checksec: use binutils instead of elfutils

readelf which makes most of checks should come from binutils package instead of elfutils

E.g. the PIE check from checksec, different readelf gives different result:
(elfutils)
$ /nix/store/rgrji20513g19ci0sa6jydm86gpf4j42-elfutils-0.158/bin/readelf -d /nix/store/q1sbn93v4k3166s091s9biygv9srv8qa-nginx-1.6.2/bin/nginx
2>/dev/null |grep -q '(DEBUG)' ; echo $?
1

(binutils)
$ /nix/store/b8qhjrwf8sf9ggkjxqqav7f1m6w83bh0-binutils-2.23.1/bin/readelf -d /nix/store/q1sbn93v4k3166s091s9biygv9srv8qa-nginx-1.6.2/bin/nginx
2>/dev/null | grep -q '(DEBUG)' ; echo $?
0

pkgs/os-specific/linux/checksec/default.nix

@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, file, findutils, elfutils, glibc }:
+{ stdenv, fetchurl, file, findutils, binutils, glibc, procps, coreutils }:
 
 stdenv.mkDerivation rec {
   name = "checksec-${version}";
@@ -25,9 +25,11 @@ stdenv.mkDerivation rec {
     substituteInPlace $out/bin/checksec --replace find ${findutils}/bin/find
     substituteInPlace $out/bin/checksec --replace "file $" "${file}/bin/file $"
     substituteInPlace $out/bin/checksec --replace "xargs file" "xargs ${file}/bin/file"
-    substituteInPlace $out/bin/checksec --replace " readelf -" " ${elfutils}/bin/readelf -"
-    substituteInPlace $out/bin/checksec --replace "(readelf -" "(${elfutils}/bin/readelf -"
-    substituteInPlace $out/bin/checksec --replace "command_exists readelf" "command_exists ${elfutils}/bin/readelf"
+    substituteInPlace $out/bin/checksec --replace " readelf -" " ${binutils}/bin/readelf -"
+    substituteInPlace $out/bin/checksec --replace "(readelf -" "(${binutils}/bin/readelf -"
+    substituteInPlace $out/bin/checksec --replace "command_exists readelf" "command_exists ${binutils}/bin/readelf"
+    substituteInPlace $out/bin/checksec --replace "/sbin/sysctl -" "${procps}/sbin/sysctl -"
+    substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -"
   '';
 
   phases = "unpackPhase patchPhase installPhase";