uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948 this can do it nicely. Signed-off-by: Anton Arapov <anton@deadbeef.mx>
2021-04-03 12:58:10 +02:00 · 2021-04-03 12:58:10 +02:00 · 56de2bcd43
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
--- a/pkgs/tools/security/ecryptfs/default.nix
+++ b/pkgs/tools/security/ecryptfs/default.nix
@ -0,0 +1,67 @@
+{ lib, stdenv, fetchurl, pkg-config, perl, util-linux, keyutils, nss, nspr, python2, pam, enablePython ? false
+, intltool, makeWrapper, coreutils, bash, gettext, cryptsetup, lvm2, rsync, which, lsof }:
+
+stdenv.mkDerivation rec {
+  pname = "ecryptfs";
+  version = "111";
+
+  src = fetchurl {
+    url = "https://launchpad.net/ecryptfs/trunk/${version}/+download/ecryptfs-utils_${version}.orig.tar.gz";
+    sha256 = "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i";
+  };
+
+  # TODO: replace wrapperDir below with from <nixos> config.security.wrapperDir;
+  wrapperDir = "/run/wrappers/bin";
+
+  postPatch = ''
+    FILES="$(grep -r '/bin/sh' src/utils -l; find src -name \*.c)"
+    for file in $FILES; do
+      substituteInPlace "$file" \
+        --replace /bin/mount ${util-linux}/bin/mount \
+        --replace /bin/umount ${util-linux}/bin/umount \
+        --replace /sbin/mount.ecryptfs_private ${wrapperDir}/mount.ecryptfs_private \
+        --replace /sbin/umount.ecryptfs_private ${wrapperDir}/umount.ecryptfs_private \
+        --replace /sbin/mount.ecryptfs $out/sbin/mount.ecryptfs \
+        --replace /sbin/umount.ecryptfs $out/sbin/umount.ecryptfs \
+        --replace /usr/bin/ecryptfs-rewrite-file $out/bin/ecryptfs-rewrite-file \
+        --replace /usr/bin/ecryptfs-mount-private $out/bin/ecryptfs-mount-private \
+        --replace /usr/bin/ecryptfs-setup-private $out/bin/ecryptfs-setup-private \
+        --replace /sbin/cryptsetup ${cryptsetup}/sbin/cryptsetup \
+        --replace /sbin/dmsetup ${lvm2}/sbin/dmsetup \
+        --replace /sbin/unix_chkpwd ${wrapperDir}/unix_chkpwd \
+        --replace /bin/bash ${bash}/bin/bash
+    done
+  '';
+
+  configureFlags = lib.optionals (!enablePython) [ "--disable-pywrap" ];
+
+  nativeBuildInputs = [ pkg-config makeWrapper ]
+  # if python2 support is requested, it is needed at builtime as well as runtime.
+  ++ lib.optionals (enablePython) [ python2 ]
+  ;
+  buildInputs = [ perl nss nspr pam intltool ]
+  ++ lib.optionals (enablePython) [ python2 ]
+  ;
+  propagatedBuildInputs = [ coreutils gettext cryptsetup lvm2 rsync keyutils which ];
+
+  postInstall = ''
+    FILES="$(grep -r '/bin/sh' $out/bin -l)"
+    for file in $FILES; do
+      wrapProgram $file \
+        --prefix PATH ":" "${coreutils}/bin" \
+        --prefix PATH ":" "${gettext}/bin" \
+        --prefix PATH ":" "${rsync}/bin" \
+        --prefix PATH ":" "${keyutils}/bin" \
+        --prefix PATH ":" "${which}/bin" \
+        --prefix PATH ":" "${lsof}/bin" \
+        --prefix PATH ":" "$out/bin"
+    done
+  '';
+
+  meta = with lib; {
+    description = "Enterprise-class stacked cryptographic filesystem";
+    license     = licenses.gpl2Plus;
+    maintainers = with maintainers; [ obadz ];
+    platforms   = platforms.linux;
+  };
+}
--- a/pkgs/tools/security/ecryptfs/helper.nix
+++ b/pkgs/tools/security/ecryptfs/helper.nix
@ -0,0 +1,34 @@
+{ lib, stdenv
+, fetchurl
+, makeWrapper
+, python2
+}:
+
+stdenv.mkDerivation {
+  pname   = "ecryptfs-helper";
+  version = "20160722";
+
+  src = fetchurl {
+    url    = "https://gist.githubusercontent.com/obadz/ec053fdb00dcb48441d8313169874e30/raw/4b657a4b7c3dc684e4d5e3ffaf46ced1b7675163/ecryptfs-helper.py";
+    sha256 = "0gp4m22zc80814ng80s38hp930aa8r4zqihr7jr23m0m2iq4pdpg";
+  };
+
+  dontUnpack = true;
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  # Do not hardcode PATH to ${ecryptfs} as we need the script to invoke executables from /run/wrappers/bin
+  installPhase = ''
+    mkdir -p $out/bin $out/libexec
+    cp $src $out/libexec/ecryptfs-helper.py
+    makeWrapper "${python2.interpreter}" "$out/bin/ecryptfs-helper" --add-flags "$out/libexec/ecryptfs-helper.py"
+  '';
+
+  meta = with lib; {
+    description    = "Helper script to create/mount/unemount encrypted directories using eCryptfs without needing root permissions";
+    license        = licenses.gpl2Plus;
+    maintainers    = with maintainers; [ obadz ];
+    platforms      = platforms.linux;
+    hydraPlatforms = [];
+  };
+}