* [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending
@ 2018-10-28 18:50 Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 02/13] tpm2-abrmd: update to 2.0.2 Armin Kuster
` (11 more replies)
0 siblings, 12 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
depends on the OS_RELEASRE_FEILD os-release changes in core
otherwise yocto-check-layer will fail
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-security-compliance/recipes-core/os-release/os-release.bbappend | 3 ---
1 file changed, 3 deletions(-)
diff --git a/meta-security-compliance/recipes-core/os-release/os-release.bbappend b/meta-security-compliance/recipes-core/os-release/os-release.bbappend
index e9fd44a..604bacb 100644
--- a/meta-security-compliance/recipes-core/os-release/os-release.bbappend
+++ b/meta-security-compliance/recipes-core/os-release/os-release.bbappend
@@ -1,4 +1 @@
-OS_RELEASE_FIELDS += "CPE_NAME"
-
CPE_NAME="cpe:/o:openembedded:nodistro:0"
-
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 02/13] tpm2-abrmd: update to 2.0.2
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 03/13] packagegroup-security-tpm2: add and remove packages Armin Kuster
` (10 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../tpm2-abrmd/{tpm2-abrmd_2.0.1.bb => tpm2-abrmd_2.0.2.bb} | 9 ++++-----
.../{tpm2simulator-native_138.bb => tpm2simulator_138.bb} | 0
2 files changed, 4 insertions(+), 5 deletions(-)
rename meta-tpm/recipes-tpm/tpm2-abrmd/{tpm2-abrmd_2.0.1.bb => tpm2-abrmd_2.0.2.bb} (86%)
rename meta-tpm/recipes-tpm/tpm2simulator/{tpm2simulator-native_138.bb => tpm2simulator_138.bb} (100%)
diff --git a/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.1.bb b/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb
similarity index 86%
rename from meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.1.bb
rename to meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb
index 31e90f8..951556d 100644
--- a/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.1.bb
+++ b/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb
@@ -9,15 +9,16 @@ SECTION = "security/tpm"
LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da"
-DEPENDS += "autoconf-archive dbus glib-2.0 pkgconfig tpm2.0-tss glib-2.0-native \
+DEPENDS = "autoconf-archive dbus glib-2.0 tpm2.0-tss glib-2.0-native \
libtss2 libtss2-mu libtss2-tcti-device libtss2-tcti-mssim"
+
SRC_URI = "\
git://github.com/01org/tpm2-abrmd.git \
file://tpm2-abrmd-init.sh \
file://tpm2-abrmd.default \
"
-SRCREV = "80f8966b90d6394ad568e362d2936b333c2822bb"
+SRCREV = "d0120ace58d97bc9520c0d558657eaca87ae73b1"
S = "${WORKDIR}/git"
@@ -34,9 +35,7 @@ USERADD_PACKAGES = "${PN}"
GROUPADD_PARAM_${PN} = "tss"
USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss"
-PACKAGECONFIG ?="udev"
-PACKAGECONFIG += "${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd', '', d)}"
-
+PACKAGECONFIG ?="${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd', '', d)}"
PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, --with-systemdsystemunitdir=no"
do_install_append() {
diff --git a/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_138.bb b/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator_138.bb
similarity index 100%
rename from meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_138.bb
rename to meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator_138.bb
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 03/13] packagegroup-security-tpm2: add and remove packages
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 02/13] tpm2-abrmd: update to 2.0.2 Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 04/13] swtpm: switch to stable branch and clean up recipe Armin Kuster
` (9 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb b/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb
index 099e01c..c4c8fb2 100644
--- a/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb
+++ b/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb
@@ -1,4 +1,4 @@
-DESCRIPTION = "Security packagegroup for Poky"
+DESCRIPTION = "TPM2 packagegroup for Security"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
@@ -14,5 +14,5 @@ RDEPENDS_packagegroup-security-tpm2 = " \
libtss2 \
libtss2-tcti-device \
libtss2-tcti-mssim \
- resourcemgr \
+ tpm2-abrmd \
"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 04/13] swtpm: switch to stable branch and clean up recipe
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 02/13] tpm2-abrmd: update to 2.0.2 Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 03/13] packagegroup-security-tpm2: add and remove packages Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 05/13] packagegroup-core-security: add few more ptest packages Armin Kuster
` (8 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb | 22 +++++-----------------
