security layer updated work

Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
author: Andrei Dinu <andrei.adrianx.dinu@intel.com> 2013-07-01 16:45:26 +0300
committer: Andrei Dinu <andrei.adrianx.dinu@intel.com> 2013-07-01 16:45:26 +0300
commit: f359c35ab250c09e858d88b8b1aa872bb7d2cddd (patch)
tree: d535d9f471223e5bcd9cb4a0858a0dcaa06e41b7 /recipes-security
parent: 60d90b25631471e8193b3069c6a520ccf7c82008 (diff)
download: meta-security-f359c35ab250c09e858d88b8b1aa872bb7d2cddd.tar.gz
16 files changed, 360 insertions, 17 deletions
diff --git a/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb b/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb
new file mode 100644
index 0000000..af5907f
--- /dev/null
+++ b/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb
@@ -0,0 +1,19 @@
+SUMMARY = "e-mail filter"
+DESCRIPTION = "SpamAssassin is a mail filter which attempts to identify spam using a variety of mechanisms including text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases."
+SECTION = "security"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10"
+DEPENDS = "perl"
+SRC_URI = "http://apache.mirrors.hoobly.com/spamassassin/source/${PN}-${PV}.tar.gz"
+SRC_URI[md5sum] = "d1d62cc5c6eac57e88c4006d9633b81e"
+SRC_URI[sha256sum] = "5323038939a0ef9fc97d5264defce3ae1d95e98b3a94c4c3b583341c927f32df"
+EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}"
+inherit cpan
+do_compile(){
+    export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')"
+    cpan_do_compile
+}
diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb
index 9aa0fb1..ef754c2 100644
--- a/recipes-security/bastille/bastille_3.2.1.bb
+++ b/recipes-security/bastille/bastille_3.2.1.bb
@@ -1,9 +1,9 @@
+SUMMARY = "Linux hardening tool"
 DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling."
 LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
 # Bash is needed for set +o privileged (check busybox), might also need ncurses
 RDEPENDS_${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd curses-perl coreutils"
-PR = "r0"
 inherit allarch
diff --git a/recipes-security/buck-security/buck-security_0.6.bb b/recipes-security/buck-security/buck-security_0.6.bb
new file mode 100644
index 0000000..23bf1b1
--- /dev/null
+++ b/recipes-security/buck-security/buck-security_0.6.bb
@@ -0,0 +1,29 @@
+SUMMARY = "Linux security scanner"
+DESCRIPTION = "Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux \
+system. This enables you to quickly overview the security status of your Linux system."
+SECTION = "security"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+RDEPENDS_${PN} = "perl perl-module-term-ansicolor perl-module-posix perl-module-getopt-long perl-module-time-localtime perl-module-data-dumper perl-module-lib"
+SRC_URI = "http://sourceforge.net/projects/buck-security/files/buck-security/buck-security_0.6/${PN}_${PV}.tar.gz"
+SRC_URI[md5sum] = "edbd40742853fc91ffeae5b2d9ea7bab"
+SRC_URI[sha256sum] = "5d5dcc58b09c3a4bd87f60f86bb62cd2b0bfd7106a474951f8f520af0042a5b7"
+S = "${WORKDIR}/${PN}_${PV}"
+do_configure() {
+    :
+}
+do_compile() {
+    :
+}
+do_install() {
+    install -d ${D}${exec_prefix}/local/${PN}
+    cp -r ${S}/* ${D}${exec_prefix}/local/${PN}
+}
+FILES_${PN} = "${exec_prefix}/*"
diff --git a/recipes-security/checksecurity/checksecurity_2.0.14.bb b/recipes-security/checksecurity/checksecurity_2.0.14.bb
index 951a3e6..72d6c64 100644
--- a/recipes-security/checksecurity/checksecurity_2.0.14.bb
+++ b/recipes-security/checksecurity/checksecurity_2.0.14.bb
@@ -1,9 +1,12 @@
-DESCRIPTION = "basic system security checks"
+SUMMARY = "basic system security checks"
+DESCRIPTION = "checksecurity is a simple package which will scan your system for several simple security holes."
 SECTION = "security"
 LICENSE = "GPL-2.0"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+RDEPENDS_${PN} = "perl env-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob util-linux findutils"
-SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}.tar.gz"
+SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}.tar.gz \
+           file://setuid-log-folder.patch"
 SRC_URI[md5sum] = "ad6cfe0cd66ebdd16dd5d4ee5fa8fa17"
 SRC_URI[sha256sum] = "a2bc2355358d6daf3cb72485d564e82cb541e8516f23b50522c816853ecd13c2"
diff --git a/recipes-security/checksecurity/files/setuid-log-folder.patch b/recipes-security/checksecurity/files/setuid-log-folder.patch
new file mode 100644
index 0000000..540ea9c
--- /dev/null
+++ b/recipes-security/checksecurity/files/setuid-log-folder.patch
@@ -0,0 +1,52 @@
+From 24dbeec135ff83f2fd35ef12fe9842f02d6fd337 Mon Sep 17 00:00:00 2001
+From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
+Date: Thu, 20 Jun 2013 15:14:55 +0300
+Subject: [PATCH] changed log folder for check-setuid
+check-setuid was creating logs in /var/log directory,
+which cannot be created persistently. To avoid errors
+the log folder was changed to /etc/checksecurity/.
+Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
+---
+ etc/check-setuid.conf |    2 +-
+ plugins/check-setuid  |    6 +++---
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+diff --git a/etc/check-setuid.conf b/etc/check-setuid.conf
+index 621336f..e1532c0 100644
+--- a/etc/check-setuid.conf
+++ b/etc/check-setuid.conf
+@@ -116,4 +116,4 @@ CHECKSECURITY_PATHFILTER="-false"
+ #
+ # Location of setuid file databases. 
+ #
+-LOGDIR=/var/log/setuid
+LOGDIR=/etc/checksecurity/
+diff --git a/plugins/check-setuid b/plugins/check-setuid
+index 8d6f90b..bdb21c1 100755
+--- a/plugins/check-setuid
+++ b/plugins/check-setuid
+@@ -44,8 +44,8 @@ if [ `/usr/bin/id -u` != 0 ] ; then
+    exit 1
+ fi
+ 
+-TMPSETUID=${LOGDIR:=/var/log/setuid}/setuid.new.tmp
+-TMPDIFF=${LOGDIR:=/var/log/setuid}/setuid.diff.tmp
+TMPSETUID=${LOGDIR:=/etc/checksecurity/}/setuid.new.tmp
+TMPDIFF=${LOGDIR:=/etc/checksecurity/}/setuid.diff.tmp
+ 
+ #
+ # Check for NFS/AFS mounts that are not nosuid/nodev
+@@ -75,7 +75,7 @@ if [ "$CHECKSECURITY_NOFINDERRORS" = "TRUE" ] ; then
+ fi
+ 
+ # Guard against undefined vars
