* [meta-security][PATCH 1/6] dm-verity-img.bbclass: more overided fixups
@ 2021-08-27 14:27 Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 2/6] krill: Rust is in core now Armin Kuster
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Armin Kuster @ 2021-08-27 14:27 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
classes/dm-verity-img.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/classes/dm-verity-img.bbclass b/classes/dm-verity-img.bbclass
index 16d395b..a0950da 100644
--- a/classes/dm-verity-img.bbclass
+++ b/classes/dm-verity-img.bbclass
@@ -63,8 +63,8 @@ verity_setup() {
VERITY_TYPES = "ext2.verity ext3.verity ext4.verity btrfs.verity"
IMAGE_TYPES += "${VERITY_TYPES}"
CONVERSIONTYPES += "verity"
-CONVERSION_CMD_verity = "verity_setup ${type}"
-CONVERSION_DEPENDS_verity = "cryptsetup-native"
+CONVERSION_CMD:verity = "verity_setup ${type}"
+CONVERSION_DEPENDS:verity = "cryptsetup-native"
python __anonymous() {
verity_image = d.getVar('DM_VERITY_IMAGE')
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [meta-security][PATCH 2/6] krill: Rust is in core now
2021-08-27 14:27 [meta-security][PATCH 1/6] dm-verity-img.bbclass: more overided fixups Armin Kuster
@ 2021-08-27 14:27 ` Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 3/6] suricata: rust is in core Armin Kuster
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Armin Kuster @ 2021-08-27 14:27 UTC (permalink / raw)
To: yocto
drop dynamic-layer
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../krill/files/panic_workaround.patch | 0
.../recipes-security => recipes-security}/krill/krill.inc | 0
.../recipes-security => recipes-security}/krill/krill_0.9.1.bb | 0
3 files changed, 0 insertions(+), 0 deletions(-)
rename {dynamic-layers/meta-rust/recipes-security => recipes-security}/krill/files/panic_workaround.patch (100%)
rename {dynamic-layers/meta-rust/recipes-security => recipes-security}/krill/krill.inc (100%)
rename {dynamic-layers/meta-rust/recipes-security => recipes-security}/krill/krill_0.9.1.bb (100%)
diff --git a/dynamic-layers/meta-rust/recipes-security/krill/files/panic_workaround.patch b/recipes-security/krill/files/panic_workaround.patch
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-security/krill/files/panic_workaround.patch
rename to recipes-security/krill/files/panic_workaround.patch
diff --git a/dynamic-layers/meta-rust/recipes-security/krill/krill.inc b/recipes-security/krill/krill.inc
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-security/krill/krill.inc
rename to recipes-security/krill/krill.inc
diff --git a/dynamic-layers/meta-rust/recipes-security/krill/krill_0.9.1.bb b/recipes-security/krill/krill_0.9.1.bb
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-security/krill/krill_0.9.1.bb
rename to recipes-security/krill/krill_0.9.1.bb
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [meta-security][PATCH 3/6] suricata: rust is in core
2021-08-27 14:27 [meta-security][PATCH 1/6] dm-verity-img.bbclass: more overided fixups Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 2/6] krill: Rust is in core now Armin Kuster
@ 2021-08-27 14:27 ` Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 4/6] layer.conf: drop dynamic-layer Armin Kuster
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Armin Kuster @ 2021-08-27 14:27 UTC (permalink / raw)
To: yocto
drop dynamic-layer
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../recipes-ids => recipes-ids}/suricata/files/fixup.patch | 0
.../recipes-ids => recipes-ids}/suricata/files/run-ptest | 0
.../recipes-ids => recipes-ids}/suricata/files/suricata.service | 0
.../recipes-ids => recipes-ids}/suricata/files/suricata.yaml | 0
.../recipes-ids => recipes-ids}/suricata/files/tmpfiles.suricata | 0
.../suricata/files/volatiles.03_suricata | 0
.../recipes-ids => recipes-ids}/suricata/libhtp_0.5.38.bb | 0
.../meta-rust/recipes-ids => recipes-ids}/suricata/suricata.inc | 0
.../recipes-ids => recipes-ids}/suricata/suricata_6.0.3.bb | 0
