Add 'nixpkgs/' from commit 'abf060725d7614bd3b9f96764262dfbc2f9c2199'

git-subtree-dir: nixpkgs git-subtree-mainline: 4e31070265257dc67d120c27e0f75c2344fdfa9a git-subtree-split: abf060725d7614bd3b9f96764262dfbc2f9c2199
author: Alyssa Ross <hi@alyssa.is> 2019-01-07 02:18:36 +0000
committer: Alyssa Ross <hi@alyssa.is> 2019-01-07 02:18:47 +0000
commit: 36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2 (patch)
tree: b3faaf573407b32aa645237a4d16b82778a39a92 /nixpkgs/pkgs/os-specific/linux/checksec/default.nix
parent: 4e31070265257dc67d120c27e0f75c2344fdfa9a (diff)
parent: abf060725d7614bd3b9f96764262dfbc2f9c2199 (diff)
download: nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.gz
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.bz2
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.lz
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.xz
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.zst
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.zip
1 files changed, 43 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/os-specific/linux/checksec/default.nix b/nixpkgs/pkgs/os-specific/linux/checksec/default.nix
new file mode 100644
index 000000000000..6c927ae93afb
--- /dev/null
+++ b/nixpkgs/pkgs/os-specific/linux/checksec/default.nix
@@ -0,0 +1,43 @@
+{ stdenv, fetchurl, file, findutils, binutils-unwrapped, glibc, coreutils, sysctl }:
+
+stdenv.mkDerivation rec {
+  name = "checksec-${version}";
+  version = "1.5";
+
+  src = fetchurl {
+    url    = "https://www.trapkit.de/tools/checksec.sh";
+    sha256 = "0iq9v568mk7g7ksa1939g5f5sx7ffq8s8n2ncvphvlckjgysgf3p";
+  };
+
+  patches = [ ./0001-attempt-to-modprobe-config-before-checking-kernel.patch ];
+
+  unpackPhase = ''
+    mkdir ${name}
+    cp $src ${name}/checksec.sh
+    cd ${name}
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp checksec.sh $out/bin/checksec
+    chmod +x $out/bin/checksec
+    substituteInPlace $out/bin/checksec --replace /bin/bash ${stdenv.shell}
+    substituteInPlace $out/bin/checksec --replace /lib/libc.so.6 ${glibc.out}/lib/libc.so.6
+    substituteInPlace $out/bin/checksec --replace find ${findutils}/bin/find
+    substituteInPlace $out/bin/checksec --replace "file $" "${file}/bin/file $"
+    substituteInPlace $out/bin/checksec --replace "xargs file" "xargs ${file}/bin/file"
+    substituteInPlace $out/bin/checksec --replace " readelf -" " ${binutils-unwrapped}/bin/readelf -"
+    substituteInPlace $out/bin/checksec --replace "(readelf -" "(${binutils-unwrapped}/bin/readelf -"
+    substituteInPlace $out/bin/checksec --replace "command_exists readelf" "command_exists ${binutils-unwrapped}/bin/readelf"
+    substituteInPlace $out/bin/checksec --replace "/sbin/sysctl -" "${sysctl}/bin/sysctl -"
+    substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -"
+  '';
+
+  meta = {
+    description = "A tool for checking security bits on executables";
+    homepage    = "http://www.trapkit.de/tools/checksec.html";
+    license     = stdenv.lib.licenses.bsd3;
+    platforms   = stdenv.lib.platforms.linux;
+    maintainers = [ stdenv.lib.maintainers.thoughtpolice ];
+  };
+}
author	Alyssa Ross <hi@alyssa.is>	2019-01-07 02:18:36 +0000
committer	Alyssa Ross <hi@alyssa.is>	2019-01-07 02:18:47 +0000
commit	36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2 (patch)
tree	b3faaf573407b32aa645237a4d16b82778a39a92 /nixpkgs/pkgs/os-specific/linux/checksec/default.nix
parent	4e31070265257dc67d120c27e0f75c2344fdfa9a (diff)
parent	abf060725d7614bd3b9f96764262dfbc2f9c2199 (diff)
download	nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.gz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.bz2 nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.lz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.xz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.zst nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.zip