log4jcheck: init at unstable-2021-12-14

2021-12-14 19:27:38 +01:00 · 2021-12-14 19:27:38 +01:00 · f172eba7ae
parent 3a69a7eaaa
commit f172eba7ae
2 changed files with 36 additions and 0 deletions
--- a/pkgs/tools/security/log4jcheck/default.nix
+++ b/pkgs/tools/security/log4jcheck/default.nix
@ -0,0 +1,34 @@
+{ lib
+, fetchFromGitHub
+, python3
+}:
+
+python3.pkgs.buildPythonApplication rec {
+  pname = "log4jcheck";
+  version = "unstable-2021-12-14";
+  format = "other";
+
+  src = fetchFromGitHub {
+    owner = "NorthwaveSecurity";
+    repo = pname;
+    rev = "736f1f4044e8a9b7bf5db515e2d1b819253f0f6d";
+    sha256 = "sha256-1al7EMYbE/hFXKV4mYZlkEWTUIKYxgXYU3qBLlczYvs=";
+  };
+
+  propagatedBuildInputs = with python3.pkgs; [
+    requests
+  ];
+
+  installPhase = ''
+    runHook preInstall
+    install -vD nw_log4jcheck.py $out/bin/${pname}
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "Tool to check for vulnerable Log4j (CVE-2021-44228) systems";
+    homepage = "https://github.com/NorthwaveSecurity/log4jcheck";
+    license = licenses.mit;
+    maintainers = with maintainers; [ fab ];
+  };
+}
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -7465,6 +7465,8 @@ with pkgs;

  log4j-scan = callPackage ../tools/security/log4j-scan { };

+  log4jcheck = callPackage ../tools/security/log4jcheck { };
+
  logcheck = callPackage ../tools/system/logcheck { };

  logmein-hamachi = callPackage ../tools/networking/logmein-hamachi { };