meta-security: Convert to new override syntax

Signed-off-by: Armin Kuster <akuster808@gmail.com>

README

@@ -5,7 +5,7 @@ The bbappend files for some recipes (e.g. linux-yocto) in this layer need
 to have 'security' in DISTRO_FEATURES to have effect.
 To enable them, add in configuration file the following line.
 
-  DISTRO_FEATURES_append = " security"
+  DISTRO_FEATURES:append = " security"
 
 If meta-security is included, but security  is not enabled as a
 distro feature a warning is printed at parse time:

conf/distro/include/maintainers.inc

@@ -16,42 +16,42 @@
 #
 # The format is as a bitbake variable override for each recipe
 #
-#	RECIPE_MAINTAINER_pn-<recipe name> = "Full Name <address@domain>"
+#	RECIPE_MAINTAINER:pn-<recipe name> = "Full Name <address@domain>"
 #
 # Please keep this list in alphabetical order.
-RECIPE_MAINTAINER_pn-aircrack-ng = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-apparmor = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-bastille = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-buck-security = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-ccs-tools = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-checksec = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-checksecurity = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-clamav = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-ding-libs = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-ecryptfs-utils = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-fscryptctl = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-google-authenticator-libpam = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-hash-perl = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-isic = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-keyutils = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-libaes-siv = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-libgssglue = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-libhtp = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-libmhash = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-libmspack = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-lib-perl = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-libseccomp = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-libwhisker2-perl = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-ncrack = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-nikto = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-paxctl = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-python3-fail2ban = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-python3-scapy = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-python-fail2ban = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-python-scapy = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-redhat-security = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-samhain = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-smack = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-sssd = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-suricata = "Armin Kuster <akuster808@gmail.com>"
-RECIPE_MAINTAINER_pn-tripwire = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-aircrack-ng = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-apparmor = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-bastille = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-buck-security = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-ccs-tools = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-checksec = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-checksecurity = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-clamav = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-ding-libs = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-ecryptfs-utils = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-fscryptctl = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-google-authenticator-libpam = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-hash-perl = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-isic = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-keyutils = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-libaes-siv = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-libgssglue = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-libhtp = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-libmhash = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-libmspack = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-lib-perl = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-libseccomp = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-libwhisker2-perl = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-ncrack = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-nikto = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-paxctl = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-python3-fail2ban = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-python3-scapy = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-python-fail2ban = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-python-scapy = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-redhat-security = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-samhain = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-smack = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-sssd = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-suricata = "Armin Kuster <akuster808@gmail.com>"
+RECIPE_MAINTAINER:pn-tripwire = "Armin Kuster <akuster808@gmail.com>"

recipes-core/initrdscripts/initramfs-framework.inc

@@ -1,16 +1,16 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/initramfs-framework-dm:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/initramfs-framework-dm:"
 
-SRC_URI_append = "\
+SRC_URI:append = "\
     file://dmverity \
 "
 
-do_install_append() {
+do_install:append() {
     # dm-verity
     install ${WORKDIR}/dmverity ${D}/init.d/80-dmverity
 }
 
-PACKAGES_append = " initramfs-module-dmverity"
+PACKAGES:append = " initramfs-module-dmverity"
 
-SUMMARY_initramfs-module-dmverity = "initramfs dm-verity rootfs support"
-RDEPENDS_initramfs-module-dmverity = "${PN}-base"
-FILES_initramfs-module-dmverity = "/init.d/80-dmverity"
+SUMMARY:initramfs-module-dmverity = "initramfs dm-verity rootfs support"
+RDEPENDS:initramfs-module-dmverity = "${PN}-base"
+FILES:initramfs-module-dmverity = "/init.d/80-dmverity"

recipes-core/packagegroup/packagegroup-core-security.bb

@@ -16,7 +16,7 @@ PACKAGES = "\
     ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
     "
 
-RDEPENDS_packagegroup-core-security = "\
+RDEPENDS:packagegroup-core-security = "\
     packagegroup-security-utils \
     packagegroup-security-scanners \
     packagegroup-security-audit \
@@ -26,8 +26,8 @@ RDEPENDS_packagegroup-core-security = "\
     ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
     "
 
-SUMMARY_packagegroup-security-utils = "Security utilities"
-RDEPENDS_packagegroup-security-utils = "\
+SUMMARY:packagegroup-security-utils = "Security utilities"
+RDEPENDS:packagegroup-security-utils = "\
     checksec \
     ding-libs \
     ecryptfs-utils \
@@ -46,46 +46,46 @@ RDEPENDS_packagegroup-security-utils = "\
     ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \
     "
 
-SUMMARY_packagegroup-security-scanners = "Security scanners"
-RDEPENDS_packagegroup-security-scanners = "\
+SUMMARY:packagegroup-security-scanners = "Security scanners"
+RDEPENDS:packagegroup-security-scanners = "\
     isic \
     nikto \
     checksecurity \
     ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \
     "
-RDEPENDS_packagegroup-security-scanners_remove_libc-musl = "clamav clamav-daemon clamav-freshclam"
+RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "clamav clamav-daemon clamav-freshclam"
 
-SUMMARY_packagegroup-security-audit = "Security Audit tools "
-RDEPENDS_packagegroup-security-audit = " \
+SUMMARY:packagegroup-security-audit = "Security Audit tools "
+RDEPENDS:packagegroup-security-audit = " \
     buck-security \
     redhat-security \
     "
 
-SUMMARY_packagegroup-security-hardening = "Security Hardening tools"
-RDEPENDS_packagegroup-security-hardening = " \
+SUMMARY:packagegroup-security-hardening = "Security Hardening tools"
+RDEPENDS:packagegroup-security-hardening = " \
     bastille \
     "
 
-SUMMARY_packagegroup-security-ids = "Security Intrusion Detection systems"
-RDEPENDS_packagegroup-security-ids = " \
+SUMMARY:packagegroup-security-ids = "Security Intrusion Detection systems"
+RDEPENDS:packagegroup-security-ids = " \
     samhain-standalone \
     ${@bb.utils.contains_any("TUNE_FEATURES", "ppc7400 riscv32 riscv64", "", " suricata",d)} \
     ossec-hids \
     aide \
     "
 
-RDEPENDS_packagegroup-security-ids_remove_libc-musl = "ossec-hids"
+RDEPENDS:packagegroup-security-ids:remove:libc-musl = "ossec-hids"
 
-SUMMARY_packagegroup-security-mac = "Security Mandatory Access Control systems"
-RDEPENDS_packagegroup-security-mac = " \
+SUMMARY:packagegroup-security-mac = "Security Mandatory Access Control systems"
+RDEPENDS:packagegroup-security-mac = " \
     ${@bb.utils.contains("DISTRO_FEATURES", "tomoyo", "ccs-tools", "",d)} \
     ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", "",d)} \
     ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \
     "
 
-RDEPENDS_packagegroup-security-mac_remove_mipsarch = "apparmor"
+RDEPENDS:packagegroup-security-mac:remove:mipsarch = "apparmor"
 
-RDEPENDS_packagegroup-meta-security-ptest-packages = "\
+RDEPENDS:packagegroup-meta-security-ptest-packages = "\
     ptest-runner \
     samhain-standalone-ptest \
     ${@bb.utils.contains_any("TUNE_FEATURES", "ppc7400 riscv32 riscv64", "", " suricata-ptest",d)} \

recipes-ids/aide/aide_0.17.3.bb

@@ -25,7 +25,7 @@ PACKAGECONFIG[gcrypt] = "--with-gcrypt, --without-gcrypt, libgcrypt, libgcrypt"
 PACKAGECONFIG[mhash] = "--with-mhash, --without-mhash, libmhash, libmhash"
 PACKAGECONFIG[e2fsattrs] = "--with-e2fsattrs, --without-e2fsattrs, e2fsprogs, e2fsprogs"
 
-do_install_append () {
+do_install:append () {
     install -d ${D}${libdir}/${PN}/logs   
     install -d ${D}${sysconfdir}   
     install ${WORKDIR}/aide.conf ${D}${sysconfdir}/
@@ -33,9 +33,9 @@ do_install_append () {
 
 CONF_FILE = "${sysconfdir}/aide.conf"
 
-FILES_${PN} += "${libdir}/${PN} ${sysconfdir}/aide.conf"
+FILES:${PN} += "${libdir}/${PN} ${sysconfdir}/aide.conf"
 
-pkg_postinst_ontarget_${PN} () {
+pkg_postinst_ontarget:${PN} () {
     /usr/bin/aide -i
 }
 RDPENDS_${PN} = "bison, libpcre"

recipes-ids/crowdsec/crowdsec_1.1.1.bb

@@ -35,8 +35,8 @@ do_install_ () {
 }
 
 
-INSANE_SKIP_${PN} = "already-stripped"
-INSANE_SKIP_${PN}-dev = "ldflags"
+INSANE_SKIP:${PN} = "already-stripped"
+INSANE_SKIP:${PN}-dev = "ldflags"
 
-RDEPENDS_${PN} = "go"
-RDEPENDS_${PN}-dev = "bash"
+RDEPENDS:${PN} = "go"
+RDEPENDS:${PN}-dev = "bash"

recipes-ids/ossec/ossec-hids_3.6.0.bb

@@ -44,7 +44,7 @@ do_install(){
   install -m 640 ${D}/${sysconfdir}/ossec-init.conf ${D}/var/ossec/${sysconfdir}/ossec-init.conf
 }
 
-pkg_postinst_ontarget_${PN} () {
+pkg_postinst_ontarget:${PN} () {
     DIR="/var/ossec"
 
     usermod -g ossec -G ossec -a root
@@ -157,9 +157,9 @@ pkg_postinst_ontarget_${PN} () {
 }
 
 USERADD_PACKAGES = "${PN}"
-USERADD_PARAM_${PN} = "--system --home-dir /var/ossec -g ossec --shell /bin/false ossec"
-GROUPADD_PARAM_${PN} = "--system ossec"
+USERADD_PARAM:${PN} = "--system --home-dir /var/ossec -g ossec --shell /bin/false ossec"
+GROUPADD_PARAM:${PN} = "--system ossec"
 