+-[ -z "$LOGDIR" ] && LOGDIR=/var/log/setuid
+[ -z "$LOGDIR" ] && LOGDIR=/etc/checksecurity/
+ if [ ! -e "$LOGDIR" ] ; then
+     echo "ERROR: Log directory $LOGDIR does not exist"
+     exit 1
+-- 
+1.7.9.5
diff --git a/recipes-security/libseccomp/files/compiler.patch b/recipes-security/libseccomp/files/compiler.patch
new file mode 100644
index 0000000..c7f2fbb
--- /dev/null
+++ b/recipes-security/libseccomp/files/compiler.patch
@@ -0,0 +1,32 @@
+From fb3e84f6212333949ee3e410bb468bb06c289a1e Mon Sep 17 00:00:00 2001
+From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
+Date: Fri, 28 Jun 2013 15:55:13 +0300
+Subject: [PATCH] libseccomp always used host compiler
+passing $CC at do_install() doesn't seem to have
+effect on the compiler used by libseccomp. Modified
+the compiler manually.
+Upstream Status: Inapropriate
+Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
+---
+ macros.mk |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/macros.mk b/macros.mk
+index 9c62fa7..e219be6 100644
+--- a/macros.mk
+++ b/macros.mk
+@@ -66,7 +66,7 @@ AWK ?= awk
+ PYTHON ?= /usr/bin/env python
+ 
+ # we require gcc specific functionality
+-GCC ?= gcc
+GCC ?= $(CC)
+ 
+ INSTALL ?= install
+ 
+-- 
+1.7.9.5
diff --git a/recipes-security/libseccomp/libseccomp_2.1.0.bb b/recipes-security/libseccomp/libseccomp_2.1.0.bb
new file mode 100644
index 0000000..f909c62
--- /dev/null
+++ b/recipes-security/libseccomp/libseccomp_2.1.0.bb
@@ -0,0 +1,19 @@
+SUMMARY = "interface to seccomp filtering mechanism"
+DESCRIPTION = "The libseccomp library provides and easy to use, platform independent,interface to the Linux Kernel's syscall filtering mechanism: seccomp."
+SECTION = "security"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+SRC_URI = "http://sourceforge.net/projects/libseccomp/files/${PN}-${PV}.tar.gz \
+           file://compiler.patch"
+SRC_URI[md5sum] = "3961103c1234c13a810f6a12e60c797f"
+SRC_URI[sha256sum] = "b0d6e4f0984e6632a04f0cf33c6babdb011674ba15ff208e196f037e0e09905e"
+do_configure() {
+   ${S}/configure --prefix=${prefix} --libdir=${libdir}
+}
+do_install() {
+    oe_runmake DESTDIR=${D} install
+}
diff --git a/recipes-security/nmap/files/lua.patch b/recipes-security/nmap/files/lua.patch
new file mode 100644
index 0000000..7cb86ab
--- /dev/null
+++ b/recipes-security/nmap/files/lua.patch
@@ -0,0 +1,79 @@
+Added missing definitions which caused failuire at do_configure
+with --without-liblua option.
+Upstream Status : pending
+Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
+--- a/output.h
+++ b/output.h
+@@ -226,6 +226,10 @@
+ void printscriptresults(ScriptResults *scriptResults, stype scantype);
+ 
+ void printhostscriptresults(Target *currenths);
+
+/*This is a helper function to determine the ordering of the script results
+  based on their id */
+bool comparescriptids(ScriptResult first, ScriptResult second);
+ #endif
+ 
+ /* Print a table with traceroute hops. */
+@@ -253,8 +257,4 @@
+    were found. */
+ void printdatafilepaths();
+ 
+-/*This is a helper function to determine the ordering of the script results
+-  based on their id */
+-bool comparescriptids(ScriptResult first, ScriptResult second);
+-
+ #endif /* OUTPUT_H */
+--- a/output.cc
+++ b/output.cc
+@@ -2613,6 +2613,7 @@
+   }
+ }
+ 
+#ifndef NOLUA
+ /*This is a helper function to determine the ordering of the script results
+   based on their id */
+ bool comparescriptids(ScriptResult first, ScriptResult second){
+@@ -2625,5 +2626,6 @@
+     else
+         return false;
+ }
+#endif
+ 
+ 
+--- a/portlist.cc
+++ b/portlist.cc
+@@ -144,6 +144,7 @@
+   }
+ }
+ 
+#ifndef NOLUA
+ void Port::freeScriptResults(void)
+ {
+     while (!scriptResults.empty()) {
+@@ -151,6 +152,7 @@
+         scriptResults.pop_front();
+     }
+ }
+#endif
+ 
+ /* Fills in namebuf (as long as there is space in buflen) with the
+    Name nmap normal output will use to describe the port.  This takes
+--- a/Target.cc
+++ b/Target.cc
+@@ -162,10 +162,12 @@
+ 
+ Target::~Target() {
+   FreeInternal();
+#ifndef NOLUA
+   while (!scriptResults.empty()) {
+     scriptResults.front().clear();
+     scriptResults.pop_front();
+   }
+#endif
+ }
+ 
+ void Target::FreeInternal() {
diff --git a/recipes-security/nmap/nmap_6.25.bb b/recipes-security/nmap/nmap_6.25.bb
new file mode 100644
index 0000000..ff0caa7
--- /dev/null
+++ b/recipes-security/nmap/nmap_6.25.bb
@@ -0,0 +1,21 @@
+SUMMARY = "network auditing tool"
+DESCRIPTION = "Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing."
+SECTION = "security"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+SRC_URI = "http://nmap.org/dist/${PN}-${PV}.tar.bz2 \
+           file://lua.patch"
+SRC_URI[md5sum] = "fcc80f94ff3adcb11eedf91092ea6f5e"
+SRC_URI[sha256sum] = "3349cc6d36b86b95ca2b8075d16615a3a598cef494920d6652f9a8bf9f7660b5"
+inherit autotools
+EXTRA_OECONF = "--without-liblua --without-zenmap"
+do_configure() {
+    autoconf
+    oe_runconf
+}
diff --git a/recipes-security/openvas-cli/openvas-cli_1.2.0.bb b/recipes-security/openvas-cli/openvas-cli_1.2.0.bb
new file mode 100644
index 0000000..d755578
--- /dev/null
+++ b/recipes-security/openvas-cli/openvas-cli_1.2.0.bb
@@ -0,0 +1,13 @@
+DESCRIPTION = "The module OpenVAS-CLI collects command line tools to handle with the OpenVAS services via the respective protocols."
+SECTION = "security"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+DEPENDS = "gnutls openvas-libraries glib-2.0"
+SRC_URI = "http://wald.intevation.org/frs/download.php/1323/${PN}-${PV}.tar.gz"
+SRC_URI[md5sum] = "e712eb71f3a13cc1b70b50f696465f8e"
+SRC_URI[sha256sum] = "d195ca01a44940d1e6fd2ad54ee4fc9b57a3d103235f0a1f05a8b35d97db6be8"
+inherit cmake pkgconfig
diff --git a/recipes-security/openvas-libraries/files/g_type_init.patch b/recipes-security/openvas-libraries/files/g_type_init.patch
new file mode 100644
index 0000000..db55057
--- /dev/null
+++ b/recipes-security/openvas-libraries/files/g_type_init.patch
@@ -0,0 +1,36 @@
+From f498503889b8178f165afa66dc33aa8ad8901371 Mon Sep 17 00:00:00 2001
+From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
