;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2021 muradm <mail@muradm.net>
+;;; Copyright © 2021 pineapples <guixuser6392@protonmail.com>
;;; Copyright © 2021 Petr Hodina <phodina@protonmail.com>
;;; Copyright © 2021 Artyom V. Poptsov <poptsov.artyom@gmail.com>
;;; Copyright © 2022 Wamm K. D. <jaft.r@outlook.com>
+;;; Copyright © 2022 Roman Riabenko <roman@riabenko.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages admin)
+ #:use-module (guix build-system cargo)
#:use-module (guix build-system cmake)
#:use-module (guix build-system emacs)
#:use-module (guix build-system glib-or-gtk)
#:use-module (gnu packages c)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
#:use-module (gnu packages cross-base)
#:use-module (gnu packages crypto)
#:use-module (gnu packages cryptsetup)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages cyrus-sasl)
#:use-module (gnu packages dns)
#:use-module (gnu packages elf)
#:use-module (gnu packages file)
#:use-module (gnu packages flex)
+ #:use-module (gnu packages freedesktop)
#:use-module (gnu packages gawk)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gl)
#:use-module (gnu packages mcrypt)
#:use-module (gnu packages mpi)
#:use-module (gnu packages ncurses)
+ #:use-module (gnu packages networking)
#:use-module (gnu packages openldap)
#:use-module (gnu packages patchutils)
#:use-module (gnu packages pciutils)
#:use-module (gnu packages ruby)
#:use-module (gnu packages selinux)
#:use-module (gnu packages serialization)
+ #:use-module (gnu packages sqlite)
#:use-module (gnu packages ssh)
#:use-module (gnu packages sphinx)
#:use-module (gnu packages tcl)
(define-public shepherd-0.9
(package
(inherit shepherd)
- (version "0.9.0")
+ (version "0.9.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/shepherd/shepherd-"
version ".tar.gz"))
(sha256
(base32
- "1rdwhrcibs2ly4hjwwb5kmzb133ccjmrfvb0a70cqkv9jy1pg061"))))
+ "0l2arn6gsyw88xk9phxnyplvv1mn8sqp3ipgyyb0nszdzvxlgd36"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; Avoid continuation barriers so (@ (fibers) sleep) can be
+ ;; called from a service's 'stop' method
+ '(substitute* "modules/shepherd/service.scm"
+ (("call-with-blocked-asyncs") ;in 'stop' method
+ "(lambda (thunk) (thunk))")
+ (("\\(for-each-service\n") ;in 'shutdown-services'
+ "((lambda (proc)
+ (for-each proc
+ (fold-services cons '())))\n")))))
(arguments
(list #:configure-flags #~'("--localstatedir=/var")
#:make-flags #~'("GUILE_AUTO_COMPILE=0")
(define-public cloud-utils
(package
(name "cloud-utils")
- (version "0.32")
+ (version "0.33")
(source
(origin
(method url-fetch)
"0xxdi55lzw7j91zfajw7jhd2ilsqj2dy04i9brlk8j3pvb5ma8hk"))))
(build-system gnu-build-system)
(arguments
- '(#:make-flags
+ '(#:modules
+ ((guix build gnu-build-system)
+ (guix build utils)
+ (srfi srfi-26))
+ #:make-flags
(let ((out (assoc-ref %outputs "out")))
(list (string-append "BINDIR=" out "/bin")
(string-append "MANDIR=" out "/share/man/man1")
(let ((growpart (string-append (assoc-ref outputs "out")
"/bin/growpart")))
(wrap-program growpart
- `("PATH" ":" prefix (,(dirname (which "sfdisk"))
- ,(dirname (which "readlink"))))))
- #t)))))
+ `("PATH" ":" prefix
+ ,(map dirname
+ (map (cut search-input-file inputs <>)
+ (list "bin/readlink"
+ "sbin/sfdisk")))))))))))
(inputs
- (list python util-linux)) ; contains sfdisk for growpart
+ (list coreutils ; for readlink
+ python
+ util-linux)) ; sfdisk for growpart
(home-page "https://launchpad.net/cloud-utils")
(synopsis "Set of utilities for cloud computing environments")
(description
(base32 "0w4g0iyssyw7dd0061881z8s5czcl01mz6v00znax57zfxjqpvnm"))))
(build-system gnu-build-system)
(arguments '(#:tests? #f)) ; No tests available.