-RDEPENDS_${PN} = "openssl bash"
+RDEPENDS:${PN} = "openssl bash"
 
-COMPATIBLE_HOST_libc-musl = "null"
+COMPATIBLE_HOST:libc-musl = "null"

recipes-ids/samhain/samhain-client.bb

@@ -8,5 +8,5 @@ EXTRA_OECONF += " \
         --with-port=${SAMHAIN_PORT} \
         "
 
-RDEPENDS_${PN} = "acl zlib attr bash"
-RCONFLICTS_${PN} = "samhain-standalone"
+RDEPENDS:${PN} = "acl zlib attr bash"
+RCONFLICTS:${PN} = "samhain-standalone"

recipes-ids/samhain/samhain-server.bb

@@ -10,7 +10,7 @@ SRC_URI += "file://samhain-server-volatiles \
 
 TARGET_CC_ARCH += "${LDFLAGS}"
 
-do_install_append() {
+do_install:append() {
     if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
         install -d ${D}${sysconfdir}/tmpfiles.d
         install -m 0644 ${WORKDIR}/samhain-server-volatiles.conf \
@@ -25,5 +25,5 @@ do_install_append() {
         init/samhain.startLSB ${D}/var/lib/samhain
 }
 
-RDEPENDS_${PN} += "gmp bash perl"
-RCONFLICTS_${PN} = "samhain-standalone"
+RDEPENDS:${PN} += "gmp bash perl"
+RCONFLICTS:${PN} = "samhain-standalone"

recipes-ids/samhain/samhain-standalone.bb

@@ -6,7 +6,7 @@ SRC_URI += "file://samhain-not-run-ptest-on-host.patch \
 
 PROVIDES += "samhain"
 
-SYSTEMD_SERVICE_${PN} = "samhain.service"
+SYSTEMD_SERVICE:${PN} = "samhain.service"
 
 inherit ptest
 
@@ -18,7 +18,7 @@ do_compile() {
 	oe_runmake "$@"
 }
 
-do_install_append() {
+do_install:append() {
     ln -sf ${INITSCRIPT_NAME} ${D}${sysconfdir}/init.d/samhain
 }
 
@@ -27,5 +27,5 @@ do_install_ptest() {
 	install ${S}/cutest ${D}${PTEST_PATH}
 }
 
-RPROVIDES_${PN} += "samhain"
-RCONFLICTS_${PN} = "samhain-client samhain-server"
+RPROVIDES:${PN} += "samhain"
+RCONFLICTS:${PN} = "samhain-client samhain-server"

recipes-ids/samhain/samhain.inc

@@ -37,7 +37,7 @@ INITSCRIPT_NAME = "${BPN}"
 INITSCRIPT_PARAMS ?= "defaults"
 
 SYSTEMD_PACKAGES = "${PN}"
-SYSTEMD_SERVICE_${PN} = "${INITSCRIPT_NAME}.service"
+SYSTEMD_SERVICE:${PN} = "${INITSCRIPT_NAME}.service"
 SYSTEMD_AUTO_ENABLE = "disable"
 
 # mode mapping:
@@ -67,23 +67,23 @@ PACKAGECONFIG[acl] = " --enable-posix-acl , --disable-posix-acl, acl"
 PACKAGECONFIG[audit] = "ac_cv_header_auparse_h=yes,ac_cv_header_auparse_h=no,audit"
 PACKAGECONFIG[ps] = "--with-ps-path=${base_bindir}/ps,,,procps"
 
-EXTRA_OEMAKE_append_aarch64 = " CPPFLAGS+=-DCONFIG_ARCH_AARCH64=1"
-EXTRA_OEMAKE_append_mips64 = " CPPFLAGS+=-DCONFIG_ARCH_MIPS64=1"
+EXTRA_OEMAKE:append:aarch64 = " CPPFLAGS+=-DCONFIG_ARCH_AARCH64=1"
+EXTRA_OEMAKE:append:mips64 = " CPPFLAGS+=-DCONFIG_ARCH_MIPS64=1"
 
 do_unpack_samhain() {
     cd ${WORKDIR}
     tar -xzvf samhain-${PV}.tar.gz
 }
 
-python do_unpack_append() {
+python do_unpack:append() {
     bb.build.exec_func('do_unpack_samhain', d)
 }
 
-do_configure_prepend_arm() {
+do_configure:prepend:arm() {
     export sh_cv___va_copy=yes
 }
 
-do_configure_prepend_aarch64() {
+do_configure:prepend:aarch64() {
     export sh_cv___va_copy=yes
 }
 
@@ -91,7 +91,7 @@ do_configure_prepend_aarch64() {
 # use the prefix --oldincludedir=/usr/include which is not
 # recognized by Samhain's configure script and would invariably
 # throw back the error "unrecognized option: --oldincludedir=/usr/include"
-do_configure_prepend () {
+do_configure:prepend () {
     cat << EOF > ${S}/config-site.${BP}
 ssp_cv_lib=no
 sh_cv_va_copy=yes
@@ -124,13 +124,13 @@ do_configure () {
 	${EXTRA_OECONF}
 }
 
-do_compile_prepend_libc-musl () {
+do_compile:prepend:libc-musl () {
 	sed -i 's/^#define HAVE_MALLOC_H.*//' ${B}/config.h
 }
 
 # Install the init script, it's default file, and the extraneous
 # documentation.
-do_install_append () {
+do_install:append () {
 	oe_runmake install DESTDIR='${D}' INSTALL=install-boot
 
 	install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.init \
@@ -165,4 +165,4 @@ do_install_append () {
 	rm -rf ${D}${localstatedir}/log
 }
 
-FILES_${PN} += "${systemd_system_unitdir}"
+FILES:${PN} += "${systemd_system_unitdir}"

recipes-ids/tripwire/tripwire_2.4.3.7.bb

@@ -60,18 +60,18 @@ do_install () {
     install -m 0644 ${WORKDIR}/tripwire.txt ${D}${docdir}/${BPN}
 }
 
-do_install_ptest_append () {
+do_install_ptest:append () {
 	install -d ${D}${PTEST_PATH}/tests
 	cp -a ${S}/src/test-harness/* ${D}${PTEST_PATH}
 	sed -i -e 's@../../../../bin@${sbindir}@'  ${D}${PTEST_PATH}/twtools.pm
 }
 
-FILES_${PN} += "${libdir} ${docdir}/${PN}/*"
-FILES_${PN}-dbg += "${sysconfdir}/${PN}/.debug"
-FILES_${PN}-staticdev += "${localstatedir}/lib/${PN}/lib*.a"
-FILES_${PN}-ptest += "${PTEST_PATH}/tests "
+FILES:${PN} += "${libdir} ${docdir}/${PN}/*"
+FILES:${PN}-dbg += "${sysconfdir}/${PN}/.debug"
+FILES:${PN}-staticdev += "${localstatedir}/lib/${PN}/lib*.a"
+FILES:${PN}-ptest += "${PTEST_PATH}/tests "
 
-RDEPENDS_${PN} += " perl nano msmtp cronie"
-RDEPENDS_${PN}-ptest = " perl lib-perl perl-modules "
+RDEPENDS:${PN} += " perl nano msmtp cronie"
+RDEPENDS:${PN}-ptest = " perl lib-perl perl-modules "
 
 PNBLACKLIST[tripwire] ?= "Upsteram project appears to be abondoned, fails to build with gcc11"

recipes-kernel/linux/linux-yocto_security.inc

@@ -1,3 +1,3 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}"

recipes-kernel/lkrg/lkrg-module_0.9.1.bb

@@ -28,6 +28,6 @@ module_do_install() {
     ${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel/${MODULE_NAME}/${MODULE_NAME}.ko
 }
 
-RPROVIDES_${PN} += "kernel-module-lkrg"
+RPROVIDES:${PN} += "kernel-module-lkrg"
 
 COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"

recipes-mac/AppArmor/apparmor_3.0.1.bb

@@ -29,7 +29,7 @@ S = "${WORKDIR}/git"
 
 PARALLEL_MAKE = ""
 
-COMPATIBLE_MACHINE_mips64 = "(!.*mips64).*"
+COMPATIBLE_MACHINE:mips64 = "(!.*mips64).*"
 
 inherit pkgconfig autotools-brokensep update-rc.d python3native python3targetconfig perlnative cpan systemd features_check bash-completion
 
@@ -106,11 +106,11 @@ do_install () {
 }
 
 #Building ptest on arm fails.
-do_compile_ptest_aarch64 () {
+do_compile_ptest:aarch64 () {
   :
 }
 
-do_compile_ptest_arm () {
+do_compile_ptest:arm () {
   :
 }
 
@@ -140,11 +140,11 @@ do_install_ptest () {
 }
 
 #Building ptest on arm fails.
-do_install_ptest_aarch64 () {
+do_install_ptest:aarch64 () {
   :
 }
 
-do_install_ptest_arm() {
+do_install_ptest:arm() {
   :
 }
 
@@ -153,23 +153,23 @@ INITSCRIPT_NAME = "apparmor"
 INITSCRIPT_PARAMS = "start 16 2 3 4 5 . stop 35 0 1 6 ."
 
