* [meta-security][PATCH 0/2 v2] add new recipe for ecryptfs-utils and keyutils
@ 2017-05-23 5:30 jackie.huang
2017-05-23 5:30 ` [meta-security][PATCH 1/2 v2] keyutils: add new recipe jackie.huang
2017-05-23 5:30 ` [meta-security][PATCH 2/2 v2] ecryptfs-utils: " jackie.huang
0 siblings, 2 replies; 5+ messages in thread
From: jackie.huang @ 2017-05-23 5:30 UTC (permalink / raw)
To: yocto
From: Jackie Huang <jackie.huang@windriver.com>
v2 comments:
- add systemd support
- add PACKAGECONFIG for pam to fix the warning
--
The following changes since commit 43ae8fc27eb411e91285eb374f05682ca8bee055:
packagegroup-security-tpm-i2c: fix syntax (2017-05-19 07:37:35 -0700)
are available in the git repository at:
https://github.com/jackiehjm/meta-security.git jhuang0/r_up_ecryptfs_keyutils_170523_0
https://github.com//tree/jhuang0/r_up_ecryptfs_keyutils_170523_0
Jackie Huang (2):
keyutils: add new recipe
ecryptfs-utils: add new recipe
.../ecryptfs-utils/ecryptfs-utils_111.bb | 64 +++++++++++++++++++++
.../files/ecryptfs-utils-CVE-2016-6224.patch | 65 ++++++++++++++++++++++
.../ecryptfs-utils/files/ecryptfs.service | 9 +++
...ix-error-report-by-adding-default-message.patch | 42 ++++++++++++++
.../files/keyutils-test-fix-output-format.patch | 41 ++++++++++++++
.../keyutils-use-relative-path-for-link.patch | 28 ++++++++++
recipes-security/keyutils/files/run-ptest | 3 +
recipes-security/keyutils/keyutils_1.5.10.bb | 45 +++++++++++++++
8 files changed, 297 insertions(+)
create mode 100644 recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
create mode 100644 recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-6224.patch
create mode 100644 recipes-security/ecryptfs-utils/files/ecryptfs.service
create mode 100644 recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch
create mode 100644 recipes-security/keyutils/files/keyutils-test-fix-output-format.patch
create mode 100644 recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch
create mode 100755 recipes-security/keyutils/files/run-ptest
create mode 100644 recipes-security/keyutils/keyutils_1.5.10.bb
--
2.11.0
^ permalink raw reply [flat|nested] 5+ messages in thread
* [meta-security][PATCH 1/2 v2] keyutils: add new recipe
2017-05-23 5:30 [meta-security][PATCH 0/2 v2] add new recipe for ecryptfs-utils and keyutils jackie.huang
@ 2017-05-23 5:30 ` jackie.huang
2017-05-23 5:30 ` [meta-security][PATCH 2/2 v2] ecryptfs-utils: " jackie.huang
1 sibling, 0 replies; 5+ messages in thread
From: jackie.huang @ 2017-05-23 5:30 UTC (permalink / raw)
To: yocto
From: Jackie Huang <jackie.huang@windriver.com>
keyutils is utilities to control the kernel key
management facility and to provide a mechanism by
which the kernel call back to userspace to get a
key instantiated.
It's required by ecryptfs-utils.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
...ix-error-report-by-adding-default-message.patch | 42 ++++++++++++++++++++
.../files/keyutils-test-fix-output-format.patch | 41 ++++++++++++++++++++
.../keyutils-use-relative-path-for-link.patch | 28 ++++++++++++++
recipes-security/keyutils/files/run-ptest | 3 ++
recipes-security/keyutils/keyutils_1.5.10.bb | 45 ++++++++++++++++++++++
5 files changed, 159 insertions(+)
create mode 100644 recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch
create mode 100644 recipes-security/keyutils/files/keyutils-test-fix-output-format.patch
create mode 100644 recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch
create mode 100755 recipes-security/keyutils/files/run-ptest
create mode 100644 recipes-security/keyutils/keyutils_1.5.10.bb
diff --git a/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch b/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch
new file mode 100644
index 0000000..acd91c0
--- /dev/null
+++ b/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch
@@ -0,0 +1,42 @@
+fix keyutils test error report
+
+Upstream-Status: Pending
+
+"Permission denied" may be the reason of EKEYEXPIRED and EKEYREVOKED.
+"Required key not available" may be the reason of EKEYREVOKED.
