LIC_FILE_CHKSUM changes to to indentations changes.
use bootstrap to setup config properly.
Drop libgssglue-fix-CVE-2011-2709.patch, libgssglue-g-initialize.patch now included in update.
and ibgssglue-mglueP.patch now included in update.
Drop libgssglue-gss-inq-cred.patch still pending after 5 yrs.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Generic Low Overhead Message Exchange (GLOME) is a protocol providing
secure authentication and authorization for low dependency environments.
Signed-off-by: John Edward Broadbent <jebr@google.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Use python3-native to use 2to3
Fix build issue on some hosts with this error:
(result, consumed) = self._buffer_decode(data, self.errors, final)
| UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd8 in position 152: invalid continuation byte
Signed-off-by: Armin Kuster <akuster808@gmail.com>
raise InvalidWheelFilename(f"{filename} is not a valid wheel filename.")
pip._internal.exceptions.InvalidWheelFilename: fail2ban-*-*.whl is not a valid wheel filename.
Removed build tracker: '/tmp/pip-req-tracker-qnepnk46'
ERROR: Failed to pip install wheel. Check the logs.
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ERROR: python3-privacyidea-3.5.2-r0 do_package: QA Issue: python3-privacyidea: Files/directories were installed but not shipped in any package:
/usr/etc
/usr/etc/privacyidea
/usr/etc/privacyidea/dictionary
/usr/etc/privacyidea/privacyideaapp.wsgi
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes:
ERROR: python3-fail2ban-0.11.2-r0 do_package_qa: QA Issue: python3-fail2ban installs files in /run, but it is expected to be empty [empty-dirs]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
/var/log is normally a link to /var/volatile/log and /var/volatile is a
tmpfs mount. So anything created in /var/log will not be available when
the tmpfs is mounted.
[Thanks to Peter Kjellerstedt for example]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It packages all file in ${libdir} to package sssd, including the .so
symlink files. Then it causes QA issues:
| ERROR: QA Issue: sssd rdepends on dbus-dev [dev-deps]
| ERROR: QA Issue: sssd rdepends on ding-libs-dev [dev-deps]
So re-package sssd then the .so symlink files and .pc files are packaged
to sssd-dev which should be.
File ${libdir}/libsss_sudo.so is not a symlink file but packaged to
sssd-dev too. Then causes another QA issue:
| ERROR: sssd-2.5.2-r0 do_package_qa: QA Issue:
-dev package sssd-dev contains non-symlink .so '/usr/lib/libsss_sudo.so' [dev-elf]
So create a new sub-package libsss-sudo to package file libsss_sudo.so
and make sssd rdepends on it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes:
error in fail2ban setup command: use_2to3 is invalid.
ERROR: 'python3 setup.py build ' execution failed.
drop custom fail2ban_setup.py
remove pyhton-fail2ban as its a symlink to python3
Update to tip for 11.2 branch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Add chipsec, tools to dump and analyzing hardware, system firmware
components, like PCH register, ioport or iomem configuration space.
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
fscrypt is a high-level tool for the management of Linux
filesystem encryption. fscrypt manages metadata, key generation,
key wrapping, PAM integration, and provides a uniform interface
for creating and modifying encrypted directories.
Add recipe for the same in 'recipes-security'.
Signed-off-by: Bhupesh Sharma <bhupesh.sharma@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
SSSD 2.5.2 Highlights
* General information
- originalADgidNumber attribute in the SSSD cache is now indexed
* New features
- Debug messages in data provider include a unique request ID that can
be used to track the request from its start to its end (requires
libtevent >= 0.11.0)
* Important fixes
- Update large files in the files provider in batches to avoid timeouts
* Configuration changes
- Add new config option fallback_to_nss
Full release notes:
* https://sssd.io/release-notes/sssd-2.5.2.html
And backport patch to fix CVE-2021-3621.
CVE: CVE-2021-3621
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
