[PATCH 3/3] gnu: Add usbguard.
(address . guix-patches@gnu.org)
20200413195000.28971-4-brice@waegenei.re
* gnu/packages/hardware.scm (usbguard): New variable.
---
gnu/packages/hardware.scm | 89 +++++++++++++++++++++++++++++++++++++++
1 file changed, 89 insertions(+)
Toggle diff (113 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 8a7c7b3c62..e5f9da1feb 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -18,13 +18,22 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages hardware)
+ #:use-module (gnu packages admin)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages check)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages crypto)
+ #:use-module (gnu packages documentation)
#:use-module (gnu packages gcc)
#:use-module (gnu packages glib)
#:use-module (gnu packages libusb)
#:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
+ #:use-module (gnu packages openldap)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages polkit)
+ #:use-module (gnu packages protobuf)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
@@ -306,3 +315,83 @@ not intended to be an all-encompassing library, but instead provide focused
APIs that are highly tuned for maximum performance for client-server
applications.")
(license license:lgpl2.1)))
+
+(define-public usbguard
+ (package
+ (name "usbguard")
+ (version "0.7.6")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/USBGuard/usbguard/releases/download/usbguard-"
+ version "/usbguard-" version ".tar.gz"))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0gzhs8s4aka86mkcjib36z54si939ki4bmk46p6v8kln1fixad3j"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'configure 'patch-makefile
+ (lambda _
+ ;; Do not create log directory.
+ (substitute* "Makefile" ((".*/log/usbguard.*") ""))
+ ;; Disable LDAP tests: they use 'sudo'.
+ (substitute* "src/Tests/Makefile.am"
+ (("WITH_LDAP") "FALSE"))
+ #t))
+ (add-after 'install 'delete-static-library
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; It can't be direclty disabled since it's needed for the tests.
+ (delete-file (string-append (assoc-ref outputs "out")
+ "/lib/libusbguard.a"))
+ #t))
+ (add-after 'install 'install-zsh-completion
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (site-functions
+ (string-append out "/share/zsh/site-functions")))
+ (mkdir-p site-functions)
+ (copy-file "scripts/usbguard-zsh-completion"
+ (string-append site-functions "/_usbguard"))
+ #t))))
+ #:make-flags
+ (list (string-append "BASH_COMPLETION_DIR="
+ (assoc-ref %outputs "out")
+ "/etc/bash_completion.d"))
+ #:configure-flags
+ (list
+ "--localstatedir=/var"
+ "--with-bundled-pegtl"
+ "--enable-systemd=no"
+ "--with-ldap"
+ "--with-dbus"
+ "--with-polkit")))
+ (inputs
+ `(("audit" ,audit)
+ ("catch" ,catch-framework)
+ ("dbus-glib" ,dbus-glib)
+ ("ldap" ,openldap)
+ ("libcap-ng" ,libcap-ng)
+ ("libseccomp" ,libseccomp)
+ ("libsodium" ,libsodium)
+ ("polkit" ,polkit)
+ ("protobuf" ,protobuf)
+ ("libqb" ,libqb)))
+ (native-inputs
+ `(("asciidoc" ,asciidoc)
+ ("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("bash-completion" ,bash-completion)
+ ("gdbus-codegen" ,glib "bin")
+ ("umockdev" ,umockdev)
+ ("xmllint" ,libxml2)
+ ("xsltproc" ,libxslt)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://usbguard.github.io")
+ (synopsis "Helps to protect your computer against rogue USB devices (a.k.a. BadUSB)")
+ (description "USBGuard is a software framework for implementing USB device
+authorization policies (what kind of USB devices are authorized) as well as
+method of use policies (how a USB device may interact with the system).
+Simply put, it is a USB device whitelisting tool.")
+ (license license:gpl2)))
--
2.26.0