+EXPIRED and REVOKED are 2 status of kernel security keys features.
+But the userspace keyutils lib will output the error message, which may
+have several reasons.
+
+Signed-off-by: Han Chao <chan@windriver.com>
+
+diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh
+index bbca00a..739e9d0 100644
+--- a/tests/toolbox.inc.sh
++++ b/tests/toolbox.inc.sh
+@@ -227,11 +227,12 @@ function expect_error ()
+ ;;
+ EKEYEXPIRED)
+ my_err="Key has expired"
+- alt_err="Unknown error 127"
++ alt_err="Permission denied"
+ ;;
+ EKEYREVOKED)
+ my_err="Key has been revoked"
+- alt_err="Unknown error 128"
++ alt_err="Permission denied"
++ alt2_err="Required key not available"
+ ;;
+ EKEYREJECTED)
+ my_err="Key has been rejected"
+@@ -249,6 +250,9 @@ function expect_error ()
+ elif [ "x$alt_err" != "x" ] && expr "$my_errmsg" : ".*: $alt_err" >&/dev/null
+ then
+ :
++ elif [ "x$alt2_err" != "x" ] && expr "$my_errmsg" : ".*: $alt2_err" >&/dev/null
++ then
++ :
+ elif [ "x$old_err" != "x" ] && expr "$my_errmsg" : ".*: $old_err" >&/dev/null
+ then
+ :
+
diff --git a/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch b/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch
new file mode 100644
index 0000000..a4ffd50
--- /dev/null
+++ b/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch
@@ -0,0 +1,41 @@
+From 49b6321368e4bd3cd233d045cd09004ddd7968b2 Mon Sep 17 00:00:00 2001
+From: Jackie Huang <jackie.huang@windriver.com>
+Date: Mon, 15 May 2017 14:52:00 +0800
+Subject: [PATCH] keyutils: fix output format
+
+keyutils ptest output format is incorrect, according to yocto
+Development Manual
+(http://www.yoctoproject.org/docs/latest/dev-manual/dev-manual.html#testing-packages-with-ptest)
+5.10.6. Testing Packages With ptestThe test generates output in the format used by Automake:
+<result>: <testname>
+where the result can be PASS, FAIL, or SKIP, and the testname can be any
+identifying string.
+So we should change the test result format to match yocto ptest rules.
+
+Upstream-Status: Inappropriate [OE ptest specific]
+
+Signed-off-by: Li Wang <li.wang@windriver.com>
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ tests/runtest.sh | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/tests/runtest.sh b/tests/runtest.sh
+index b6eaa7c..84263fb 100644
+--- a/tests/runtest.sh
++++ b/tests/runtest.sh
+@@ -21,6 +21,11 @@ for i in ${TESTS}; do
+ echo "### RUNNING TEST $i"
+ if [[ $AUTOMATED != 0 ]] ; then
+ bash ./runtest.sh
++ if [ $? != 0 ]; then
++ echo "FAIL: $i"
++ else
++ echo "PASS: $i"
++ fi
+ else
+ bash ./runtest.sh || exit 1
+ fi
+--
+2.11.0
+
diff --git a/recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch b/recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch
new file mode 100644
index 0000000..dde1af4
--- /dev/null
+++ b/recipes-security/keyutils/files/keyutils-use-relative-path-for-link.patch
@@ -0,0 +1,28 @@
+Subject: [PATCH] keyutils: use relative path for link
+
+The absolute path of the symlink will be invalid
+when populated in sysroot, so use relative path instead.