- (home-page "http://software.clapper.org/daemonize/")
+ (home-page "https://software.clapper.org/daemonize/")
(synopsis "Command line utility to run a program as a daemon")
(description
"daemonize runs a command as a Unix daemon. It will close all open file
(define-public htop
(package
(name "htop")
- (version "3.2.0")
+ (version "3.2.1")
(source
(origin
(method git-fetch)
(url "https://github.com/htop-dev/htop")
(commit version)))
(sha256
- (base32 "16l1r2ixzs640ybqp2x8bfyvk98kiywy7k3sjmp5j5npdzn5ryd7"))
+ (base32 "0yfmkw3y4qyd42svhpiijif7krvmnb8z88y6h9g4fwf7sfynq2rk"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(inputs
(define-public netcat-openbsd
(package
(name "netcat-openbsd")
- (version "1.218-2")
+ (version "1.218-5")
(source (origin
(method git-fetch)
(uri (git-reference
(file-name (git-file-name name version))
(sha256
(base32
- "1rj4nx0jdism1idc4fghahqbafhv72cpk7zlyq9czgvbps10d1kh"))))
+ "0hpbmz9m2q22a6qgbn9590z2x96xgffim8g0m1v47mariz3pqhlc"))))
(build-system gnu-build-system)
(arguments
`(#:tests? #f ; no test suite
(license (list license:bsd-3
license:bsd-2)))) ; atomicio.*, socks.c
+(define-public nmon
+ (package
+ (name "nmon")
+ (version "16n")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://sourceforge/nmon/lmon" version ".c"))
+ (sha256
+ (base32 "1wpm2f30414b87kpbr9hbidblr5cmfby5skwqd0fkpi5v712q0f0"))))
+ (build-system gnu-build-system)
+ (arguments
+ (list #:tests? #f ; no test suite
+ #:phases
+ #~(modify-phases %standard-phases
+ (replace 'unpack
+ (lambda _
+ (copy-file #$(package-source this-package) "lmon.c")))
+ (delete 'configure) ; no build system
+ (replace 'build
+ ;; There is an example ‘Makefile’ in the .c file.
+ (lambda _
+ ;; These #defines aren't well-documented and, e.g., POWER was
+ ;; not actually tested on every possible TARGET-POWERPC?.
+ (let* ((system #$(cond ((target-x86?) "X86")
+ ((target-arm?) "ARM")
+ ((target-powerpc?) "POWER")
+ (else "CROSS_FINGERS"))))
+ (format #t "Building for ~a~%" system)
+ (invoke #$(cc-for-target) "-o" "nmon" "lmon.c"
+ "-g" "-Wall" "-D" system
+ "-lncurses" "-lm"))))
+ (replace 'install
+ (lambda _
+ (let ((bin (string-append #$output "/bin"))
+ (man1 (string-append #$output "/share/man/man1")))
+ (install-file "nmon" bin)
+ (mkdir-p man1)
+ (copy-file #$(this-package-native-input "man-page")
+ (string-append man1 "/nmon.1"))))))))
+ (native-inputs
+ (list `("man-page"
+ ,(origin
+ ;; There is no man page upstream, so install Debian's.
+ (method url-fetch)
+ (uri (string-append "https://salsa.debian.org/carnil/nmon/"
+ "-/raw/debian/" version "+debian-1/"
+ "debian/nmon.1"))
+ (sha256
+ (base32
+ "1gpvd2kjyhs18sh6sga5bk9wj8s78blfd4c0m38r0wl92jx2yv1b"))))))
+ (inputs
+ (list ncurses))
+ (home-page "http://nmon.sourceforge.net/")
+ (synopsis
+ "Monitor system performance in a terminal or to a @file{.csv} log file")
+ (description
+ "@acronym{Nmon, Nigel's performance monitor} is yet another system monitor
+useful in systems administration, debugging, tuning, and benchmarking.
+
+The configurable ncurses interface displays all the classic resource usage
+statistics (CPU, memory, network, disk, ...) as real-time graphs or numbers.
+It can also list the processes responsible in a @command{top}-like table.
+
+A less common nmon feature is its ability to create highly detailed log files
+in @acronym{CSV, comma-separated values} format. These can be imported into
+spreadsheets or fed straight into an @acronym{RRD, round-robin database} using
+@command{rrdtool} for further analyisis, or to create colourful graphs.")
+ (license license:gpl3+)))
+
(define-public sipcalc
(package
(name "sipcalc")
bind-release-version)))
(package
(name "isc-dhcp")
- (version "4.4.2-P1")
+ (version "4.4.3")
(source (origin
(method url-fetch)
(uri (string-append "https://ftp.isc.org/isc/dhcp/"
version "/dhcp-" version ".tar.gz"))
- (patches (search-patches "isc-dhcp-gcc-compat.patch"))
(sha256
(base32
- "06jsr0cg5rsmyibshrpcb9za0qgwvqccashdma7mlm1rflrh8pmh"))))
+ "062q2g8cj2zv0zv22x6pg21m21bdlscxkg3li0ac0pm0qasccghf"))))
(build-system gnu-build-system)
(arguments
`(#:parallel-build? #f
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "rc/weekly"
(("/bin/kill")
- (string-append (assoc-ref inputs "coreutils*")
- "/bin/kill"))
+ (search-input-file inputs "/bin/kill"))
(("syslogd\\.pid")
;; The file is called 'syslog.pid' (no 'd').
