mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-05-31 12:50:19 +00:00
Code Issues Projects Releases Wiki Activity
1,735 Commits 40 Branches 0 Tags
master-next
Commit Graph

1735 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kai Kang 94aa6efec6 sssd: add fix-ldblibdir.patch back 
The patch fix-ldblibdir.patch has been dropped when update sssd to
2.5.0. But it fails to start sssd without this patch. So add it back.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-20 15:49:26 -07:00
Kai Kang 0705f60b81 sssd: set pid path with /run 
/var/run is deprecated and set pid path with /run to store pid files for
the SSSD.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-20 15:49:16 -07:00
Armin Kuster 48c7b34ec3 meta-integrity/recipe-kernel: use sanity check 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-06 13:03:37 -07:00
Armin Kuster 6e75e751ff meta-integrity: add sanity check 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-06 13:03:37 -07:00
Armin Kuster 35e1b61750 meta-tpm/linux-yocto: use sanity support 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-06 13:03:37 -07:00
Armin Kuster 2bfc09017d meta-tpm: add layer sanity check 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-06 13:03:37 -07:00
Armin Kuster b226ebdc4a linux-yocto-dev: drop bbappend 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-06 13:03:37 -07:00
Armin Kuster 1955c143de meta-security/recipe-kernel: use sanity check 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-06 13:03:37 -07:00
Armin Kuster c1235f6aff meta-security: add sanity check 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-06 13:03:37 -07:00
Armin Kuster 34d6b479b8 meta-hardening/initscripts: missed overide. 
Helps pass YCL.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:24 +00:00
Yi Zhao f9ac521497 libgssglue: update SRC_URI 
Update SRC_URI to use Debian mirror because the original site is
unaccessible.

Fixes do_fetch error:
ERROR: libgssglue-0.4-r0 do_fetch: Fetcher failure for URL:
'http://www.citi.umich.edu/projects/nfsv4/linux/libgssglue/libgssglue-0.4.tar.gz'.
Unable to fetch URL from any source.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
 2021-06-05 19:25:24 +00:00
Robert P. J. Day c1fd602be6 Correct "securiyt" typo in maintainers.inc 
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:24 +00:00
Armin Kuster 0c26950b0d packagegroup-core-security: drop python3-scapy 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:24 +00:00
Armin Kuster bb06a7cbda python3-scapy: drop , now in meta-python 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:24 +00:00
Armin Kuster f40fdc7e6d initramfs-framework: fix YCL issue. 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:24 +00:00
Armin Kuster 833ae34c8f linux-%_5.%.bbappend: drop recipe 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:24 +00:00
Armin Kuster a1d5476acc busybox: drop as libsecomp is in core 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:23 +00:00
Ricardo Salveti 8236d78343 tpm2-tss: fix usrmerge udev install path 
Update ${base_prefix}/lib to ${nonarch_base_libdir} to fix a package QA
issue when usrmerge is enabled in DISTRO_FEATURES.

QA Issue: tpm2-tss package is not obeying usrmerge distro feature. /lib
should be relocated to /usr. [usrmerge]

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:22 +00:00
Armin Kuster e471ff0926 sssd: update to 2.5.0 
Add new depends
Drop obsolete patches

Signed-off-by: Armin Kuster <akuster808@gmail.com>

----
v2]
Fix issue with nsupdate check
don't use host bind
 2021-06-05 19:25:19 +00:00
Armin Kuster a57799000e ossec-hids: musl not compatable 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:17 +00:00
Armin Kuster e1f0699492 packagegroup-core-security: exclude ossec-hids from musl 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:17 +00:00
Armin Kuster 72c5043d84 lkrg-module: update 0.9.1 
LIC_FILES_CHKSUM updated do to yr change and adding new copyrights

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:17 +00:00
Armin Kuster 951ea7ca15 python3-scapy: update to 2.4.5 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:17 +00:00
Upgrade Helper ed6e250b4d opendnssec: upgrade 2.1.8 -> 2.1.9 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:17 +00:00
Upgrade Helper 77db981282 clamav: upgrade to latest revision 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-06-05 19:25:17 +00:00
Armin Kuster ab239f1497 packagegroup-core-security: add clamav-daemon 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 448426a1ba clamav: fix systemd startup 
cleanup recipe

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 10f866a458 .gitlab-ci: drop clean up combine alt w base 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 31e5b3e08f packagegroup-core-security: add aide and ossec 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 2f49b2dad0 aide: Add another ids 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 44a345dbb1 Apparmor: fix multi config build issue. 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 06101dd3da packagegroup-core-security: fix typo for mips 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 2410c36f1f ibmtpm2tss: update to tip 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster ab9da58c3a ibmswtpm2: update to 1661 
Drop patch now included in updated

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster cb6b4ae505 suricata: 4.1.x add UPSTREAM_CHECK_URI 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster c127cf37f2 python3-scapy: add UPSTREAM_CHECK_COMMITS 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 8a098010c1 ossec-hids: add UPSTREAM_CHECK_COMMITS 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 75d37ed02a clamav: update to tip. 
Add UPSTEAM_CHECK

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 5a9e1224e7 tpm2-pkcs11: Update to 1.6.0 
Includes gcc11 fix.
Added p11-kit
Minor cleanup

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster 7db47965a2 tripwire: Blacklist pkg, upstream seems abandond 
Last update was 2018. Does not build with gcc11.
There are other actively maintained IDS options.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:55 -07:00
Armin Kuster acbf11eec8 build cleanup: add iam to base depend 
Drop *.ima.yml
Try next

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-05-16 13:23:43 -07:00
Armin Kuster baca6133f9 libseccomp: drop recipe. In core now 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-26 14:33:01 +00:00
Armin Kuster f1f517c919 ossec-hids: add new pkg 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-26 14:32:51 +00:00
Armin Kuster 30da585d2a kas-security-base: fix feature namespace for tpm* 
They are MACHINE not DISTRO FEATURES

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-20 07:41:29 -07:00
Armin Kuster caeeb4fb24 .gitlab-ci: use kas shell in some cases. 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-20 07:41:29 -07:00
Armin Kuster 881d441f71 packagegroup-core-security: exclude apparmor in mips64 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-19 06:56:18 -07:00
Armin Kuster 32bcdd0fc5 kas: cleanup some kas files 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-19 06:56:18 -07:00
Armin Kuster ca7491a2e3 gitlab-ci: add new before script 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-19 06:56:18 -07:00
Armin Kuster 81ec453fc5 gitlab-ci: cleanup after_script 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-19 06:56:18 -07:00
Armin Kuster 40a7f58913 .gitlab-ci: work on pipelime 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2021-04-19 06:56:18 -07:00