1 file changed, 5 insertions(+), 17 deletions(-)
diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb
index e0c5ffe..3fe1393 100644
--- a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb
+++ b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb
@@ -3,22 +3,21 @@ LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=fe8092c832b71ef20dfe4c6d3decb3a8"
SECTION = "apps"
-DEPENDS = "libtasn1 expect socat glib-2.0 libtpm libtpm-native"
+DEPENDS = "libtasn1 expect socat glib-2.0 net-tools-native libtpm libtpm-native"
# configure checks for the tools already during compilation and
# then swtpm_setup needs them at runtime
DEPENDS += "tpm-tools-native expect-native socat-native"
-SRCREV = "66b42f52ef363998cb57f039889d59381d20bdf1"
-SRC_URI = "git://github.com/stefanberger/swtpm.git \
- file://fix_lib_search_path.patch \
+SRCREV = "94bb9f2d716d09bcc6cd2a2e033018f8592008e7"
+SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=tpm2-preview.v2 \
file://fix_fcntl_h.patch \
file://ioctl_h.patch \
"
S = "${WORKDIR}/git"
-inherit autotools-brokensep pkgconfig
+inherit autotools pkgconfig
PARALLEL_MAKE = ""
TSS_USER="tss"
@@ -35,21 +34,12 @@ EXTRA_OECONF += "--with-tss-user=${TSS_USER} --with-tss-group=${TSS_GROUP}"
export SEARCH_DIR = "${STAGING_LIBDIR_NATIVE}"
-# dup bootstrap
-do_configure_prepend () {
- libtoolize --force --copy
- autoheader
- aclocal
- automake --add-missing -c
- autoconf
-}
-
USERADD_PACKAGES = "${PN}"
GROUPADD_PARAM_${PN} = "--system ${TSS_USER}"
USERADD_PARAM_${PN} = "--system -g ${TSS_GROUP} --home-dir \
--no-create-home --shell /bin/false ${BPN}"
-RDEPENDS_${PN} = "libtpm expect socat bash"
+RDEPENDS_${PN} = "libtpm expect socat bash tpm-tools"
BBCLASSEXTEND = "native nativesdk"
@@ -58,5 +48,3 @@ python() {
'filesystems-layer' not in d.getVar('BBFILE_COLLECTIONS').split():
raise bb.parse.SkipRecipe('Cuse enabled which requires meta-filesystems to be present.')
}
-
-RDEPENDS_${PN} += "tpm-tools"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 05/13] packagegroup-core-security: add few more ptest packages
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (2 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 04/13] swtpm: switch to stable branch and clean up recipe Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 06/13] suricata: add ptest Armin Kuster
` (7 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/packagegroup/packagegroup-core-security.bb | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/recipes-security/packagegroup/packagegroup-core-security.bb b/recipes-security/packagegroup/packagegroup-core-security.bb
index 653d87b..9cf233f 100644
--- a/recipes-security/packagegroup/packagegroup-core-security.bb
+++ b/recipes-security/packagegroup/packagegroup-core-security.bb
@@ -65,7 +65,7 @@ RDEPENDS_packagegroup-security-ids = " \
SUMMARY_packagegroup-security-mac = "Security Mandatory Access Control systems"
RDEPENDS_packagegroup-security-mac = " \
${@bb.utils.contains("DISTRO_FEATURES", "tomoyo", "ccs-tools", "",d)} \
- ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "", "",d)} \
+ ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", "",d)} \
${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \
"
@@ -76,5 +76,7 @@ RDEPENDS_packagegroup-security-ptest = " \
keyutils-ptest \
libseccomp-ptest \
python-scapy-ptest \
+ ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor-ptest", "",d)} \
+ ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
ptest-runner \
"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 06/13] suricata: add ptest
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (3 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 05/13] packagegroup-core-security: add few more ptest packages Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 07/13] packagegroup-core-security: add suricata-ptest Armin Kuster
` (6 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/suricata/files/run-ptest | 3 +++
recipes-security/suricata/suricata_4.0.5.bb | 6 +++++-
2 files changed, 8 insertions(+), 1 deletion(-)
create mode 100644 recipes-security/suricata/files/run-ptest
diff --git a/recipes-security/suricata/files/run-ptest b/recipes-security/suricata/files/run-ptest
new file mode 100644
index 0000000..666ba9c
--- /dev/null
+++ b/recipes-security/suricata/files/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+suricata -u
diff --git a/recipes-security/suricata/suricata_4.0.5.bb b/recipes-security/suricata/suricata_4.0.5.bb
index 90b4638..6c0a109 100644
--- a/recipes-security/suricata/suricata_4.0.5.bb
+++ b/recipes-security/suricata/suricata_4.0.5.bb
@@ -10,12 +10,13 @@ SRC_URI += " \
file://volatiles.03_suricata \
file://suricata.yaml \
file://suricata.service \
+ file://run-ptest \
"
SRC_URI[rules.md5sum] = "205c5e5b54e489207ed892c03ad75b33"
