291499d10e
Previously, lxd would complain about apparmor_parser being missing: lxd[1037]: lvl=warn msg="AppArmor support has been disabled because 'apparmor_parser' couldn't be found" t=2018-11-19T18:32:47-0800 We need to provide a wrapped apparmor_parser that knows where to find <tunables/global>, which is #included by lxd’s generated profiles. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
51 lines
1.5 KiB
Nix
51 lines
1.5 KiB
Nix
{ stdenv, pkgconfig, lxc, buildGoPackage, fetchurl
|
|
, makeWrapper, acl, rsync, gnutar, xz, btrfs-progs, gzip, dnsmasq
|
|
, squashfsTools, iproute, iptables, ebtables, libcap, dqlite
|
|
, sqlite-replication
|
|
, writeShellScriptBin, apparmor-profiles, apparmor-parser
|
|
}:
|
|
|
|
buildGoPackage rec {
|
|
name = "lxd-3.0.2";
|
|
|
|
goPackagePath = "github.com/lxc/lxd";
|
|
|
|
src = fetchurl {
|
|
url = "https://github.com/lxc/lxd/releases/download/${name}/${name}.tar.gz";
|
|
sha256 = "1ha8ijzblf15p0kcpgwshswz6s2rdd2b4qnzjw3l72ww620hr84j";
|
|
};
|
|
|
|
preBuild = ''
|
|
# unpack vendor
|
|
pushd go/src/github.com/lxc/lxd
|
|
rm dist/src/github.com/lxc/lxd
|
|
cp -r dist/src/* ../../..
|
|
rm -r dist
|
|
popd
|
|
'';
|
|
|
|
buildFlags = [ "-tags libsqlite3" ];
|
|
|
|
postInstall = ''
|
|
# binaries from test/
|
|
rm $bin/bin/{deps,macaroon-identity}
|
|
|
|
wrapProgram $bin/bin/lxd --prefix PATH ":" ${stdenv.lib.makeBinPath [
|
|
acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ebtables
|
|
(writeShellScriptBin "apparmor_parser" ''
|
|
exec '${apparmor-parser}/bin/apparmor_parser' -I '${apparmor-profiles}/etc/apparmor.d' "$@"
|
|
'')
|
|
]}
|
|
'';
|
|
|
|
nativeBuildInputs = [ pkgconfig makeWrapper ];
|
|
buildInputs = [ lxc acl libcap dqlite sqlite-replication ];
|
|
|
|
meta = with stdenv.lib; {
|
|
description = "Daemon based on liblxc offering a REST API to manage containers";
|
|
homepage = https://linuxcontainers.org/lxd/;
|
|
license = licenses.asl20;
|
|
maintainers = with maintainers; [ globin fpletz ];
|
|
platforms = platforms.linux;
|
|
};
|
|
}
|