+Date: Fri, 28 Jun 2013 09:38:08 +0300
+Subject: [PATCH] removed the g_type_init()
+The function is depricated in glib >= 2.35.0 and is
+automatically called.
+Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
+---
+ base/openvas_file.c |    2 --
+ 1 file changed, 2 deletions(-)
+diff --git a/base/openvas_file.c b/base/openvas_file.c
+index 8597198..d110c7f 100644
+--- a/base/openvas_file.c
+++ b/base/openvas_file.c
+@@ -164,7 +164,6 @@ openvas_file_copy (const gchar *source_file, const gchar *dest_file)
+   GFile *sfile, *dfile;
+   GError *error;
+ 
+-  g_type_init ();
+   sfile = g_file_new_for_path (source_file);
+   dfile = g_file_new_for_path (dest_file);
+   error = NULL;
+@@ -200,7 +199,6 @@ openvas_file_move (const gchar *source_file, const gchar *dest_file)
+   GFile *sfile, *dfile;
+   GError *error;
+ 
+-  g_type_init ();
+   sfile = g_file_new_for_path (source_file);
+   dfile = g_file_new_for_path (dest_file);
+   error = NULL;
+-- 
+1.7.9.5
diff --git a/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb b/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb
new file mode 100644
index 0000000..caf96f1
--- /dev/null
+++ b/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb
@@ -0,0 +1,14 @@
+DESCRIPTION = "This is the libraries module for the Open Vulnerability Assessment System (OpenVAS)."
+SECTION = "security"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+DEPENDS = "bison flex gpgme glib-2.0"
+SRC_URI = "http://wald.intevation.org/frs/download.php/1303/${PN}-${PV}.tar.gz \
+           file://g_type_init.patch"
+SRC_URI[md5sum] = "0e8b73ee4ad5b36984b5d7be5d6bdfc0"
+SRC_URI[sha256sum] = "50d23afd46f7b49c4cb82a6500b0fe1fb53378af5efce95fd275ea33c879e1dd"
+inherit cmake pkgconfig
diff --git a/recipes-security/curses-perl/curses-perl_1.28.bb b/recipes-security/perl/curses-perl_1.28.bb
index 5984ca7..5984ca7 100644
--- a/recipes-security/curses-perl/curses-perl_1.28.bb
+++ b/recipes-security/perl/curses-perl_1.28.bb
diff --git a/recipes-security/perl/env-perl_1.04.bb b/recipes-security/perl/env-perl_1.04.bb
new file mode 100644
index 0000000..4aeba4f
--- /dev/null
+++ b/recipes-security/perl/env-perl_1.04.bb
@@ -0,0 +1,25 @@
+DESCRIPTION = "This package contains the Env.pm \
+               perl module that imports environment variables as scalars or arrays"
+SECTION = "libs"
+LICENSE = "Artistic-1.0 | GPL-1.0+"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=76c1cbf18db56b3340d91cb947943bd3"
+SRC_URI[md5sum] = "fdba5c0690e66972c96fee112cf5f25c"
+SRC_URI[sha256sum] = "d94a3d412df246afdc31a2199cbd8ae915167a3f4684f7b7014ce1200251ebb0"
+DEPENDS += "perl"
+SRC_URI = "http://search.cpan.org/CPAN/authors/id/F/FL/FLORA/Env-${PV}.tar.gz"
+S = "${WORKDIR}/Env-${PV}"
+EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}"
+inherit cpan
+do_compile() {
+        export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')"
+        cpan_do_compile
+}
diff --git a/recipes-security/lib-perl/lib-perl_0.63.bb b/recipes-security/perl/lib-perl_0.63.bb
index 606ecfb..606ecfb 100644
--- a/recipes-security/lib-perl/lib-perl_0.63.bb
+++ b/recipes-security/perl/lib-perl_0.63.bb
diff --git a/recipes-security/redhat-security/redhat-security_1.0.bb b/recipes-security/redhat-security/redhat-security_1.0.bb
index edab390..442688b 100644
--- a/recipes-security/redhat-security/redhat-security_1.0.bb
+++ b/recipes-security/redhat-security/redhat-security_1.0.bb
@@ -1,3 +1,4 @@
+SUMMARY = "redhat security tools"
 DESCRIPTION = "Tools used by redhat linux distribution for security checks"
 SECTION = "security"
 LICENSE = "GPLv2"
@@ -21,18 +22,18 @@ SRC_URI = "file://find-chroot-py.sh \
 S = "${WORKDIR}"
 do_install() {
-             install -d ${D}${bindir}
+             install    -d  ${D}${bindir}
-             install -m 0755 ${WORKDIR}/find-chroot-py.sh ${D}${bindir}
+             install    -m  0755    ${WORKDIR}/find-chroot-py.sh    ${D}${bindir}
-         install -m 0755 ${WORKDIR}/find-chroot.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/find-chroot.sh   ${D}${bindir}
-         install -m 0755 ${WORKDIR}/find-elf4tmp.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/find-elf4tmp.sh  ${D}${bindir}
-         install -m 0755 ${WORKDIR}/find-execstack.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/find-execstack.sh    ${D}${bindir}
-         install -m 0755 ${WORKDIR}/find-hidden-exec.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/find-hidden-exec.sh  ${D}${bindir}
-         install -m 0755 ${WORKDIR}/find-nodrop-groups.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/find-nodrop-groups.sh    ${D}${bindir}
-         install -m 0755 ${WORKDIR}/find-sh4errors.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/find-sh4errors.sh    ${D}${bindir}
-         install -m 0755 ${WORKDIR}/find-sh4tmp.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/find-sh4tmp.sh   ${D}${bindir}
-         install -m 0755 ${WORKDIR}/lib-bin-check.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/lib-bin-check.sh ${D}${bindir}
-         install -m 0755 ${WORKDIR}/rpm-chksec.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/rpm-chksec.sh    ${D}${bindir}
-         install -m 0755 ${WORKDIR}/rpm-drop-groups.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/rpm-drop-groups.sh   ${D}${bindir}
-         install -m 0755 ${WORKDIR}/selinux-check-devices.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/selinux-check-devices.sh ${D}${bindir}
-         install -m 0755 ${WORKDIR}/selinux-ls-unconfined.sh ${D}${bindir}
+         install    -m  0755    ${WORKDIR}/selinux-ls-unconfined.sh ${D}${bindir}
 }
author	Andrei Dinu <andrei.adrianx.dinu@intel.com>	2013-07-01 16:45:26 +0300
committer	Andrei Dinu <andrei.adrianx.dinu@intel.com>	2013-07-01 16:45:26 +0300
commit	f359c35ab250c09e858d88b8b1aa872bb7d2cddd (patch)
tree	d535d9f471223e5bcd9cb4a0858a0dcaa06e41b7 /recipes-security
parent	60d90b25631471e8193b3069c6a520ccf7c82008 (diff)
download	meta-security-f359c35ab250c09e858d88b8b1aa872bb7d2cddd.tar.gz