 SYSTEMD_PACKAGES = "${PN}"
-SYSTEMD_SERVICE_${PN} = "apparmor.service"
+SYSTEMD_SERVICE:${PN} = "apparmor.service"
 SYSTEMD_AUTO_ENABLE ?= "enable"
 
 PACKAGES += "mod-${PN}"
 
-FILES_${PN} += "${nonarch_base_libdir}/apparmor/ ${base_libdir}/security/ ${sysconfdir}/apparmor ${nonarch_libdir}/${PYTHON_DIR}/site-packages"
-FILES_mod-${PN} = "${libdir}/apache2/modules/*"
-FILES_${PN}-dbg += "${base_libdir}/security/.debug"
+FILES:${PN} += "${nonarch_base_libdir}/apparmor/ ${base_libdir}/security/ ${sysconfdir}/apparmor ${nonarch_libdir}/${PYTHON_DIR}/site-packages"
+FILES:mod-${PN} = "${libdir}/apache2/modules/*"
+FILES:${PN}-dbg += "${base_libdir}/security/.debug"
 
-DEPENDS_append_libc-musl = " fts "
-RDEPENDS_${PN}_libc-musl +=  "musl-utils"
-RDEPENDS_${PN}_libc-glibc +=  "glibc-utils"
+DEPENDS:append:libc-musl = " fts "
+RDEPENDS:${PN}:libc-musl +=  "musl-utils"
+RDEPENDS:${PN}:libc-glibc +=  "glibc-utils"
 
 # Add coreutils and findutils only if sysvinit scripts are in use
-RDEPENDS_${PN} +=  "${@["coreutils findutils", ""][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'systemd')]} ${@bb.utils.contains('PACKAGECONFIG','python','python3-core python3-modules','', d)}"
-RDEPENDS_${PN}_remove += "${@bb.utils.contains('PACKAGECONFIG','perl','','perl', d)}"
-RDEPENDS_${PN}-ptest += "perl coreutils dbus-lib bash"
+RDEPENDS:${PN} +=  "${@["coreutils findutils", ""][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'systemd')]} ${@bb.utils.contains('PACKAGECONFIG','python','python3-core python3-modules','', d)}"
+RDEPENDS:${PN}:remove += "${@bb.utils.contains('PACKAGECONFIG','perl','','perl', d)}"
+RDEPENDS:${PN}-ptest += "perl coreutils dbus-lib bash"
 
-INSANE_SKIP_${PN} = "ldflags"
-PRIVATE_LIBS_${PN}-ptest = "libapparmor.so*"
+INSANE_SKIP:${PN} = "ldflags"
+PRIVATE_LIBS:${PN}-ptest = "libapparmor.so*"

recipes-mac/ccs-tools/README

@@ -9,4 +9,4 @@ To start via command line add:
 To initialize:
 /usr/lib/ccs/init_policy
 
-DISTRO_FEATURES_append = " tomoyo"
+DISTRO_FEATURES:append = " tomoyo"

recipes-mac/ccs-tools/ccs-tools_1.8.4.bb

@@ -29,17 +29,17 @@ do_install(){
 
 PACKAGE="${PN} ${PN}-dbg ${PN}-doc"
 
-FILES_${PN} = "\
+FILES:${PN} = "\
     ${sbindir}/* \
     ${base_sbindir}/* \
     ${libdir}/* \
 "
 
-FILES_${PN}-doc = "\
+FILES:${PN}-doc = "\
     ${mandir}/man8/* \
 "
 
-FILES_${PN}-dbg = "\
+FILES:${PN}-dbg = "\
     ${base_sbindir}/.debug/* \
     ${sbindir}/.debug/* \
     ${libdir}/.debug/* \

recipes-mac/smack/smack-test_1.0.bb

@@ -22,4 +22,4 @@ do_install() {
     install -m 0755 *.sh ${D}${sbindir}
 }
 
-RDEPENDS_${PN} = "smack python mmap-smack-test tcp-smack-test udp-smack-test"
+RDEPENDS:${PN} = "smack python mmap-smack-test tcp-smack-test udp-smack-test"

recipes-mac/smack/smack_1.3.1.bb

@@ -28,15 +28,15 @@ REQUIRED_DISTRO_FEATURES = "smack"
 S = "${WORKDIR}/git"
 
 PACKAGECONFIG ??= ""
-PACKAGECONFIG_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}"
+PACKAGECONFIG:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}"
 
 PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, --without-systemdsystemunitdir, systemd"
 
-do_compile_append () {
+do_compile:append () {
 	oe_runmake -C ${S}/tests generator
 }
 
-do_install_append () {
+do_install:append () {
 	install -d ${D}${sysconfdir}/init.d
 	install -d ${D}${sysconfdir}/smack
 	install -d ${D}${sysconfdir}/smack/accesses.d
@@ -55,10 +55,10 @@ INITSCRIPT_PACKAGES = "${PN}"
 INITSCRIPT_NAME = "smack"
 INITSCRIPT_PARAMS = "start 16 2 3 4 5 . stop 35 0 1 6 ."
 
-FILES_${PN} += "${sysconfdir}/init.d/smack"
-FILES_${PN}-ptest += "generator"
+FILES:${PN} += "${sysconfdir}/init.d/smack"
+FILES:${PN}-ptest += "generator"
 
-RDEPENDS_${PN} += "coreutils python3-core"
-RDEPENDS_${PN}-ptest += "make bash bc"
+RDEPENDS:${PN} += "coreutils python3-core"
+RDEPENDS:${PN}-ptest += "make bash bc"
 
 BBCLASSEXTEND = "native"

recipes-mac/smack/tcp-smack-test/tcp_client.c

@@ -1,111 +1,111 @@
-// (C) Copyright 2015 Intel Corporation
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-#include <stdio.h>
-#include <sys/socket.h>
-#include <sys/types.h>
-#include <errno.h>
-#include <netinet/in.h>
-#include <unistd.h>
-#include <netdb.h>
-#include <string.h>
-#include <sys/xattr.h>
-
-int main(int argc, char* argv[])
-{
-
-	int sock;
-	char message[255] = "hello";
-	struct sockaddr_in server_addr;
-	char* label_in;
-	char* label_out;
-	char* attr_out = "security.SMACK64IPOUT";
-	char* attr_in = "security.SMACK64IPIN";
-	char out[256];
-	int port;
-
-	struct timeval timeout;
-	timeout.tv_sec = 15;
-	timeout.tv_usec = 0;
-
-	struct hostent*  host = gethostbyname("localhost");
-
-	if (argc != 4)
-	{
-		perror("Client: Arguments missing, please provide socket labels");
-		return 2;
-	}
-
-	port = atoi(argv[1]);
-	label_in = argv[2];
-	label_out = argv[3];
-
-	if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0)
-	{
-		perror("Client: Socket failure");
-		return 2;
-	}
-
-
-	if(fsetxattr(sock, attr_out, label_out, strlen(label_out), 0) < 0)
-	{
-		perror("Client: Unable to set attribute SMACK64IPOUT");
-		return 2;
-	}
-
-	if(fsetxattr(sock, attr_in, label_in, strlen(label_in), 0) < 0)
-	{
-		perror("Client: Unable to set attribute SMACK64IPIN");
-		return 2;
-	}
-
-	server_addr.sin_family = AF_INET;
-	server_addr.sin_port = htons(port);
-	bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length);
-	bzero(&(server_addr.sin_zero),8);
-	
-	if(setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &timeout, sizeof(timeout)) < 0)
-	{
-		perror("Client: Set timeout failed\n");
-		return 2;
-	}
-	
-	if (connect(sock, (struct sockaddr *)&server_addr,sizeof(struct sockaddr)) == -1)
-	{
-    		perror("Client: Connection failure");
-			close(sock);
-        	return 1;
-	}
-
-
-	if(write(sock, message, strlen(message)) < 0)
-	{
-		perror("Client: Error sending data\n");
-		close(sock);
-		return 1;
-	}
-	close(sock);
-	return 0;
-}
-
-
-
-
-
-
+// (C) Copyright 2015 Intel Corporation
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+#include <stdio.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <errno.h>
+#include <netinet/in.h>
+#include <unistd.h>
+#include <netdb.h>
+#include <string.h>
+#include <sys/xattr.h>
+
+int main(int argc, char* argv[])
+{
+
+	int sock;
+	char message[255] = "hello";
+	struct sockaddr_in server_addr;
+	char* label_in;
+	char* label_out;
+	char* attr_out = "security.SMACK64IPOUT";
+	char* attr_in = "security.SMACK64IPIN";
+	char out[256];
+	int port;
+
+	struct timeval timeout;
+	timeout.tv_sec = 15;
+	timeout.tv_usec = 0;
+
+	struct hostent*  host = gethostbyname("localhost");
+
+	if (argc != 4)
+	{
+		perror("Client: Arguments missing, please provide socket labels");
+		return 2;
+	}
+
+	port = atoi(argv[1]);
+	label_in = argv[2];
+	label_out = argv[3];
+
+	if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0)
+	{
+		perror("Client: Socket failure");
+		return 2;
+	}
+
+
+	if(fsetxattr(sock, attr_out, label_out, strlen(label_out), 0) < 0)
+	{
+		perror("Client: Unable to set attribute SMACK64IPOUT");
+		return 2;
+	}
+
+	if(fsetxattr(sock, attr_in, label_in, strlen(label_in), 0) < 0)
+	{
+		perror("Client: Unable to set attribute SMACK64IPIN");
+		return 2;
+	}
+
+	server_addr.sin_family = AF_INET;
+	server_addr.sin_port = htons(port);
+	bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length);
+	bzero(&(server_addr.sin_zero),8);
+	
+	if(setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &timeout, sizeof(timeout)) < 0)
+	{
+		perror("Client: Set timeout failed\n");
+		return 2;
+	}
+	
+	if (connect(sock, (struct sockaddr *)&server_addr,sizeof(struct sockaddr)) == -1)
+	{
+    		perror("Client: Connection failure");
+			close(sock);
+        	return 1;
+	}
+
+
+	if(write(sock, message, strlen(message)) < 0)
+	{
+		perror("Client: Error sending data\n");
+		close(sock);
+		return 1;
+	}
+	close(sock);
+	return 0;
+}
+
+
+
+
+
+

