gnu: Add usbguard.

* gnu/packages/hardware.scm (usbguard): New variable.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Brice Waegeneire 2020-04-23 15:55:33 +02:00 committed by Ludovic Courtès
parent 22df0a1f59
commit 02ee43e486
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5

View file

@ -19,14 +19,22 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages hardware)
#:use-module (gnu packages admin)
#:use-module (gnu packages autotools)
#:use-module (gnu packages bash)
#:use-module (gnu packages compression)
#:use-module (gnu packages check)
#:use-module (gnu packages crypto)
#:use-module (gnu packages documentation)
#:use-module (gnu packages gcc)
#:use-module (gnu packages glib)
#:use-module (gnu packages libusb)
#:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages openldap)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages polkit)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
@ -374,3 +382,83 @@ (define-public libqb
APIs that are highly tuned for maximum performance for client-server
applications.")
(license license:lgpl2.1)))
(define-public usbguard
(package
(name "usbguard")
(version "0.7.6")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/USBGuard/usbguard/releases/download/usbguard-"
version "/usbguard-" version ".tar.gz"))
(file-name (git-file-name name version))
(sha256
(base32 "0gzhs8s4aka86mkcjib36z54si939ki4bmk46p6v8kln1fixad3j"))))
(build-system gnu-build-system)
(arguments
`(#:phases
(modify-phases %standard-phases
(add-after 'configure 'patch-makefile
(lambda _
;; Do not create log directory.
(substitute* "Makefile" ((".*/log/usbguard.*") ""))
;; Disable LDAP tests: they use 'sudo'.
(substitute* "src/Tests/Makefile.am"
(("WITH_LDAP") "FALSE"))
#t))
(add-after 'install 'delete-static-library
(lambda* (#:key outputs #:allow-other-keys)
;; It can't be direclty disabled since it's needed for the tests.
(delete-file (string-append (assoc-ref outputs "out")
"/lib/libusbguard.a"))
#t))
(add-after 'install 'install-zsh-completion
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(site-functions
(string-append out "/share/zsh/site-functions")))
(mkdir-p site-functions)
(copy-file "scripts/usbguard-zsh-completion"
(string-append site-functions "/_usbguard"))
#t))))
#:make-flags
(list (string-append "BASH_COMPLETION_DIR="
(assoc-ref %outputs "out")
"/etc/bash_completion.d"))
#:configure-flags
(list
"--localstatedir=/var"
"--with-bundled-pegtl"
"--enable-systemd=no"
"--with-ldap"
"--with-dbus"
"--with-polkit")))
(inputs
`(("audit" ,audit)
("catch" ,catch-framework)
("dbus-glib" ,dbus-glib)
("ldap" ,openldap)
("libcap-ng" ,libcap-ng)
("libseccomp" ,libseccomp)
("libsodium" ,libsodium)
("polkit" ,polkit)
("protobuf" ,protobuf)
("libqb" ,libqb)))
(native-inputs
`(("asciidoc" ,asciidoc)
("autoconf" ,autoconf)
("automake" ,automake)
("bash-completion" ,bash-completion)
("gdbus-codegen" ,glib "bin")
("umockdev" ,umockdev)
("xmllint" ,libxml2)
("xsltproc" ,libxslt)
("pkg-config" ,pkg-config)))
(home-page "https://usbguard.github.io")
(synopsis "Helps to protect your computer against rogue USB devices (a.k.a. BadUSB)")
(description "USBGuard is a software framework for implementing USB device
authorization policies (what kind of USB devices are authorized) as well as
method of use policies (how a USB device may interact with the system).
Simply put, it is a USB device whitelisting tool.")
(license license:gpl2)))