From 11a67b861af74d59ccfd609d6d943e966ccff731 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Thu, 29 Jul 2021 16:31:12 -0700 Subject: meta-security: Convert to new override syntax Signed-off-by: Armin Kuster --- README | 2 +- conf/distro/include/maintainers.inc | 74 +++---- recipes-core/initrdscripts/initramfs-framework.inc | 14 +- .../packagegroup/packagegroup-core-security.bb | 34 +-- recipes-ids/aide/aide_0.17.3.bb | 6 +- recipes-ids/crowdsec/crowdsec_1.1.1.bb | 8 +- recipes-ids/ossec/ossec-hids_3.6.0.bb | 10 +- recipes-ids/samhain/samhain-client.bb | 4 +- recipes-ids/samhain/samhain-server.bb | 6 +- recipes-ids/samhain/samhain-standalone.bb | 8 +- recipes-ids/samhain/samhain.inc | 20 +- recipes-ids/tripwire/tripwire_2.4.3.7.bb | 14 +- recipes-kernel/linux/linux-yocto_security.inc | 6 +- recipes-kernel/lkrg/lkrg-module_0.9.1.bb | 2 +- recipes-mac/AppArmor/apparmor_3.0.1.bb | 34 +-- recipes-mac/ccs-tools/README | 2 +- recipes-mac/ccs-tools/ccs-tools_1.8.4.bb | 6 +- recipes-mac/smack/smack-test_1.0.bb | 2 +- recipes-mac/smack/smack_1.3.1.bb | 14 +- recipes-mac/smack/tcp-smack-test/tcp_client.c | 222 +++++++++---------- recipes-mac/smack/tcp-smack-test/tcp_server.c | 236 ++++++++++----------- recipes-mac/smack/udp-smack-test/udp_client.c | 150 ++++++------- recipes-mac/smack/udp-smack-test/udp_server.c | 186 ++++++++-------- recipes-perl/perl/libwhisker2-perl_2.5.bb | 2 +- .../python/python3-oauth2client_4.1.3.bb | 2 +- recipes-scanners/arpwatch/arpwatch_3.1.bb | 8 +- .../buck-security/buck-security_0.7.bb | 6 +- recipes-scanners/checksec/checksec_2.4.0.bb | 2 +- .../checksecurity/checksecurity_2.0.15.bb | 2 +- recipes-scanners/clamav/clamav_0.104.0.bb | 38 ++-- .../clamav/files/fix2_libcurl_check.patch | 122 +++++++++++ recipes-scanners/clamav/files/test.patch | 24 +++ recipes-security/aircrack-ng/aircrack-ng_1.6.bb | 6 +- recipes-security/bastille/bastille_3.2.1.bb | 6 +- .../bastille/files/AccountPermission.pm | 16 +- recipes-security/bastille/files/FileContent.pm | 16 +- .../ecryptfs-utils/ecryptfs-utils_111.bb | 12 +- .../fail2ban/python3-fail2ban_0.11.2.bb | 16 +- recipes-security/fscryptctl/fscryptctl_1.0.0.bb | 2 +- .../google-authenticator-libpam_1.08.bb | 2 +- recipes-security/libest/libest_3.2.0.bb | 6 +- recipes-security/libgssglue/libgssglue_0.4.bb | 4 +- recipes-security/mfa/python3-privacyidea_3.5.2.bb | 40 ++-- recipes-security/ncrack/ncrack_0.7.bb | 2 +- recipes-security/nikto/nikto_2.1.6.bb | 2 +- recipes-security/opendnssec/opendnssec_2.1.9.bb | 4 +- recipes-security/paxctl/paxctl_0.9.bb | 4 +- .../redhat-security/redhat-security_1.0.bb | 2 +- recipes-security/sssd/sssd_2.5.1.bb | 22 +- 49 files changed, 787 insertions(+), 641 deletions(-) create mode 100644 recipes-scanners/clamav/files/fix2_libcurl_check.patch create mode 100644 recipes-scanners/clamav/files/test.patch diff --git a/README b/README index 4047b86..081669f 100644 --- a/README +++ b/README @@ -5,7 +5,7 @@ The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'security' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line. - DISTRO_FEATURES_append = " security" + DISTRO_FEATURES:append = " security" If meta-security is included, but security is not enabled as a distro feature a warning is printed at parse time: diff --git a/conf/distro/include/maintainers.inc b/conf/distro/include/maintainers.inc index e02b903..f623d70 100644 --- a/conf/distro/include/maintainers.inc +++ b/conf/distro/include/maintainers.inc @@ -16,42 +16,42 @@ # # The format is as a bitbake variable override for each recipe # -# RECIPE_MAINTAINER_pn- = "Full Name " +# RECIPE_MAINTAINER:pn- = "Full Name " # # Please keep this list in alphabetical order. -RECIPE_MAINTAINER_pn-aircrack-ng = "Armin Kuster " -RECIPE_MAINTAINER_pn-apparmor = "Armin Kuster " -RECIPE_MAINTAINER_pn-bastille = "Armin Kuster " -RECIPE_MAINTAINER_pn-buck-security = "Armin Kuster " -RECIPE_MAINTAINER_pn-ccs-tools = "Armin Kuster " -RECIPE_MAINTAINER_pn-checksec = "Armin Kuster " -RECIPE_MAINTAINER_pn-checksecurity = "Armin Kuster " -RECIPE_MAINTAINER_pn-clamav = "Armin Kuster " -RECIPE_MAINTAINER_pn-ding-libs = "Armin Kuster " -RECIPE_MAINTAINER_pn-ecryptfs-utils = "Armin Kuster " -RECIPE_MAINTAINER_pn-fscryptctl = "Armin Kuster " -RECIPE_MAINTAINER_pn-google-authenticator-libpam = "Armin Kuster " -RECIPE_MAINTAINER_pn-hash-perl = "Armin Kuster " -RECIPE_MAINTAINER_pn-isic = "Armin Kuster " -RECIPE_MAINTAINER_pn-keyutils = "Armin Kuster " -RECIPE_MAINTAINER_pn-libaes-siv = "Armin Kuster " -RECIPE_MAINTAINER_pn-libgssglue = "Armin Kuster " -RECIPE_MAINTAINER_pn-libhtp = "Armin Kuster " -RECIPE_MAINTAINER_pn-libmhash = "Armin Kuster " -RECIPE_MAINTAINER_pn-libmspack = "Armin Kuster " -RECIPE_MAINTAINER_pn-lib-perl = "Armin Kuster " -RECIPE_MAINTAINER_pn-libseccomp = "Armin Kuster " -RECIPE_MAINTAINER_pn-libwhisker2-perl = "Armin Kuster " -RECIPE_MAINTAINER_pn-ncrack = "Armin Kuster " -RECIPE_MAINTAINER_pn-nikto = "Armin Kuster " -RECIPE_MAINTAINER_pn-paxctl = "Armin Kuster " -RECIPE_MAINTAINER_pn-python3-fail2ban = "Armin Kuster " -RECIPE_MAINTAINER_pn-python3-scapy = "Armin Kuster " -RECIPE_MAINTAINER_pn-python-fail2ban = "Armin Kuster " -RECIPE_MAINTAINER_pn-python-scapy = "Armin Kuster " -RECIPE_MAINTAINER_pn-redhat-security = "Armin Kuster " -RECIPE_MAINTAINER_pn-samhain = "Armin Kuster " -RECIPE_MAINTAINER_pn-smack = "Armin Kuster " -RECIPE_MAINTAINER_pn-sssd = "Armin Kuster " -RECIPE_MAINTAINER_pn-suricata = "Armin Kuster " -RECIPE_MAINTAINER_pn-tripwire = "Armin Kuster " +RECIPE_MAINTAINER:pn-aircrack-ng = "Armin Kuster " +RECIPE_MAINTAINER:pn-apparmor = "Armin Kuster " +RECIPE_MAINTAINER:pn-bastille = "Armin Kuster " +RECIPE_MAINTAINER:pn-buck-security = "Armin Kuster " +RECIPE_MAINTAINER:pn-ccs-tools = "Armin Kuster " +RECIPE_MAINTAINER:pn-checksec = "Armin Kuster " +RECIPE_MAINTAINER:pn-checksecurity = "Armin Kuster " +RECIPE_MAINTAINER:pn-clamav = "Armin Kuster " +RECIPE_MAINTAINER:pn-ding-libs = "Armin Kuster " +RECIPE_MAINTAINER:pn-ecryptfs-utils = "Armin Kuster " +RECIPE_MAINTAINER:pn-fscryptctl = "Armin Kuster " +RECIPE_MAINTAINER:pn-google-authenticator-libpam = "Armin Kuster " +RECIPE_MAINTAINER:pn-hash-perl = "Armin Kuster " +RECIPE_MAINTAINER:pn-isic = "Armin Kuster " +RECIPE_MAINTAINER:pn-keyutils = "Armin Kuster " +RECIPE_MAINTAINER:pn-libaes-siv = "Armin Kuster " +RECIPE_MAINTAINER:pn-libgssglue = "Armin Kuster " +RECIPE_MAINTAINER:pn-libhtp = "Armin Kuster " +RECIPE_MAINTAINER:pn-libmhash = "Armin Kuster " +RECIPE_MAINTAINER:pn-libmspack = "Armin Kuster " +RECIPE_MAINTAINER:pn-lib-perl = "Armin Kuster " +RECIPE_MAINTAINER:pn-libseccomp = "Armin Kuster " +RECIPE_MAINTAINER:pn-libwhisker2-perl = "Armin Kuster " +RECIPE_MAINTAINER:pn-ncrack = "Armin Kuster " +RECIPE_MAINTAINER:pn-nikto = "Armin Kuster " +RECIPE_MAINTAINER:pn-paxctl = "Armin Kuster " +RECIPE_MAINTAINER:pn-python3-fail2ban = "Armin Kuster " +RECIPE_MAINTAINER:pn-python3-scapy = "Armin Kuster " +RECIPE_MAINTAINER:pn-python-fail2ban = "Armin Kuster " +RECIPE_MAINTAINER:pn-python-scapy = "Armin Kuster " +RECIPE_MAINTAINER:pn-redhat-security = "Armin Kuster " +RECIPE_MAINTAINER:pn-samhain = "Armin Kuster " +RECIPE_MAINTAINER:pn-smack = "Armin Kuster " +RECIPE_MAINTAINER:pn-sssd = "Armin Kuster " +RECIPE_MAINTAINER:pn-suricata = "Armin Kuster " +RECIPE_MAINTAINER:pn-tripwire = "Armin Kuster " diff --git a/recipes-core/initrdscripts/initramfs-framework.inc b/recipes-core/initrdscripts/initramfs-framework.inc index 12010bf..1a724d6 100644 --- a/recipes-core/initrdscripts/initramfs-framework.inc +++ b/recipes-core/initrdscripts/initramfs-framework.inc @@ -1,16 +1,16 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/initramfs-framework-dm:" +FILESEXTRAPATHS:prepend := "${THISDIR}/initramfs-framework-dm:" -SRC_URI_append = "\ +SRC_URI:append = "\ file://dmverity \ " -do_install_append() { +do_install:append() { # dm-verity install ${WORKDIR}/dmverity ${D}/init.d/80-dmverity } -PACKAGES_append = " initramfs-module-dmverity" +PACKAGES:append = " initramfs-module-dmverity" -SUMMARY_initramfs-module-dmverity = "initramfs dm-verity rootfs support" -RDEPENDS_initramfs-module-dmverity = "${PN}-base" -FILES_initramfs-module-dmverity = "/init.d/80-dmverity" +SUMMARY:initramfs-module-dmverity = "initramfs dm-verity rootfs support" +RDEPENDS:initramfs-module-dmverity = "${PN}-base" +FILES:initramfs-module-dmverity = "/init.d/80-dmverity" diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb index 37473d1..c76b3de 100644 --- a/recipes-core/packagegroup/packagegroup-core-security.bb +++ b/recipes-core/packagegroup/packagegroup-core-security.bb @@ -16,7 +16,7 @@ PACKAGES = "\ ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \ " -RDEPENDS_packagegroup-core-security = "\ +RDEPENDS:packagegroup-core-security = "\ packagegroup-security-utils \ packagegroup-security-scanners \ packagegroup-security-audit \ @@ -26,8 +26,8 @@ RDEPENDS_packagegroup-core-security = "\ ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \ " -SUMMARY_packagegroup-security-utils = "Security