recipes-mac/smack/tcp-smack-test/tcp_server.c

@@ -1,118 +1,118 @@
-// (C) Copyright 2015 Intel Corporation
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-#include <stdio.h>
-#include <sys/socket.h>
-#include <sys/types.h>
-#include <errno.h>
-#include <netinet/in.h>
-#include <unistd.h>
-#include <string.h>
-
-int main(int argc, char* argv[])
-{
-
-	int sock;
-	int clientsock;
-	char message[255];
-	socklen_t client_length;
-	struct sockaddr_in server_addr, client_addr;
-	char* label_in;
-	char* attr_in = "security.SMACK64IPIN";
-	int port;
-
-	struct timeval timeout;
-	timeout.tv_sec = 15;
-	timeout.tv_usec = 0;
-
-	if (argc != 3)
-	{
-		perror("Server: Argument missing please provide port and label for SMACK64IPIN");
-		return 2;
-	}
-	
-	port = atoi(argv[1]);
-	label_in = argv[2];
-	bzero(message,255);
-
-	
-	if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0)
-	{
-		perror("Server: Socket failure");
-		return 2;
-	}
-	
-	
-	if(fsetxattr(sock, attr_in, label_in, strlen(label_in),0) < 0)
-	{
-		perror("Server: Unable to set attribute ipin 2");
-		return 2;
-	}
-
-	server_addr.sin_family = AF_INET;         
-	server_addr.sin_port = htons(port);     
-	server_addr.sin_addr.s_addr = INADDR_ANY; 
- 	bzero(&(server_addr.sin_zero),8); 
-
-	if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0)
-	{
-		perror("Server: Set timeout failed\n");
-		return 2;
-	}
-
-	if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0)
-	{
-		perror("Server: Bind failure ");
-		return 2;
-	}
-
-	listen(sock, 1);
-	client_length = sizeof(client_addr);
-
-	clientsock = accept(sock,(struct sockaddr*) &client_addr, &client_length);
-
-	if (clientsock < 0)
-	{
-		perror("Server: Connection failed");
-		close(sock);
-		return 1;
-	}
-	
-
-	if(fsetxattr(clientsock, "security.SMACK64IPIN", label_in, strlen(label_in),0) < 0)
-	{
-		perror(" Server: Unable to set attribute ipin 2");
-		close(sock);
-		return 2;
-	}
-
-	if(read(clientsock, message, 254) < 0)
-	{
-		perror("Server: Error when reading from socket");
-		close(clientsock);
-		close(sock);
-		return 1;
-	}
-
-
-	close(clientsock);
-	close(sock);
-
-	return 0;
-}
+// (C) Copyright 2015 Intel Corporation
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+#include <stdio.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <errno.h>
+#include <netinet/in.h>
+#include <unistd.h>
+#include <string.h>
+
+int main(int argc, char* argv[])
+{
+
+	int sock;
+	int clientsock;
+	char message[255];
+	socklen_t client_length;
+	struct sockaddr_in server_addr, client_addr;
+	char* label_in;
+	char* attr_in = "security.SMACK64IPIN";
+	int port;
+
+	struct timeval timeout;
+	timeout.tv_sec = 15;
+	timeout.tv_usec = 0;
+
+	if (argc != 3)
+	{
+		perror("Server: Argument missing please provide port and label for SMACK64IPIN");
+		return 2;
+	}
+	
+	port = atoi(argv[1]);
+	label_in = argv[2];
+	bzero(message,255);
+
+	
+	if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0)
+	{
+		perror("Server: Socket failure");
+		return 2;
+	}
+	
+	
+	if(fsetxattr(sock, attr_in, label_in, strlen(label_in),0) < 0)
+	{
+		perror("Server: Unable to set attribute ipin 2");
+		return 2;
+	}
+
+	server_addr.sin_family = AF_INET;         
+	server_addr.sin_port = htons(port);     
+	server_addr.sin_addr.s_addr = INADDR_ANY; 
+ 	bzero(&(server_addr.sin_zero),8); 
+
+	if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0)
+	{
+		perror("Server: Set timeout failed\n");
+		return 2;
+	}
+
+	if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0)
+	{
+		perror("Server: Bind failure ");
+		return 2;
+	}
+
+	listen(sock, 1);
+	client_length = sizeof(client_addr);
+
+	clientsock = accept(sock,(struct sockaddr*) &client_addr, &client_length);
+
+	if (clientsock < 0)
+	{
+		perror("Server: Connection failed");
+		close(sock);
+		return 1;
+	}
+	
+
+	if(fsetxattr(clientsock, "security.SMACK64IPIN", label_in, strlen(label_in),0) < 0)
+	{
+		perror(" Server: Unable to set attribute ipin 2");
+		close(sock);
+		return 2;
+	}
+
+	if(read(clientsock, message, 254) < 0)
+	{
+		perror("Server: Error when reading from socket");
+		close(clientsock);
+		close(sock);
+		return 1;
+	}
+
+
+	close(clientsock);
+	close(sock);
+
+	return 0;
+}

recipes-mac/smack/udp-smack-test/udp_client.c

@@ -1,75 +1,75 @@
-// (C) Copyright 2015 Intel Corporation
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-#include <sys/socket.h>
-#include <stdio.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#include <string.h>
-
-int main(int argc, char* argv[])
-{
-	char* message = "hello";
-	int sock, ret;
-	struct sockaddr_in server_addr;
-	struct hostent*  host = gethostbyname("localhost");
-	char* label;
-	char* attr = "security.SMACK64IPOUT";
-	int port;
-	if (argc != 3)
-	{
-		perror("Client: Argument missing, please provide port and  label for SMACK64IPOUT");
-		return 2;
-	}
-
-	port = atoi(argv[1]);
-	label = argv[2];
-	sock = socket(AF_INET, SOCK_DGRAM,0);
-	if(sock < 0)
-	{
-		perror("Client: Socket failure");
-		return 2;
-	}
-	
-
-	if(fsetxattr(sock, attr, label, strlen(label),0) < 0)
-	{
-		perror("Client: Unable to set attribute ");
-		return 2;
-	}
-
-
-	server_addr.sin_family = AF_INET;
-	server_addr.sin_port = htons(port);
-	bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length);
-	bzero(&(server_addr.sin_zero),8);
-	
-	ret = sendto(sock, message, strlen(message),0,(const struct sockaddr*)&server_addr,
-			sizeof(struct sockaddr_in));
-
-	close(sock);
-	if(ret < 0)
-	{
-		perror("Client: Error sending message\n");
-		return 1;
-	}
-	
-	return 0;
-}
-
+// (C) Copyright 2015 Intel Corporation
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+#include <sys/socket.h>
+#include <stdio.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#include <string.h>
+
+int main(int argc, char* argv[])
+{
+	char* message = "hello";
+	int sock, ret;
+	struct sockaddr_in server_addr;
+	struct hostent*  host = gethostbyname("localhost");
+	char* label;
+	char* attr = "security.SMACK64IPOUT";
+	int port;
+	if (argc != 3)
+	{
+		perror("Client: Argument missing, please provide port and  label for SMACK64IPOUT");
+		return 2;
+	}
+
+	port = atoi(argv[1]);
+	label = argv[2];
+	sock = socket(AF_INET, SOCK_DGRAM,0);
+	if(sock < 0)
+	{
+		perror("Client: Socket failure");
+		return 2;
+	}
+	
+
+	if(fsetxattr(sock, attr, label, strlen(label),0) < 0)
+	{
+		perror("Client: Unable to set attribute ");
+		return 2;
+	}
+
+
+	server_addr.sin_family = AF_INET;
+	server_addr.sin_port = htons(port);
+	bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length);
+	bzero(&(server_addr.sin_zero),8);
+	
+	ret = sendto(sock, message, strlen(message),0,(const struct sockaddr*)&server_addr,
+			sizeof(struct sockaddr_in));
+
+	close(sock);
+	if(ret < 0)
+	{
+		perror("Client: Error sending message\n");
+		return 1;
+	}
+	
+	return 0;
+}
+

recipes-mac/smack/udp-smack-test/udp_server.c

@@ -1,93 +1,93 @@
-// (C) Copyright 2015 Intel Corporation
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-#include <sys/socket.h>
-#include <stdio.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#include <string.h>
-
-int main(int argc, char* argv[])
-{
-	int sock,ret;
-	struct sockaddr_in server_addr, client_addr;
-	socklen_t len;
-	char message[5];
-	char* label;
-	char* attr = "security.SMACK64IPIN";
-	int port;
-
-	if(argc != 3)
-	{
-		perror("Server: Argument missing, please provide port and label for SMACK64IPIN");
-		return 2;
-	}
-	
-	port = atoi(argv[1]);
-	label = argv[2];
-
-	struct timeval timeout;
-	timeout.tv_sec = 15;
-	timeout.tv_usec = 0;
-
-	sock = socket(AF_INET,SOCK_DGRAM,0);
-	if(sock < 0)
-	{
-		perror("Server: Socket error");
-		return 2;
-	}
-	
-
-	if(fsetxattr(sock, attr, label, strlen(label), 0) < 0)
-	{
-		perror("Server: Unable to set attribute ");
-		return 2;
-	}
-
-	server_addr.sin_family = AF_INET;         
-	server_addr.sin_port = htons(port);     
-	server_addr.sin_addr.s_addr = INADDR_ANY; 
-	bzero(&(server_addr.sin_zero),8); 
-	
-
-	if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0)
-	{
-		perror("Server: Set timeout failed\n");
-		return 2;
-	}
-
-	if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0)
-	{
-		perror("Server: Bind failure");
-		return 2;
-	}
-
-	len = sizeof(client_addr);
-	ret = recvfrom(sock, message, sizeof(message), 0, (struct sockaddr*)&client_addr,
-					&len);
-	close(sock);
-	if(ret < 0)
-	{
-		perror("Server: Error receiving");
-		return 1;
-
-	}
-	return 0;
-}
-
+// (C) Copyright 2015 Intel Corporation
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+#include <sys/socket.h>
+#include <stdio.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#include <string.h>
+
+int main(int argc, char* argv[])
+{
+	int sock,ret;
+	struct sockaddr_in server_addr, client_addr;
+	socklen_t len;
+	char message[5];
+	char* label;
+	char* attr = "security.SMACK64IPIN";
+	int port;
+
+	if(argc != 3)
+	{
+		perror("Server: Argument missing, please provide port and label for SMACK64IPIN");
+		return 2;
+	}
+	
+	port = atoi(argv[1]);
+	label = argv[2];
+
+	struct timeval timeout;
+	timeout.tv_sec = 15;
+	timeout.tv_usec = 0;
+
+	sock = socket(AF_INET,SOCK_DGRAM,0);
+	if(sock < 0)
+	{
+		perror("Server: Socket error");
+		return 2;
+	}
+	
+
+	if(fsetxattr(sock, attr, label, strlen(label), 0) < 0)
+	{
+		perror("Server: Unable to set attribute ");
+		return 2;
+	}
+
+	server_addr.sin_family = AF_INET;         
+	server_addr.sin_port = htons(port);     
+	server_addr.sin_addr.s_addr = INADDR_ANY; 
+	bzero(&(server_addr.sin_zero),8); 
+	
+
+	if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0)
+	{
+		perror("Server: Set timeout failed\n");
+		return 2;
+	}
+
+	if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0)
+	{
+		perror("Server: Bind failure");
+		return 2;
+	}
+
+	len = sizeof(client_addr);
+	ret = recvfrom(sock, message, sizeof(message), 0, (struct sockaddr*)&client_addr,
+					&len);
+	close(sock);
+	if(ret < 0)
+	{
+		perror("Server: Error receiving");
+		return 1;
+
+	}
+	return 0;
+}
+

recipes-perl/perl/libwhisker2-perl_2.5.bb

@@ -24,6 +24,6 @@ do_install() {
     oe_runmake install DESTDIR=${D} INSTALLDIR=${PERLLIBDIRS}/vendor_perl/${PERLVERSION} MANDIR=${datadir}/perl/${PERLVERSION}
 }
 
