From e48ddd2270d77678a7890cb5c25f8f3a5cde42b9 Mon Sep 17 00:00:00 2001 From: Sascha Grunert Date: Mon, 17 Aug 2020 10:39:20 +0200 Subject: [PATCH] oci-seccomp-bpf-hook: new at 1.2.0 Add a new package for the OCI seccomp BPF hook package. Signed-off-by: Sascha Grunert --- .../oci-seccomp-bpf-hook/default.nix | 58 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 60 insertions(+) create mode 100644 pkgs/applications/virtualization/oci-seccomp-bpf-hook/default.nix diff --git a/pkgs/applications/virtualization/oci-seccomp-bpf-hook/default.nix b/pkgs/applications/virtualization/oci-seccomp-bpf-hook/default.nix new file mode 100644 index 00000000000..0e97a7c3646 --- /dev/null +++ b/pkgs/applications/virtualization/oci-seccomp-bpf-hook/default.nix @@ -0,0 +1,58 @@ +{ stdenv +, buildGoModule +, fetchFromGitHub +, go-md2man +, installShellFiles +, libseccomp +, linuxPackages +, pkg-config +}: + +buildGoModule rec { + pname = "oci-seccomp-bpf-hook"; + version = "1.2.0"; + src = fetchFromGitHub { + owner = "containers"; + repo = "oci-seccomp-bpf-hook"; + rev = "v${version}"; + sha256 = "143x4daixzhhhpli1l14r7dr7dn3q42w8dddr16jzhhwighsirqw"; + }; + vendorSha256 = null; + doCheck = false; + + outputs = [ "out" "man" ]; + nativeBuildInputs = [ + go-md2man + installShellFiles + pkg-config + ]; + buildInputs = [ + libseccomp + linuxPackages.bcc + ]; + + buildPhase = '' + make + ''; + + postBuild = '' + substituteInPlace oci-seccomp-bpf-hook.json --replace HOOK_BIN_DIR "$out/bin" + ''; + + installPhase = '' + install -Dm755 bin/* -t $out/bin + install -Dm644 oci-seccomp-bpf-hook.json -t $out + installManPage docs/*.[1-9] + ''; + + meta = with stdenv.lib; { + homepage = "https://github.com/containers/oci-seccomp-bpf-hook"; + description = '' + OCI hook to trace syscalls and generate a seccomp profile + ''; + license = licenses.asl20; + maintainers = with maintainers; [ saschagrunert ]; + platforms = platforms.linux; + badPlatforms = [ "aarch64-linux" ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 6630d2a5d3b..528d288dfba 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -24612,6 +24612,8 @@ in nxengine-evo = callPackage ../games/nxengine-evo { }; + oci-seccomp-bpf-hook = callPackage ../applications/virtualization/oci-seccomp-bpf-hook { }; + odamex = callPackage ../games/odamex { }; oilrush = callPackage ../games/oilrush { };