utilities" -RDEPENDS_packagegroup-security-utils = "\ +SUMMARY:packagegroup-security-utils = "Security utilities" +RDEPENDS:packagegroup-security-utils = "\ checksec \ ding-libs \ ecryptfs-utils \ @@ -46,46 +46,46 @@ RDEPENDS_packagegroup-security-utils = "\ ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \ " -SUMMARY_packagegroup-security-scanners = "Security scanners" -RDEPENDS_packagegroup-security-scanners = "\ +SUMMARY:packagegroup-security-scanners = "Security scanners" +RDEPENDS:packagegroup-security-scanners = "\ isic \ nikto \ checksecurity \ ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \ " -RDEPENDS_packagegroup-security-scanners_remove_libc-musl = "clamav clamav-daemon clamav-freshclam" +RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "clamav clamav-daemon clamav-freshclam" -SUMMARY_packagegroup-security-audit = "Security Audit tools " -RDEPENDS_packagegroup-security-audit = " \ +SUMMARY:packagegroup-security-audit = "Security Audit tools " +RDEPENDS:packagegroup-security-audit = " \ buck-security \ redhat-security \ " -SUMMARY_packagegroup-security-hardening = "Security Hardening tools" -RDEPENDS_packagegroup-security-hardening = " \ +SUMMARY:packagegroup-security-hardening = "Security Hardening tools" +RDEPENDS:packagegroup-security-hardening = " \ bastille \ " -SUMMARY_packagegroup-security-ids = "Security Intrusion Detection systems" -RDEPENDS_packagegroup-security-ids = " \ +SUMMARY:packagegroup-security-ids = "Security Intrusion Detection systems" +RDEPENDS:packagegroup-security-ids = " \ samhain-standalone \ ${@bb.utils.contains_any("TUNE_FEATURES", "ppc7400 riscv32 riscv64", "", " suricata",d)} \ ossec-hids \ aide \ " -RDEPENDS_packagegroup-security-ids_remove_libc-musl = "ossec-hids" +RDEPENDS:packagegroup-security-ids:remove:libc-musl = "ossec-hids" -SUMMARY_packagegroup-security-mac = "Security Mandatory Access Control systems" -RDEPENDS_packagegroup-security-mac = " \ +SUMMARY:packagegroup-security-mac = "Security Mandatory Access Control systems" +RDEPENDS:packagegroup-security-mac = " \ ${@bb.utils.contains("DISTRO_FEATURES", "tomoyo", "ccs-tools", "",d)} \ ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", "",d)} \ ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \ " -RDEPENDS_packagegroup-security-mac_remove_mipsarch = "apparmor" +RDEPENDS:packagegroup-security-mac:remove:mipsarch = "apparmor" -RDEPENDS_packagegroup-meta-security-ptest-packages = "\ +RDEPENDS:packagegroup-meta-security-ptest-packages = "\ ptest-runner \ samhain-standalone-ptest \ ${@bb.utils.contains_any("TUNE_FEATURES", "ppc7400 riscv32 riscv64", "", " suricata-ptest",d)} \ diff --git a/recipes-ids/aide/aide_0.17.3.bb b/recipes-ids/aide/aide_0.17.3.bb index 522cd85..fbfa8a7 100644 --- a/recipes-ids/aide/aide_0.17.3.bb +++ b/recipes-ids/aide/aide_0.17.3.bb @@ -25,7 +25,7 @@ PACKAGECONFIG[gcrypt] = "--with-gcrypt, --without-gcrypt, libgcrypt, libgcrypt" PACKAGECONFIG[mhash] = "--with-mhash, --without-mhash, libmhash, libmhash" PACKAGECONFIG[e2fsattrs] = "--with-e2fsattrs, --without-e2fsattrs, e2fsprogs, e2fsprogs" -do_install_append () { +do_install:append () { install -d ${D}${libdir}/${PN}/logs install -d ${D}${sysconfdir} install ${WORKDIR}/aide.conf ${D}${sysconfdir}/ @@ -33,9 +33,9 @@ do_install_append () { CONF_FILE = "${sysconfdir}/aide.conf" -FILES_${PN} += "${libdir}/${PN} ${sysconfdir}/aide.conf" +FILES:${PN} += "${libdir}/${PN} ${sysconfdir}/aide.conf" -pkg_postinst_ontarget_${PN} () { +pkg_postinst_ontarget:${PN} () { /usr/bin/aide -i } RDPENDS_${PN} = "bison, libpcre" diff --git a/recipes-ids/crowdsec/crowdsec_1.1.1.bb b/recipes-ids/crowdsec/crowdsec_1.1.1.bb index 1243a3c..887c75d 100644 --- a/recipes-ids/crowdsec/crowdsec_1.1.1.bb +++ b/recipes-ids/crowdsec/crowdsec_1.1.1.bb @@ -35,8 +35,8 @@ do_install_ () { } -INSANE_SKIP_${PN} = "already-stripped" -INSANE_SKIP_${PN}-dev = "ldflags" +INSANE_SKIP:${PN} = "already-stripped" +INSANE_SKIP:${PN}-dev = "ldflags" -RDEPENDS_${PN} = "go" -RDEPENDS_${PN}-dev = "bash" +RDEPENDS:${PN} = "go" +RDEPENDS:${PN}-dev = "bash" diff --git a/recipes-ids/ossec/ossec-hids_3.6.0.bb b/recipes-ids/ossec/ossec-hids_3.6.0.bb index 778278b..309ca52 100644 --- a/recipes-ids/ossec/ossec-hids_3.6.0.bb +++ b/recipes-ids/ossec/ossec-hids_3.6.0.bb @@ -44,7 +44,7 @@ do_install(){ install -m 640 ${D}/${sysconfdir}/ossec-init.conf ${D}/var/ossec/${sysconfdir}/ossec-init.conf } -pkg_postinst_ontarget_${PN} () { +pkg_postinst_ontarget:${PN} () { DIR="/var/ossec" usermod -g ossec -G ossec -a root @@ -157,9 +157,9 @@ pkg_postinst_ontarget_${PN} () { } USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home-dir /var/ossec -g ossec --shell /bin/false ossec" -GROUPADD_PARAM_${PN} = "--system ossec" +USERADD_PARAM:${PN} = "--system --home-dir /var/ossec -g ossec --shell /bin/false ossec" +GROUPADD_PARAM:${PN} = "--system ossec" -RDEPENDS_${PN} = "openssl bash" +RDEPENDS:${PN} = "openssl bash" -COMPATIBLE_HOST_libc-musl = "null" +COMPATIBLE_HOST:libc-musl = "null" diff --git a/recipes-ids/samhain/samhain-client.bb b/recipes-ids/samhain/samhain-client.bb index 0f53a8c..2b99e20 100644 --- a/recipes-ids/samhain/samhain-client.bb +++ b/recipes-ids/samhain/samhain-client.bb @@ -8,5 +8,5 @@ EXTRA_OECONF += " \ --with-port=${SAMHAIN_PORT} \ " -RDEPENDS_${PN} = "acl zlib attr bash" -RCONFLICTS_${PN} = "samhain-standalone" +RDEPENDS:${PN} = "acl zlib attr bash" +RCONFLICTS:${PN} = "samhain-standalone" diff --git a/recipes-ids/samhain/samhain-server.bb b/recipes-ids/samhain/samhain-server.bb index e7a3aa6..51bce07 100644 --- a/recipes-ids/samhain/samhain-server.bb +++ b/recipes-ids/samhain/samhain-server.bb @@ -10,7 +10,7 @@ SRC_URI += "file://samhain-server-volatiles \ TARGET_CC_ARCH += "${LDFLAGS}" -do_install_append() { +do_install:append() { if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/tmpfiles.d install -m 0644 ${WORKDIR}/samhain-server-volatiles.conf \ @@ -25,5 +25,5 @@ do_install_append() { init/samhain.startLSB ${D}/var/lib/samhain } -RDEPENDS_${PN} += "gmp bash