pkgs/tools/security/lynis/default.nix at 18.09-beta

pyrox.dev / nixpkgs

fork atom

lol

fork atom

nixpkgs / pkgs / tools / security / lynis / default.nix

at 18.09-beta 38 lines 1.2 kB view raw

wrap content

R. RyanTM lynis: 2.6.6 -> 2.6.7 7 years ago

55ae037a

 1{ stdenv, makeWrapper, fetchFromGitHub, gawk, perl }:
 2
 3stdenv.mkDerivation rec {
 4  pname = "lynis";
 5  version = "2.6.7";
 6  name = "${pname}-${version}";
 7
 8  src = fetchFromGitHub {
 9    owner = "CISOfy";
10    repo = "${pname}";
11    rev = "${version}";
12    sha256 = "0ayil5bzxqaksmr79x0gxy60k8djzg0bs60jfg8qi6128q6srhar";
13  };
14
15  nativeBuildInputs = [ makeWrapper perl ];
16
17  postPatch = ''
18    grep -rl '/usr/local/lynis' ./ | xargs sed -i "s@/usr/local/lynis@$out/share/lynis@g"
19    # Don't use predefined binary paths. See https://github.com/CISOfy/lynis/issues/468
20    perl -i -p0e 's/BIN_PATHS="[^"]*"/BIN_PATHS=\$\(echo \$PATH\ | sed "s\/:\/ \/g")/sm;' include/consts
21  '';
22
23  installPhase = ''
24    mkdir -p $out/share/lynis
25    cp -r include db default.prf $out/share/lynis/
26    mkdir -p $out/bin
27    cp -a lynis $out/bin
28    wrapProgram "$out/bin/lynis" --prefix PATH : ${stdenv.lib.makeBinPath [ gawk ]}
29  '';
30
31  meta = with stdenv.lib; {
32    description = "Security auditing tool for Linux, macOS, and UNIX-based systems";
33    homepage = "https://cisofy.com/lynis/";
34    license = licenses.gpl3;
35    platforms = platforms.unix;
36    maintainers = [ maintainers.ryneeverett ];
37  };
38}