diff options
| -rw-r--r-- | pkgs/os-specific/linux/checksec/default.nix | 64 |
1 files changed, 42 insertions, 22 deletions
diff --git a/pkgs/os-specific/linux/checksec/default.nix b/pkgs/os-specific/linux/checksec/default.nix index fada305c372..1bdd4cf5f67 100644 --- a/pkgs/os-specific/linux/checksec/default.nix +++ b/pkgs/os-specific/linux/checksec/default.nix @@ -1,39 +1,59 @@ -{ lib, stdenv, fetchFromGitHub, makeWrapper, file, findutils -, binutils-unwrapped, glibc, coreutils, sysctl, openssl +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, file +, findutils +, binutils-unwrapped +, glibc +, coreutils +, sysctl +, openssl }: stdenv.mkDerivation rec { pname = "checksec"; - version = "2.5.0"; + version = "2.6.0"; src = fetchFromGitHub { owner = "slimm609"; repo = "checksec.sh"; rev = version; - sha256 = "sha256-GxWXocz+GCEssRrIQP6E9hjVIhVh2EmZrefELxQlV1Q="; + hash = "sha256-BWtchWXukIDSLJkFX8M/NZBvfi7vUE2j4yFfS0KEZDo="; }; - patches = [ ./0001-attempt-to-modprobe-config-before-checking-kernel.patch ]; - nativeBuildInputs = [ makeWrapper ]; + patches = [ + ./0001-attempt-to-modprobe-config-before-checking-kernel.patch + ]; - installPhase = let - path = lib.makeBinPath [ - findutils file binutils-unwrapped sysctl openssl - ]; - in '' - mkdir -p $out/bin - install checksec $out/bin - substituteInPlace $out/bin/checksec --replace /lib/libc.so.6 ${glibc.out}/lib/libc.so.6 - substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -" - wrapProgram $out/bin/checksec \ - --prefix PATH : ${path} - ''; + nativeBuildInputs = [ + makeWrapper + ]; + + installPhase = + let + path = lib.makeBinPath [ + findutils + file + binutils-unwrapped + sysctl + openssl + ]; + in + '' + mkdir -p $out/bin + install checksec $out/bin + substituteInPlace $out/bin/checksec --replace /lib/libc.so.6 ${glibc.out}/lib/libc.so.6 + substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -" + wrapProgram $out/bin/checksec \ + --prefix PATH : ${path} + ''; meta = with lib; { - description = "A tool for checking security bits on executables"; - homepage = "https://www.trapkit.de/tools/checksec/"; - license = licenses.bsd3; - platforms = platforms.linux; + description = "Tool for checking security bits on executables"; + homepage = "https://www.trapkit.de/tools/checksec/"; + license = licenses.bsd3; + platforms = platforms.linux; maintainers = with maintainers; [ thoughtpolice globin ]; }; } |