perl" -RCONFLICTS_${PN} = "samhain-standalone" +RDEPENDS:${PN} += "gmp bash perl" +RCONFLICTS:${PN} = "samhain-standalone" diff --git a/recipes-ids/samhain/samhain-standalone.bb b/recipes-ids/samhain/samhain-standalone.bb index 4fed9e9..445cb99 100644 --- a/recipes-ids/samhain/samhain-standalone.bb +++ b/recipes-ids/samhain/samhain-standalone.bb @@ -6,7 +6,7 @@ SRC_URI += "file://samhain-not-run-ptest-on-host.patch \ PROVIDES += "samhain" -SYSTEMD_SERVICE_${PN} = "samhain.service" +SYSTEMD_SERVICE:${PN} = "samhain.service" inherit ptest @@ -18,7 +18,7 @@ do_compile() { oe_runmake "$@" } -do_install_append() { +do_install:append() { ln -sf ${INITSCRIPT_NAME} ${D}${sysconfdir}/init.d/samhain } @@ -27,5 +27,5 @@ do_install_ptest() { install ${S}/cutest ${D}${PTEST_PATH} } -RPROVIDES_${PN} += "samhain" -RCONFLICTS_${PN} = "samhain-client samhain-server" +RPROVIDES:${PN} += "samhain" +RCONFLICTS:${PN} = "samhain-client samhain-server" diff --git a/recipes-ids/samhain/samhain.inc b/recipes-ids/samhain/samhain.inc index 0148e46..97f5f2d 100644 --- a/recipes-ids/samhain/samhain.inc +++ b/recipes-ids/samhain/samhain.inc @@ -37,7 +37,7 @@ INITSCRIPT_NAME = "${BPN}" INITSCRIPT_PARAMS ?= "defaults" SYSTEMD_PACKAGES = "${PN}" -SYSTEMD_SERVICE_${PN} = "${INITSCRIPT_NAME}.service" +SYSTEMD_SERVICE:${PN} = "${INITSCRIPT_NAME}.service" SYSTEMD_AUTO_ENABLE = "disable" # mode mapping: @@ -67,23 +67,23 @@ PACKAGECONFIG[acl] = " --enable-posix-acl , --disable-posix-acl, acl" PACKAGECONFIG[audit] = "ac_cv_header_auparse_h=yes,ac_cv_header_auparse_h=no,audit" PACKAGECONFIG[ps] = "--with-ps-path=${base_bindir}/ps,,,procps" -EXTRA_OEMAKE_append_aarch64 = " CPPFLAGS+=-DCONFIG_ARCH_AARCH64=1" -EXTRA_OEMAKE_append_mips64 = " CPPFLAGS+=-DCONFIG_ARCH_MIPS64=1" +EXTRA_OEMAKE:append:aarch64 = " CPPFLAGS+=-DCONFIG_ARCH_AARCH64=1" +EXTRA_OEMAKE:append:mips64 = " CPPFLAGS+=-DCONFIG_ARCH_MIPS64=1" do_unpack_samhain() { cd ${WORKDIR} tar -xzvf samhain-${PV}.tar.gz } -python do_unpack_append() { +python do_unpack:append() { bb.build.exec_func('do_unpack_samhain', d) } -do_configure_prepend_arm() { +do_configure:prepend:arm() { export sh_cv___va_copy=yes } -do_configure_prepend_aarch64() { +do_configure:prepend:aarch64() { export sh_cv___va_copy=yes } @@ -91,7 +91,7 @@ do_configure_prepend_aarch64() { # use the prefix --oldincludedir=/usr/include which is not # recognized by Samhain's configure script and would invariably # throw back the error "unrecognized option: --oldincludedir=/usr/include" -do_configure_prepend () { +do_configure:prepend () { cat << EOF > ${S}/config-site.${BP} ssp_cv_lib=no sh_cv_va_copy=yes @@ -124,13 +124,13 @@ do_configure () { ${EXTRA_OECONF} } -do_compile_prepend_libc-musl () { +do_compile:prepend:libc-musl () { sed -i 's/^#define HAVE_MALLOC_H.