- "syslog.pid"))
- #t))
+ "syslog.pid"))))
(add-after 'install 'install-info
(lambda _
(invoke "make" "install-info"))))))
(native-inputs (list texinfo automake util-linux)) ; for 'cal'
- (inputs `(("coreutils*" ,coreutils)
- ("mailutils" ,mailutils)))
+ (inputs (list coreutils mailutils))
(home-page "https://www.gnu.org/software/rottlog/")
(synopsis "Log rotation and management")
(description
(define-public sudo
(package
(name "sudo")
- (version "1.9.10")
+ (version "1.9.11p3")
(source (origin
(method url-fetch)
(uri
version ".tar.gz")))
(sha256
(base32
- "1x34k8sd2msfjjsahff1q143gr5j9z19jx2rmkkbiiz7k084d8a4"))
+ "0w0z9w4vnhjsc4jjghi6wlyv4v055hsy38ncb67p08b7yp9fg1s6"))
(modules '((guix build utils)))
(snippet
'(begin
(add-after 'install-documentation 'install-dbus-conf
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
- (dir (string-append out "/etc/dbus-1/system.d")))
- (mkdir-p dir)
+ (interfaces (string-append out "/etc/dbus-1/system.d"))
+ (services (string-append out
+ "/share/dbus-1/system-services")))
+ (mkdir-p interfaces)
(copy-file "dbus/dbus-wpa_supplicant.conf"
- (string-append dir "/wpa_supplicant.conf")))
+ (string-append interfaces "/wpa_supplicant.conf"))
+ (mkdir-p services)
+ (copy-file "dbus/fi.w1.wpa_supplicant1.service"
+ (string-append services
+ "/fi.w1.wpa_supplicant1.service")))
#t))))))))
(define-public wpa-supplicant-gui
(inherit wpa-supplicant)
(name "wpa-supplicant-gui")
(inputs (modify-inputs (package-inputs wpa-supplicant)
- (prepend qtbase-5 qtsvg)))
+ (prepend qtbase-5 qtsvg-5)))
(native-inputs
;; For icons.
(modify-inputs (package-native-inputs wpa-supplicant)
- (prepend imagemagick inkscape)))
+ (prepend imagemagick inkscape/stable)))
(arguments
`(#:phases (modify-phases %standard-phases
(add-after 'unpack 'chdir
(replace 'install
(lambda* (#:key inputs outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out"))
- (qt '("qtbase" "qtsvg")))
+ (qt '("qtbase" "qtsvg-5")))
(install-file "wpa_gui" (string-append out "/bin"))
(install-file "wpa_gui.desktop"
(string-append out "/share/applications"))
(define-public dmidecode
(package
(name "dmidecode")
- (version "3.3")
+ (version "3.4")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://savannah/dmidecode/dmidecode-"
version ".tar.xz"))
(sha256
- (base32 "0m8lzg9rf1qssasiix672bxk5qwms90561g8hfkkhk31h2kkgiw2"))))
+ (base32 "04i2ahvqinkrnzfsbswplv9wff36xf9b3snvriwrjz26v18sijs3"))))
(build-system gnu-build-system)
(arguments
- `(#:tests? #f ; no 'check' target
- #:make-flags
- (list (string-append "CC=" ,(cc-for-target))
- (string-append "prefix="
- (assoc-ref %outputs "out")))
- #:phases
- (modify-phases %standard-phases
- (delete 'configure)))) ; no configure script
+ (list #:tests? #f ; no 'check' target
+ #:make-flags
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "prefix=" #$output))
+ #:phases
+ #~(modify-phases %standard-phases
+ (delete 'configure)))) ; no configure script
(home-page "https://www.nongnu.org/dmidecode/")
(synopsis "Read hardware information from the BIOS")
(description
(base32
"1mlc25sd5rgj5xmzcllci47inmfdw7cp185fday6hc9rwqkqmnaw"))))
(build-system gnu-build-system)
+ (arguments
+ (list #:make-flags
+ #~(list "BUILD_INFO=\"(Guix)\"")))
(inputs (list libcap-ng))
(home-page "https://www.smartmontools.org/")
(synopsis "S.M.A.R.T. harddisk control and monitoring tools")
specified directories.")