diff --git a/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb b/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb new file mode 100644 index 0000000..af5907f --- /dev/null +++ b/recipes-security/Mail-SpamAssasin/Mail-SpamAssassin_3.3.2.bb
@@ -0,0 +1,19 @@
		1	SUMMARY = "e-mail filter"
		2	DESCRIPTION = "SpamAssassin is a mail filter which attempts to identify spam using a variety of mechanisms including text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases."
		3	SECTION = "security"
		4	LICENSE = "GPL-2.0"
		5	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10"
		6	DEPENDS = "perl"
		7
		8	SRC_URI = "http://apache.mirrors.hoobly.com/spamassassin/source/${PN}-${PV}.tar.gz"
		9
		10	SRC_URI[md5sum] = "d1d62cc5c6eac57e88c4006d9633b81e"
		11	SRC_URI[sha256sum] = "5323038939a0ef9fc97d5264defce3ae1d95e98b3a94c4c3b583341c927f32df"
		12
		13	EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}"
		14	inherit cpan
		15
		16	do_compile(){
		17	export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')"
		18	cpan_do_compile
		19	}


diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb index 9aa0fb1..ef754c2 100644 --- a/recipes-security/bastille/bastille_3.2.1.bb +++ b/recipes-security/bastille/bastille_3.2.1.bb
@@ -1,9 +1,9 @@
		1	SUMMARY = "Linux hardening tool"
1	DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling."	2	DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling."
2	LICENSE = "GPLv2"	3	LICENSE = "GPLv2"
3	LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"	4	LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
4	# Bash is needed for set +o privileged (check busybox), might also need ncurses	5	# Bash is needed for set +o privileged (check busybox), might also need ncurses
5	RDEPENDS_${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd curses-perl coreutils"	6	RDEPENDS_${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd curses-perl coreutils"
6	PR = "r0"
7		7
8	inherit allarch	8	inherit allarch
9		9