*//' ${B}/config.h } # Install the init script, it's default file, and the extraneous # documentation. -do_install_append () { +do_install:append () { oe_runmake install DESTDIR='${D}' INSTALL=install-boot install -D -m 755 ${WORKDIR}/${INITSCRIPT_NAME}.init \ @@ -165,4 +165,4 @@ do_install_append () { rm -rf ${D}${localstatedir}/log } -FILES_${PN} += "${systemd_system_unitdir}" +FILES:${PN} += "${systemd_system_unitdir}" diff --git a/recipes-ids/tripwire/tripwire_2.4.3.7.bb b/recipes-ids/tripwire/tripwire_2.4.3.7.bb index 36e5d00..3a9bc1d 100644 --- a/recipes-ids/tripwire/tripwire_2.4.3.7.bb +++ b/recipes-ids/tripwire/tripwire_2.4.3.7.bb @@ -60,18 +60,18 @@ do_install () { install -m 0644 ${WORKDIR}/tripwire.txt ${D}${docdir}/${BPN} } -do_install_ptest_append () { +do_install_ptest:append () { install -d ${D}${PTEST_PATH}/tests cp -a ${S}/src/test-harness/* ${D}${PTEST_PATH} sed -i -e 's@../../../../bin@${sbindir}@' ${D}${PTEST_PATH}/twtools.pm } -FILES_${PN} += "${libdir} ${docdir}/${PN}/*" -FILES_${PN}-dbg += "${sysconfdir}/${PN}/.debug" -FILES_${PN}-staticdev += "${localstatedir}/lib/${PN}/lib*.a" -FILES_${PN}-ptest += "${PTEST_PATH}/tests " +FILES:${PN} += "${libdir} ${docdir}/${PN}/*" +FILES:${PN}-dbg += "${sysconfdir}/${PN}/.debug" +FILES:${PN}-staticdev += "${localstatedir}/lib/${PN}/lib*.a" +FILES:${PN}-ptest += "${PTEST_PATH}/tests " -RDEPENDS_${PN} += " perl nano msmtp cronie" -RDEPENDS_${PN}-ptest = " perl lib-perl perl-modules " +RDEPENDS:${PN} += " perl nano msmtp cronie" +RDEPENDS:${PN}-ptest = " perl lib-perl perl-modules " PNBLACKLIST[tripwire] ?= "Upsteram project appears to be abondoned, fails to build with gcc11" diff --git a/recipes-kernel/linux/linux-yocto_security.inc b/recipes-kernel/linux/linux-yocto_security.inc index fa536d0..defca57 100644 --- a/recipes-kernel/linux/linux-yocto_security.inc +++ b/recipes-kernel/linux/linux-yocto_security.inc @@ -1,3 +1,3 @@ -KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}" -KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}" -KERNEL_FEATURES_append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}" +KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}" +KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}" +KERNEL_FEATURES:append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}" diff --git a/recipes-kernel/lkrg/lkrg-module_0.9.1.bb b/recipes-kernel/lkrg/lkrg-module_0.9.1.bb index 287b4e8..782c6e3 100644 --- a/recipes-kernel/lkrg/lkrg-module_0.9.1.bb +++ b/recipes-kernel/lkrg/lkrg-module_0.9.1.bb @@ -28,6 +28,6 @@ module_do_install() { ${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel/${MODULE_NAME}/${MODULE_NAME}.ko } -RPROVIDES_${PN} += "kernel-module-lkrg" +RPROVIDES:${PN} += "kernel-module-lkrg" COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" diff --git a/recipes-mac/AppArmor/apparmor_3.0.1.bb b/recipes-mac/AppArmor/apparmor_3.0.1.bb index ff5b39b..dca53a3 100644 --- a/recipes-mac/AppArmor/apparmor_3.0.1.bb +++ b/recipes-mac/AppArmor/apparmor_3.0.1.bb @@ -29,7 +29,7 @@ S = "${WORKDIR}/git" PARALLEL_MAKE = "" -COMPATIBLE_MACHINE_mips64 = "(!.*mips64).*" +COMPATIBLE_MACHINE:mips64 = "(!.*mips64).