nixos/modules/security/wrappers/wrapper.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / security / wrappers / wrapper.nix

at 24.11-pre 625 B view raw

 1{ stdenv, unsecvars, linuxHeaders, sourceProg, debug ? false }:
 2# For testing:
 3# $ nix-build -E 'with import <nixpkgs> {}; pkgs.callPackage ./wrapper.nix { sourceProg = "${pkgs.hello}/bin/hello"; debug = true; }'
 4stdenv.mkDerivation {
 5  name = "security-wrapper-${baseNameOf sourceProg}";
 6  buildInputs = [ linuxHeaders ];
 7  dontUnpack = true;
 8  CFLAGS = [
 9    ''-DSOURCE_PROG="${sourceProg}"''
10  ] ++ (if debug then [
11    "-Werror" "-Og" "-g"
12  ] else [
13    "-Wall" "-O2"
14  ]);
15  dontStrip = debug;
16  installPhase = ''
17    mkdir -p $out/bin
18    $CC $CFLAGS ${./wrapper.c} -I${unsecvars} -o $out/bin/security-wrapper
19  '';
20}