diff --git a/recipes-security/buck-security/buck-security_0.6.bb b/recipes-security/buck-security/buck-security_0.6.bb new file mode 100644 index 0000000..23bf1b1 --- /dev/null +++ b/recipes-security/buck-security/buck-security_0.6.bb
@@ -0,0 +1,29 @@
		1	SUMMARY = "Linux security scanner"
		2	DESCRIPTION = "Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux \
		3	system. This enables you to quickly overview the security status of your Linux system."
		4	SECTION = "security"
		5	LICENSE = "GPL-2.0"
		6	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
		7	RDEPENDS_${PN} = "perl perl-module-term-ansicolor perl-module-posix perl-module-getopt-long perl-module-time-localtime perl-module-data-dumper perl-module-lib"
		8
		9	SRC_URI = "http://sourceforge.net/projects/buck-security/files/buck-security/buck-security_0.6/${PN}_${PV}.tar.gz"
		10
		11	SRC_URI[md5sum] = "edbd40742853fc91ffeae5b2d9ea7bab"
		12	SRC_URI[sha256sum] = "5d5dcc58b09c3a4bd87f60f86bb62cd2b0bfd7106a474951f8f520af0042a5b7"
		13
		14	S = "${WORKDIR}/${PN}_${PV}"
		15
		16	do_configure() {
		17	:
		18	}
		19
		20	do_compile() {
		21	:
		22	}
		23
		24	do_install() {
		25	install -d ${D}${exec_prefix}/local/${PN}
		26	cp -r ${S}/* ${D}${exec_prefix}/local/${PN}
		27	}
		28
		29	FILES_${PN} = "${exec_prefix}/*"


diff --git a/recipes-security/checksecurity/checksecurity_2.0.14.bb b/recipes-security/checksecurity/checksecurity_2.0.14.bb index 951a3e6..72d6c64 100644 --- a/recipes-security/checksecurity/checksecurity_2.0.14.bb +++ b/recipes-security/checksecurity/checksecurity_2.0.14.bb
@@ -1,9 +1,12 @@
1	DESCRIPTION = "basic system security checks"	1	SUMMARY = "basic system security checks"
		2	DESCRIPTION = "checksecurity is a simple package which will scan your system for several simple security holes."
2	SECTION = "security"	3	SECTION = "security"
3	LICENSE = "GPL-2.0"	4	LICENSE = "GPL-2.0"
4	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"	5	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
		6	RDEPENDS_${PN} = "perl env-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob util-linux findutils"
5		7
6	SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}.tar.gz"	8	SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}.tar.gz \
		9	file://setuid-log-folder.patch"
7		10
8	SRC_URI[md5sum] = "ad6cfe0cd66ebdd16dd5d4ee5fa8fa17"	11	SRC_URI[md5sum] = "ad6cfe0cd66ebdd16dd5d4ee5fa8fa17"
9	SRC_URI[sha256sum] = "a2bc2355358d6daf3cb72485d564e82cb541e8516f23b50522c816853ecd13c2"	12	SRC_URI[sha256sum] = "a2bc2355358d6daf3cb72485d564e82cb541e8516f23b50522c816853ecd13c2"


diff --git a/recipes-security/checksecurity/files/setuid-log-folder.patch b/recipes-security/checksecurity/files/setuid-log-folder.patch new file mode 100644 index 0000000..540ea9c --- /dev/null +++ b/recipes-security/checksecurity/files/setuid-log-folder.patch
@@ -0,0 +1,52 @@
		1	From 24dbeec135ff83f2fd35ef12fe9842f02d6fd337 Mon Sep 17 00:00:00 2001
		2	From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
		3	Date: Thu, 20 Jun 2013 15:14:55 +0300
		4	Subject: [PATCH] changed log folder for check-setuid
		5
		6	check-setuid was creating logs in /var/log directory,
		7	which cannot be created persistently. To avoid errors
		8	the log folder was changed to /etc/checksecurity/.
		9
		10	Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
		11	---
		12	etc/check-setuid.conf \| 2 +-
		13	plugins/check-setuid \| 6 +++---
		14	2 files changed, 4 insertions(+), 4 deletions(-)
		15
		16	diff --git a/etc/check-setuid.conf b/etc/check-setuid.conf
		17	index 621336f..e1532c0 100644
		18	--- a/etc/check-setuid.conf
		19	+++ b/etc/check-setuid.conf
		20	@@ -116,4 +116,4 @@ CHECKSECURITY_PATHFILTER="-false"
		21	#
		22	# Location of setuid file databases.
		23	#
		24	-LOGDIR=/var/log/setuid
		25	+LOGDIR=/etc/checksecurity/
		26	diff --git a/plugins/check-setuid b/plugins/check-setuid
		27	index 8d6f90b..bdb21c1 100755
		28	--- a/plugins/check-setuid
		29	+++ b/plugins/check-setuid
		30	@@ -44,8 +44,8 @@ if [ `/usr/bin/id -u` != 0 ] ; then
		31	exit 1
		32	fi
		33
		34	-TMPSETUID=${LOGDIR:=/var/log/setuid}/setuid.new.tmp
		35	-TMPDIFF=${LOGDIR:=/var/log/setuid}/setuid.diff.tmp
		36	+TMPSETUID=${LOGDIR:=/etc/checksecurity/}/setuid.new.tmp
		37	+TMPDIFF=${LOGDIR:=/etc/checksecurity/}/setuid.diff.tmp
		38
		39	#
		40	# Check for NFS/AFS mounts that are not nosuid/nodev
		41	@@ -75,7 +75,7 @@ if [ "$CHECKSECURITY_NOFINDERRORS" = "TRUE" ] ; then
		42	fi
		43
		44	# Guard against undefined vars
		45	-[ -z "$LOGDIR" ] && LOGDIR=/var/log/setuid
		46	+[ -z "$LOGDIR" ] && LOGDIR=/etc/checksecurity/
		47	if [ ! -e "$LOGDIR" ] ; then
		48	echo "ERROR: Log directory $LOGDIR does not exist"
		49	exit 1
		50	--
		51	1.7.9.5
		52


