Merge pull request #224487 from dani0854/init/doas-sudo-shim

2023-04-14 19:14:24 +02:00 · 2023-04-14 19:14:24 +02:00 · 882a83a355
commit 882a83a355
parent 9e960aabc6 0c48c4a986
3 changed files with 66 additions and 0 deletions
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@ -4149,6 +4149,16 @@
    githubId = 1931963;
    name = "David Sferruzza";
  };
+  dsuetin = {
+    name = "Danil Suetin";
+    email = "suetin085@gmail.com";
+    matrix = "@dani0854:matrix.org";
+    github = "dani0854";
+    githubId = 32674935;
+    keys = [{
+      fingerprint = "6CC2 D713 6703 0D86 CA29  C71F 23B5 AA6F A374 F2FE";
+    }];
+  };
  dsymbol = {
    name = "dsymbol";
    github = "dsymbol";
--- a/pkgs/tools/security/doas-sudo-shim/default.nix
+++ b/pkgs/tools/security/doas-sudo-shim/default.nix
@ -0,0 +1,54 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, runCommand
+, asciidoctor
+, coreutils
+, gawk
+, glibc
+, util-linux
+, bash
+, makeBinaryWrapper
+, doas-sudo-shim
+}:
+
+stdenv.mkDerivation rec {
+  pname = "doas-sudo-shim";
+  version = "0.1.1";
+
+  src = fetchFromGitHub {
+    owner = "jirutka";
+    repo = "doas-sudo-shim";
+    rev = "v${version}";
+    sha256 = "QYVqGxeWC7Tiz8aNY/LukwG4EW0km/RunGEfkzY/A38=";
+  };
+
+  nativeBuildInputs = [ asciidoctor makeBinaryWrapper ];
+  buildInputs = [ bash coreutils gawk glibc util-linux ];
+
+  dontConfigure = true;
+  dontBuild = true;
+
+  installFlags = [ "DESTDIR=$(out)" "PREFIX=\"\"" ];
+
+  postInstall = ''
+    wrapProgram $out/bin/sudo \
+      --prefix PATH : ${lib.makeBinPath [ bash coreutils gawk glibc util-linux ]}
+  '';
+
+  passthru.tests = {
+    helpTest = runCommand "${pname}-helpTest" {} ''
+      ${doas-sudo-shim}/bin/sudo -h > $out
+      grep -q "Execute a command as another user using doas(1)" $out
+    '';
+  };
+
+  meta = with lib; {
+    description = "A shim for the sudo command that utilizes doas";
+    homepage = "https://github.com/jirutka/doas-sudo-shim";
+    license = licenses.isc;
+    mainProgram = "sudo";
+    maintainers = with maintainers; [ dsuetin ];
+    platforms = platforms.linux;
+  };
+}
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -6778,6 +6778,8 @@ with pkgs;

  doas = callPackage ../tools/security/doas { };

+  doas-sudo-shim = callPackage ../tools/security/doas-sudo-shim { };
+
  docbook2x = callPackage ../tools/typesetting/docbook2x { };

  docbook2mdoc = callPackage ../tools/misc/docbook2mdoc { };