From patchwork Thu Nov 22 13:34:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arun Isaac X-Patchwork-Id: 270 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id B0BF416842; Thu, 22 Nov 2018 13:37:48 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-6.1 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_WEB,T_DKIM_INVALID,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) by mira.cbaines.net (Postfix) with ESMTPS id 2AC0016840 for ; Thu, 22 Nov 2018 13:37:48 +0000 (GMT) Received: from localhost ([::1]:46624 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gPpAw-0000n6-LX for patchwork@mira.cbaines.net; Thu, 22 Nov 2018 08:37:46 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52078) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gPp9J-0008KA-Cs for guix-patches@gnu.org; Thu, 22 Nov 2018 08:36:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gPp9G-00027D-8Z for guix-patches@gnu.org; Thu, 22 Nov 2018 08:36:05 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:36397) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gPp9G-000277-5S for guix-patches@gnu.org; Thu, 22 Nov 2018 08:36:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1gPp9F-0005iV-V5 for guix-patches@gnu.org; Thu, 22 Nov 2018 08:36:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#33464] [PATCH] gnu: Add lynis. Resent-From: Arun Isaac Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 22 Nov 2018 13:36:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 33464 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 33464@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.154289373521935 (code B ref -1); Thu, 22 Nov 2018 13:36:01 +0000 Received: (at submit) by debbugs.gnu.org; 22 Nov 2018 13:35:35 +0000 Received: from localhost ([127.0.0.1]:40655 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gPp8p-0005hj-0T for submit@debbugs.gnu.org; Thu, 22 Nov 2018 08:35:35 -0500 Received: from eggs.gnu.org ([208.118.235.92]:42331) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gPp8n-0005hW-RT for submit@debbugs.gnu.org; Thu, 22 Nov 2018 08:35:34 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gPp8g-0001mt-9t for submit@debbugs.gnu.org; Thu, 22 Nov 2018 08:35:28 -0500 Received: from lists.gnu.org ([2001:4830:134:3::11]:33379) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gPp8g-0001mQ-6Q for submit@debbugs.gnu.org; Thu, 22 Nov 2018 08:35:26 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51870) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gPp8c-0007vW-80 for guix-patches@gnu.org; Thu, 22 Nov 2018 08:35:25 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gPp8Y-0001gI-Hl for guix-patches@gnu.org; Thu, 22 Nov 2018 08:35:22 -0500 Received: from vultr.systemreboot.net ([45.77.148.100]:47736) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gPp8W-0001XS-Af for guix-patches@gnu.org; Thu, 22 Nov 2018 08:35:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Transfer-Encoding:MIME-Version: Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gZpzmVpEn/WxUfadWPAW8K+3tyMzfQPPDA86WgBAd78=; b=VtzbkCIFPezO9jeduV1aREx6A4 bpc5bGjJNtJka/2xe0aCbx+LZ1X77eWBo5Iz4haon6QjOBhBAMemR1l8aSthlS0h41DHFY+T5R5YY tCTgFnxVBZK60m+zFlq1NXn2SWgXoqQp3qtcfKl4hdBx7B04pqXup7sbOxm7GpUlarPk=; Received: from [103.5.134.173] (helo=steel.lan) by systemreboot.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from ) id 1gPp8M-0005y0-1t; Thu, 22 Nov 2018 19:05:07 +0530 From: Arun Isaac Date: Thu, 22 Nov 2018 19:04:28 +0530 Message-Id: <20181122133429.16838-1-arunisaac@systemreboot.net> X-Mailer: git-send-email 2.19.1 MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/packages/admin.scm (lynis): New variable. --- gnu/packages/admin.scm | 56 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index 28961ecf8..513d7a26b 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -2837,3 +2837,59 @@ support forum. It runs with the @code{/exec} command in most IRC clients.") (description "This package provides tools to manage clients of the Logitech Unifying Receiver.") (license license:gpl2))) + +(define-public lynis + (package + (name "lynis") + (version "2.7.0") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/CISOfy/lynis/archive/" + version ".tar.gz")) + (file-name (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "13np0bbkcz7k8336wdcq69b93wmc2vm1ryz988cr0kan11mxsr3k")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Remove proprietary plugins + (with-directory-excursion "plugins" + (for-each delete-file (list "plugin_pam_phase1" + "plugin_systemd_phase1"))) + #t)))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; no tests + #:phases + (modify-phases %standard-phases + (replace 'configure + (lambda* (#:key outputs #:allow-other-keys) + (substitute* "lynis" + (("/usr/share/lynis") + (string-append (assoc-ref outputs "out") "/share/lynis"))) + (substitute* "include/functions" + (("/usr/local/etc/lynis") + (string-append (assoc-ref outputs "out") "/etc/lynis"))) + #t)) + (delete 'build) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (install-file "lynis" (string-append out "/bin/")) + (install-file "default.prf" (string-append out "/etc/lynis")) + (for-each + (lambda (dir) + (copy-recursively dir (string-append out "/share/lynis/" dir))) + (list "db" "include" "plugins")) + (install-file "lynis.8" (string-append out "/share/man/man8")) + #t)))))) + (home-page "https://cisofy.com/lynis/") + (synopsis "Security auditing tool") + (description "Lynis is a security auditing tool. It performs an in-depth +security scan and runs on the system itself. The primary goal is to test +security defenses and provide tips for further system hardening. It will also +scan for general system information, vulnerable software packages, and +possible configuration issues.") + (license license:gpl3)))