(license license:expat)))
-(define-public graphios
- (package
- (name "graphios")
- (version "2.0.3")
- (source
- (origin
- (method url-fetch)
- (uri (pypi-uri "graphios" version))
- (sha256
- (base32
- "1h87hvc315wg6lklbf4l7csd3n5pgljwrfli1p3nasdi0izgn66i"))))
- (build-system python-build-system)
- (arguments
- ;; Be warned: Building with Python 3 succeeds, but the build process
- ;; throws a syntax error that is ignored.
- `(#:python ,python-2
- #:phases
- (modify-phases %standard-phases
- (add-before 'build 'fix-setup.py
- (lambda* (#:key outputs #:allow-other-keys)
- ;; Fix hardcoded, unprefixed file names.
- (let ((out (assoc-ref outputs "out")))
- (substitute* '("setup.py")
- (("/etc") (string-append out "/etc"))
- (("/usr") out)
- (("distro_ver = .*") "distro_ver = ''"))
- #t))))))
- (home-page "https://github.com/shawn-sterling/graphios")
- (synopsis "Emit Nagios metrics to Graphite, Statsd, and Librato")
- (description
- "Graphios is a script to emit nagios perfdata to various upstream metrics
-processing and time-series systems. It's currently compatible with Graphite,
-Statsd, Librato and InfluxDB. Graphios can emit Nagios metrics to any number
-of supported upstream metrics systems simultaneously.")
- (license license:gpl2+)))
-
(define-public ansible-core
(package
(name "ansible-core")
(,(python-path ndiff)))))))
;; These are the tests that do not require network access.
(replace 'check
- (lambda _ (invoke "make"
- "check-nse"
- "check-ndiff"
- "check-dns"))))
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make"
+ "check-nse"
+ "check-ndiff"
+ "check-dns")))))
;; Nmap can't cope with out-of-source building.
#:out-of-source? #f))
(home-page "https://nmap.org/")
(define-public nnn
(package
(name "nnn")
- (version "4.5")
+ (version "4.6")
(source
(origin
(method url-fetch)
(uri (string-append "https://github.com/jarun/nnn/releases/download/v"
version "/nnn-v" version ".tar.gz"))
(sha256
- (base32 "1aj9hzhpwxl2v1dlf3jpd3rp81z689dq8iycbipc0024dnyibp7s"))))
+ (base32 "0gvyvynw957yirvc1aj65flzni7niaj5bvyk82ka5dfgi2dazb0m"))))
(build-system gnu-build-system)
(inputs
(list ncurses readline))
(let ((real-name "inxi"))
(package
(name "inxi-minimal")
- (version "3.3.15-1")
+ (version "3.3.19-1")
(source
(origin
(method git-fetch)
(commit version)))
(file-name (git-file-name real-name version))
(sha256
- (base32 "02zy94bd6ayfl9y7ka6gk32q254k49cbq3a6wgi31r2fcvybyrf7"))))
+ (base32 "0g5m43cj4534gb181zy1hwjz5il88xibf8psxw8a4s6jnaq1zdlk"))))
(build-system trivial-build-system)
(inputs
`(("bash" ,bash-minimal)
(string-append dir "/lib/perl5/site_perl"))
(_ ""))
%build-inputs)))))
- (invoke "gzip" "inxi.1")
+ (invoke "gzip" "-n" "inxi.1")
(install-file "inxi.1.gz"
(string-append %output "/share/man/man1"))))))
(home-page "https://smxi.org/docs/inxi.htm")
(package
(name "lynis")
;; Also update the ‘lynis-sdk’ input to the commit matching this release.
- (version "3.0.6")
+ (version "3.0.8")
(source
(origin
(method git-fetch)
(commit version)))
(file-name (git-file-name name version))
(sha256
- (base32 "1a1n8alcq6zil1rwk9940cg3x2nz3igcxfad99505pdh7ccz9324"))
+ (base32 "19kz1ffbbd431cdfw7fjcl5hjkks3gfkwk3w2zkwsxgyiky1gx3w"))
(modules '((guix build utils)))
(snippet
'(begin
(method git-fetch)
(uri (git-reference
(url "https://github.com/CISOfy/lynis-sdk")
- (commit "1c4e5f60a03e29a1525ca9ec17c793461058253d")))
+ (commit "dffe5d352e4d6029ea95a84d50604ccd97cb8999")))
(file-name (git-file-name "lynis-sdk" version))
(sha256
- (base32 "060k8k1q4c7nvrv3cwscxq8md2v75q3nrwwim1hgfw20divw3npy"))))))
+ (base32 "05qq4395x8f0kyl1ppm74npsf8sb3hhgz0ck4fya91sy6a26b4ja"))))))
(arguments
`(#:phases
(modify-phases %standard-phases
+ (replace 'unpack
+ ;; XXX Remove after fixing <https://issues.guix.gnu.org/55287>.
