From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2D698C433E2 for ; Tue, 15 Sep 2020 14:22:51 +0000 (UTC) Received: from web01.groups.io (web01.groups.io [66.175.222.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4B60322B49 for ; Tue, 15 Sep 2020 14:22:49 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=lists.cip-project.org header.i=@lists.cip-project.org header.b="UcuJJ61H" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4B60322B49 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=toshiba-tsip.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=bounce+64572+5452+4520388+8129055@lists.cip-project.org X-Received: by 127.0.0.2 with SMTP id TJwOYY4521723x9J21NdBCwx; Tue, 15 Sep 2020 07:22:49 -0700 X-Received: from peak.toshiba-tesi.com (peak.toshiba-tesi.com [202.56.254.199]) by mx.groups.io with SMTP id smtpd.web10.14564.1600179768333343159 for ; Tue, 15 Sep 2020 07:22:48 -0700 IronPort-SDR: CLl3Ieq9gkYBqL2ktp1qHssUaTF0qEMF4Ocv3kPnRH0A2958mSxWmarl/jThM+VgQUgsV0QDt/ rE4l0bWzj6ug== X-IronPort-AV: E=Sophos;i="5.76,430,1592850600"; d="scan'208";a="6248121" X-Received: from unknown (HELO TOSBLRMBX0119.TOSHIBA-TSIP.COM) ([172.28.80.118]) by peak.toshiba-tesi.com with ESMTP; 15 Sep 2020 20:33:36 +0530 X-Received: from TOSBLRMBX0319.TOSHIBA-TSIP.COM (172.28.80.120) by TOSBLRMBX0119.TOSHIBA-TSIP.COM (172.28.80.118) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1847.3; Tue, 15 Sep 2020 19:52:44 +0530 X-Received: from pvenkat.TOSHIBA-TSIP.COM (172.28.80.121) by TOSBLRMBX0319.TOSHIBA-TSIP.COM (172.28.80.120) with Microsoft SMTP Server id 15.1.1847.3 via Frontend Transport; Tue, 15 Sep 2020 19:52:37 +0530 From: "Venkata Pyla" To: CC: venkata-pyla , Subject: [cip-dev] [cip-core:deby 0/3] deby security layer changes Date: Tue, 15 Sep 2020 19:53:41 +0530 Message-ID: <20200915142345.179-1-venkata.pyla@toshiba-tsip.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: cip-dev@lists.cip-project.org List-Id: Mailing-List: list cip-dev@lists.cip-project.org; contact cip-dev+owner@lists.cip-project.org Reply-To: cip-dev@lists.cip-project.org X-Gm-Message-State: CkZhg1zYNh6gSq9ka2ZjVY0fx4520388AA= Content-Type: multipart/mixed; boundary="9eXAp1rBARZtgJBAZcdX" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=lists.cip-project.org; q=dns/txt; s=20140610; t=1600179769; bh=mxYVItWgErAMe+a/NE26TKRb5PTpQimpaeZr39bqhBA=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=UcuJJ61HRu1nDhZlfu9jbBIK+NBiCyYnW9istHfo1ltt48nI8oPFIVuRwpkIfFbanMw yq1jkrXju7wmhJUwrsf0qnt6P0uZzthNzcKLDIWsH8O+MLmFXv2YzQgpjbhr76RZmMdZ1 RBWPR+js5hvfGewJEvYKCbWBQn149/ACg/U= --9eXAp1rBARZtgJBAZcdX Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit From: venkata-pyla Added a security layer in deby that will be used for IEC 62443-4-2 certification venkata pyla (3): cip-security: Create new layer for cip security security-configuration: apply security polcies using package bbappend aide-static: enable aide to build statically README.md | 5 +++ kas/opt/security.yml | 32 +++++++++++++++ .../conf/include/aide-static-libs.inc | 10 +++++ meta-cip-security/conf/layer.conf | 20 ++++++++++ .../audit/audit_debian.bbappend | 20 ++++++++++ .../base-files/base-files_debian.bbappend | 3 ++ .../openssh/openssh_debian.bbappend | 19 +++++++++ .../recipes-debian/pam/libpam_debian.bbappend | 39 +++++++++++++++++++ 8 files changed, 148 insertions(+) create mode 100644 kas/opt/security.yml create mode 100644 meta-cip-security/conf/include/aide-static-libs.inc create mode 100644 meta-cip-security/conf/layer.conf create mode 100644 meta-cip-security/recipes-debian/audit/audit_debian.bbappend create mode 100644 meta-cip-security/recipes-debian/base-files/base-files_debian.bbappend create mode 100644 meta-cip-security/recipes-debian/openssh/openssh_debian.bbappend create mode 100644 meta-cip-security/recipes-debian/pam/libpam_debian.bbappend -- 2.27.0.windows.1 The information contained in this e-mail message and in any attachments/annexure/appendices is confidential to the recipient and may contain privileged information. If you are not the intended recipient, please notify the sender and delete the message along with any attachments/annexure/appendices. You should not disclose, copy or otherwise use the information contained in the message or any annexure. Any views expressed in this e-mail are those of the individual sender except where the sender specifically states them to be the views of Toshiba Software India Pvt. Ltd. (TSIP),Bangalore. Although this transmission and any attachments are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by Toshiba Embedded Software India Pvt. Ltd, for any loss or damage arising in any way from its use. --9eXAp1rBARZtgJBAZcdX Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Links: You receive all messages sent to this group. View/Reply Online (#5452): https://lists.cip-project.org/g/cip-dev/message= /5452 Mute This Topic: https://lists.cip-project.org/mt/76865926/4520388 Group Owner: cip-dev+owner@lists.cip-project.org Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/7279483= 98/xyzzy [cip-dev@archiver.kernel.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --9eXAp1rBARZtgJBAZcdX--