-FILES_${PN} += "${datadir}/perl"
+FILES:${PN} += "${datadir}/perl"
 
 BBCLASSEXTEND = "native"

recipes-python/python/python3-oauth2client_4.1.3.bb

@@ -8,4 +8,4 @@ SRC_URI[sha256sum] = "d486741e451287f69568a4d26d70d9acd73a2bbfa275746c535b420989
 
 inherit pypi setuptools3
 
-RDEPENDS_${PN} = "python3-six python3-rsa python3-httplib2 python3-pyasn1 python3-pyasn1-modules"
+RDEPENDS:${PN} = "python3-six python3-rsa python3-httplib2 python3-pyasn1 python3-pyasn1-modules"

recipes-scanners/arpwatch/arpwatch_3.1.bb

@@ -66,14 +66,14 @@ INITSCRIPT_NAME = "arpwatch"
 INITSCRIPT_PARAMS = "start 02 2 3 4 5 . stop 20 0 1 6 ."
 
 USERADD_PACKAGES = "${PN}"
-GROUPADD_PARAM_${PN} = "--system ${ARPWATCH_UID}"
-USERADD_PARAM_${PN} = "--system -g ${ARPWATCH_GID} --home-dir  \
+GROUPADD_PARAM:${PN} = "--system ${ARPWATCH_UID}"
+USERADD_PARAM:${PN} = "--system -g ${ARPWATCH_GID} --home-dir  \
     ${localstatedir}/spool/${BPN} \
     --no-create-home  --shell /bin/false ${BPN}"
 
 CONFFILE_FILES = "${sysconfdir}/${PN}.conf"
 
-FILES_${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \
+FILES:${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \
                ${sysconfdir} /var/lib/arpwatch"
 
-RDEPENDS_${PN} = "libpcap postfix postfix-cfg"
+RDEPENDS:${PN} = "libpcap postfix postfix-cfg"

recipes-scanners/buck-security/buck-security_0.7.bb

@@ -26,16 +26,16 @@ do_install() {
 
 }
 
-FILES_${PN} = "${bindir}/*"
+FILES:${PN} = "${bindir}/*"
 
-RDEPENDS_${PN} = "coreutils gnupg net-tools perl perl-module-data-dumper \
+RDEPENDS:${PN} = "coreutils gnupg net-tools perl perl-module-data-dumper \
                   perl-module-file-basename perl-module-file-spec perl-module-getopt-long \
                   perl-module-lib perl-module-posix perl-module-term-ansicolor \
                   perl-module-time-localtime pinentry perl-module-pod-usage \
                   perl-module-pod-text perl-module-file-glob \
                  "
 
-RDEPENDS_${PN}_class-native = "coreutils net-tools perl perl-module-data-dumper \
+RDEPENDS:${PN}:class-native = "coreutils net-tools perl perl-module-data-dumper \
                                perl-module-file-basename perl-module-file-spec perl-module-getopt-long \
                                perl-module-lib perl-module-posix perl-module-term-ansicolor \
                                perl-module-time-localtime perl-module-file-glob\

recipes-scanners/checksec/checksec_2.4.0.bb

@@ -16,4 +16,4 @@ do_install() {
     install -m 0755 ${S}/checksec ${D}${bindir}
 }
 
-RDEPENDS_${PN} = "bash openssl-bin binutils"
+RDEPENDS:${PN} = "bash openssl-bin binutils"

recipes-scanners/checksecurity/checksecurity_2.0.15.bb

@@ -18,4 +18,4 @@ do_install() {
     oe_runmake PREFIX=${D}
 }
 
-RDEPENDS_${PN} = "perl libenv-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob perl-module-carp perl-module-env perl-module-tap-parser-iterator-array util-linux findutils coreutils"
+RDEPENDS:${PN} = "perl libenv-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob perl-module-carp perl-module-env perl-module-tap-parser-iterator-array util-linux findutils coreutils"

recipes-scanners/clamav/clamav_0.104.0.bb

@@ -52,7 +52,7 @@ PACKAGECONFIG[systemd] = "-DENABLE_SYSTEMD=ON -DSYSTEMD_UNIT_DIR=${systemd_syste
 
 export OECMAKE_C_FLAGS += " -I${STAGING_INCDIR} -L ${RECIPE_SYSROOT}${nonarch_libdir} -L${STAGING_LIBDIR} -lpthread" 
 
-do_install_append () {
+do_install:append () {
     install -d ${D}/${sysconfdir}
     install -d ${D}/${localstatedir}/lib/clamav
     install -d ${D}${sysconfdir}/clamav ${D}${sysconfdir}/default/volatiles
@@ -76,7 +76,7 @@ do_install_append () {
     oe_multilib_header clamav-types.h
 }
 
-pkg_postinst_${PN} () {
+pkg_postinst:${PN} () {
     if [ -z "$D" ]; then
         if command -v systemd-tmpfiles >/dev/null; then
             systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/clamav.conf
@@ -89,17 +89,17 @@ pkg_postinst_${PN} () {
 
 PACKAGES += "${PN}-daemon ${PN}-clamdscan ${PN}-freshclam ${PN}-libclamav"
 
-FILES_${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \
+FILES:${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \
                 ${bindir}/*sigtool ${mandir}/man1/clambc* ${mandir}/man1/clamscan* \
                 ${mandir}/man1/sigtool* ${mandir}/man1/clambsubmit*  \
                 ${docdir}/clamav/*"
 
-FILES_${PN}-clamdscan = " ${bindir}/clamdscan \
+FILES:${PN}-clamdscan = " ${bindir}/clamdscan \
                         ${docdir}/clamdscan/* \
                         ${mandir}/man1/clamdscan* \
                         "
 
-FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \
+FILES:${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \
                         ${mandir}/man1/clamconf* ${mandir}/man1/clamdtop* \
                         ${mandir}/man5/clamd*  ${mandir}/man8/clamd* \
                         ${sysconfdir}/clamd.conf* \
@@ -111,7 +111,7 @@ FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \
                         ${systemd_system_unitdir}/clamav-clamonacc.service \
                         "
 
-FILES_${PN}-freshclam = "${bindir}/freshclam \
+FILES:${PN}-freshclam = "${bindir}/freshclam \
                         ${sysconfdir}/freshclam.conf*  \
                         /usr/etc/freshclam.conf*  \
                         ${sysconfdir}/clamav ${sysconfdir}/default/volatiles \
@@ -121,33 +121,33 @@ FILES_${PN}-freshclam = "${bindir}/freshclam \
                         ${mandir}/man5/freshclam.conf.* \
                         ${systemd_system_unitdir}/clamav-freshclam.service"
 
-FILES_${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \
+FILES:${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \
                     ${libdir}/pkgconfig/*.pc \
                     ${mandir}/man1/clamav-config.* \
                     ${includedir}/*.h ${docdir}/libclamav* "
 
-FILES_${PN}-staticdev = "${libdir}/*.a"
+FILES:${PN}-staticdev = "${libdir}/*.a"
 
-FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \
+FILES:${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \
                          ${libdir}/libfreshclam.so* ${docdir}/libclamav/* \
                          ${libdir}/libmspack* "
 
-FILES_${PN}-doc = "${mandir}/man/* \
+FILES:${PN}-doc = "${mandir}/man/* \
                    ${datadir}/man/* \
                    ${docdir}/* "
 
 USERADD_PACKAGES = "${PN}"
-GROUPADD_PARAM_${PN} = "--system ${CLAMAV_UID}"
-USERADD_PARAM_${PN} = "--system -g ${CLAMAV_GID} --home-dir  \
+GROUPADD_PARAM:${PN} = "--system ${CLAMAV_UID}"
+USERADD_PARAM:${PN} = "--system -g ${CLAMAV_GID} --home-dir  \
     ${localstatedir}/lib/${BPN} \
     --no-create-home  --shell /sbin/nologin ${BPN}"
 
-RPROVIDES_${PN} += "${PN}-systemd"
-RREPLACES_${PN} += "${PN}-systemd"
-RCONFLICTS_${PN} += "${PN}-systemd"
+RPROVIDES:${PN} += "${PN}-systemd"
+RREPLACES:${PN} += "${PN}-systemd"
+RCONFLICTS:${PN} += "${PN}-systemd"
 SYSTEMD_PACKAGES  = "${PN}-daemon ${PN}-freshclam"
-SYSTEMD_SERVICE_${PN}-daemon = "clamav-daemon.service"
-SYSTEMD_SERVICE_${PN}-freshclam = "clamav-freshclam.service"
+SYSTEMD_SERVICE:${PN}-daemon = "clamav-daemon.service"
+SYSTEMD_SERVICE:${PN}-freshclam = "clamav-freshclam.service"
 