+ (lambda* (#:key source #:allow-other-keys)
+ (mkdir "source")
+ (chdir "source")
+ (copy-recursively source "."
+ #:keep-mtime? #t)))
(replace 'configure
(lambda* (#:key inputs outputs #:allow-other-keys)
(substitute* "lynis"
(define-public jc
(package
(name "jc")
- (version "1.13.4")
+ (version "1.19.0")
(source
(origin
;; The PyPI tarball lacks the test suite.
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "0rwvyyrdnw43pixp8h51rncq2inc9pbbj1j2191y5si00pjw34zr"))))
+ (base32 "021zk0y8kb6v3qf3hwfg8qjzzmrca039nz3fjywiy2njmbhr8hyi"))))
(build-system python-build-system)
+ (arguments
+ (list #:phases
+ #~(modify-phases %standard-phases
+ ;; XXX Guix's America/Los_Angeles time zone is somehow broken.
+ (add-before 'check 'hack-time-zone
+ (lambda _
+ (substitute* (find-files "tests" "^test.*\\.py$")
+ (("America/Los_Angeles") "PST8PDT")))))))
(propagated-inputs
(list python-pygments python-ruamel.yaml python-xmltodict))
(home-page "https://github.com/kellyjonbrazil/jc")
(define-public atop
(package
(name "atop")
- (version "2.6.0")
+ (version "2.7.1")
(source (origin
(method url-fetch)
(uri (string-append "https://www.atoptool.nl/download/atop-"
version ".tar.gz"))
(sha256
(base32
- "0wlg0n0h9vwpjp2dcb623jvvqck422jrjpq9mbpzg4hnawxcmhly"))))
+ "0kjwgf94skbrndv1krlmsrq34smzi3iwk73fbsnyw787gvqx4j6a"))))
(build-system gnu-build-system)
(arguments
- `(#:tests? #f ; no test suite
+ (list
+ #:tests? #f ; no test suite
#:make-flags
- (list (string-append "CC=" ,(cc-for-target))
- ;; The installer requires a choice between systemd or SysV.
- "systemdinstall"
- (string-append "DESTDIR=" (assoc-ref %outputs "out"))
- (string-append "BINPATH=/bin")
- (string-append "SBINPATH=/sbin")
- (string-append "SYSDPATH=/etc/systemd/system")
- (string-append "PMPATHD=/etc/systemd/system-sleep")
- (string-append "MAN1PATH=/share/man/man1")
- (string-append "MAN5PATH=/share/man/man5")
- (string-append "MAN8PATH=/share/man/man8")
- ;; Or else it tries to create /var/log/atop...
- (string-append "LOGPATH="))
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "DESTDIR=" #$output)
+ (string-append "SYSDPATH=/etc/systemd/system")
+ (string-append "PMPATHD=/etc/systemd/system-sleep")
+ ;; Or else it tries to create /var/log/atop...
+ (string-append "LOGPATH="))
#:phases
- (modify-phases %standard-phases
- (delete 'configure) ; No ./configure script
- (add-before 'build 'patch-build
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* "Makefile"
- ;; We don't need to chown things in the build environment.
- (("chown.*$") "")
- ;; We can't toggle the setuid bit in the build environment.
- (("chmod 04711") "chmod 0711")
- ;; Otherwise, it creates a blank configuration file as a "default".
- (("touch.*DEFPATH)/atop") "")
- (("chmod.*DEFPATH)/atop") ""))
- #t)))))
+ #~(modify-phases %standard-phases
+ (delete 'configure) ; No ./configure script
+ (add-before 'build 'patch-build
+ (lambda _
+ (substitute* "Makefile"
+ ;; Don't use /usr as a prefix.
+ (("/usr") "")
+ ;; Otherwise, it creates a blank configuration file as a "default".
+ (("touch.*DEFPATH)/atop") "")
+ (("chmod.*DEFPATH)/atop") "")))))))
(inputs
- `(("ncurses" ,ncurses)
- ("python" ,python-wrapper) ; for `atopgpud`
- ("zlib" ,zlib)))
+ (list ncurses
+ python-wrapper ; for `atopgpud`
+ zlib))
(home-page "https://www.atoptool.nl/")
(synopsis "Linux performance monitoring console")
(description "Atop is an ASCII full-screen performance monitor for Linux
to the CPU, memory, swap, disks (including LVM) and network layers, and for
every process (and thread) it shows e.g. the CPU utilization, memory growth,
disk utilization, priority, username, state, and exit code.")
