kconfig-hardened-check -> kernel-hardening-checker

[kconfig-hardened-check.git] / kernel_hardening_checker / config_files / distros / get-nixos-kconfig.nix

diff --git a/kernel_hardening_checker/config_files/distros/get-nixos-kconfig.nix b/kernel_hardening_checker/config_files/distros/get-nixos-kconfig.nix
new file mode 100644 (file)
index 0000000..cd91eea
--- /dev/null
+++ b/kernel_hardening_checker/config_files/distros/get-nixos-kconfig.nix
@@ -0,0 +1,32 @@
+{ pkgs ? import <nixpkgs> {}
+}:
+with pkgs;
+stdenv.mkDerivation {
+  name = "kconf";
+  nativeBuildInputs = [
+    linuxPackages_hardened.kernel
+    linuxPackages_latest.kernel
+    linuxPackages.kernel
+  ];
+
+  dontUnpack = true;
+  dontInstall = true;
+
+  buildPhase = ''
+    mkdir  $out
+
+    mkdir $out/linuxPackages_hardened/
+    cp ${pkgs.linuxPackages_hardened.kernel.configfile} $out/linuxPackages_hardened/kernel.conf
+    echo ${pkgs.linuxPackages_hardened.kernel.version} > $out/linuxPackages_hardened/kernel.version
+
+    mkdir $out/linuxPackages_latest/
+    cp ${pkgs.linuxPackages_latest.kernel.configfile} $out/linuxPackages_latest/kernel.conf
+    echo ${pkgs.linuxPackages_latest.kernel.version} > $out/linuxPackages_latest/kernel.version
+
+    mkdir $out/linuxPackages_lts/
+    cp ${pkgs.linuxPackages.kernel.configfile} $out/linuxPackages_lts/kernel.conf
+    echo ${pkgs.linuxPackages.kernel.version} > $out/linuxPackages_lts/kernel.version
+    '';
+
+  
+}