(address . guix-patches@gnu.org)(name . Jakob Kirsch)(address . jakob.kirsch@web.de)
8fff56158eb150f2dab193ccdceb19fd451583e7.1697641034.git.jakob.kirsch@web.de
* gnu/packages/antivirus.scm (yara): New variable.
---
gnu/packages/antivirus.scm | 39 ++++++++++++++++++++++++++++++++++++++
1 file changed, 39 insertions(+)
Toggle diff (73 lines)
diff --git a/gnu/packages/antivirus.scm b/gnu/packages/antivirus.scm
index 750db04040..45a85e2faf 100644
--- a/gnu/packages/antivirus.scm
+++ b/gnu/packages/antivirus.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2016, 2017, 2018, 2019, 2020 Eric Bavier <bavier@posteo.net>
;;; Copyright © 2018 Christopher Baines <mail@cbaines.net>
;;; Copyright © 2019–2021 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2023 Jakob Kirsch <jakob.kirsch@web.de>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -24,9 +25,11 @@ (define-module (gnu packages antivirus)
#:use-module (guix gexp)
#:use-module (guix packages)
#:use-module (guix download)
+ #:use-module (guix git-download)
#:use-module (guix utils)
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
+ #:use-module (gnu packages bash)
#:use-module (gnu packages bison)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
@@ -38,6 +41,7 @@ (define-module (gnu packages antivirus)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages pcre)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages protobuf)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
#:use-module (gnu packages xml))
@@ -156,3 +160,38 @@ (define-public clamav
(license:non-copyleft "libclamav/strlcat.c") ;"OpenBSD" license
license:asl2.0 ;libclamav/yara*
license:expat)))) ;shared/getopt.[ch]
+
+(define-public yara
+ (package
+ (name "yara")
+ (version "v4.4.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/VirusTotal/yara")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "1jc468iybjl1n0r6prpw7pwhd9jvfbjghqg9qdq1hbihnv5wa4bb"))))
+ (build-system gnu-build-system)
+ (native-inputs (list autoconf automake libtool protobuf pkg-config))
+ (inputs (list openssl bash))
+ (arguments
+ '(#:phases (modify-phases %standard-phases
+ (add-before 'check 'remove-bin-sh-in-test
+ (lambda* (#:key build-inputs #:allow-other-keys)
+ (substitute* "tests/test-rules.c"
+ (("/bin/sh")
+ (string-append (assoc-ref %build-inputs "bash")
+ "/bin/sh"))))))))
+
+ (synopsis "The pattern matching swiss knife")
+ (description
+ "YARA is a tool aimed at (but not limited to) helping malware researchers to
+identify and classify malware samples. With YARA you can create descriptions of
+malware families (or whatever you want to describe) based on textual or binary patterns.
+Each description, a.k.a. rule, consists of a set of strings and a boolean expression
+which determine its logic.")
+ (home-page "https://github.com/VirusTotal/yara")
+ (license license:bsd-3)))
base-commit: 1076f32111e512ed437f135c9eb6ce2daaafd623
--
2.41.0