It was pointed out that the recipe was wrongly doing
FILESEXTRAPATHS:append, but on inspection the recipe does
not need it at all, so just remove.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Replace references of WORKDIR with UNPACKDIR where it makes sense to do so in preparation for changing the default value of UNPACKDIR.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a
This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).
This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.
This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now terrible:
0 (0%) meta-parsec
N/A (0%) meta-hardening
1 (100%) meta-integrity
15 (68%) meta-tpm
27 (61%) meta-security
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix the ima_policy_appraise_all policy to appraise all executables
and libraries. Also update the list of files that are not appraised to not
appraise cgroup related files.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Building documentation fails due to missing asciidoc, xsltproc etc
so it's better to just disable building them by default.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
lnr is a script in oe-core that creates relative symlinks, with the same
behaviour as `ln --relative --symlink`. It was added back in 2014[1] as
not all of the supported host distributions at the time shipped
coreutils 8.16, the first release with --relative.
However the oldest coreutils release in the supported distributions is
now 8.22 in CentOS 7, so lnr can be deprecated and users switched to ln.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
IMA_POLICY is being referred as policy recipe name in some places and it
is also being referred as policy file in other places, they are
conflicting with each other which make it impossible to set a IMA_POLICY
global variable in config file.
Fix it by dropping IMA_POLICY definitions from policy recipes
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This ensures when a end user change the IMA_EVM_X509 key file,
ima-evm-keys recipe will be rebuilt.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
'ima' does not have to be in native DISTRO_FEATURES, unset it to avoid
sanity check for ima-evm-utils-native.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Scott Murray
Armin Kuster
Mikko Rapeli
Wang Mingyu
Martin Jansa
Stefan Berger
Ming Liu
Dmitry Eremin-Solenikov
lumag