ./parser/Makefile --replace "/usr/bin/bison" "${bison}/bin/bison"
-      substituteInPlace ./parser/Makefile --replace "/usr/bin/flex" "${flex}/bin/flex"
-      substituteInPlace ./parser/Makefile --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h"
      ## techdoc.pdf still doesn't build ...
-      substituteInPlace ./parser/Makefile --replace "manpages htmlmanpages pdf" "manpages htmlmanpages"
+      substituteInPlace ./parser/Makefile \
+        --replace "/usr/bin/bison" "${bison}/bin/bison" \
+        --replace "/usr/bin/flex" "${flex}/bin/flex" \
+        --replace "/usr/include/linux/capability.h" "${linuxHeaders}/include/linux/capability.h" \
+        --replace "manpages htmlmanpages pdf" "manpages htmlmanpages"
      substituteInPlace parser/rc.apparmor.functions \
       --replace "/sbin/apparmor_parser" "$out/bin/apparmor_parser"
      sed -i parser/rc.apparmor.functions -e '2i . ${./fix-rc.apparmor.functions.sh}'
    '';
    inherit patches;
-    postPatch = "cd ./parser";
+    postPatch = ''
+      cd ./parser
+    '';
    makeFlags = [
      "LANGS=" "USE_SYSTEM=1" "INCLUDEDIR=${libapparmor}/include"
      "AR=${stdenv.cc.bintools.targetPrefix}ar"
@ -231,14 +247,18 @@ let
  };

  apparmor-pam = stdenv.mkDerivation {
-    name = "apparmor-pam-${apparmor-version}";
+    pname = "apparmor-pam";
+    version = apparmor-version;
+
    src = apparmor-sources;

    nativeBuildInputs = [ pkg-config which ];

    buildInputs = [ libapparmor pam ];

-    postPatch = "cd ./changehat/pam_apparmor";
+    postPatch = ''
+      cd ./changehat/pam_apparmor
+    '';
    makeFlags = [ "USE_SYSTEM=1" ];
    installFlags = [ "DESTDIR=$(out)" ];

@ -248,12 +268,17 @@ let
  };

  apparmor-profiles = stdenv.mkDerivation {
-    name = "apparmor-profiles-${apparmor-version}";
+    pname = "apparmor-profiles";
+    version = apparmor-version;
+
    src = apparmor-sources;

    nativeBuildInputs = [ which ];

-    postPatch = "cd ./profiles";
+    postPatch = ''
+      cd ./profiles
+    '';
+
    installFlags = [ "DESTDIR=$(out)" "EXTRAS_DEST=$(out)/share/apparmor/extra-profiles" ];

    inherit doCheck;
@ -262,7 +287,9 @@ let
  };

  apparmor-kernel-patches = stdenv.mkDerivation {
-    name = "apparmor-kernel-patches-${apparmor-version}";
+    pname = "apparmor-kernel-patches";
+    version = apparmor-version;
+
    src = apparmor-sources;

    dontBuild = true;
@ -303,7 +330,7 @@ let
    touch $out
    while read -r path
    do printf >>$out "%s,\n" ${lib.concatMapStringsSep " " (x: "\"${x}\"") (baseRules ++ additionalRules)}
-    done <${closureInfo {inherit rootPaths;}}/store-paths
+    done <${closureInfo { inherit rootPaths; }}/store-paths
  '';
 in
 {