-RDEPENDS_${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav"
-RDEPENDS_${PN}-daemon = "clamav"
+RDEPENDS:${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav"
+RDEPENDS:${PN}-daemon = "clamav"

recipes-scanners/clamav/files/fix2_libcurl_check.patch

@@ -0,0 +1,122 @@
+clamav .102.2 tries to find clamav using culf_config. Use EO pkg_config instead
+
+Upstream-Status: OE specific
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+Index: git/configure
+===================================================================
+--- git.orig/configure
++++ git/configure
+@@ -28850,39 +28850,14 @@ $as_echo_n "checking for libcurl install
+ if test "${with_libcurl+set}" = set; then :
+   withval=$with_libcurl;
+ find_curl="no"
+-if test "X$withval" = "Xyes"; then
+-    find_curl="yes"
+-else
+-    if test "X$withval" != "Xno"; then
+-        if test -f "${withval}/bin/curl-config"; then
+-            LIBCURL_HOME="$withval"
+-            have_curl="yes"
+-        fi
+-    fi
+-fi
+-
+-else
+-  find_curl="yes"
+-fi
+-
+-
+-if test "X$find_curl" = "Xyes"; then
+-    for p in /usr/local /usr ; do
+-        if test -f "${p}/bin/curl-config"; then
+-           LIBCURL_HOME=$p
+-           have_curl="yes"
+-        fi
+-    done
+-fi
+-
+-if test "X$have_curl" = "Xyes"; then
+-    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBCURL_HOME" >&5
+-$as_echo "$LIBCURL_HOME" >&6; }
+-    if test -f "$LIBCURL_HOME/bin/curl-config"; then
++  #save_LDFLAGS="$LDFLAGS"
++  if test "X$withval" != "Xno"; then
++     LIBCURL_HOME="$withval"
++     if test  "${PKG_CONFIG} libcurl --exists"; then
+         CURL_LDFLAGS="$LDFLAGS"
+-        CURL_LIBS=$($LIBCURL_HOME/bin/curl-config --libs)
+-        CURL_CPPFLAGS=$($LIBCURL_HOME/bin/curl-config --cflags)
+-    else
++        CURL_LIBS=$($PKG_CONFIG libcurl --libs)
++        CURL_CPPFLAGS=$($PKG_CONFIG libcurl --cflags)
++     else
+         if test "$LIBCURL_HOME" != "/usr"; then
+             CURL_LDFLAGS="-L$LIBCURL_HOME/lib"
+             CURL_CPPFLAGS="-I$LIBCURL_HOME/include"
+@@ -28891,60 +28866,12 @@ $as_echo "$LIBCURL_HOME" >&6; }
+             CURL_CPPFLAGS=""
+         fi
+         CURL_LIBS="-lcurl"
+-    fi
+-    save_LDFLAGS="$LDFLAGS"
+-    LDFLAGS="$CURL_LDFLAGS $CURL_LIBS"
+-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_easy_init in -lcurl" >&5
+-$as_echo_n "checking for curl_easy_init in -lcurl... " >&6; }
+-if ${ac_cv_lib_curl_curl_easy_init+:} false; then :
+-  $as_echo_n "(cached) " >&6
+-else
+-  ac_check_lib_save_LIBS=$LIBS
+-LIBS="-lcurl $CURL_LIBS
+-     $LIBS"
+-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+-/* end confdefs.h.  */
+-
+-/* Override any GCC internal prototype to avoid an error.
+-   Use char because int might match the return type of a GCC
+-   builtin and then its argument prototype would still apply.  */
+-#ifdef __cplusplus
+-extern "C"
+-#endif
+-char curl_easy_init ();
+-int
+-main ()
+-{
+-return curl_easy_init ();
+-  ;
+-  return 0;
+-}
+-_ACEOF
+-if ac_fn_c_try_link "$LINENO"; then :
+-  ac_cv_lib_curl_curl_easy_init=yes
+-else
+-  ac_cv_lib_curl_curl_easy_init=no
+-fi
+-rm -f core conftest.err conftest.$ac_objext \
+-    conftest$ac_exeext conftest.$ac_ext
+-LIBS=$ac_check_lib_save_LIBS
+-fi
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_curl_curl_easy_init" >&5
+-$as_echo "$ac_cv_lib_curl_curl_easy_init" >&6; }
+-if test "x$ac_cv_lib_curl_curl_easy_init" = xyes; then :
+-
+-            curl_msg="";
+-            have_curl="yes";
+-            CLAMSUBMIT_LIBS="$CLAMSUBMIT_LIBS $CURL_LDFLAGS $CURL_LIBS";
+-            CLAMSUBMIT_CFLAGS="$CLAMSUBMIT_CFLAGS $CURL_CPPFLAGS";
+-            FRESHCLAM_LIBS="$FRESHCLAM_LIBS $CURL_LDFLAGS $CURL_LIBS";
+-            FRESHCLAM_CPPFLAGS="$FRESHCLAM_CPPFLAGS $CURL_CPPFLAGS"
+-
+-else
+-
+-            as_fn_error $? "Your libcurl is misconfigured. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit." "$LINENO" 5
++     fi
+ 
+-fi
++     have_curl="yes"
++     LDFLAGS="$save_LDFLAGS"
++     LDFLAGS="$CURL_LDFLAGS $CURL_LIBS"
++ fi
+ 
+     LDFLAGS="$save_LDFLAGS"
+ else

recipes-scanners/clamav/files/test.patch

@@ -0,0 +1,24 @@
+Index: clamav-0.103.0/Makefile.am
+===================================================================
+--- clamav-0.103.0.orig/Makefile.am
++++ clamav-0.103.0/Makefile.am
+@@ -28,7 +28,6 @@ else
+ SUBDIRS = libltdl libclamav shared libfreshclam clamscan clamd clamdscan freshclam sigtool clamconf database docs etc clamav-milter test clamdtop clambc unit_tests
+ EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh
+ 
+-bin_SCRIPTS=clamav-config
+ 
+ if BUILD_CLAMONACC
+ SUBDIRS += clamonacc
+Index: clamav-0.103.0/Makefile.in
+===================================================================
+--- clamav-0.103.0.orig/Makefile.in
++++ clamav-0.103.0/Makefile.in
+@@ -641,7 +641,6 @@ ACLOCAL_AMFLAGS = -I m4
+ @BUILD_LIBCLAMAV_ONLY_TRUE@SUBDIRS = libclamav $(am__append_1) \
+ @BUILD_LIBCLAMAV_ONLY_TRUE@	$(am__append_2) $(am__append_3)
+ @BUILD_LIBCLAMAV_ONLY_FALSE@bin_SCRIPTS = clamav-config
+-@BUILD_LIBCLAMAV_ONLY_TRUE@bin_SCRIPTS = clamav-config
+ @BUILD_LIBCLAMAV_ONLY_FALSE@EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh
+ pkgconfigdir = $(libdir)/pkgconfig
+ pkgconfig_DATA = libclamav.pc

recipes-security/aircrack-ng/aircrack-ng_1.6.bb

@@ -29,8 +29,8 @@ do_install () {
     make DESTDIR=${D} ${OEMAKE_EXTRA} ext_scripts=true install
 }
 
-FILES_${PN} += "${libdir}/*.so"
+FILES:${PN} += "${libdir}/*.so"
 FILES_SOLIBSDEV = ""
-INSANE_SKIP_${PN} += "dev-so"
+INSANE_SKIP:${PN} += "dev-so"
 
-RDEPENDS_${PN} = "libpcap"
+RDEPENDS:${PN} = "libpcap"

recipes-security/bastille/bastille_3.2.1.bb

@@ -6,8 +6,8 @@ LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
 # Bash is needed for set +o privileged (check busybox), might also need ncurses
 DEPENDS = "virtual/kernel"
-RDEPENDS_${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd libcurses-perl coreutils"
-FILES_${PN} += "/run/lock/subsys/bastille"
+RDEPENDS:${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd libcurses-perl coreutils"
+FILES:${PN} += "/run/lock/subsys/bastille"
 
 SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3.2.1/Bastille-3.2.1.tar.bz2 \
            file://AccountPermission.pm \
@@ -150,4 +150,4 @@ do_install () {
 	ln -s RevertBastille ${D}${sbindir}/UndoBastille
 }
 
-FILES_${PN} += "${datadir}/Bastille ${libdir}/Bastille ${libdir}/perl* ${sysconfdir}/*"
+FILES:${PN} += "${datadir}/Bastille ${libdir}/Bastille ${libdir}/perl* ${sysconfdir}/*"

recipes-security/bastille/files/AccountPermission.pm

@@ -16,7 +16,7 @@ B_chgrp
 B_chgrp_link
 B_userdel
 B_groupdel
-B_remove_user_from_group
+B:remove_user_from_group
 B_check_owner_group
 B_is_unowned_file
 B_is_ungrouped_file
@@ -28,7 +28,7 @@ B_is_suid
 B_is_sgid
 B_get_user_list
 B_get_group_list
-B_remove_suid
+B:remove_suid
 );
 our @EXPORT = @EXPORT_OK;
 
@@ -74,7 +74,7 @@ sub B_chmod($$) {
    if ($new_perm =~ /([ugo]+)([+-]{1})([rwxst]+)/) {
        $symbolic = 1;
        $chmod_noun = $1;
-       $add_remove = $2;
+       $add:remove = $2;
        $capability = $3;
    }
 
@@ -466,7 +466,7 @@ sub B_chgrp_link($$) {
 #
 # In the future, we may also choose to make a B_lock_account routine.
 #
-# This routine depends on B_remove_user_from_group.
+# This routine depends on B:remove_user_from_group.
 ###########################################################################
 
 sub B_userdel($) {
@@ -506,7 +506,7 @@ sub B_userdel($) {
 
     #
     # Next find out what groups the user is in, so we can call
-    # B_remove_user_from_group($user,$group)
+    # B:remove_user_from_group($user,$group)
     #
     # TODO: add this to the helper functions for the test suite.
     #
@@ -586,7 +586,7 @@ sub B_groupdel($) {
 