+ (properties
+ `((release-monitoring-url . "https://www.atoptool.nl/downloadatop.php")))
(license license:gpl2+)))
;; TODO: Unvendor u-root (pkg: forth, golang, testutil).
(define-public nq
(package
(name "nq")
- (version "0.4")
+ (version "0.5")
(source
(origin
(method git-fetch)
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "0sdamjzvmf6cxhjmd1rjvn7zm6k10fp5n6vabyxd3yl30cgrxw2i"))))
+ (base32 "0szbndvwl6ghwjzb165s09977s0r1yq8h0ziknm0h6xndkcjspl3"))))
(build-system gnu-build-system)
(native-inputs
(list perl))
(arguments
- `(#:make-flags (list (string-append "CC=" ,(cc-for-target))
- (string-append "PREFIX=" (assoc-ref %outputs "out")))
- #:phases
- (modify-phases %standard-phases
- (delete 'configure))))
+ (list #:make-flags
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "PREFIX=" #$output))
+ #:phases
+ #~(modify-phases %standard-phases
+ (delete 'configure))))
(synopsis "Unix command line queue utility")
(description
"@code{nq} can create very lightweight job queue systems which require no
(home-page "https://www.udpcast.linux.lu")
(license license:gpl2+)))
+(define-public greetd
+ (package
+ (name "greetd")
+ (version "0.8.0")
+ (home-page "https://git.sr.ht/~kennylevinsen/greetd")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url home-page)
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0x5c3jkw09kvj2grcxm899y2n6ws8p990cyp9cs0fy6lm4fzlh6v"))))
+ (build-system cargo-build-system)
+ (arguments
+ `(#:cargo-inputs
+ (("rust-nix" ,rust-nix-0.19)
+ ("rust-pam-sys" ,rust-pam-sys-0.5)
+ ("rust-rpassword" ,rust-rpassword-5)
+ ("rust-users" ,rust-users-0.11)
+ ("rust-serde" ,rust-serde-1)
+ ("rust-serde-json" ,rust-serde-json-1)
+ ("rust-libc" ,rust-libc-0.2)
+ ("rust-tokio" ,rust-tokio-1)
+ ("rust-getopts" ,rust-getopts-0.2)
+ ("rust-thiserror" ,rust-thiserror-1)
+ ("rust-async-trait" ,rust-async-trait-0.1)
+ ("rust-enquote" ,rust-enquote-1))
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'package)
+ (add-after 'build 'build-man-pages
+ (lambda* (#:key inputs #:allow-other-keys)
+ (define (scdoc-cmd doc lvl)
+ (system (string-append "scdoc < "
+ doc "-" lvl ".scd > "
+ doc "." lvl)))
+ (with-directory-excursion "man"
+ (scdoc-cmd "greetd" "1")
+ (scdoc-cmd "greetd" "5")
+ (scdoc-cmd "greetd-ipc" "7")
+ (scdoc-cmd "agreety" "1"))))
+ (replace 'install
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (sbin (string-append out "/sbin"))
+ (share (string-append out "/share"))
+ (man (string-append share "/man"))
+ (man1 (string-append man "/man1"))
+ (man5 (string-append man "/man5"))
+ (man7 (string-append man "/man7"))
+ (release "target/release")
+ (greetd-bin (string-append release "/greetd"))
+ (agreety-bin (string-append release "/agreety")))
+ (install-file greetd-bin sbin)
+ (install-file agreety-bin bin)
+ (with-directory-excursion "man"
+ (install-file "greetd.1" man1)
+ (install-file "greetd.5" man5)
+ (install-file "greetd-ipc.7" man7)
+ (install-file "agreety.1" man1))))))))
+ (native-inputs
+ `(("linux-pam" ,linux-pam)
+ ("scdoc" ,scdoc)))
+ (synopsis "minimal and flexible login manager daemon")
+ (description
+ "greetd is a minimal and flexible login manager daemon
+that makes no assumptions about what you want to launch.
+
+If you can run it from your shell in a TTY, greetd can start it.
+
+If it can be taught to speak a simple JSON-based IPC protocol,
+then it can be a greeter.")