9 files changed, 0 insertions(+), 0 deletions(-)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/fixup.patch (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/run-ptest (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/suricata.service (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/suricata.yaml (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/tmpfiles.suricata (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/volatiles.03_suricata (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/libhtp_0.5.38.bb (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/suricata.inc (100%)
rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/suricata_6.0.3.bb (100%)
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/fixup.patch b/recipes-ids/suricata/files/fixup.patch
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/fixup.patch
rename to recipes-ids/suricata/files/fixup.patch
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/run-ptest b/recipes-ids/suricata/files/run-ptest
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/run-ptest
rename to recipes-ids/suricata/files/run-ptest
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.service b/recipes-ids/suricata/files/suricata.service
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.service
rename to recipes-ids/suricata/files/suricata.service
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.yaml b/recipes-ids/suricata/files/suricata.yaml
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.yaml
rename to recipes-ids/suricata/files/suricata.yaml
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/tmpfiles.suricata b/recipes-ids/suricata/files/tmpfiles.suricata
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/tmpfiles.suricata
rename to recipes-ids/suricata/files/tmpfiles.suricata
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/volatiles.03_suricata b/recipes-ids/suricata/files/volatiles.03_suricata
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/volatiles.03_suricata
rename to recipes-ids/suricata/files/volatiles.03_suricata
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/libhtp_0.5.38.bb b/recipes-ids/suricata/libhtp_0.5.38.bb
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/libhtp_0.5.38.bb
rename to recipes-ids/suricata/libhtp_0.5.38.bb
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/suricata.inc b/recipes-ids/suricata/suricata.inc
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/suricata.inc
rename to recipes-ids/suricata/suricata.inc
diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/suricata_6.0.3.bb b/recipes-ids/suricata/suricata_6.0.3.bb
similarity index 100%
rename from dynamic-layers/meta-rust/recipes-ids/suricata/suricata_6.0.3.bb
rename to recipes-ids/suricata/suricata_6.0.3.bb
--
2.25.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [meta-security][PATCH 4/6] layer.conf: drop dynamic-layer
2021-08-27 14:27 [meta-security][PATCH 1/6] dm-verity-img.bbclass: more overided fixups Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 2/6] krill: Rust is in core now Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 3/6] suricata: rust is in core Armin Kuster
@ 2021-08-27 14:27 ` Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 5/6] layer.conf: drop meta-rust Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 6/6] harden-image-minimal: fix useradd inherit Armin Kuster
4 siblings, 0 replies; 6+ messages in thread
From: Armin Kuster @ 2021-08-27 14:27 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
conf/layer.conf | 4 ----
1 file changed, 4 deletions(-)
diff --git a/conf/layer.conf b/conf/layer.conf
index cdcfaee..ad9da56 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -16,7 +16,3 @@ LAYERDEPENDS_security = "core openembedded-layer perl-layer networking-layer met
# Sanity check for meta-security layer.
# Setting SKIP_META_SECURITY_SANITY_CHECK to "1" would skip the bbappend files check.
INHERIT += "sanity-meta-security"
-
-BBFILES_DYNAMIC += " \
-rust-layer:${LAYERDIR}/dynamic-layers/meta-rust/recipes-*/*/*.bb \
-"
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [meta-security][PATCH 5/6] layer.conf: drop meta-rust
2021-08-27 14:27 [meta-security][PATCH 1/6] dm-verity-img.bbclass: more overided fixups Armin Kuster
` (2 preceding siblings ...)
