From 6ca8a3944f8f80d3850d2fac95e7bc0bd07104b4 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Mon, 13 Jun 2022 19:18:21 +0200 Subject: [PATCH] checksec: 2.5.0 -> 2.6.0 --- pkgs/os-specific/linux/checksec/default.nix | 64 ++++++++++++++------- 1 file changed, 42 insertions(+), 22 deletions(-) diff --git a/pkgs/os-specific/linux/checksec/default.nix b/pkgs/os-specific/linux/checksec/default.nix index fada305c3720..1bdd4cf5f677 100644 --- a/pkgs/os-specific/linux/checksec/default.nix +++ b/pkgs/os-specific/linux/checksec/default.nix @@ -1,39 +1,59 @@ -{ lib, stdenv, fetchFromGitHub, makeWrapper, file, findutils -, binutils-unwrapped, glibc, coreutils, sysctl, openssl +{ lib +, stdenv +, fetchFromGitHub +, makeWrapper +, file +, findutils +, binutils-unwrapped +, glibc +, coreutils +, sysctl +, openssl }: stdenv.mkDerivation rec { pname = "checksec"; - version = "2.5.0"; + version = "2.6.0"; src = fetchFromGitHub { owner = "slimm609"; repo = "checksec.sh"; rev = version; - sha256 = "sha256-GxWXocz+GCEssRrIQP6E9hjVIhVh2EmZrefELxQlV1Q="; + hash = "sha256-BWtchWXukIDSLJkFX8M/NZBvfi7vUE2j4yFfS0KEZDo="; }; - patches = [ ./0001-attempt-to-modprobe-config-before-checking-kernel.patch ]; - nativeBuildInputs = [ makeWrapper ]; + patches = [ + ./0001-attempt-to-modprobe-config-before-checking-kernel.patch + ]; - installPhase = let - path = lib.makeBinPath [ - findutils file binutils-unwrapped sysctl openssl - ]; - in '' - mkdir -p $out/bin - install checksec $out/bin - substituteInPlace $out/bin/checksec --replace /lib/libc.so.6 ${glibc.out}/lib/libc.so.6 - substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -" - wrapProgram $out/bin/checksec \ - --prefix PATH : ${path} - ''; + nativeBuildInputs = [ + makeWrapper + ]; + + installPhase = + let + path = lib.makeBinPath [ + findutils + file + binutils-unwrapped + sysctl + openssl + ]; + in + '' + mkdir -p $out/bin + install checksec $out/bin + substituteInPlace $out/bin/checksec --replace /lib/libc.so.6 ${glibc.out}/lib/libc.so.6 + substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -" + wrapProgram $out/bin/checksec \ + --prefix PATH : ${path} + ''; meta = with lib; { - description = "A tool for checking security bits on executables"; - homepage = "https://www.trapkit.de/tools/checksec/"; - license = licenses.bsd3; - platforms = platforms.linux; + description = "Tool for checking security bits on executables"; + homepage = "https://www.trapkit.de/tools/checksec/"; + license = licenses.bsd3; + platforms = platforms.linux; maintainers = with maintainers; [ thoughtpolice globin ]; }; }