Update BINDIR and SBINDIR so keyutils builds with usrmerge
ERROR: keyutils-1.5.10-r0 do_package: QA Issue: keyutils: Files/directories were installed but not shipped in any package:
/sbin/key.dns_resolver
/sbin/request-key
/bin/keyctl
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
keyutils: 3 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Drop patch xmlsec1-fix-a-typo-in-examples-verify3.c.patch since the
issue had been fixed upstream.
Rebase patch change-finding-path-of-nss.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Update rootsbindir from /sbin to ${base_sbindir}
to fix below do_install error when usrmerge
enabled in DISTRO_FEATURES
| chmod: cannot access '/poky-build/tmp-glibc/work/core2-64-wrs-linux/ecryptfs-utils/111-r0/image/usr/sbin/mount.ecryptfs_private': No such file or directory
And pass "--with-pamdir=${base_libdir}/security"
to configure script to fix below warning when
usrmerge enabled in DISTRO_FEATURES
| WARNING: ecryptfs-utils-111-r0 do_package: QA Issue: ecryptfs-utils: Files/directories were installed but not shipped in any package:
/lib64/security/pam_ecryptfs.so
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Commit ada3eee ("libseccomp: fix rdepends") added RDEPENDS on bash, but
this is no longer needed, so drop it.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix rules make. Don't allow the makefile to download the rules. Use
fetcher
add install configs and remove manual intall of those files
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This describes the content a lot better. RDEPENDS are still missing, so it's still as non-working as before :/
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This fixes the following warning during startup:
suricata[24522]: 31/7/2018 -- 13:47:15 - <Warning> - [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "/etc/suricata//threshold.config": No such file or directory
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This fixes the following warning during startup:
suricata[22707]: 31/7/2018 -- 13:34:40 - <Warning> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 47 rule files specified, but no rule was loaded at all!
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This fixes the following error preventing startup in daemon mode:
suricata[20485]: 31/7/2018 -- 13:19:48 - <Error> - [ERRCODE: SC_ERR_MISSING_CONFIG_PARAM(118)] - NO logging compatible with daemon mode selected, suricata won't be able to log. Please update 'logging.outputs'
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
For inline IPS nfqueue is nice to have, so add a PACKAGECONFIG entry for
it.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Move ${PN}-python in front so ${PN} can use default packaging rules.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
log_check] WARNING: Intentionally failing postinstall scriptlets of ['suricata', 'clamav'] to defer them to first boot is deprecated. Please place them into pkg_postinst_ontarget_${PN} ()
Signed-off-by: Armin Kuster <akuster808@gmail.com>
[log_check] WARNING: Intentionally failing postinstall scriptlets of ['suricata', 'clamav'] to defer them to first boot is deprecated. Please place them into pkg_postinst_ontarget_${PN} ()
Signed-off-by: Armin Kuster <akuster808@gmail.com>
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers
to inject arbitrary OS commands via the Server field in an HTTP response header,
which is directly injected into a CSV report.
Signed-off-by: Nagalakshmi Veeramallu <nveeramallu@mvista.com>
Reviewed-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
status get by "systemctl status samhain" is not correct.
It is active(exited) now. but actually, there is a dameon
running, it should be active(running). so change Type of
servive.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
When systemd is used as system init manager, there is a build issue complains
"can't found apparmor.service". This patch fix it.
Signed-off-by: Jinliang Li <jinliang.li@linux.alibaba.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Set the correct path of kernel configuration file in linux-yocto_4.%.bbappend
to fix the build issue, which is "Fetcher failure for URL: 'file://apparmor.cfg'.
Unable to fetch URL from any source."
Signed-off-by: Jinliang Li <jinliang.li@linux.alibaba.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
No packages depend on samhain-server-native and it doesn't
make sense to extend a server package to native, so remove
the BBCLASSEXTEND.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
