commit
f9a555b9fb
1 changed files with 26 additions and 24 deletions
|
@ -1,39 +1,42 @@
|
|||
{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake, kernel, installShellFiles
|
||||
{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake, kernel, installShellFiles, pkg-config
|
||||
, luajit, ncurses, perl, jsoncpp, libb64, openssl, curl, jq, gcc, elfutils, tbb, protobuf, grpc
|
||||
}:
|
||||
|
||||
with lib;
|
||||
let
|
||||
# Compare with https://github.com/draios/sysdig/blob/dev/cmake/modules/falcosecurity-libs.cmake
|
||||
libsRev = "2160111cd088aea9ae2235d3385ecb0b1ab6623c";
|
||||
libsSha256 = "sha256-TOuxXtrxujyAjzAtlX3/eCfM16mwxnmZ6Wg44SG0dTs=";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "sysdig";
|
||||
version = "0.27.1";
|
||||
version = "0.28.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "draios";
|
||||
repo = "sysdig";
|
||||
rev = version;
|
||||
sha256 = "sha256-lYjMvxMIReANNwMr62u881Nugrs9piOaN3EmrvGzRns=";
|
||||
sha256 = "sha256-oE3vCmOw+gcmvGqj7Xk5injpNC/YThckJMNg5XRFhME=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Fix pending upstream inclusion for ncurses-6.3 support:
|
||||
# https://github.com/draios/sysdig/pull/1810
|
||||
(fetchpatch {
|
||||
name = "ncurses-6.3.patch";
|
||||
url = "https://github.com/draios/sysdig/commit/1e37fffe0337b8f8f8e0b5345db2f8631851c209.patch";
|
||||
sha256 = "sha256-T+yC6iXQ3MY+ub0c+Hv+cC18PV8YlAOKB6YB1Hdm7Yc=";
|
||||
# change 'a/userspace/sinspui' for 'a/userspace/libsinsp' to follow upstream rename.
|
||||
stripLen = 3;
|
||||
extraPrefix = "userspace/libsinsp/";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ cmake perl installShellFiles ];
|
||||
nativeBuildInputs = [ cmake perl installShellFiles pkg-config ];
|
||||
buildInputs = [
|
||||
luajit ncurses jsoncpp libb64 openssl curl jq gcc elfutils tbb protobuf grpc
|
||||
] ++ optionals (kernel != null) kernel.moduleBuildDependencies;
|
||||
|
||||
hardeningDisable = [ "pic" ];
|
||||
|
||||
postUnpack = ''
|
||||
cp -r ${fetchFromGitHub {
|
||||
owner = "falcosecurity";
|
||||
repo = "libs";
|
||||
rev = libsRev;
|
||||
sha256 = libsSha256;
|
||||
}} libs
|
||||
chmod -R +w libs
|
||||
cmakeFlagsArray+=("-DFALCOSECURITY_LIBS_SOURCE_DIR=$(pwd)/libs")
|
||||
'';
|
||||
|
||||
cmakeFlags = [
|
||||
"-DUSE_BUNDLED_DEPS=OFF"
|
||||
"-DSYSDIG_VERSION=${version}"
|
||||
|
@ -45,9 +48,8 @@ stdenv.mkDerivation rec {
|
|||
|
||||
preConfigure = ''
|
||||
cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -labsl_synchronization")
|
||||
|
||||
export INSTALL_MOD_PATH="$out"
|
||||
'' + optionalString (kernel != null) ''
|
||||
export INSTALL_MOD_PATH="$out"
|
||||
export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
|
||||
'';
|
||||
|
||||
|
@ -64,12 +66,12 @@ stdenv.mkDerivation rec {
|
|||
kernel_dev=${kernel.dev}
|
||||
kernel_dev=''${kernel_dev#/nix/store/}
|
||||
kernel_dev=''${kernel_dev%%-linux*dev*}
|
||||
if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko"; then
|
||||
sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko
|
||||
if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/scap.ko"; then
|
||||
sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
|
||||
else
|
||||
xz -d $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko.xz
|
||||
sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko
|
||||
xz $out/lib/modules/${kernel.modDirVersion}/extra/sysdig-probe.ko
|
||||
xz -d $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko.xz
|
||||
sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
|
||||
xz $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
|
||||
fi
|
||||
'';
|
||||
|
||||
|
|
Loading…
Reference in a new issue