+ (license license:gpl3+)))
+
+(define-public greetd-pam-mount
+ (package
+ (inherit pam-mount)
+ (name "greetd-pam-mount")
+ (arguments
+ (substitute-keyword-arguments (package-arguments pam-mount)
+ ((#:configure-flags flags ''())
+ #~(cons* "--with-rundir=/run/greetd" #$flags))
+ ((#:phases phases)
+ #~(modify-phases #$phases
+ (add-after 'unpack 'patch-config-file-name
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "src/pam_mount.c"
+ ((".*define CONFIGFILE .*$")
+ "#define CONFIGFILE \"/etc/security/greetd_pam_mount.conf.xml\"\n")
+ (("pam_mount_config") "greetd_pam_mount_config")
+ (("pam_mount_system_authtok") "greetd_pam_mount_system_authtok"))))))))
+ (synopsis "pam-mount specifically compiled for use with greetd")
+ (description
+ "Pam-mount is a PAM module that can mount volumes when a user logs in.
+It supports mounting local filesystems of any kind the normal mount utility
+supports. It can also mount encrypted LUKS volumes using the password
+supplied by the user when logging in.
+
+This package inherits pam-mount in the way that it is compiled specifically
+for use with greetd daemon. It uses different configuration location and
+name space for storing data in PAM.
+
+greetd-pam-mount is used in configuration of greetd to provide
+auto-(mounting/unmounting) of XDG_RUNTIME_DIR in the way that it will not
+interfere with default pam-mount configuration.")))
+
+(define-public libseat
+ (package
+ (name "libseat")
+ (version "0.7.0")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://git.sr.ht/~kennylevinsen/seatd")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "10f8387yy5as547xjjhl0cna6iywdgjmw0iq2nvcs8q6vlpnik4v"))))
+ (build-system meson-build-system)
+ (arguments
+ `(#:configure-flags '("-Dlibseat-logind=elogind"
+ "-Dserver=disabled")))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (propagated-inputs
+ `(("elogind" ,elogind)))
+ (home-page "https://sr.ht/~kennylevinsen/seatd")
+ (synopsis "Seat management library")
+ (description
+ "This package provides a universal seat management library that
+allows applications to use whatever seat management is available.")
+ (license license:expat)))
+
+(define-public seatd
+ (package
+ (inherit libseat)
+ (name "seatd")
+ (arguments
+ `(#:configure-flags '("-Dlibseat-logind=elogind")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'remove-libs
+ (lambda* (#:key outputs #:allow-other-keys)
+ (with-directory-excursion (assoc-ref outputs "out")
+ (for-each delete-file-recursively '("lib" "include"))))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+ ("scdoc" ,scdoc)))
+ (inputs '())
+ (synopsis "Seat management daemon")
+ (description
+ "This package provides a minimal seat management daemon whose task is to
+mediate access to shared devices, such as graphics and input, for applications
+that require it.")
+ (license license:expat)))
+(define-public fail2ban
+ (package
+ (name "fail2ban")
+ (version "0.11.2")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/fail2ban/fail2ban")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "00d9q8m284q2wy6q462nipzszplfbvrs9fhgn0y3imwsc24kv1db"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))
+ ;; disable tests performing unacceptable side-effects
+ (let ((make-suite (lambda (t)
+ (string-append
+ "tests.addTest.unittest.makeSuite."
+ t ".."))))
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite
+ "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite
+ "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite
+ "servertestcase.ServerConfigReaderTests"))
+ "")))))
+ (patches (search-patches
+ "fail2ban-0.11.2_fix-setuptools-drop-2to3.patch"
+ "fail2ban-python310-server-action.patch"
+ "fail2ban-python310-server-actions.patch"
+ "fail2ban-python310-server-jails.patch"
+ "fail2ban-0.11.2_fix-test-suite.patch"
+ "fail2ban-0.11.2_CVE-2021-32749.patch"
+ "fail2ban-paths-guix-conf.patch"))))
+ (build-system python-build-system)
+ (arguments
+ '(#:phases (modify-phases %standard-phases
+ (add-before 'build 'invoke-2to3
+ (lambda _
+ (invoke "./fail2ban-2to3")))
+ (add-before 'install 'fix-default-config
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* '("config/paths-common.conf"
+ "fail2ban/tests/utils.py"
+ "fail2ban/client/configreader.py"
+ "fail2ban/client/fail2bancmdline.py"
+ "fail2ban/client/fail2banregex.py")
+ (("/etc/fail2ban")
+ (string-append (assoc-ref outputs "out")
+ "/etc/fail2ban")))))
+ (add-after 'fix-default-config 'set-action-dependencies
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; deleting things that are not feasible to fix
+ ;; or won't be used any way
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf"
+ "paths-debian.conf"
+ "paths-fedora.conf"
+ "paths-freebsd.conf"
+ "paths-opensuse.conf"
+ "paths-osx.conf")))
+ (with-directory-excursion "config/action.d"
+ (for-each delete-file
+ '("apf.conf"
+ "bsd-ipfw.conf"
+ "dshield.conf"
+ "ipfilter.conf"
+ "ipfw.conf"
+ "firewallcmd-allports.conf"
+ "firewallcmd-common.conf"
+ "firewallcmd-ipset.conf"
+ "firewallcmd-multiport.conf"
+ "firewallcmd-new.conf"
+ "firewallcmd-rich-logging.conf"
+ "firewallcmd-rich-rules.conf"
+ "osx-afctl.conf"
+ "osx-ipfw.conf"
+ "pf.conf"
+ "nginx-block-map.conf"
+ "npf.conf"
+ "shorewall.conf"
+ "shorewall-ipset-proto6.conf"
+ "ufw.conf")))
+ (let* ((lookup-cmd (lambda (i)
+ (search-input-file inputs i)))
+ (bin (lambda (i)
+ (lookup-cmd (string-append "/bin/" i))))
+ (sbin (lambda (i)
+ (lookup-cmd (string-append "/sbin/" i))))
+ (ip (sbin "ip"))
+ (sendmail (sbin "sendmail")))
+ (substitute* (find-files "config/action.d" "\\.conf$")
+ ;; TODO: deal with geoiplookup ..