SRC_URI[rules.sha256sum] = "4aa81011b246875a57181c6a0569ca887845e366904bcaf0043220f33bd69798"
-inherit autotools-brokensep pkgconfig python-dir systemd
+inherit autotools-brokensep pkgconfig python-dir systemd ptest
CFLAGS += "-D_DEFAULT_SOURCE"
@@ -28,6 +29,8 @@ EXTRA_OECONF += " --disable-debug \
"
PACKAGECONFIG ??= "htp jansson file pcre yaml pcap cap-ng net nfnetlink nss nspr"
+PACKAGECONFIG_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'unittests', '', d)}"
+
PACKAGECONFIG[htp] = "--with-libhtp-includes=${STAGING_INCDIR} --with-libhtp-libraries=${STAGING_LIBDIR}, ,libhtp,"
PACKAGECONFIG[pcre] = "--with-libpcre-includes=${STAGING_INCDIR} --with-libpcre-libraries=${STAGING_LIBDIR}, ,libpcre ,"
PACKAGECONFIG[yaml] = "--with-libyaml-includes=${STAGING_INCDIR} --with-libyaml-libraries=${STAGING_LIBDIR}, ,libyaml ,"
@@ -42,6 +45,7 @@ PACKAGECONFIG[file] = ",,file, file"
PACKAGECONFIG[nss] = "--with-libnss-includes=${STAGING_INCDIR} --with-libnss-libraries=${STAGING_LIBDIR}, nss, nss,"
PACKAGECONFIG[nspr] = "--with-libnspr-includes=${STAGING_INCDIR} --with-libnspr-libraries=${STAGING_LIBDIR}, nspr, nspr,"
PACKAGECONFIG[python] = "--enable-python, --disable-python, python, python"
+PACKAGECONFIG[unittests] = "--enable-unittests, --disable-unittests,"
export logdir = "${localstatedir}/log"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 07/13] packagegroup-core-security: add suricata-ptest
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (4 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 06/13] suricata: add ptest Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 08/13] security-build-image: remove X11 Armin Kuster
` (5 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/packagegroup/packagegroup-core-security.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/recipes-security/packagegroup/packagegroup-core-security.bb b/recipes-security/packagegroup/packagegroup-core-security.bb
index 9cf233f..5ee06e3 100644
--- a/recipes-security/packagegroup/packagegroup-core-security.bb
+++ b/recipes-security/packagegroup/packagegroup-core-security.bb
@@ -76,6 +76,7 @@ RDEPENDS_packagegroup-security-ptest = " \
keyutils-ptest \
libseccomp-ptest \
python-scapy-ptest \
+ suricata-ptest \
${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor-ptest", "",d)} \
${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
ptest-runner \
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 08/13] security-build-image: remove X11
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (5 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 07/13] packagegroup-core-security: add suricata-ptest Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 09/13] tripwire: add ptest Armin Kuster
` (4 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/images/security-build-image.bb | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/recipes-security/images/security-build-image.bb b/recipes-security/images/security-build-image.bb
index 1a7af86..a8757f9 100644
--- a/recipes-security/images/security-build-image.bb
+++ b/recipes-security/images/security-build-image.bb
@@ -6,9 +6,7 @@ IMAGE_INSTALL = "\
packagegroup-base \
packagegroup-core-boot \
packagegroup-core-security \
- os-release \
- ${@bb.utils.contains("DISTRO_FEATURES", "x11", "packagegroup-xfce-base", "", d)} \
- ${CORE_IMAGE_EXTRA_INSTALL}"
+ os-release"
IMAGE_LINGUAS ?= " "
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 09/13] tripwire: add ptest
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (6 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 08/13] security-build-image: remove X11 Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 10/13] packagegroup-core-security: add tripwire ptest Armin Kuster
` (3 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/tripwire/files/run-ptest | 3 +++
recipes-security/tripwire/tripwire_2.4.3.6.bb | 9 ++++++++-
2 files changed, 11 insertions(+), 1 deletion(-)
create mode 100644 recipes-security/tripwire/files/run-ptest
diff --git a/recipes-security/tripwire/files/run-ptest b/recipes-security/tripwire/files/run-ptest
new file mode 100644
index 0000000..aedfddc
--- /dev/null
+++ b/recipes-security/tripwire/files/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+./twtest.pl
diff --git a/recipes-security/tripwire/tripwire_2.4.3.6.bb b/recipes-security/tripwire/tripwire_2.4.3.6.bb
index 465960f..59d1f35 100644
--- a/recipes-security/tripwire/tripwire_2.4.3.6.bb
+++ b/recipes-security/tripwire/tripwire_2.4.3.6.bb
@@ -16,11 +16,12 @@ SRC_URI = "\
file://twcfg.txt \
file://twinstall.sh \
file://twpol-yocto.txt \
+ file://run-ptest \
"
S = "${WORKDIR}/git"
-inherit autotools-brokensep update-rc.d
+inherit autotools-brokensep update-rc.d ptest
INITSCRIPT_NAME = "tripwire"
INITSCRIPT_PARAMS = "start 40 S ."
