summaryrefslogtreecommitdiffstats
path: root/recipes-core
Commit message (Collapse)AuthorAgeFilesLines
* meta-security: Add recipe for GlomeJohn Edward Broadbent2022-08-121-0/+1
| | | | | | | | Generic Low Overhead Message Exchange (GLOME) is a protocol providing secure authentication and authorization for low dependency environments. Signed-off-by: John Edward Broadbent <jebr@google.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add pkg to grpArmin Kuster2022-08-121-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add space for appendsArmin Kuster2022-08-061-2/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: remove krill for some archsArmin Kuster2022-08-021-1/+4
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add chipsec pkg to grpArmin Kuster2022-08-021-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add krill to pkg grpsArmin Kuster2022-08-021-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security.bb: add bubblewrap to pkg grpArmin Kuster2022-07-301-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-build-image: add lkrg-module to build imageArmin Kuster2022-06-231-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: skip mips firejailArmin Kuster2022-06-231-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-test-image: add firejail and aide test suitesArmin Kuster2022-06-231-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add firejailArmin Kuster2022-06-231-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-test-image: auto include layers if present.Armin Kuster2022-06-181-1/+10
| | | | | | | This is to simplify tesing to build one image and include pkgs depending on the layers included in the BBLAYERS. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: drop sssdArmin Kuster2022-06-181-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: don't include aprwatch for muslArmin Kuster2022-06-071-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: drop arpwatch for riscv from pkg grpArmin Kuster2022-06-071-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add arpwatch and chkrootkit to pkg grpArmin Kuster2022-06-071-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security.bb: fix suricata inclusionArmin Kuster2022-05-141-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: remove pkgsArmin Kuster2022-05-141-12/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libest: does not build with openssl 3.xArmin Kuster2021-12-251-1/+0
| | | | | | blacklist for now. Remove from pkg grp Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opendnssec: blacklist do to ldns being blacklistedArmin Kuster2021-10-241-1/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dmverity: Make use of DATA_BLOCK_SIZE variable in initrdscript.Christer Fletcher2021-09-281-1/+2
| | | | | | | | | DATA_BLOCK_SIZE variable was set in dm-verity-img.bbclass at build time but the initrdscript was not updated to pass the DATA_BLOCK_SIZE to the veritysetup. Now the functionality is complete. Signed-off-by: Paulo Neves <paulo.neves1@inter.ikea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security.bb: only include suricat-ptest if rust is includedArmin Kuster2021-08-011-2/+13
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-security: Convert to new override syntaxArmin Kuster2021-08-012-24/+24
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security.bb: fix suricat-ptest inclusionArmin Kuster2021-07-281-2/+1
| | | | | | drop libseccomp ptest Signed-off-by: Armin Kuster <akuster808@gmail.com>
* initramfs-framework: rename files dirArmin Kuster2021-06-292-1/+1
| | | | | | | Fixes: ERROR: initramfs-framework-1.0-r4 do_fetch: Fetcher failure for URL: 'file://dmverity'. Unable to fetch URL from any source. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add sshguardArmin Kuster2021-06-291-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* initramfs-framework: fix typo in conditionalArmin Kuster2021-06-291-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: drop python3-scapyArmin Kuster2021-06-051-2/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* initramfs-framework: fix YCL issue.Armin Kuster2021-06-052-16/+17
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* busybox: drop as libsecomp is in coreArmin Kuster2021-06-053-5/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: exclude ossec-hids from muslArmin Kuster2021-06-051-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add clamav-daemonArmin Kuster2021-05-161-2/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add aide and ossecArmin Kuster2021-05-161-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: fix typo for mipsArmin Kuster2021-05-161-2/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tripwire: Blacklist pkg, upstream seems abandondArmin Kuster2021-05-161-2/+0
| | | | | | | Last update was 2018. Does not build with gcc11. There are other actively maintained IDS options. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: exclude apparmor in mips64Armin Kuster2021-04-191-0/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: drop clamav-cvdArmin Kuster2021-04-021-2/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: remove clamav from musl imageArmin Kuster2020-10-101-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: apparmor 3.0 ptest does not buildArmin Kuster2020-10-091-1/+0
| | | | | | for now skip apparmor ptest Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-test-image: tweak to get more tests to runnArmin Kuster2020-10-091-1/+8
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* initramfs-framework/dmverity: add retry loop for slow boot devicesNaveen Saini2020-10-091-27/+37
| | | | | | | | | | | Detection of USB devices by the kernel is slow enough. We need to keep trying for a while (default: 5s seconds, controlled by roottimeout=<seconds>) and sleep between each attempt (default: one second, rootdelay=<seconds>). Fix is based on https://git.yoctoproject.org/cgit.cgi/poky/commit/meta/recipes-core/initrdscripts/initramfs-framework/rootfs?id=ee6a6c3461694ce09789bf4d852cea2e22fc95e4 Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security-ptest: removeArmin Kuster2020-10-011-27/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-test-image: simplifyArmin Kuster2020-10-012-24/+16
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security-ptest: remove keyutils-ptestArmin Kuster2020-10-011-1/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add opendnssec to pkg grpArmin Kuster2020-09-291-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add libest packageArmin Kuster2020-09-291-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add softHSMArmin Kuster2020-09-291-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: add more pkgs to base groupArmin Kuster2020-09-181-4/+13
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-core-security: dont include suricata on riscv or ppcArmin Kuster2020-09-121-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dm-verity-image-initramfs: Drop locales from imageniko.mauno@vaisala.com2020-09-121-0/+1
| | | | | | | | | | Since IMAGE_LINGUAS defaults to 'en-us en-gb' and since localization is not needed on this type of purpose-specific initramfs image, reset the variable which helps by shaving off almost 700kB from resulting bundled zImage-initramfs artifact. Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-05 03:49:53 +0000