 
 ###########################################################################
-# B_remove_user_from_group($user,$group) removes $user from $group,
+# B:remove_user_from_group($user,$group) removes $user from $group,
 # by modifying $group's /etc/group line, pulling the user out.  This
 # uses B_chunk_replace thrice to replace these patterns:
 #
@@ -595,7 +595,7 @@ sub B_groupdel($) {
 #
 ###########################################################################
 
-sub B_remove_user_from_group($$) {
+sub B:remove_user_from_group($$) {
 
     my ($user_to_remove,$group) = @_;
 
@@ -1022,7 +1022,7 @@ sub B_get_group_list()
 #
 ###########################################################################
 
-sub B_remove_suid($) {
+sub B:remove_suid($) {
    my $file_expr = $_[0];
 
    &B_log("ACTION","Removing SUID bit from \"$file_expr\".");

recipes-security/bastille/files/FileContent.pm

@@ -10,8 +10,8 @@ B_blank_file
 B_insert_line_after
 B_insert_line_before
 B_insert_line
-B_append_line
-B_prepend_line
+B:append_line
+B:prepend_line
 B_replace_line
 B_replace_lines
 B_replace_pattern
@@ -262,7 +262,7 @@ sub B_insert_line($$$$) {
 #
 # Additionally, if $pattern is set equal to "", the line is always appended.
 #
-# B_append_line uses B_open_plus and B_close_plus, so that the file
+# B:append_line uses B_open_plus and B_close_plus, so that the file
 # modified is backed up...
 #
 # Here's examples of where you might use this:
@@ -273,7 +273,7 @@ sub B_insert_line($$$$) {
 #
 ###########################################################################
 
-sub B_append_line($$$) {
+sub B:append_line($$$) {
 
     my ($filename,$pattern,$line_to_append) = @_;
 
@@ -308,11 +308,11 @@ sub B_append_line($$$) {
 
 ###########################################################################
 # &B_prepend_line ($filename,$pattern,$line_to_prepend)  modifies $filename,
-# pre-pending $line_to_prepend unless one or more lines in the file matches
+# pre-pending $line_to:prepend unless one or more lines in the file matches
 # $pattern.  This is an enhancement to the prepend_line_if_no_such_line_exists
 # idea.
 #
-# B_prepend_line uses B_open_plus and B_close_plus, so that the file
+# B:prepend_line uses B_open_plus and B_close_plus, so that the file
 # modified is backed up...
 #
 # Here's examples of where you might use this:
@@ -322,7 +322,7 @@ sub B_append_line($$$) {
 #
 ###########################################################################
 
-sub B_prepend_line($$$) {
+sub B:prepend_line($$$) {
 
     my ($filename,$pattern,$line_to_prepend) = @_;
 
@@ -348,7 +348,7 @@ sub B_prepend_line($$$) {
 
         # Log the action
         &B_log("ACTION","Pre-pended the following line to $filename:\n");
-        &B_log("ACTION","$line_to_prepend");
+        &B_log("ACTION","$line_to:prepend");
     }
     else {
         $retval=0;

recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb

@@ -25,7 +25,7 @@ SRC_URI[sha256sum] = "112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f11875
 inherit autotools pkgconfig systemd
 
 SYSTEMD_PACKAGES = "${PN}"
-SYSTEMD_SERVICE_${PN} = "ecryptfs.service"
+SYSTEMD_SERVICE:${PN} = "ecryptfs.service"
 
 EXTRA_OECONF = "\
     --libdir=${base_libdir} \
@@ -41,7 +41,7 @@ PACKAGECONFIG ??= "nss \
 PACKAGECONFIG[nss] = "--enable-nss,--disable-nss,nss,"
 PACKAGECONFIG[pam] = "--enable-pam,--disable-pam,libpam,"
 
-do_configure_prepend() {
+do_configure:prepend() {
     export NSS_CFLAGS="-I${STAGING_INCDIR}/nspr -I${STAGING_INCDIR}/nss3"
     export NSS_LIBS="-L${STAGING_BASELIBDIR} -lssl3 -lsmime3 -lnss3 -lsoftokn3 -lnssutil3"
     export KEYUTILS_CFLAGS="-I${STAGING_INCDIR}"
@@ -49,7 +49,7 @@ do_configure_prepend() {
     sed -i -e "s;rootsbindir=\"/sbin\";rootsbindir=\"\${base_sbindir}\";g" ${S}/configure.ac
 }
 
-do_install_append() {
+do_install:append() {
     chmod 4755 ${D}${base_sbindir}/mount.ecryptfs_private
     # ${base_libdir} is identical to ${libdir} when usrmerge enabled
     if ! ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then
@@ -64,7 +64,7 @@ do_install_append() {
     fi
 }
 
-FILES_${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
+FILES:${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
 
-RDEPENDS_${PN} += "cryptsetup"
-RRECOMMENDS_${PN} = "gettext-runtime"
+RDEPENDS:${PN} += "cryptsetup"
+RRECOMMENDS:${PN} = "gettext-runtime"

recipes-security/fail2ban/python3-fail2ban_0.11.2.bb

@@ -20,34 +20,34 @@ inherit update-rc.d ptest setuptools3
 
 S = "${WORKDIR}/git"
 
-do_compile_prepend () {
+do_compile:prepend () {
     cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py
     cd ${S}
     ./fail2ban-2to3
 }
 
-do_install_append () {
+do_install:append () {
     install -d ${D}/${sysconfdir}/fail2ban
     install -d ${D}/${sysconfdir}/init.d
     install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server
     chown -R root:root ${D}/${bindir}
 }
 
-do_install_ptest_append () {
+do_install_ptest:append () {
     install -d ${D}${PTEST_PATH}
     install -d ${D}${PTEST_PATH}/bin
     sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest
     install -D ${S}/bin/* ${D}${PTEST_PATH}/bin
 }
 
-FILES_${PN} += "/run"
+FILES:${PN} += "/run"
 
 INITSCRIPT_PACKAGES = "${PN}"
 INITSCRIPT_NAME = "fail2ban-server"
 INITSCRIPT_PARAMS = "defaults 25"
 
-INSANE_SKIP_${PN}_append = "already-stripped"
+INSANE_SKIP:${PN}:append = "already-stripped"
 
-RDEPENDS_${PN} = "${VIRTUAL-RUNTIME_base-utils-syslog} iptables sqlite3 python3-core python3-pyinotify"
-RDEPENDS_${PN} += " python3-logging python3-fcntl python3-json"
-RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban"
+RDEPENDS:${PN} = "${VIRTUAL-RUNTIME_base-utils-syslog} iptables sqlite3 python3-core python3-pyinotify"
+RDEPENDS:${PN} += " python3-logging python3-fcntl python3-json"
+RDEPENDS:${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban"

recipes-security/fscryptctl/fscryptctl_1.0.0.bb

@@ -18,7 +18,7 @@ do_install() {
     oe_runmake DESTDIR=${D} PREFIX=/usr install
 }
 
-RRECOMMENDS_${PN} += "\
+RRECOMMENDS:${PN} += "\
     keyutils \
     kernel-module-cbc \
     kernel-module-cts \

recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb

@@ -18,6 +18,6 @@ REQUIRED_DISTRO_FEATURES = "pam"
 EXTRA_OECONF = "--libdir=${base_libdir}" 
 
 PACKAGES += "pam-google-authenticator"
-FILES_pam-google-authenticator = "${base_libdir}/security/pam_google_authenticator.so"
+FILES:pam-google-authenticator = "${base_libdir}/security/pam_google_authenticator.so"
 
 RDEPNEDS_pam-google-authenticator  = "libpam"

recipes-security/libest/libest_3.2.0.bb

@@ -11,17 +11,17 @@ SRC_URI = "git://github.com/cisco/libest;branch=main"
 DEPENDS = "openssl"
 
 #fatal error: execinfo.h: No such file or directory
-DEPENDS_append_libc-musl = " libexecinfo"
+DEPENDS:append:libc-musl = " libexecinfo"
 
 inherit autotools-brokensep
 
 EXTRA_OECONF = "--disable-pthreads --with-ssl-dir=${STAGING_LIBDIR}"
 
 CFLAGS += "-fcommon"
-LDFLAGS_append_libc-musl = " -lexecinfo"
+LDFLAGS:append:libc-musl = " -lexecinfo"
 
 S = "${WORKDIR}/git"
 
 PACKAGES = "${PN} ${PN}-dbg ${PN}-dev"
 
-FILES_${PN} = "${bindir}/* ${libdir}/libest-3.2.0p.so"
+FILES:${PN} = "${bindir}/* ${libdir}/libest-3.2.0p.so"

recipes-security/libgssglue/libgssglue_0.4.bb

@@ -33,11 +33,11 @@ SRC_URI[md5sum] = "5ce81940965fa68c7635c42dcafcddfe"
 SRC_URI[sha256sum] = "bb47b2de78409f461811d0db8595c66e6631a9879c3621a35e4434b104ee52f5"
 
 # gssglue can use krb5, spkm3... as gssapi library, configurable
-RRECOMMENDS_${PN} += "krb5"
+RRECOMMENDS:${PN} += "krb5"
 
 inherit autotools
 
-do_install_append() {
+do_install:append() {
     # install some docs
     install -d -m 0755 ${D}${docdir}/${BPN}
     install -m 0644 ${S}/AUTHORS ${S}/ChangeLog ${S}/NEWS ${S}/README ${D}${docdir}/${BPN}

recipes-security/mfa/python3-privacyidea_3.5.2.bb

@@ -10,31 +10,31 @@ SRC_URI[sha256sum] = "26aeb0d353af1f212c4df476202516953c20f7f31566cfe0b67cbb553d
 
 inherit pypi setuptools3
 
-do_install_append () {
+do_install:append () {
     #install ${D}/var/log/privacyidea
 
     rm -fr ${D}${libdir}/${PYTHON_DIR}/site-packages/tests
 }
 
 USERADD_PACKAGES = "${PN}"
-GROUPADD_PARAM_${PN} = "--system privacyidea"
-USERADD_PARAM_${PN} = "--system -g privacyidea -o -r -d /opt/${BPN}  \
+GROUPADD_PARAM:${PN} = "--system privacyidea"
+USERADD_PARAM:${PN} = "--system -g privacyidea -o -r -d /opt/${BPN}  \
     --shell /bin/false privacyidea"
 
