fortify/package.nix
Ophestra Umiker d9cb2a9f2b
fsu: implement simple setuid user switcher
Contains path to fortify, set at compile time, authenticates based on a simple uid range assignment file which also acts as the allow list.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-28 00:02:34 +09:00

45 lines
628 B
Nix

{
lib,
buildGoModule,
makeBinaryWrapper,
xdg-dbus-proxy,
bubblewrap,
acl,
xorg,
}:
buildGoModule rec {
pname = "fortify";
version = "0.0.9";
src = ./.;
vendorHash = null;
ldflags = [
"-s"
"-w"
"-X"
"main.Version=v${version}"
"-X"
"main.FortifyPath=${placeholder "out"}/bin/fortify"
];
buildInputs = [
acl
xorg.libxcb
];
nativeBuildInputs = [ makeBinaryWrapper ];
postInstall = ''
wrapProgram $out/bin/${pname} --prefix PATH : ${
lib.makeBinPath [
bubblewrap
xdg-dbus-proxy
]
}
mv $out/bin/fsu $out/bin/.fsu
'';
}