diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/pkgs/os-specific/linux/checksec/default.nix')
-rw-r--r-- | infra/libkookie/nixpkgs/pkgs/os-specific/linux/checksec/default.nix | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/infra/libkookie/nixpkgs/pkgs/os-specific/linux/checksec/default.nix b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/checksec/default.nix new file mode 100644 index 000000000000..5a66e536956f --- /dev/null +++ b/infra/libkookie/nixpkgs/pkgs/os-specific/linux/checksec/default.nix @@ -0,0 +1,39 @@ +{ stdenv, fetchFromGitHub, makeWrapper, file, findutils +, binutils-unwrapped, glibc, coreutils, sysctl, openssl +}: + +stdenv.mkDerivation rec { + pname = "checksec"; + version = "2.2.3"; + + src = fetchFromGitHub { + owner = "slimm609"; + repo = "checksec.sh"; + rev = version; + sha256 = "0hw8bd7dj71m1ml9zvfab2j87jacs542z7a89nziapckmg6kmh6f"; + }; + + patches = [ ./0001-attempt-to-modprobe-config-before-checking-kernel.patch ]; + nativeBuildInputs = [ makeWrapper ]; + + installPhase = let + path = stdenv.lib.makeBinPath [ + findutils file binutils-unwrapped sysctl openssl + ]; + in '' + mkdir -p $out/bin + install checksec $out/bin + substituteInPlace $out/bin/checksec --replace /lib/libc.so.6 ${glibc.out}/lib/libc.so.6 + substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -" + wrapProgram $out/bin/checksec \ + --prefix PATH : ${path} + ''; + + meta = with stdenv.lib; { + description = "A tool for checking security bits on executables"; + homepage = "http://www.trapkit.de/tools/checksec.html"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ thoughtpolice globin ]; + }; +} |