grimm-nixos-laptop/common/tooling/apparmor/apparmor-d-package.nix

{ buildGoModule, fetchFromGitHub, git, lib }: 
buildGoModule {
  pname = "apparmor-d";
  version = "unstable-2024-10-12";

  src = fetchFromGitHub {
    rev = "04df7052725b4ac473f1bdcd1e1644b8163ff0d2";
    owner = "roddhjav";
    repo = "apparmor.d";
    hash = "sha256-USDbCBx6+exHJM834f+dr9fmF9hx3Xo/ddhGJVpYjC0=";
  };

  vendorHash = "sha256-YkOcpzn5AKFMDWUYbKY8DzGMiIMSyaDfexFmXv5HNQI=";
  
  doCheck = false;
  #dontBuild = true;

  nativeBuildInputs = [ git ];

  patches = [
    ./apparmor-d-paths.patch
  ];

  subPackages = [
    "cmd/prebuild"
    "cmd/aa-log"
  ];

  postInstall = ''
    mkdir -p $out/etc
    
    DISTRIBUTION=arch $out/bin/prebuild --abi 4 # fixme: replace with nixos support once available
    
    mv .build/apparmor.d $out/etc

    rm $out/etc/apparmor.d/abstractions/authentication.d/complete
    
    rm $out/bin/prebuild
  '';

  meta = {
    description = "Full set of AppArmor profiles (~ 1500 profiles) ";
    homepage = "https://github.com/roddhjav/apparmor.d";
    license = lib.licenses.gpl2Only;
    mainProgram = "aa-log";
    maintainers = with lib.maintainers; [ grimmauld ];
    platforms = lib.platforms.linux;
  };
}
use intended tooling: allows nixos-specific support in apparmor.d 2024-10-15 23:31:58 +02:00			`{ buildGoModule, fetchFromGitHub, git, lib }:`
			`buildGoModule {`
experimental apparmor support 2024-10-12 18:19:18 +02:00			`pname = "apparmor-d";`
			`version = "unstable-2024-10-12";`

			`src = fetchFromGitHub {`
update inputs, enable apparmor caching 2024-10-16 11:28:00 +02:00			`rev = "04df7052725b4ac473f1bdcd1e1644b8163ff0d2";`
experimental apparmor support 2024-10-12 18:19:18 +02:00			`owner = "roddhjav";`
			`repo = "apparmor.d";`
update inputs, enable apparmor caching 2024-10-16 11:28:00 +02:00			`hash = "sha256-USDbCBx6+exHJM834f+dr9fmF9hx3Xo/ddhGJVpYjC0=";`
experimental apparmor support 2024-10-12 18:19:18 +02:00			`};`
use intended tooling: allows nixos-specific support in apparmor.d 2024-10-15 23:31:58 +02:00
			`vendorHash = "sha256-YkOcpzn5AKFMDWUYbKY8DzGMiIMSyaDfexFmXv5HNQI=";`
experimental apparmor support 2024-10-12 18:19:18 +02:00
			`doCheck = false;`
use intended tooling: allows nixos-specific support in apparmor.d 2024-10-15 23:31:58 +02:00			`#dontBuild = true;`

			`nativeBuildInputs = [ git ];`
experimental apparmor support 2024-10-12 18:19:18 +02:00
			`patches = [`
			`./apparmor-d-paths.patch`
			`];`

clean up apparmor.d submodules 2024-10-16 09:06:29 +02:00			`subPackages = [`
			`"cmd/prebuild"`
			`"cmd/aa-log"`
			`];`

use intended tooling: allows nixos-specific support in apparmor.d 2024-10-15 23:31:58 +02:00			`postInstall = ''`
clean up apparmor.d submodules 2024-10-16 09:06:29 +02:00			`mkdir -p $out/etc`
use intended tooling: allows nixos-specific support in apparmor.d 2024-10-15 23:31:58 +02:00
fix all apparmor profiles just being complain mode 2024-10-16 15:26:56 +02:00			`DISTRIBUTION=arch $out/bin/prebuild --abi 4 # fixme: replace with nixos support once available`
use intended tooling: allows nixos-specific support in apparmor.d 2024-10-15 23:31:58 +02:00
			`mv .build/apparmor.d $out/etc`
fix pkexec 2024-10-16 19:39:53 +02:00
			`rm $out/etc/apparmor.d/abstractions/authentication.d/complete`

clean up apparmor.d submodules 2024-10-16 09:06:29 +02:00			`rm $out/bin/prebuild`
experimental apparmor support 2024-10-12 18:19:18 +02:00			`'';`
use intended tooling: allows nixos-specific support in apparmor.d 2024-10-15 23:31:58 +02:00
			`meta = {`
			`description = "Full set of AppArmor profiles (~ 1500 profiles) ";`
			`homepage = "https://github.com/roddhjav/apparmor.d";`
			`license = lib.licenses.gpl2Only;`
			`mainProgram = "aa-log";`
			`maintainers = with lib.maintainers; [ grimmauld ];`
			`platforms = lib.platforms.linux;`
			`};`
experimental apparmor support 2024-10-12 18:19:18 +02:00			`}`