Add usbguard package

DoneSubmitted by Brice Waegeneire.
Details
One participant
  • Brice Waegeneire
Owner
unassigned
Severity
normal
Merged with
B
B
Brice Waegeneire wrote on 13 Apr 2020 21:50
[PATCH 3/3] gnu: Add usbguard.
(address . guix-patches@gnu.org)
20200413195000.28971-4-brice@waegenei.re
* gnu/packages/hardware.scm (usbguard): New variable.
---
gnu/packages/hardware.scm | 89 +++++++++++++++++++++++++++++++++++++++
1 file changed, 89 insertions(+)

Toggle diff (113 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 8a7c7b3c62..e5f9da1feb 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -18,13 +18,22 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu packages hardware)
+  #:use-module (gnu packages admin)
+  #:use-module (gnu packages autotools)
+  #:use-module (gnu packages bash)
+  #:use-module (gnu packages check)
   #:use-module (gnu packages compression)
+  #:use-module (gnu packages crypto)
+  #:use-module (gnu packages documentation)
   #:use-module (gnu packages gcc)
   #:use-module (gnu packages glib)
   #:use-module (gnu packages libusb)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages ncurses)
+  #:use-module (gnu packages openldap)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages polkit)
+  #:use-module (gnu packages protobuf)
   #:use-module (gnu packages xdisorg)
   #:use-module (gnu packages xml)
   #:use-module (gnu packages xorg)
@@ -306,3 +315,83 @@ not intended to be an all-encompassing library, but instead provide focused
 APIs that are highly tuned for maximum performance for client-server
 applications.")
     (license license:lgpl2.1)))
+
+(define-public usbguard
+  (package
+    (name "usbguard")
+    (version "0.7.6")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "https://github.com/USBGuard/usbguard/releases/download/usbguard-"
+                    version "/usbguard-" version ".tar.gz"))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32 "0gzhs8s4aka86mkcjib36z54si939ki4bmk46p6v8kln1fixad3j"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-after 'configure 'patch-makefile
+           (lambda _
+             ;; Do not create log directory.
+             (substitute* "Makefile" ((".*/log/usbguard.*") ""))
+             ;; Disable LDAP tests: they use 'sudo'.
+             (substitute* "src/Tests/Makefile.am"
+               (("WITH_LDAP") "FALSE"))
+             #t))
+         (add-after 'install 'delete-static-library
+           (lambda* (#:key outputs #:allow-other-keys)
+             ;; It can't be direclty disabled since it's needed for the tests.
+             (delete-file (string-append (assoc-ref outputs "out")
+                                         "/lib/libusbguard.a"))
+             #t))
+         (add-after 'install 'install-zsh-completion
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((out (assoc-ref outputs "out"))
+                    (site-functions
+                     (string-append out "/share/zsh/site-functions")))
+               (mkdir-p site-functions)
+               (copy-file "scripts/usbguard-zsh-completion"
+                          (string-append site-functions "/_usbguard"))
+               #t))))
+       #:make-flags
+       (list (string-append "BASH_COMPLETION_DIR="
+                            (assoc-ref %outputs "out")
+                            "/etc/bash_completion.d"))
+       #:configure-flags
+       (list
+        "--localstatedir=/var"
+        "--with-bundled-pegtl"
+        "--enable-systemd=no"
+        "--with-ldap"
+        "--with-dbus"
+        "--with-polkit")))
+    (inputs
+     `(("audit" ,audit)
+       ("catch" ,catch-framework)
+       ("dbus-glib" ,dbus-glib)
+       ("ldap" ,openldap)
+       ("libcap-ng" ,libcap-ng)
+       ("libseccomp" ,libseccomp)
+       ("libsodium" ,libsodium)
+       ("polkit" ,polkit)
+       ("protobuf" ,protobuf)
+       ("libqb" ,libqb)))
+    (native-inputs
+     `(("asciidoc" ,asciidoc)
+       ("autoconf" ,autoconf)
+       ("automake" ,automake)
+       ("bash-completion" ,bash-completion)
+       ("gdbus-codegen" ,glib "bin")
+       ("umockdev" ,umockdev)
+       ("xmllint" ,libxml2)
+       ("xsltproc" ,libxslt)
+       ("pkg-config" ,pkg-config)))
+    (home-page "https://usbguard.github.io")
+    (synopsis "Helps to protect your computer against rogue USB devices (a.k.a. BadUSB)")
+    (description "USBGuard is a software framework for implementing USB device
+authorization policies (what kind of USB devices are authorized) as well as
+method of use policies (how a USB device may interact with the system).
+Simply put, it is a USB device whitelisting tool.")
+    (license license:gpl2)))
-- 
2.26.0
B
B
Brice Waegeneire wrote on 13 Apr 2020 21:54
merge usbguard patch series
(address . control@debbugs.gnu.org)
edbbfd4d04465c5469b8a2b3354805c4@waegenei.re
merge 40607 40608
merge 40607 40609
merge 40607 40610
quit
B
B
Brice Waegeneire wrote on 17 Apr 2020 14:37
retitle 40607
(address . control@debbugs.gnu.org)
3868e1c657b1a87435564928718576c2@waegenei.re
retitle 40607 Add usbguard package
quit
?
Your comment

This issue is archived.

To comment on this conversation send email to 40610@debbugs.gnu.org