2021-08-27 14:27 ` [meta-security][PATCH 4/6] layer.conf: drop dynamic-layer Armin Kuster
@ 2021-08-27 14:27 ` Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 6/6] harden-image-minimal: fix useradd inherit Armin Kuster
4 siblings, 0 replies; 6+ messages in thread
From: Armin Kuster @ 2021-08-27 14:27 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-parsec/conf/layer.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-parsec/conf/layer.conf b/meta-parsec/conf/layer.conf
index 86d41b2..2eeb71b 100644
--- a/meta-parsec/conf/layer.conf
+++ b/meta-parsec/conf/layer.conf
@@ -10,5 +10,5 @@ BBFILE_PRIORITY_parsec-layer = "5"
LAYERSERIES_COMPAT_parsec-layer = "honister"
-LAYERDEPENDS_parsec-layer = "core rust-layer clang-layer tpm-layer"
+LAYERDEPENDS_parsec-layer = "core clang-layer tpm-layer"
BBLAYERS_LAYERINDEX_NAME_parsec-layer = "meta-parsec"
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [meta-security][PATCH 6/6] harden-image-minimal: fix useradd inherit
2021-08-27 14:27 [meta-security][PATCH 1/6] dm-verity-img.bbclass: more overided fixups Armin Kuster
` (3 preceding siblings ...)
2021-08-27 14:27 ` [meta-security][PATCH 5/6] layer.conf: drop meta-rust Armin Kuster
@ 2021-08-27 14:27 ` Armin Kuster
4 siblings, 0 replies; 6+ messages in thread
From: Armin Kuster @ 2021-08-27 14:27 UTC (permalink / raw)
To: yocto
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../recipes-core/images/harden-image-minimal.bb | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/meta-hardening/recipes-core/images/harden-image-minimal.bb b/meta-hardening/recipes-core/images/harden-image-minimal.bb
index c35c257..38771cd 100644
--- a/meta-hardening/recipes-core/images/harden-image-minimal.bb
+++ b/meta-hardening/recipes-core/images/harden-image-minimal.bb
@@ -10,7 +10,8 @@ LICENSE = "MIT"
IMAGE_ROOTFS_SIZE ?= "8192"
-inherit core-image extrausers
+inherit core-image
+IMAGE_CLASSES:append = " extrausers"
ROOT_DEFAULT_PASSWORD ?= "1SimplePw!"
DEFAULT_ADMIN_ACCOUNT ?= "myadmin"
@@ -19,7 +20,7 @@ DEFAULT_ADMIN_ACCOUNT_PASSWORD ?= "1SimplePw!"
EXTRA_USERS_PARAMS = "${@bb.utils.contains('DISABLE_ROOT', 'True', "usermod -L root;", "usermod -P '${ROOT_DEFAULT_PASSWORD}' root;", d)}"
-EXTRA_USERS_PARAMS += "useradd ${DEFAULT_ADMIN_ACCOUNT};"
-EXTRA_USERS_PARAMS += "groupadd ${DEFAULT_ADMIN_GROUP};"
-EXTRA_USERS_PARAMS += "usermod -P '${DEFAULT_ADMIN_ACCOUNT_PASSWORD}' ${DEFAULT_ADMIN_ACCOUNT};"
-EXTRA_USERS_PARAMS += "usermod -aG ${DEFAULT_ADMIN_GROUP} ${DEFAULT_ADMIN_ACCOUNT};"
+EXTRA_USERS_PARAMS:append = " useradd ${DEFAULT_ADMIN_ACCOUNT};"
+EXTRA_USERS_PARAMS:append = " groupadd ${DEFAULT_ADMIN_GROUP};"
+EXTRA_USERS_PARAMS:append = " usermod -P '${DEFAULT_ADMIN_ACCOUNT_PASSWORD}' ${DEFAULT_ADMIN_ACCOUNT};"
+EXTRA_USERS_PARAMS:append = " usermod -aG ${DEFAULT_ADMIN_GROUP} ${DEFAULT_ADMIN_ACCOUNT};"
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-08-27 14:27 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-27 14:27 [meta-security][PATCH 1/6] dm-verity-img.bbclass: more overided fixups Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 2/6] krill: Rust is in core now Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 3/6] suricata: rust is in core Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 4/6] layer.conf: drop dynamic-layer Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 5/6] layer.conf: drop meta-rust Armin Kuster
2021-08-27 14:27 ` [meta-security][PATCH 6/6] harden-image-minimal: fix useradd inherit Armin Kuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.