linux-fanotify-overlay/flake.nix

{
  description = "Overlay for Linux kernel with fanotify access controls enabled";

  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";

  outputs = { self, nixpkgs }: let
    pkgs = import nixpkgs { system = "x86_64-linux"; };
  in rec {
    packages.x86_64-linux = rec {
      default = pkgs.symlinkJoin {
        name = "kernel-autobuild";
        paths = [
          linuxPackages_fanotify.kernel
          linuxPackages_fanotify.virtualbox
          linuxPackages_fanotify.zfs
        ];
      };

      linuxPackages_fanotify = pkgs.linuxPackages.extend (final: prev: {
        kernel = prev.kernel.override {
          extraConfig = ''
            FANOTIFY_ACCESS_PERMISSIONS y
          '';
        };
      });
    };

    overlay = final: prev: {
      inherit (packages.x86_64-linux) linuxPackages_fanotify;
    };
  };
}
linux fanotify overlay 2022-06-30 13:02:18 -04:00			`{`
			`description = "Overlay for Linux kernel with fanotify access controls enabled";`

			`inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";`

			`outputs = { self, nixpkgs }: let`
			`pkgs = import nixpkgs { system = "x86_64-linux"; };`
			`in rec {`
			`packages.x86_64-linux = rec {`
autobuild kernel modules along with kernel 2022-06-30 18:14:44 -04:00			`default = pkgs.symlinkJoin {`
			`name = "kernel-autobuild";`
			`paths = [`
			`linuxPackages_fanotify.kernel`
			`linuxPackages_fanotify.virtualbox`
			`linuxPackages_fanotify.zfs`
			`];`
			`};`
tweak kernel overriding 2022-06-30 18:04:08 -04:00
			`linuxPackages_fanotify = pkgs.linuxPackages.extend (final: prev: {`
			`kernel = prev.kernel.override {`
			`extraConfig = ''`
			`FANOTIFY_ACCESS_PERMISSIONS y`
			`'';`
			`};`
			`});`
linux fanotify overlay 2022-06-30 13:02:18 -04:00			`};`

			`overlay = final: prev: {`
tweak kernel overriding 2022-06-30 18:04:08 -04:00			`inherit (packages.x86_64-linux) linuxPackages_fanotify;`
linux fanotify overlay 2022-06-30 13:02:18 -04:00			`};`
			`};`
			`}`