diff --git a/recipes-security/libseccomp/files/compiler.patch b/recipes-security/libseccomp/files/compiler.patch new file mode 100644 index 0000000..c7f2fbb --- /dev/null +++ b/recipes-security/libseccomp/files/compiler.patch
@@ -0,0 +1,32 @@
		1	From fb3e84f6212333949ee3e410bb468bb06c289a1e Mon Sep 17 00:00:00 2001
		2	From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
		3	Date: Fri, 28 Jun 2013 15:55:13 +0300
		4	Subject: [PATCH] libseccomp always used host compiler
		5
		6	passing $CC at do_install() doesn't seem to have
		7	effect on the compiler used by libseccomp. Modified
		8	the compiler manually.
		9
		10	Upstream Status: Inapropriate
		11
		12	Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
		13	---
		14	macros.mk \| 2 +-
		15	1 file changed, 1 insertion(+), 1 deletion(-)
		16
		17	diff --git a/macros.mk b/macros.mk
		18	index 9c62fa7..e219be6 100644
		19	--- a/macros.mk
		20	+++ b/macros.mk
		21	@@ -66,7 +66,7 @@ AWK ?= awk
		22	PYTHON ?= /usr/bin/env python
		23
		24	# we require gcc specific functionality
		25	-GCC ?= gcc
		26	+GCC ?= $(CC)
		27
		28	INSTALL ?= install
		29
		30	--
		31	1.7.9.5
		32


diff --git a/recipes-security/libseccomp/libseccomp_2.1.0.bb b/recipes-security/libseccomp/libseccomp_2.1.0.bb new file mode 100644 index 0000000..f909c62 --- /dev/null +++ b/recipes-security/libseccomp/libseccomp_2.1.0.bb
@@ -0,0 +1,19 @@
		1	SUMMARY = "interface to seccomp filtering mechanism"
		2	DESCRIPTION = "The libseccomp library provides and easy to use, platform independent,interface to the Linux Kernel's syscall filtering mechanism: seccomp."
		3	SECTION = "security"
		4	LICENSE = "GPL-2.0"
		5	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
		6
		7	SRC_URI = "http://sourceforge.net/projects/libseccomp/files/${PN}-${PV}.tar.gz \
		8	file://compiler.patch"
		9
		10	SRC_URI[md5sum] = "3961103c1234c13a810f6a12e60c797f"
		11	SRC_URI[sha256sum] = "b0d6e4f0984e6632a04f0cf33c6babdb011674ba15ff208e196f037e0e09905e"
		12
		13	do_configure() {
		14	${S}/configure --prefix=${prefix} --libdir=${libdir}
		15	}
		16
		17	do_install() {
		18	oe_runmake DESTDIR=${D} install
		19	}


diff --git a/recipes-security/nmap/files/lua.patch b/recipes-security/nmap/files/lua.patch new file mode 100644 index 0000000..7cb86ab --- /dev/null +++ b/recipes-security/nmap/files/lua.patch
@@ -0,0 +1,79 @@
		1	Added missing definitions which caused failuire at do_configure
		2	with --without-liblua option.
		3
		4	Upstream Status : pending
		5
		6	Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
		7	--- a/output.h
		8	+++ b/output.h
		9	@@ -226,6 +226,10 @@
		10	void printscriptresults(ScriptResults *scriptResults, stype scantype);
		11
		12	void printhostscriptresults(Target *currenths);
		13	+
		14	+/*This is a helper function to determine the ordering of the script results
		15	+ based on their id */
		16	+bool comparescriptids(ScriptResult first, ScriptResult second);
		17	#endif
		18
		19	/* Print a table with traceroute hops. */
		20	@@ -253,8 +257,4 @@
		21	were found. */
		22	void printdatafilepaths();
		23
		24	-/*This is a helper function to determine the ordering of the script results
		25	- based on their id */
		26	-bool comparescriptids(ScriptResult first, ScriptResult second);
		27	-
		28	#endif /* OUTPUT_H */
		29	--- a/output.cc
		30	+++ b/output.cc
		31	@@ -2613,6 +2613,7 @@
		32	}
		33	}
		34
		35	+#ifndef NOLUA
		36	/*This is a helper function to determine the ordering of the script results
		37	based on their id */
		38	bool comparescriptids(ScriptResult first, ScriptResult second){
		39	@@ -2625,5 +2626,6 @@
		40	else
		41	return false;
		42	}
		43	+#endif
		44
		45
		46	--- a/portlist.cc
		47	+++ b/portlist.cc
		48	@@ -144,6 +144,7 @@
		49	}
		50	}
		51
		52	+#ifndef NOLUA
		53	void Port::freeScriptResults(void)
		54	{
		55	while (!scriptResults.empty()) {
		56	@@ -151,6 +152,7 @@
		57	scriptResults.pop_front();
		58	}
		59	}
		60	+#endif
		61
		62	/* Fills in namebuf (as long as there is space in buflen) with the
		63	Name nmap normal output will use to describe the port. This takes
		64	--- a/Target.cc
		65	+++ b/Target.cc
		66	@@ -162,10 +162,12 @@
		67
		68	Target::~Target() {
		69	FreeInternal();
		70	+#ifndef NOLUA
		71	while (!scriptResults.empty()) {
		72	scriptResults.front().clear();
		73	scriptResults.pop_front();
		74	}
		75	+#endif
		76	}
		77
		78	void Target::FreeInternal() {
		79


