mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-05-07 16:59:28 +00:00
Code Issues Projects Releases Wiki Activity
434 Commits 39 Branches 0 Tags
48ccc9a08dd85163f9c907c79dd38f0808f6f967
Commit Graph

434 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ross Burton 48ccc9a08d apparmor: backport a patch to fix tool paths instead of sedding 
Sedding is ugly, and as upstream have already fixed this cherry-pick the patch
instead.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 4918d0b025 apparmor: if Perl is disabled remove perl-using scripts 
aa-notify uses the Perl bindings, so isn't usable when perl is disabled.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 230ee1fc35 apparmor: systemd.bbclas is useful even when disabled 
The systemd bbclass will remove any systemd files that have been installed if
systemd is disabled, so always install the files and always inherit.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton a648a295dd apparmor: remove pointless ALLOW_EMPTY 
${PN} has content, so there's no need to set ALLOW_EMPTY_${PN}.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 769b1cc468 apparmor: no need to conditionalise PACKAGES 
A package with no content is not generated, so there's no need to conditionalise
assignments to PACKAGES.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 448eee287f apparmor: use manpages class 
The manpages class handles enabling/disabling the man pages based on the
api-documentation DISTRO_FEATURE, and ensures that mandb is called.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 1159085fd1 apparmor: remove redundant S 
This is the default value, so remove it.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 07fbfa0a6e apparmor: enable static libraries neatly 
No need to fiddle with the configure arguments as we can just neuter
disable-static.inc.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton acd4c16c9e apparmor: add missing bash dependency 
testsuite/parser/tst/minimize.sh is a bash script, so until it is reviewed add a
bash dependency to apparmor-ptest.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 08ecf1af9e README: remove Saul from maintainers 
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:25 -08:00
Ross Burton 8b435f6548 README: add git-config tips 
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:53:07 -08:00
Scott Ellis 65a163f5fa Add recipe for ncrack 
Ncrack is a network authentication cracking tool.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-17 15:52:58 -08:00
Scott Ellis b4441953a5 nikto: upgrade to 2.1.6 (v2) 
Source now on github.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-06 08:02:28 -08:00
Scott Ellis 15beceb2bd checksec: Upgrade to 1.11.0 
Switch source to a more up to date github repo.

Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-06 08:02:19 -08:00
Armin Kuster d7aecbcc26 ptest: fix testsuite var 
core remove variable used to define ptest test suite.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-01-05 13:21:51 -08:00
Daniel Dragomir 32e2a2d06c tpm2-abrmd: Fix QA error 
QA Issue: tpm2-abrmd: Files/directories were installed but not
          shipped in any package:
/usr/share/dbus-1
/usr/share/dbus-1/system-services
/usr/share/dbus-1/system-services/com.intel.tss2.Tabrmd.service

Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-12-15 11:52:59 -08:00
Daniel Dragomir 22c18444aa tpm2.0-tss: Remove resourcemgr sub-package 
Since in 2.0.x branch resourcemgr was removed as deprecated by
commit 7966ef8916f79ed09eab966a58d773f413fbb67f ("Remove resourcemgr
and fixup build.") and commit 0e175d36c13b1801d75ae768ac520154585326f8
("contrib: Remove systemd service and udev rules for old resourcemgr."),
remove resourcemgr sub-package with it's components.

Build will fail when trying sed command on resourcemgr.service
(No such file or directory).

Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-12-10 08:55:55 -08:00
Robert Yang 393db42323 apparmor: Remove tab indentations in python code 
Use 4 spaces to replace a tab.

Fixed:
apparmor_2.12.bb: python should use 4 spaces indentation, but found tabs in apparmor_2.12.bb, line 49

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-12-06 22:37:59 -08:00
Armin Kuster de9d6d1793 lynis: update to 2.7.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-12-06 22:37:33 -08:00
Armin Kuster dcb0395033 README: update maintainers email and move pkg help info 
This is to simplify the main README

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster 28508811dc clamav: update to 0.99.4 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster a2df7b4ce0 layer.conf: update ptest var to align with core 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster 5462ce5b7a packagegroup-core-security: add fail2ban ptest to image 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster d32ae3cb83 fail2ban: add ptest 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster af173c0440 packagegroup-core-security: add tripwire ptest 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster dd5b5c2753 tripwire: add ptest 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster e8f5ec707f security-build-image: remove X11 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster ab7b4aefa2 packagegroup-core-security: add suricata-ptest 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster 94c7e71682 suricata: add ptest 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster 4e3e7da657 packagegroup-core-security: add few more ptest packages 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster 57cac8ede6 swtpm: switch to stable branch and clean up recipe 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster b15dbacb32 packagegroup-security-tpm2: add and remove packages 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster 4bf54d58ad tpm2-abrmd: update to 2.0.2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster e920ff6e40 os-release: remove OS_RELEASE_FEILD extending 
depends on the OS_RELEASRE_FEILD os-release changes in core
otherwise yocto-check-layer will fail

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster f3bd6ceb6b layer.con: add TESTSUITE define 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster d51793e69c packagegroup-core-security: add ptest capable packages 
and favor python-scapy

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster b58f4ca4fb packagegroups: add more packages 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster b898dc231a suricata: fix QA error 
ollected errors:
 * check_data_file_clashes: Package suricata wants to install file .../1.0-r0/rootfs/var/run
	But that file is already provided by package  * base-files

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Armin Kuster 6149fb61b0 tpm2 packagegroup: fix filenames 
tpm2.0-tss package names changed, update accordingly

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-10-31 09:02:21 -07:00
Changqing Li 729fca6d2c bseccomp: fix do package qa warning 
Fix below warning:

lib32-libseccomp-2.3.3-r0 do_package: QA Issue: lib32-libseccomp:
Files/directories were installed but not shipped in any package:

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-29 10:43:01 -07:00
Yi Zhao 29b5ec44c7 keynote: remove recipe 
The keynote is unmaintained for a long time. It had been removed from
main distributions (Fedora, Suse and Debian).
See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594867

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-29 10:43:01 -07:00
Armin Kuster 04ef9df593 meta-security: add THUD 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-29 10:42:53 -07:00
Armin Kuster 4bbc0d9d94 samhain: update to 4.3.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-23 15:34:10 -07:00
Armin Kuster 64153a0f51 forensics: drop all un supported pacakges 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-17 21:08:19 -07:00
Armin Kuster 76ae9a21f7 lynis: update to 2.6.8 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-17 21:08:19 -07:00
Armin Kuster e535ac49fd aircrack: update to 1.3 
remove unneeded patch.
minor cleanups

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-17 21:08:19 -07:00
Armin Kuster d255fa5bfb swtpm: update to tip for openssl 1.1 support 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-17 21:08:19 -07:00
Armin Kuster 6faa2504ef libtpm: update to tip 
LIC_FILES_CHKSUM changed do to "Extend license texts with TPM 2 specifics"

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-17 21:08:19 -07:00
Armin Kuster 3bae06e29b openssl-tpm-engine: update SRC_URI and update to 0.5.0 
change to a fork that is being maintained and that enabled openssl 1.1
Refresh patches
Drop one no longer needed

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-17 21:08:19 -07:00
Armin Kuster 49a7a7a8e1 pcr-extend: fix building with openssl 1.1 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2018-09-17 21:08:19 -07:00