diff --git a/pkgs/development/libraries/dbus/default.nix b/pkgs/development/libraries/dbus/default.nix
index b3723f1b4d2..4480d197fa7 100644
--- a/pkgs/development/libraries/dbus/default.nix
+++ b/pkgs/development/libraries/dbus/default.nix
@@ -5,6 +5,8 @@
, expat
, enableSystemd ? stdenv.isLinux && !stdenv.hostPlatform.isMusl
, systemd
+, audit
+, libapparmor
, libX11 ? null
, libICE ? null
, libSM ? null
@@ -70,7 +72,8 @@ stdenv.mkDerivation rec {
libX11
libICE
libSM
- ] ++ lib.optional enableSystemd systemd;
+ ] ++ lib.optional enableSystemd systemd
+ ++ lib.optionals (!stdenv.isDarwin) [ audit libapparmor ];
# ToDo: optional selinux?
configureFlags = [
@@ -86,7 +89,8 @@ stdenv.mkDerivation rec {
"--with-system-socket=/run/dbus/system_bus_socket"
"--with-systemdsystemunitdir=${placeholder ''out''}/etc/systemd/system"
"--with-systemduserunitdir=${placeholder ''out''}/etc/systemd/user"
- ] ++ lib.optional (!x11Support) "--without-x";
+ ] ++ lib.optional (!x11Support) "--without-x"
+ ++ lib.optionals (!stdenv.isDarwin) [ "--enable-apparmor" "--enable-libaudit" ];
# Enable X11 autolaunch support in libdbus. This doesn't actually depend on X11
# (it just execs dbus-launch in dbus.tools), contrary to what the configure script demands.
diff --git a/pkgs/development/libraries/dbus/make-dbus-conf.nix b/pkgs/development/libraries/dbus/make-dbus-conf.nix
index e714b96b7e9..ce5c0b3b577 100644
--- a/pkgs/development/libraries/dbus/make-dbus-conf.nix
+++ b/pkgs/development/libraries/dbus/make-dbus-conf.nix
@@ -1,6 +1,7 @@
{ runCommand, writeText, libxslt, dbus
, serviceDirectories ? []
, suidHelper ? "/var/setuid-wrappers/dbus-daemon-launch-helper"
+, apparmor ? "disabled" # one of enabled, disabled, required
}:
/* DBus has two configuration parsers -- normal and "trivial", which is used
@@ -10,7 +11,7 @@
*/
runCommand "dbus-1"
{
- inherit serviceDirectories suidHelper;
+ inherit serviceDirectories suidHelper apparmor;
preferLocalBuild = true;
allowSubstitutes = false;
XML_CATALOG_FILES = writeText "dbus-catalog.xml" ''
@@ -33,10 +34,12 @@ runCommand "dbus-1"
xsltproc --nonet \
--stringparam serviceDirectories "$serviceDirectories" \
--stringparam suidHelper "$suidHelper" \
+ --stringparam apparmor "$apparmor" \
${./make-system-conf.xsl} ${dbus}/share/dbus-1/system.conf \
> $out/system.conf
xsltproc --nonet \
--stringparam serviceDirectories "$serviceDirectories" \
+ --stringparam apparmor "$apparmor" \
${./make-session-conf.xsl} ${dbus}/share/dbus-1/session.conf \
> $out/session.conf
''
diff --git a/pkgs/development/libraries/dbus/make-session-conf.xsl b/pkgs/development/libraries/dbus/make-session-conf.xsl
index 6a19ee14a22..a744905cdd3 100644
--- a/pkgs/development/libraries/dbus/make-session-conf.xsl
+++ b/pkgs/development/libraries/dbus/make-session-conf.xsl
@@ -15,12 +15,16 @@
+
+
+
+
/share/dbus-1/services
/etc/dbus-1/session.d
diff --git a/pkgs/development/libraries/dbus/make-system-conf.xsl b/pkgs/development/libraries/dbus/make-system-conf.xsl
index dd644b4bce7..06233e764e1 100644
--- a/pkgs/development/libraries/dbus/make-system-conf.xsl
+++ b/pkgs/development/libraries/dbus/make-system-conf.xsl
@@ -16,11 +16,15 @@
+
+
+
+
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index cc6d4868f62..9a5592790d4 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -12471,9 +12471,9 @@ in
dbus-sharp-glib-1_0 = callPackage ../development/libraries/dbus-sharp-glib/dbus-sharp-glib-1.0.nix { };
dbus-sharp-glib-2_0 = callPackage ../development/libraries/dbus-sharp-glib { };
- makeDBusConf = { suidHelper, serviceDirectories }:
+ makeDBusConf = { suidHelper, serviceDirectories, apparmor }:
callPackage ../development/libraries/dbus/make-dbus-conf.nix {
- inherit suidHelper serviceDirectories;
+ inherit suidHelper serviceDirectories apparmor;
};
dee = callPackage ../development/libraries/dee { };