@@ -58,9 +59,15 @@ do_install () {
install -m 0644 ${WORKDIR}/tripwire.txt ${D}${docdir}/${BPN}
}
+do_install_ptest_append () {
+ install -d ${D}${PTEST_PATH}/tests
+ cp -a ${S}/src/test-harness/* ${D}${PTEST_PATH}
+}
FILES_${PN} += "${libdir} ${docdir}/${PN}/*"
FILES_${PN}-dbg += "${sysconfdir}/${PN}/.debug"
FILES_${PN}-staticdev += "${localstatedir}/lib/${PN}/lib*.a"
+FILES_${PN}-ptest += "${PTEST_PATH}/tests "
RDEPENDS_${PN} += " perl nano msmtp cronie"
+RDEPENDS_${PN}-ptest = " perl lib-perl"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 10/13] packagegroup-core-security: add tripwire ptest
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (7 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 09/13] tripwire: add ptest Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 11/13] fail2ban: add ptest Armin Kuster
` (2 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/packagegroup/packagegroup-core-security.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/recipes-security/packagegroup/packagegroup-core-security.bb b/recipes-security/packagegroup/packagegroup-core-security.bb
index 5ee06e3..741ff5c 100644
--- a/recipes-security/packagegroup/packagegroup-core-security.bb
+++ b/recipes-security/packagegroup/packagegroup-core-security.bb
@@ -77,6 +77,7 @@ RDEPENDS_packagegroup-security-ptest = " \
libseccomp-ptest \
python-scapy-ptest \
suricata-ptest \
+ tripwire-ptest \
${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor-ptest", "",d)} \
${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
ptest-runner \
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 11/13] fail2ban: add ptest
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (8 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 10/13] packagegroup-core-security: add tripwire ptest Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 12/13] packagegroup-core-security: add fail2ban ptest to image Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 13/13] layer.conf: update ptest var to align with core Armin Kuster
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/fail2ban/files/run-ptest | 3 +++
recipes-security/fail2ban/python-fail2ban.inc | 9 ++++++++-
recipes-security/fail2ban/python-fail2ban_0.10.3.1.bb | 2 ++
recipes-security/fail2ban/python3-fail2ban_0.10.3.1.bb | 2 ++
4 files changed, 15 insertions(+), 1 deletion(-)
create mode 100644 recipes-security/fail2ban/files/run-ptest
diff --git a/recipes-security/fail2ban/files/run-ptest b/recipes-security/fail2ban/files/run-ptest
new file mode 100644
index 0000000..9f6aebe
--- /dev/null
+++ b/recipes-security/fail2ban/files/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+##PYTHON## fail2ban-testcases
diff --git a/recipes-security/fail2ban/python-fail2ban.inc b/recipes-security/fail2ban/python-fail2ban.inc
index 0b88f83..9245f17 100644
--- a/recipes-security/fail2ban/python-fail2ban.inc
+++ b/recipes-security/fail2ban/python-fail2ban.inc
@@ -14,9 +14,10 @@ SRC_URI = " \
git://github.com/fail2ban/fail2ban.git;branch=0.11 \
file://initd \
file://fail2ban_setup.py \
+ file://run-ptest \
"
-inherit update-rc.d
+inherit update-rc.d ptest
S = "${WORKDIR}/git"
@@ -35,6 +36,12 @@ do_install_append () {
chown -R root:root ${D}/${bindir}
}
+do_install_ptest_append () {
+ install -d ${D}${PTEST_PATH}
+ sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest
+ install -D ${S}/bin/fail2ban-testcases ${D}${PTEST_PATH}
+}
+
FILES_${PN} += "/run"
INSANE_SKIP_${PN}_append = "already-stripped"
diff --git a/recipes-security/fail2ban/python-fail2ban_0.10.3.1.bb b/recipes-security/fail2ban/python-fail2ban_0.10.3.1.bb
index 70c3bd9..17a7dd8 100644
--- a/recipes-security/fail2ban/python-fail2ban_0.10.3.1.bb
+++ b/recipes-security/fail2ban/python-fail2ban_0.10.3.1.bb
@@ -1,2 +1,4 @@
inherit setuptools
require python-fail2ban.inc
+
+RDEPENDS_${PN}-ptest = "python python-modules python-fail2ban"