+
+Upstream-Status: Pending
+
+Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 824bbbf..8ce3a13 100644
+--- a/Makefile
++++ b/Makefile
+@@ -167,7 +167,7 @@ ifeq ($(NO_SOLIB),0)
+ $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
+ $(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME)
+ mkdir -p $(DESTDIR)$(USRLIBDIR)
+- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
++ $(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
+ endif
+ $(INSTALL) -D keyctl $(DESTDIR)$(BINDIR)/keyctl
+ $(INSTALL) -D request-key $(DESTDIR)$(SBINDIR)/request-key
+--
+2.11.0
+
diff --git a/recipes-security/keyutils/files/run-ptest b/recipes-security/keyutils/files/run-ptest
new file mode 100755
index 0000000..305707f
--- /dev/null
+++ b/recipes-security/keyutils/files/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+export AUTOMATED=1
+make -C tests run
diff --git a/recipes-security/keyutils/keyutils_1.5.10.bb b/recipes-security/keyutils/keyutils_1.5.10.bb
new file mode 100644
index 0000000..2ead8fa
--- /dev/null
+++ b/recipes-security/keyutils/keyutils_1.5.10.bb
@@ -0,0 +1,45 @@
+SUMMARY = "Linux Key Management Utilities"
+DESCRIPTION = "\
+ Utilities to control the kernel key management facility and to provide \
+ a mechanism by which the kernel call back to userspace to get a key \
+ instantiated. \
+ "
+HOMEPAGE = "http://people.redhat.com/dhowells/keyutils"
+SECTION = "base"
+
+LICENSE = "LGPLv2.1+ & GPLv2.0+"
+
+LIC_FILES_CHKSUM = "file://LICENCE.GPL;md5=5f6e72824f5da505c1f4a7197f004b45 \
+ file://LICENCE.LGPL;md5=7d1cacaa3ea752b72ea5e525df54a21f"
+
+
+inherit siteinfo ptest
+
+SRC_URI = "http://people.redhat.com/dhowells/keyutils/${BP}.tar.bz2 \
+ file://keyutils-use-relative-path-for-link.patch \
+ file://keyutils-test-fix-output-format.patch \
+ file://keyutils-fix-error-report-by-adding-default-message.patch \
+ file://run-ptest \
+ "
+
+SRC_URI[md5sum] = "3771676319bc7b84b1549b5c63ff5243"
+SRC_URI[sha256sum] = "115c3deae7f181778fd0e0ffaa2dad1bf1fe2f5677cf2e0e348cdb7a1c93afb6"
+
+EXTRA_OEMAKE = "'CFLAGS=${CFLAGS} -Wall' \
+ NO_ARLIB=1 \
+ LIBDIR=${base_libdir} \
+ USRLIBDIR=${base_libdir} \
+ BUILDFOR=${SITEINFO_BITS}-bit \
+ NO_GLIBC_KEYERR=1 \
+ "
+
+do_install () {
+ oe_runmake DESTDIR=${D} install
+}
+
+do_install_ptest () {
+ cp -r ${S}/tests ${D}${PTEST_PATH}/
+ sed -i -e 's/OSDIST=Unknown/OSDIST=${DISTRO}/' ${D}${PTEST_PATH}/tests/prepare.inc.sh
+}
+
+RDEPENDS_${PN}-ptest += "glibc-utils"
--
2.11.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [meta-security][PATCH 2/2 v2] ecryptfs-utils: add new recipe
2017-05-23 5:30 [meta-security][PATCH 0/2 v2] add new recipe for ecryptfs-utils and keyutils jackie.huang
2017-05-23 5:30 ` [meta-security][PATCH 1/2 v2] keyutils: add new recipe jackie.huang
@ 2017-05-23 5:30 ` jackie.huang
2017-05-23 14:53 ` Khem Raj
1 sibling, 1 reply; 5+ messages in thread
From: jackie.huang @ 2017-05-23 5:30 UTC (permalink / raw)
To: yocto
From: Jackie Huang <jackie.huang@windriver.com>
eCryptfs is a stacked cryptographic filesystem that ships
in Linux kernel versions 2.6.19 and above. This package
provides the mount helper and supporting libraries to
perform key management and mount functions.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
.../ecryptfs-utils/ecryptfs-utils_111.bb | 64 +++++++++++++++++++++
.../files/ecryptfs-utils-CVE-2016-6224.patch | 65 ++++++++++++++++++++++
.../ecryptfs-utils/files/ecryptfs.service | 9 +++
3 files changed, 138 insertions(+)
create mode 100644 recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
create mode 100644 recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-6224.patch
create mode 100644 recipes-security/ecryptfs-utils/files/ecryptfs.service
diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
new file mode 100644
index 0000000..160533a
--- /dev/null
+++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
@@ -0,0 +1,64 @@
+SUMMARY = "The eCryptfs mount helper and support libraries"
+DESCRIPTION = "eCryptfs is a stacked cryptographic filesystem \
+ that ships in Linux kernel versions 2.6.19 and above. This \
+ package provides the mount helper and supporting libraries \
+ to perform key management and mount functions."
