[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#33464] [PATCH] gnu: Add lynis.
|
From: |
Arun Isaac |
|
Subject: |
[bug#33464] [PATCH] gnu: Add lynis. |
|
Date: |
Sun, 25 Nov 2018 01:21:46 +0530 |
I have made all the suggested changes. Please find attached a new patch.
>From 6a39021cd2ee2ad2c74dddc7c1649e79fad97e41 Mon Sep 17 00:00:00 2001
From: Arun Isaac <address@hidden>
Date: Thu, 22 Nov 2018 19:00:48 +0530
Subject: [PATCH v2] gnu: Add lynis.
* gnu/packages/admin.scm (lynis): New variable.
---
gnu/packages/admin.scm | 79 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 79 insertions(+)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 28961ecf8..02fe3f0c5 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -2837,3 +2837,82 @@ support forum. It runs with the @code{/exec} command in
most IRC clients.")
(description "This package provides tools to manage clients of the
Logitech Unifying Receiver.")
(license license:gpl2)))
+
+(define-public lynis
+ (package
+ (name "lynis")
+ (version "2.7.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/CISOfy/lynis";)
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0rzc0y8lk22bymf56249jzmllki2lh0rz5in4lkrc5fkmp29c2wv"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Remove proprietary plugins. As of now, all plugins supplied with
+ ;; lynis are proprietary. In the future, if free plugins are
+ ;; provided, whitelist them from deletion.
+ (for-each delete-file (find-files "plugins"))
+ #t))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(;; For tests
+ ("lynis-sdk"
+ ,(origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/CISOfy/lynis-sdk";)
+ (commit "3310aef4f2b3dd97d166c96ad0253c89c4ad390d")))
+ (file-name (git-file-name "lynis-sdk" version))
+ (sha256
+ (base32
+ "0sqsrm5wal742yrwps8bqb8a8lxd93n4b93n3kkm1b30nbs25g7y"))))))
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (substitute* "lynis"
+ (("/usr/share/lynis")
+ (string-append (assoc-ref outputs "out") "/share/lynis")))
+ (substitute* "include/functions"
+ (("/usr/local/etc/lynis")
+ (string-append (assoc-ref outputs "out") "/etc/lynis")))
+ #t))
+ (delete 'build)
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (install-file "lynis" (string-append out "/bin/"))
+ (install-file "default.prf" (string-append out "/etc/lynis"))
+ (for-each
+ (lambda (dir)
+ (copy-recursively dir (string-append out "/share/lynis/"
dir)))
+ (list "db" "include" "plugins"))
+ (install-file "lynis.8" (string-append out "/share/man/man8"))
+ #t)))
+ (replace 'check
+ (lambda* (#:key inputs #:allow-other-keys)
+ (copy-recursively (assoc-ref inputs "lynis-sdk") "../lynis-sdk")
+ (setenv "LANG" "en_US.UTF-8")
+ (let ((lynis-dir (getcwd)))
+ (with-directory-excursion "../lynis-sdk"
+ (substitute* "config"
+ (("\\.\\./lynis") lynis-dir))
+ (substitute* "unit-tests/tests-language-translations.sh"
+ (("\\.\\./lynis") lynis-dir))
+ (invoke "sh" "lynis-devkit" "run" "unit-tests"))))))))
+ (home-page "https://cisofy.com/lynis/";)
+ (synopsis "Security auditing tool")
+ (description "Lynis is a security auditing tool. It performs an in-depth
+security scan and runs on the system itself. The primary goal is to test
+security defenses and provide tips for further system hardening. It will also
+scan for general system information, vulnerable software packages, and
+possible configuration issues.")
+ (license license:gpl3+)))
--
2.19.1