diff --git a/recipes-security/fail2ban/python3-fail2ban_0.10.3.1.bb b/recipes-security/fail2ban/python3-fail2ban_0.10.3.1.bb
index bdb4146..5c887e8 100644
--- a/recipes-security/fail2ban/python3-fail2ban_0.10.3.1.bb
+++ b/recipes-security/fail2ban/python3-fail2ban_0.10.3.1.bb
@@ -1,2 +1,4 @@
inherit setuptools3
require python-fail2ban.inc
+
+RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 12/13] packagegroup-core-security: add fail2ban ptest to image
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (9 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 11/13] fail2ban: add ptest Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 13/13] layer.conf: update ptest var to align with core Armin Kuster
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
recipes-security/packagegroup/packagegroup-core-security.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/recipes-security/packagegroup/packagegroup-core-security.bb b/recipes-security/packagegroup/packagegroup-core-security.bb
index 741ff5c..e847847 100644
--- a/recipes-security/packagegroup/packagegroup-core-security.bb
+++ b/recipes-security/packagegroup/packagegroup-core-security.bb
@@ -78,6 +78,7 @@ RDEPENDS_packagegroup-security-ptest = " \
python-scapy-ptest \
suricata-ptest \
tripwire-ptest \
+ python3-fail2ban-ptest \
${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor-ptest", "",d)} \
${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
ptest-runner \
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [meta-security][PATCH 13/13] layer.conf: update ptest var to align with core
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
` (10 preceding siblings ...)
2018-10-28 18:50 ` [meta-security][PATCH 12/13] packagegroup-core-security: add fail2ban ptest to image Armin Kuster
@ 2018-10-28 18:50 ` Armin Kuster
11 siblings, 0 replies; 13+ messages in thread
From: Armin Kuster @ 2018-10-28 18:50 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
conf/layer.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/conf/layer.conf b/conf/layer.conf
index 76f5bd6..19e647e 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -13,4 +13,4 @@ LAYERSERIES_COMPAT_security = "thud"
LAYERDEPENDS_security = "core openembedded-layer perl-layer networking-layer meta-python"
-DEFAULT_TEST_SUITES_pn-security-build-image = " ${MINTESTSUITE} ssh scp ptest"
+DEFAULT_TEST_SUITES_pn-security-build-image = " ${PTESTTESTSUITE}"
--
2.7.4
^ permalink raw reply related [flat|nested] 13+ messages in thread
end of thread, other threads:[~2018-10-28 18:50 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-28 18:50 [meta-security][PATCH 01/13] os-release: remove OS_RELEASE_FEILD extending Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 02/13] tpm2-abrmd: update to 2.0.2 Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 03/13] packagegroup-security-tpm2: add and remove packages Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 04/13] swtpm: switch to stable branch and clean up recipe Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 05/13] packagegroup-core-security: add few more ptest packages Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 06/13] suricata: add ptest Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 07/13] packagegroup-core-security: add suricata-ptest Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 08/13] security-build-image: remove X11 Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 09/13] tripwire: add ptest Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 10/13] packagegroup-core-security: add tripwire ptest Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 11/13] fail2ban: add ptest Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 12/13] packagegroup-core-security: add fail2ban ptest to image Armin Kuster
2018-10-28 18:50 ` [meta-security][PATCH 13/13] layer.conf: update ptest var to align with core Armin Kuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.