diff --git a/recipes-security/nmap/nmap_6.25.bb b/recipes-security/nmap/nmap_6.25.bb new file mode 100644 index 0000000..ff0caa7 --- /dev/null +++ b/recipes-security/nmap/nmap_6.25.bb
@@ -0,0 +1,21 @@
		1	SUMMARY = "network auditing tool"
		2	DESCRIPTION = "Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing."
		3	SECTION = "security"
		4	LICENSE = "GPL-2.0"
		5	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
		6
		7	SRC_URI = "http://nmap.org/dist/${PN}-${PV}.tar.bz2 \
		8	file://lua.patch"
		9
		10	SRC_URI[md5sum] = "fcc80f94ff3adcb11eedf91092ea6f5e"
		11	SRC_URI[sha256sum] = "3349cc6d36b86b95ca2b8075d16615a3a598cef494920d6652f9a8bf9f7660b5"
		12
		13	inherit autotools
		14
		15	EXTRA_OECONF = "--without-liblua --without-zenmap"
		16
		17	do_configure() {
		18	autoconf
		19	oe_runconf
		20	}
		21


diff --git a/recipes-security/openvas-cli/openvas-cli_1.2.0.bb b/recipes-security/openvas-cli/openvas-cli_1.2.0.bb new file mode 100644 index 0000000..d755578 --- /dev/null +++ b/recipes-security/openvas-cli/openvas-cli_1.2.0.bb
@@ -0,0 +1,13 @@
		1	DESCRIPTION = "The module OpenVAS-CLI collects command line tools to handle with the OpenVAS services via the respective protocols."
		2	SECTION = "security"
		3	LICENSE = "GPL-2.0"
		4	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
		5
		6	DEPENDS = "gnutls openvas-libraries glib-2.0"
		7
		8	SRC_URI = "http://wald.intevation.org/frs/download.php/1323/${PN}-${PV}.tar.gz"
		9
		10	SRC_URI[md5sum] = "e712eb71f3a13cc1b70b50f696465f8e"
		11	SRC_URI[sha256sum] = "d195ca01a44940d1e6fd2ad54ee4fc9b57a3d103235f0a1f05a8b35d97db6be8"
		12
		13	inherit cmake pkgconfig


diff --git a/recipes-security/openvas-libraries/files/g_type_init.patch b/recipes-security/openvas-libraries/files/g_type_init.patch new file mode 100644 index 0000000..db55057 --- /dev/null +++ b/recipes-security/openvas-libraries/files/g_type_init.patch
@@ -0,0 +1,36 @@
		1	From f498503889b8178f165afa66dc33aa8ad8901371 Mon Sep 17 00:00:00 2001
		2	From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
		3	Date: Fri, 28 Jun 2013 09:38:08 +0300
		4	Subject: [PATCH] removed the g_type_init()
		5
		6	The function is depricated in glib >= 2.35.0 and is
		7	automatically called.
		8
		9	Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
		10	---
		11	base/openvas_file.c \| 2 --
		12	1 file changed, 2 deletions(-)
		13
		14	diff --git a/base/openvas_file.c b/base/openvas_file.c
		15	index 8597198..d110c7f 100644
		16	--- a/base/openvas_file.c
		17	+++ b/base/openvas_file.c
		18	@@ -164,7 +164,6 @@ openvas_file_copy (const gchar source_file, const gchar dest_file)
		19	GFile sfile, dfile;
		20	GError *error;
		21
		22	- g_type_init ();
		23	sfile = g_file_new_for_path (source_file);
		24	dfile = g_file_new_for_path (dest_file);
		25	error = NULL;
		26	@@ -200,7 +199,6 @@ openvas_file_move (const gchar source_file, const gchar dest_file)
		27	GFile sfile, dfile;
		28	GError *error;
		29
		30	- g_type_init ();
		31	sfile = g_file_new_for_path (source_file);
		32	dfile = g_file_new_for_path (dest_file);
		33	error = NULL;
		34	--
		35	1.7.9.5
		36


diff --git a/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb b/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb new file mode 100644 index 0000000..caf96f1 --- /dev/null +++ b/recipes-security/openvas-libraries/openvas-libraries_6.0.0.bb
@@ -0,0 +1,14 @@
		1	DESCRIPTION = "This is the libraries module for the Open Vulnerability Assessment System (OpenVAS)."
		2	SECTION = "security"
		3	LICENSE = "GPL-2.0"
		4	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
		5
		6	DEPENDS = "bison flex gpgme glib-2.0"
		7
		8	SRC_URI = "http://wald.intevation.org/frs/download.php/1303/${PN}-${PV}.tar.gz \
		9	file://g_type_init.patch"
		10
		11	SRC_URI[md5sum] = "0e8b73ee4ad5b36984b5d7be5d6bdfc0"
		12	SRC_URI[sha256sum] = "50d23afd46f7b49c4cb82a6500b0fe1fb53378af5efce95fd275ea33c879e1dd"
		13
		14	inherit cmake pkgconfig