+HOMEPAGE = "https://launchpad.net/ecryptfs"
+SECTION = "base"
+
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b"
+
+DEPENDS = "keyutils libgcrypt intltool-native glib-2.0-native"
+
+SRC_URI = "\
+ https://launchpad.net/ecryptfs/trunk/${PV}/+download/${BPN}_${PV}.orig.tar.gz \
+ file://ecryptfs-utils-CVE-2016-6224.patch \
+ file://ecryptfs.service \
+ "
+
+SRC_URI[md5sum] = "83513228984f671930752c3518cac6fd"
+SRC_URI[sha256sum] = "112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f118750a987f"
+
+inherit autotools pkgconfig systemd
+
+SYSTEMD_PACKAGES = "${PN}"
+SYSTEMD_SERVICE_${PN} = "ecryptfs.service"
+
+EXTRA_OECONF = "\
+ --libdir=${base_libdir} \
+ --disable-pywrap \
+ --disable-nls \
+ "
+
+PACKAGECONFIG ??= "nss \
+ ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
+ "
+PACKAGECONFIG[nss] = "--enable-nss,--disable-nss,nss,"
+PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,"
+PACKAGECONFIG[pam] = "--enable-pam,--disable-pam,libpam,"
+
+do_configure_prepend() {
+ export NSS_CFLAGS="-I${STAGING_INCDIR}/nspr4 -I${STAGING_INCDIR}/nss3"
+ export NSS_LIBS="-L${STAGING_BASELIBDIR} -lssl3 -lsmime3 -lnss3 -lsoftokn3 -lnssutil3"
+ export KEYUTILS_CFLAGS="-I${STAGING_INCDIR}"
+ export KEYUTILS_LIBS="-L${STAGING_LIBDIR} -lkeyutils"
+}
+
+do_install_append() {
+ chmod 4755 ${D}${base_sbindir}/mount.ecryptfs_private
+ mkdir -p ${D}/${libdir}
+ mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}
+ sed -i -e 's:-I${STAGING_INCDIR}::' \
+ -e 's:-L${STAGING_LIBDIR}::' ${D}/${libdir}/pkgconfig/libecryptfs.pc
+ sed -i -e "s: ${base_sbindir}/cryptsetup: ${sbindir}/cryptsetup:" ${D}${bindir}/ecryptfs-setup-swap
+ if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+ install -d ${D}${systemd_system_unitdir}
+ install -m 0644 ${WORKDIR}/ecryptfs.service ${D}${systemd_system_unitdir}
+ fi
+}
+
+FILES_${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
+
+RDEPENDS_${PN} += "cryptsetup"
+RRECOMMENDS_${PN} = "gettext-runtime"
diff --git a/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-6224.patch b/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-6224.patch
new file mode 100644
index 0000000..4252f97
--- /dev/null
+++ b/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-6224.patch
@@ -0,0 +1,65 @@
+From 558a513ba3100ea5190de1a24cf1fed663367765 Mon Sep 17 00:00:00 2001
+From: Li Zhou <li.zhou@windriver.com>
+Date: Mon, 5 Sep 2016 10:28:08 +0800
+Subject: [PATCH] ecryptfs-utils: CVE-2016-6224
+
+src/utils/ecryptfs-setup-swap: Prevent unencrypted swap partitions from
+being automatically enabled by systemd. This bug affected GPT partitioned
+NVMe/MMC drives and resulted in the swap partition being used without
+encryption. It also resulted in a usability issue in that users were
+erroneously prompted to enter a pass-phrase to unlock their swap partition
+at boot. (LP: #1597154)
+
+the patch comes from:
+https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6224
+https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882
+
+Upstream-Status: backport
+
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ ChangeLog | 9 +++++++++
+ src/utils/ecryptfs-setup-swap | 10 ++++++++--
+ 2 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index d255a94..2c9c73e 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,12 @@
++ecryptfs-utils-112
++ [ Jason Gerard DeRose ]
++ * src/utils/ecryptfs-setup-swap: Prevent unencrypted swap partitions from
++ being automatically enabled by systemd. This bug affected GPT partitioned
++ NVMe/MMC drives and resulted in the swap partition being used without
++ encryption. It also resulted in a usability issue in that users were
++ erroneously prompted to enter a pass-phrase to unlock their swap partition
++ at boot. (LP: #1597154)
++