+ (("(awk|curl|dig|jq)" all cmd)
+ (bin cmd))
+ (("(cat|echo|grep|head|printf|wc) " all
+ cmd)
+ (string-append (bin cmd) " "))
+ ((" (date|rm|sed|tail|touch|tr) " all
+ cmd)
+ (string-append " "
+ (bin cmd) " "))
+ (("cut -d")
+ (string-append (bin "cut") " -d"))
+ (("`date`")
+ (string-append "`"
+ (bin "date") "`"))
+ (("id -")
+ (string-append (bin "id") " -"))
+ (("ip -([46]) addr" all ver)
+ (string-append ip " -" ver " addr"))
+ (("ip route")
+ (string-append ip " route"))
+ (("ipset ")
+ (string-append (sbin "ipset") " "))
+ (("(iptables|ip6tables) <" all cmd)
+ (string-append (sbin cmd) " <"))
+ (("/usr/bin/nsupdate")
+ (bin "nsupdate"))
+ (("mail -E")
+ (string-append sendmail " -E"))
+ (("nftables = nft")
+ (string-append "nftables = " (sbin "nft")))
+ (("perl -e")
+ (string-append (bin "perl") " -e"))
+ (("/usr/sbin/sendmail")
+ sendmail)
+ (("test -e")
+ (string-append (bin "test") " -e"))
+ (("_whois = whois")
+ (string-append "_whois = " (bin "whois")))))
+ (substitute* "config/jail.conf"
+ (("before = paths-debian.conf")
+ "before = paths-guix.conf"))))
+ (add-after 'install 'copy-man-pages
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((man (string-append (assoc-ref outputs "out")
+ "/man"))
+ (install-man (lambda (m)
+ (lambda (f)
+ (install-file (string-append f
+ "." m)
+ (string-append man
+ "/man" m)))))
+ (install-man1 (install-man "1"))
+ (install-man5 (install-man "5")))
+ (with-directory-excursion "man"
+ (for-each install-man1
+ '("fail2ban"
+ "fail2ban-client"
+ "fail2ban-python"
+ "fail2ban-regex"
+ "fail2ban-server"
+ "fail2ban-testcases"))
+ (for-each install-man5
+ '("jail.conf")))))))))
+ (inputs (list gawk
+ coreutils-minimal
+ curl
+ grep
+ jq
+ iproute
+ ipset
+ iptables
+ `(,isc-bind "utils")
+ nftables
+ perl
+ python-pyinotify
+ sed
+ sendmail
+ sqlite
+ whois))
+ (home-page "http://www.fail2ban.org")
+ (synopsis "Daemon to ban hosts that cause multiple authentication errors")
+ (description
+ "Fail2Ban scans log files like @file{/var/log/auth.log} and bans IP
+addresses conducting too many failed login attempts. It does this by updating
+system firewall rules to reject new connections from those IP addresses, for a
+configurable amount of time. Fail2Ban comes out-of-the-box ready to read many
+standard log files, such as those for sshd and Apache, and is easily
+configured to read any log file of your choosing, for any error you wish.
+
+Though Fail2Ban is able to reduce the rate of incorrect authentication
+attempts, it cannot eliminate the risk presented by weak authentication. Set
+up services to use only two factor, or public/private authentication
+mechanisms if you really want to protect services.")
+ (license license:gpl2+)))
HCoop / jackhill / guix / guix.git / blobdiff