diff --git a/recipes-security/curses-perl/curses-perl_1.28.bb b/recipes-security/perl/curses-perl_1.28.bb index 5984ca7..5984ca7 100644 --- a/recipes-security/curses-perl/curses-perl_1.28.bb +++ b/recipes-security/perl/curses-perl_1.28.bb


diff --git a/recipes-security/perl/env-perl_1.04.bb b/recipes-security/perl/env-perl_1.04.bb new file mode 100644 index 0000000..4aeba4f --- /dev/null +++ b/recipes-security/perl/env-perl_1.04.bb
@@ -0,0 +1,25 @@
		1	DESCRIPTION = "This package contains the Env.pm \
		2	perl module that imports environment variables as scalars or arrays"
		3
		4	SECTION = "libs"
		5	LICENSE = "Artistic-1.0 \| GPL-1.0+"
		6
		7	LIC_FILES_CHKSUM = "file://LICENSE;md5=76c1cbf18db56b3340d91cb947943bd3"
		8
		9	SRC_URI[md5sum] = "fdba5c0690e66972c96fee112cf5f25c"
		10	SRC_URI[sha256sum] = "d94a3d412df246afdc31a2199cbd8ae915167a3f4684f7b7014ce1200251ebb0"
		11
		12	DEPENDS += "perl"
		13
		14	SRC_URI = "http://search.cpan.org/CPAN/authors/id/F/FL/FLORA/Env-${PV}.tar.gz"
		15
		16	S = "${WORKDIR}/Env-${PV}"
		17
		18	EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}"
		19
		20	inherit cpan
		21
		22	do_compile() {
		23	export LIBC="$(find ${STAGING_DIR_TARGET}/${base_libdir}/ -name 'libc-*.so')"
		24	cpan_do_compile
		25	}


diff --git a/recipes-security/lib-perl/lib-perl_0.63.bb b/recipes-security/perl/lib-perl_0.63.bb index 606ecfb..606ecfb 100644 --- a/recipes-security/lib-perl/lib-perl_0.63.bb +++ b/recipes-security/perl/lib-perl_0.63.bb


diff --git a/recipes-security/redhat-security/redhat-security_1.0.bb b/recipes-security/redhat-security/redhat-security_1.0.bb index edab390..442688b 100644 --- a/recipes-security/redhat-security/redhat-security_1.0.bb +++ b/recipes-security/redhat-security/redhat-security_1.0.bb
@@ -1,3 +1,4 @@
		1	SUMMARY = "redhat security tools"
1	DESCRIPTION = "Tools used by redhat linux distribution for security checks"	2	DESCRIPTION = "Tools used by redhat linux distribution for security checks"
2	SECTION = "security"	3	SECTION = "security"
3	LICENSE = "GPLv2"	4	LICENSE = "GPLv2"
@@ -21,18 +22,18 @@ SRC_URI = "file://find-chroot-py.sh \
21	S = "${WORKDIR}"	22	S = "${WORKDIR}"
22		23
23	do_install() {	24	do_install() {
24	install -d ${D}${bindir}	25	install -d ${D}${bindir}
25	install -m 0755 ${WORKDIR}/find-chroot-py.sh ${D}${bindir}	26	install -m 0755 ${WORKDIR}/find-chroot-py.sh ${D}${bindir}
26	install -m 0755 ${WORKDIR}/find-chroot.sh ${D}${bindir}	27	install -m 0755 ${WORKDIR}/find-chroot.sh ${D}${bindir}
27	install -m 0755 ${WORKDIR}/find-elf4tmp.sh ${D}${bindir}	28	install -m 0755 ${WORKDIR}/find-elf4tmp.sh ${D}${bindir}
28	install -m 0755 ${WORKDIR}/find-execstack.sh ${D}${bindir}	29	install -m 0755 ${WORKDIR}/find-execstack.sh ${D}${bindir}
29	install -m 0755 ${WORKDIR}/find-hidden-exec.sh ${D}${bindir}	30	install -m 0755 ${WORKDIR}/find-hidden-exec.sh ${D}${bindir}
30	install -m 0755 ${WORKDIR}/find-nodrop-groups.sh ${D}${bindir}	31	install -m 0755 ${WORKDIR}/find-nodrop-groups.sh ${D}${bindir}
31	install -m 0755 ${WORKDIR}/find-sh4errors.sh ${D}${bindir}	32	install -m 0755 ${WORKDIR}/find-sh4errors.sh ${D}${bindir}
32	install -m 0755 ${WORKDIR}/find-sh4tmp.sh ${D}${bindir}	33	install -m 0755 ${WORKDIR}/find-sh4tmp.sh ${D}${bindir}
33	install -m 0755 ${WORKDIR}/lib-bin-check.sh ${D}${bindir}	34	install -m 0755 ${WORKDIR}/lib-bin-check.sh ${D}${bindir}
34	install -m 0755 ${WORKDIR}/rpm-chksec.sh ${D}${bindir}	35	install -m 0755 ${WORKDIR}/rpm-chksec.sh ${D}${bindir}
35	install -m 0755 ${WORKDIR}/rpm-drop-groups.sh ${D}${bindir}	36	install -m 0755 ${WORKDIR}/rpm-drop-groups.sh ${D}${bindir}
36	install -m 0755 ${WORKDIR}/selinux-check-devices.sh ${D}${bindir}	37	install -m 0755 ${WORKDIR}/selinux-check-devices.sh ${D}${bindir}
37	install -m 0755 ${WORKDIR}/selinux-ls-unconfined.sh ${D}${bindir}	38	install -m 0755 ${WORKDIR}/selinux-ls-unconfined.sh ${D}${bindir}
38	}	39	}