try with local path

nixos/modules/gnunet/default.nix

@@ -12,23 +12,21 @@ let
     ''
       [PATHS]
       SERVICEHOME = ${homeDir}
+      SUID_BINARY_PATH = ${config.security.wrapperDir}
 
       [ARM]
       START_SYSTEM_SERVICES = YES
       START_USER_SERVICES = NO
 
       [DNS]
-      HELPER_PATH = ${config.security.wrapperDir}/
+      #HELPER_PATH = ${config.security.wrapperDir}/
       BINARY = ${config.security.wrapperDir}/gnunet-service-dns
 
-      [EXIT]
-      HELPER_PATH = ${config.security.wrapperDir}/
+      #[EXIT]
+      #HELPER_PATH = ${config.security.wrapperDir}/
 
-      [NAT]
-      HELPER_PATH = ${config.security.wrapperDir}/
-
-      [VPN]
-      HELPER_PATH = ${config.security.wrapperDir}/
+      #[VPN]
+      #HELPER_PATH = ${config.security.wrapperDir}/
 
       ${extraOptions}
     '';
@@ -59,6 +57,14 @@ in
         example = literalExample "pkgs.gnunet_git";
       };
 
+      nsswitch = mkOption {
+        default = false;
+        description = ''
+          Whether to use the GNU Name System for name resolution by enabling
+          the NSS module in nsswitch.conf
+        '';
+      };
+
       extraOptions = mkOption {
         default = "";
         description = ''
@@ -81,6 +87,7 @@ in
       home = homeDir;
       createHome = true; 
       uid = config.ids.uids.gnunet;
+      shell = pkgs.bashInteractive;
     };
 
     users.groups = {
@@ -137,13 +144,20 @@ in
       };
     };
 
+    system.nssModules = optional cfg.nsswitch cfg.package;
+
+    #environment.extraInit = ''
+    #  export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:${config.system.nssModules.path}
+    #'';
+
     systemd.services.gnunet = {
       description = "GNUnet";
-      after = [ "network.target" ];
+      after = [ "network-online.target" ];
       wantedBy = [ "multi-user.target" ];
       path = [ cfg.package pkgs.miniupnpc ];
       environment.TMPDIR = "/tmp";
       serviceConfig.ExecStart = "${cfg.package}/lib/gnunet/libexec/gnunet-service-arm -c ${configFile}";
+      serviceConfig.ExecStop = "${cfg.package}/bin/gnunet-arm -c ${configFile} -e";
       serviceConfig.User = "gnunet";
       serviceConfig.Group = "gnunet";
       #serviceConfig.UMask = "0007";

pkgs/gnunet/default.nix

@@ -1,9 +1,8 @@
 { stdenv, fetchgit, libtool, pkgconfig, autoconf, automake, gettext, libgcrypt
 , libidn2, zlib, libunistring, glpk, miniupnpc, libextractor, jansson, libgnurl
 , sqlite, postgresql, mariadb, libmicrohttpd, iptables, nettools, gnutls
-, unbound, coreutils, file, python3, texinfo
-, makeWrapper
-, withVerbose ? true
+, unbound, coreutils, file, python3, texinfo, procps, iproute
+, withVerbose ? false
 , withDocumentation ? false
 , withSqlite ? true
 , withPostgres ? false
@@ -12,17 +11,18 @@
 with stdenv.lib;
 
 let
-  rev = "b0b7de092d65d189baff2201eaa913861ef12223";
+  rev = "93cb4a4f1ddecdd1d4a727dea07a53b19a5c3421";
 in
 stdenv.mkDerivation rec {
   name = "gnunet-${rev}";
 
-  src = fetchgit {
-    #url =  https://gnunet.org/git/gnunet.git;
-    url = https://ulrich.earth/code/gnunet;
-    inherit rev;
-    sha256 = "1qgqw0gl3zwpl2pzdgfl6wdzsw5ild4qldf1cvfki7s3hki3myyf";
-  };
+  src = /home/christian/projects/gnunet-dev;
+  #src = fetchgit {
+  #  #url =  https://gnunet.org/git/gnunet.git;
+  #  url = https://ulrich.earth/code/gnunet;
+  #  inherit rev;
+  #  sha256 = "1qgqw0gl3zwpl2pzdgfl6wdzsw5ild4qldf1cvfki7s3hki3myyf";
+  #};
 
   phases = [
     "unpackPhase" "preConfigure" "configurePhase" "buildPhase" "installPhase"
@@ -34,40 +34,50 @@ stdenv.mkDerivation rec {
   #doCheck = true;
 
   nativeBuildInputs = [
-    makeWrapper libtool pkgconfig autoconf automake gettext coreutils file
-    python3
+    libtool pkgconfig autoconf automake gettext coreutils file python3
   ]
   ++ optional withDocumentation texinfo;
 
-  buildInputs = [
+  propagatedBuildInputs = [
     libgcrypt libidn2 zlib libunistring glpk miniupnpc libextractor jansson
-    libgnurl libmicrohttpd iptables nettools gnutls unbound
+    libgnurl libmicrohttpd iptables nettools gnutls unbound procps iproute
   ]
   ++ optional withSqlite   sqlite
   ++ optional withPostgres postgresql
   ++ optional withMariadb  mariadb;
 
   configureFlags =
-    optional withVerbose "--enable-logging=verbose"
+    [ "--enable-logging=verbose" ]
     ++ optional (!withDocumentation) "--disable-documentation";
 
+  NIX_CFLAGS_COMPILE = "-g -Wall -O0";
+
   preConfigure = ''
-    substituteInPlace configure.ac --replace "/usr/sbin/iptables" "iptables"
-    substituteInPlace configure.ac --replace "/sbin/ifconfig" "ifconfig"
+    #substituteInPlace configure.ac --replace "/usr/sbin/iptables" "${iptables}/bin/iptables"
+    #substituteInPlace configure.ac --replace "/sbin/ifconfig" "ifconfig"
     sh bootstrap
-    substituteInPlace configure --replace "/usr/bin/file" "file"
-    substituteInPlace configure --replace "/usr/bin/objformat" "objformat"
+    #substituteInPlace configure --replace "/usr/bin/file" "file"
+    #substituteInPlace configure --replace "/usr/bin/objformat" "objformat"
+    substituteInPlace src/dns/gnunet-helper-dns.c --replace '"/sbin/iptables"' '"${iptables}/bin/iptables"'
+    substituteInPlace src/dns/gnunet-helper-dns.c --replace '"/sbin/ip6tables"' '"${iptables}/bin/ip6tables"'
+    substituteInPlace src/dns/gnunet-helper-dns.c --replace '"/sbin/ip"' '"${iproute}/bin/ip"'
+    substituteInPlace src/dns/gnunet-helper-dns.c --replace '"/sbin/sysctl"' '"${procps}/bin/sysctl"'
+  '';
+
+  postInstall = ''
+    mv $out/lib/gnunet/nss/* $out/lib/
+    rmdir $out/lib/gnunet/nss
   '';
 
   /* FIXME: Tests must be run this way, but there are still a couple of
      failures. */
 
-  checkPhase =
-    '' export GNUNET_PREFIX="$out"
-       export GNUNET_TMP="$TMPDIR"
-       export PATH="$out/bin:$PATH"
-       make -k check
-    '';
+  checkPhase = ''
+      export GNUNET_PREFIX="$out"
+      export GNUNET_TMP="$TMPDIR"
+      export PATH="$out/bin:$PATH"
+      make -k check
+  '';
 
   meta = with stdenv.lib; {
     description = "GNUnet, GNU's decentralized anonymous and censorship-resistant P2P framework";