-FILES_${PN} += " ${datadir}/etc/privacyidea/* ${datadir}/lib/privacyidea/*"
+FILES:${PN} += " ${datadir}/etc/privacyidea/* ${datadir}/lib/privacyidea/*"
 
-RDEPENDS_${PN} += " bash perl freeradius-mysql freeradius-utils"
+RDEPENDS:${PN} += " bash perl freeradius-mysql freeradius-utils"
 
-RDEPENDS_${PN} += "python3 python3-alembic python3-babel python3-backports-functools-lru-cache python3-bcrypt"
-RDEPENDS_${PN} += "python3-beautifulsoup4 python3-cbor2 python3-certifi python3-cffi python3-chardet"
-RDEPENDS_${PN} += "python3-click python3-configobj python3-croniter python3-cryptography python3-defusedxml"
-RDEPENDS_${PN} += "python3-ecdsa  python3-flask python3-flask-babel python3-flask-migrate"
-RDEPENDS_${PN} += "python3-flask-script python3-flask-sqlalchemy python3-flask-versioned"
-RDEPENDS_${PN} += "python3-future python3-httplib2 python3-huey python3-idna python3-ipaddress"
-RDEPENDS_${PN} += "python3-itsdangerous python3-jinja2 python3-ldap python3-lxml python3-mako"
-RDEPENDS_${PN} += "python3-markupsafe python3-netaddr python3-oauth2client python3-passlib python3-pillow"
-RDEPENDS_${PN} += "python3-pyasn1 python3-pyasn1-modules python3-pycparser python3-pyjwt python3-pymysql"
-RDEPENDS_${PN} += "python3-pyopenssl python3-pyrad python3-dateutil python3-editor python3-gnupg"
-RDEPENDS_${PN} += "python3-pytz python3-pyyaml python3-qrcode python3-redis python3-requests python3-rsa"
-RDEPENDS_${PN} += "python3-six python3-smpplib python3-soupsieve python3-soupsieve "
-RDEPENDS_${PN} += "python3-sqlalchemy python3-sqlsoup python3-urllib3 python3-werkzeug"
+RDEPENDS:${PN} += "python3 python3-alembic python3-babel python3-backports-functools-lru-cache python3-bcrypt"
+RDEPENDS:${PN} += "python3-beautifulsoup4 python3-cbor2 python3-certifi python3-cffi python3-chardet"
+RDEPENDS:${PN} += "python3-click python3-configobj python3-croniter python3-cryptography python3-defusedxml"
+RDEPENDS:${PN} += "python3-ecdsa  python3-flask python3-flask-babel python3-flask-migrate"
+RDEPENDS:${PN} += "python3-flask-script python3-flask-sqlalchemy python3-flask-versioned"
+RDEPENDS:${PN} += "python3-future python3-httplib2 python3-huey python3-idna python3-ipaddress"
+RDEPENDS:${PN} += "python3-itsdangerous python3-jinja2 python3-ldap python3-lxml python3-mako"
+RDEPENDS:${PN} += "python3-markupsafe python3-netaddr python3-oauth2client python3-passlib python3-pillow"
+RDEPENDS:${PN} += "python3-pyasn1 python3-pyasn1-modules python3-pycparser python3-pyjwt python3-pymysql"
+RDEPENDS:${PN} += "python3-pyopenssl python3-pyrad python3-dateutil python3-editor python3-gnupg"
+RDEPENDS:${PN} += "python3-pytz python3-pyyaml python3-qrcode python3-redis python3-requests python3-rsa"
+RDEPENDS:${PN} += "python3-six python3-smpplib python3-soupsieve python3-soupsieve "
+RDEPENDS:${PN} += "python3-sqlalchemy python3-sqlsoup python3-urllib3 python3-werkzeug"

recipes-security/ncrack/ncrack_0.7.bb

@@ -15,4 +15,4 @@ inherit autotools-brokensep
 
 S = "${WORKDIR}/git"
 
-INSANE_SKIP_${PN} = "already-stripped"
+INSANE_SKIP:${PN} = "already-stripped"

recipes-security/nikto/nikto_2.1.6.bb

@@ -111,7 +111,7 @@ do_install() {
     install -m 0644 docs/nikto_manual.html    ${D}${datadir}/doc/nikto
 }
 
-RDEPENDS_${PN} = "perl libnet-ssleay-perl libwhisker2-perl \
+RDEPENDS:${PN} = "perl libnet-ssleay-perl libwhisker2-perl \
     perl-module-getopt-long perl-module-time-local \
     perl-module-io-socket perl-module-overloading \
     perl-module-base perl-module-b perl-module-bytes"

recipes-security/opendnssec/opendnssec_2.1.9.bb

@@ -27,8 +27,8 @@ PACKAGECONFIG[mysql] = "--with-mysql=yes, , mariadb, mariadb"
 PACKAGECONFIG[readline]  = "--with-readline, --without-readline, readline"
 PACKAGECONFIG[unwind] = "--with-libunwind, --without-libunwind"
 
-do_install_append () {
+do_install:append () {
     rm -rf ${D}${localstatedir}/run
 }
 
-RDEPENDS_${PN} = "softhsm"
+RDEPENDS:${PN} = "softhsm"

recipes-security/paxctl/paxctl_0.9.bb

@@ -24,7 +24,7 @@ do_install() {
 #   install: cannot change ownership of '.../sbin/paxctl': \
 #   Operation not permitted
 # Drop '--owner 0 --group 0' to fix the issue.
-do_install_class-native() {
+do_install:class-native() {
 	local PROG=paxctl
 	install -d ${D}${base_sbindir}
 	install -d ${D}${mandir}/man1
@@ -33,6 +33,6 @@ do_install_class-native() {
 }
 
 # Avoid QA Issue: No GNU_HASH in the elf binary
-INSANE_SKIP_${PN} = "ldflags" 
+INSANE_SKIP:${PN} = "ldflags" 
 
 BBCLASSEXTEND = "native"

recipes-security/redhat-security/redhat-security_1.0.bb

@@ -37,4 +37,4 @@ do_install() {
 	install -m 0755 ${WORKDIR}/selinux-ls-unconfined.sh    ${D}${bindir}
 }
 
-RDEPENDS_${PN} = "file libcap-ng procps findutils"
+RDEPENDS:${PN} = "file libcap-ng procps findutils"

recipes-security/sssd/sssd_2.5.1.bb

@@ -6,9 +6,9 @@ LICENSE = "GPLv3+"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 
 DEPENDS = "acl attr openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive"
-DEPENDS_append = " libldb dbus libtalloc libpcre glib-2.0 popt e2fsprogs libtevent bind p11-kit"
+DEPENDS:append = " libldb dbus libtalloc libpcre glib-2.0 popt e2fsprogs libtevent bind p11-kit"
 
-DEPENDS_append_libc-musl = " musl-nscd"
+DEPENDS:append:libc-musl = " musl-nscd"
 
 # If no crypto has been selected, default to DEPEND on nss, since that's what
 # sssd will pick if no active choice is made during configure
@@ -69,7 +69,7 @@ EXTRA_OECONF += " \
     --with-pid-path=/run \
 "
 
-do_configure_prepend() {
+do_configure:prepend() {
     mkdir -p ${AUTOTOOLS_AUXDIR}/build
     cp ${STAGING_DATADIR_NATIVE}/gettext/config.rpath ${AUTOTOOLS_AUXDIR}/build/
 
@@ -77,7 +77,7 @@ do_configure_prepend() {
     sed -i -e "s#\$sss_extra_libdir##" ${S}/src/external/libresolv.m4
 }
 
-do_compile_prepend () {
+do_compile:prepend () {
      echo '#define NSUPDATE_PATH "${bindir}"' >> ${B}/config.h
 }
 do_install () {
@@ -98,18 +98,18 @@ do_install () {
     rm -f ${D}${systemd_system_unitdir}/sssd-secrets.*
 }
 
-pkg_postinst_ontarget_${PN} () {
+pkg_postinst_ontarget:${PN} () {
 if [ -e /etc/init.d/populate-volatile.sh ] ; then
     ${sysconfdir}/init.d/populate-volatile.sh update
 fi
     chown ${SSSD_UID}:${SSSD_GID} ${sysconfdir}/${BPN}/${BPN}.conf
 }
 
-CONFFILES_${PN} = "${sysconfdir}/${BPN}/${BPN}.conf"
+CONFFILES:${PN} = "${sysconfdir}/${BPN}/${BPN}.conf"
 
 INITSCRIPT_NAME = "sssd"
 INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ."
-SYSTEMD_SERVICE_${PN} = " \
+SYSTEMD_SERVICE:${PN} = " \
     ${@bb.utils.contains('PACKAGECONFIG', 'autofs', 'sssd-autofs.service sssd-autofs.socket', '', d)} \
     ${@bb.utils.contains('PACKAGECONFIG', 'curl', 'sssd-kcm.service sssd-kcm.socket', '', d)} \
     ${@bb.utils.contains('PACKAGECONFIG', 'infopipe', 'sssd-ifp.service ', '', d)} \
@@ -124,10 +124,10 @@ SYSTEMD_SERVICE_${PN} = " \
 "
 SYSTEMD_AUTO_ENABLE = "disable"
 
-FILES_${PN} += "${libdir} ${datadir} ${base_libdir}/security/pam_sss*.so"
-FILES_${PN}-dev = " ${includedir}/* ${libdir}/*la ${libdir}/*/*la"
+FILES:${PN} += "${libdir} ${datadir} ${base_libdir}/security/pam_sss*.so"
+FILES:${PN}-dev = " ${includedir}/* ${libdir}/*la ${libdir}/*/*la"
 
 # The package contains symlinks that trip up insane
-INSANE_SKIP_${PN} = "dev-so"
+INSANE_SKIP:${PN} = "dev-so"
 
-RDEPENDS_${PN} = "bind bind-utils dbus libldb libpam"
+RDEPENDS:${PN} = "bind bind-utils dbus libldb libpam"