+ ecryptfs-utils-74
+ [ Michal Hlavinka ]
+ * Changes for RH/Fedora release
+diff --git a/src/utils/ecryptfs-setup-swap b/src/utils/ecryptfs-setup-swap
+index 41cf18a..e4785d7 100755
+--- a/src/utils/ecryptfs-setup-swap
++++ b/src/utils/ecryptfs-setup-swap
+@@ -166,8 +166,14 @@ for swap in $swaps; do
+ # If this is a GPT partition, mark it as no-auto mounting, to avoid
+ # auto-activating it on boot
+ if [ "$(blkid -p -s PART_ENTRY_SCHEME -o value "$swap")" = "gpt" ]; then
+- drive="${swap%[0-9]*}"
+- partno="${swap#$drive}"
++ # Correctly handle NVMe/MMC drives, as well as any similar physical
++ # block device that follow the "/dev/foo0p1" pattern (LP: #1597154)
++ if echo "$swap" | grep -qE "^/dev/.+[0-9]+p[0-9]+$"; then
++ drive=$(echo "$swap" | sed "s:\(.\+[0-9]\)p[0-9]\+:\1:")
++ else
++ drive=$(echo "$swap" | sed "s:\(.\+[^0-9]\)[0-9]\+:\1:")
++ fi
++ partno=$(echo "$swap" | sed "s:.\+[^0-9]\([0-9]\+\):\1:")
+ if [ -b "$drive" ]; then
+ if printf "x\np\n" | fdisk "$drive" | grep -q "^$swap .* GUID:.*\b63\b"; then
+ echo "$swap is already marked as no-auto"
+--
+1.9.1
+
diff --git a/recipes-security/ecryptfs-utils/files/ecryptfs.service b/recipes-security/ecryptfs-utils/files/ecryptfs.service
new file mode 100644
index 0000000..c23a03a
--- /dev/null
+++ b/recipes-security/ecryptfs-utils/files/ecryptfs.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=A userspace daemon that runs as the user perform file operations under the eCryptfs mount point
+After=udev.service
+
+[Service]
+ExecStart=/usr/bin/ecryptfsd -f
+
+[Install]
+WantedBy=multi-user.target
--
2.11.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [meta-security][PATCH 2/2 v2] ecryptfs-utils: add new recipe
2017-05-23 5:30 ` [meta-security][PATCH 2/2 v2] ecryptfs-utils: " jackie.huang
@ 2017-05-23 14:53 ` Khem Raj
2017-05-24 2:15 ` Huang, Jie (Jackie)
0 siblings, 1 reply; 5+ messages in thread
From: Khem Raj @ 2017-05-23 14:53 UTC (permalink / raw)
To: jhuang0; +Cc: yocto
On Mon, May 22, 2017 at 10:30 PM, <jackie.huang@windriver.com> wrote:
> + install -d ${D}${systemd_system_unitdir}
> + install -m 0644 ${WORKDIR}/ecryptfs.service ${D}${systemd_system_unitdir}
you could squash above into install -D -m 0644
${WORKDIR}/ecryptfs.service
${D}${systemd_system_unitdir}/ecryptfs.service
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [meta-security][PATCH 2/2 v2] ecryptfs-utils: add new recipe
2017-05-23 14:53 ` Khem Raj
@ 2017-05-24 2:15 ` Huang, Jie (Jackie)
0 siblings, 0 replies; 5+ messages in thread
From: Huang, Jie (Jackie) @ 2017-05-24 2:15 UTC (permalink / raw)
To: Khem Raj; +Cc: yocto
> -----Original Message-----
> From: Khem Raj [mailto:raj.khem@gmail.com]
> Sent: Tuesday, May 23, 2017 22:53
> To: Huang, Jie (Jackie)
> Cc: yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-security][PATCH 2/2 v2] ecryptfs-utils: add new
> recipe
>
> On Mon, May 22, 2017 at 10:30 PM, <jackie.huang@windriver.com> wrote:
> > + install -d ${D}${systemd_system_unitdir}
> > + install -m 0644 ${WORKDIR}/ecryptfs.service
> ${D}${systemd_system_unitdir}
>
> you could squash above into install -D -m 0644
> ${WORKDIR}/ecryptfs.service
> ${D}${systemd_system_unitdir}/ecryptfs.service
Ok, I will change and send v3 for this, thanks!
Thanks,
Jackie
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-05-24 2:15 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-23 5:30 [meta-security][PATCH 0/2 v2] add new recipe for ecryptfs-utils and keyutils jackie.huang
2017-05-23 5:30 ` [meta-security][PATCH 1/2 v2] keyutils: add new recipe jackie.huang
2017-05-23 5:30 ` [meta-security][PATCH 2/2 v2] ecryptfs-utils: " jackie.huang
2017-05-23 14:53 ` Khem Raj
2017-05-24 2:15 ` Huang, Jie (Jackie)
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.