All of lore.kernel.org
 help / color / mirror / Atom feed
* [meta-security][PATCH 1/4] packagegroup-core-security-ptest: only included if ptest is enabled
@ 2019-09-01 22:10 Armin Kuster
  2019-09-01 22:10 ` [meta-security][PATCH 2/4] packagegroup-core-security: update package name Armin Kuster
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Armin Kuster @ 2019-09-01 22:10 UTC (permalink / raw)
  To: yocto

update python package names

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../packagegroup/packagegroup-core-security-ptest.bb        | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/recipes-security/packagegroup/packagegroup-core-security-ptest.bb b/recipes-security/packagegroup/packagegroup-core-security-ptest.bb
index ddcf208..39873b8 100644
--- a/recipes-security/packagegroup/packagegroup-core-security-ptest.bb
+++ b/recipes-security/packagegroup/packagegroup-core-security-ptest.bb
@@ -3,6 +3,10 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
                     file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
 
+inherit distro_features_check
+
+REQUIRED_DISTRO_FEATURES = "ptest"
+
 PACKAGES = "\
     ${PN} \
     "
@@ -15,7 +19,7 @@ RDEPENDS_${PN} = " \
     samhain-standalone-ptest \
     keyutils-ptest \
     libseccomp-ptest \
-    python-scapy-ptest \
+    python3-scapy-ptest \
     suricata-ptest \
     tripwire-ptest \
     python-fail2ban-ptest \
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [meta-security][PATCH 2/4] packagegroup-core-security: update package name
  2019-09-01 22:10 [meta-security][PATCH 1/4] packagegroup-core-security-ptest: only included if ptest is enabled Armin Kuster
@ 2019-09-01 22:10 ` Armin Kuster
  2019-09-01 22:10 ` [meta-security][PATCH 3/4] busybox: fix sig changes when layer added Armin Kuster
  2019-09-01 22:10 ` [meta-security][PATCH 4/4] initramfs-framework-ima: correct IMA_POLICY name Armin Kuster
  2 siblings, 0 replies; 4+ messages in thread
From: Armin Kuster @ 2019-09-01 22:10 UTC (permalink / raw)
  To: yocto

Also remove tpm packagegroup reference

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 recipes-security/packagegroup/packagegroup-core-security.bb | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/recipes-security/packagegroup/packagegroup-core-security.bb b/recipes-security/packagegroup/packagegroup-core-security.bb
index 20ba46f..e0a9d05 100644
--- a/recipes-security/packagegroup/packagegroup-core-security.bb
+++ b/recipes-security/packagegroup/packagegroup-core-security.bb
@@ -11,7 +11,6 @@ PACKAGES = "\
     packagegroup-security-scanners \
     packagegroup-security-ids  \
     packagegroup-security-mac  \
-    ${@bb.utils.contains("MACHINE_FEATURES", "tpm", "packagegroup-security-tpm", "",d)} \
     "
 
 RDEPENDS_packagegroup-core-security = "\
@@ -19,7 +18,6 @@ RDEPENDS_packagegroup-core-security = "\
     packagegroup-security-scanners \
     packagegroup-security-ids  \
     packagegroup-security-mac  \
-    ${@bb.utils.contains("MACHINE_FEATURES", "tpm", "packagegroup-security-tpm", "",d)} \
     "
 
 SUMMARY_packagegroup-security-utils = "Security utilities"
@@ -27,7 +25,7 @@ RDEPENDS_packagegroup-security-utils = "\
     checksec \
     nmap \
     pinentry \
-    python-scapy \
+    python3-scapy \
     ding-libs \
     keyutils \
     libseccomp \
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [meta-security][PATCH 3/4] busybox: fix sig changes when layer added
  2019-09-01 22:10 [meta-security][PATCH 1/4] packagegroup-core-security-ptest: only included if ptest is enabled Armin Kuster
  2019-09-01 22:10 ` [meta-security][PATCH 2/4] packagegroup-core-security: update package name Armin Kuster
@ 2019-09-01 22:10 ` Armin Kuster
  2019-09-01 22:10 ` [meta-security][PATCH 4/4] initramfs-framework-ima: correct IMA_POLICY name Armin Kuster
  2 siblings, 0 replies; 4+ messages in thread
From: Armin Kuster @ 2019-09-01 22:10 UTC (permalink / raw)
  To: yocto

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 recipes-core/busybox/busybox_%.bbappend    | 4 +---
 recipes-core/busybox/busybox_libsecomp.inc | 3 +++
 2 files changed, 4 insertions(+), 3 deletions(-)
 create mode 100644 recipes-core/busybox/busybox_libsecomp.inc

diff --git a/recipes-core/busybox/busybox_%.bbappend b/recipes-core/busybox/busybox_%.bbappend
index 8bb0706..27a2482 100644
--- a/recipes-core/busybox/busybox_%.bbappend
+++ b/recipes-core/busybox/busybox_%.bbappend
@@ -1,3 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-SRC_URI += "file://head.cfg"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'busybox_libsecomp.inc', '', d)}
diff --git a/recipes-core/busybox/busybox_libsecomp.inc b/recipes-core/busybox/busybox_libsecomp.inc
new file mode 100644
index 0000000..4af22ce
--- /dev/null
+++ b/recipes-core/busybox/busybox_libsecomp.inc
@@ -0,0 +1,3 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/busybox:"
+
+SRC_URI_append  = " file://head.cfg"
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [meta-security][PATCH 4/4] initramfs-framework-ima: correct IMA_POLICY name
  2019-09-01 22:10 [meta-security][PATCH 1/4] packagegroup-core-security-ptest: only included if ptest is enabled Armin Kuster
  2019-09-01 22:10 ` [meta-security][PATCH 2/4] packagegroup-core-security: update package name Armin Kuster
  2019-09-01 22:10 ` [meta-security][PATCH 3/4] busybox: fix sig changes when layer added Armin Kuster
@ 2019-09-01 22:10 ` Armin Kuster
  2 siblings, 0 replies; 4+ messages in thread
From: Armin Kuster @ 2019-09-01 22:10 UTC (permalink / raw)
  To: yocto

it had ima_policy_hashed  and did not match the recipe
ima-policy-hashed

found by yocto-check-layer

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../recipes-core/initrdscripts/initramfs-framework-ima.bb       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
index 6057e8d..95c853a 100644
--- a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
+++ b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
@@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384
 # This policy file will get installed as /etc/ima/ima-policy.
 # It is located via the normal file search path, so a .bbappend
 # to this recipe can just point towards one of its own files.
-IMA_POLICY ?= "ima_policy_hashed"
+IMA_POLICY ?= "ima-policy-hashed"
 
 SRC_URI = " file://ima"
 
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-09-01 22:10 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-01 22:10 [meta-security][PATCH 1/4] packagegroup-core-security-ptest: only included if ptest is enabled Armin Kuster
2019-09-01 22:10 ` [meta-security][PATCH 2/4] packagegroup-core-security: update package name Armin Kuster
2019-09-01 22:10 ` [meta-security][PATCH 3/4] busybox: fix sig changes when layer added Armin Kuster
2019-09-01 22:10 ` [meta-security][PATCH 4/4] initramfs-framework-ima: correct IMA_POLICY name Armin Kuster

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.