*" inherit pkgconfig autotools-brokensep update-rc.d python3native python3targetconfig perlnative cpan systemd features_check bash-completion @@ -106,11 +106,11 @@ do_install () { } #Building ptest on arm fails. -do_compile_ptest_aarch64 () { +do_compile_ptest:aarch64 () { : } -do_compile_ptest_arm () { +do_compile_ptest:arm () { : } @@ -140,11 +140,11 @@ do_install_ptest () { } #Building ptest on arm fails. -do_install_ptest_aarch64 () { +do_install_ptest:aarch64 () { : } -do_install_ptest_arm() { +do_install_ptest:arm() { : } @@ -153,23 +153,23 @@ INITSCRIPT_NAME = "apparmor" INITSCRIPT_PARAMS = "start 16 2 3 4 5 . stop 35 0 1 6 ." SYSTEMD_PACKAGES = "${PN}" -SYSTEMD_SERVICE_${PN} = "apparmor.service" +SYSTEMD_SERVICE:${PN} = "apparmor.service" SYSTEMD_AUTO_ENABLE ?= "enable" PACKAGES += "mod-${PN}" -FILES_${PN} += "${nonarch_base_libdir}/apparmor/ ${base_libdir}/security/ ${sysconfdir}/apparmor ${nonarch_libdir}/${PYTHON_DIR}/site-packages" -FILES_mod-${PN} = "${libdir}/apache2/modules/*" -FILES_${PN}-dbg += "${base_libdir}/security/.debug" +FILES:${PN} += "${nonarch_base_libdir}/apparmor/ ${base_libdir}/security/ ${sysconfdir}/apparmor ${nonarch_libdir}/${PYTHON_DIR}/site-packages" +FILES:mod-${PN} = "${libdir}/apache2/modules/*" +FILES:${PN}-dbg += "${base_libdir}/security/.debug" -DEPENDS_append_libc-musl = " fts " -RDEPENDS_${PN}_libc-musl += "musl-utils" -RDEPENDS_${PN}_libc-glibc += "glibc-utils" +DEPENDS:append:libc-musl = " fts " +RDEPENDS:${PN}:libc-musl += "musl-utils" +RDEPENDS:${PN}:libc-glibc += "glibc-utils" # Add coreutils and findutils only if sysvinit scripts are in use -RDEPENDS_${PN} += "${@["coreutils findutils", ""][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'systemd')]} ${@bb.utils.contains('PACKAGECONFIG','python','python3-core python3-modules','', d)}" -RDEPENDS_${PN}_remove += "${@bb.utils.contains('PACKAGECONFIG','perl','','perl', d)}" -RDEPENDS_${PN}-ptest += "perl coreutils dbus-lib bash" +RDEPENDS:${PN} += "${@["coreutils findutils", ""][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'systemd')]} ${@bb.utils.contains('PACKAGECONFIG','python','python3-core python3-modules','', d)}" +RDEPENDS:${PN}:remove += "${@bb.utils.contains('PACKAGECONFIG','perl','','perl', d)}" +RDEPENDS:${PN}-ptest += "perl coreutils dbus-lib bash" -INSANE_SKIP_${PN} = "ldflags" -PRIVATE_LIBS_${PN}-ptest = "libapparmor.so*" +INSANE_SKIP:${PN} = "ldflags" +PRIVATE_LIBS:${PN}-ptest = "libapparmor.so*" diff --git a/recipes-mac/ccs-tools/README b/recipes-mac/ccs-tools/README index 4a4faa7..0381814 100644 --- a/recipes-mac/ccs-tools/README +++ b/recipes-mac/ccs-tools/README @@ -9,4 +9,4 @@ To start via command line add: To initialize: /usr/lib/ccs/init_policy -DISTRO_FEATURES_append = " tomoyo" +DISTRO_FEATURES:append = " tomoyo" diff --git a/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb b/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb index 79af6a5..08da24a 100644 --- a/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb +++ b/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb @@ -29,17 +29,17 @@ do_install(){ PACKAGE="${PN} ${PN}-dbg ${PN}-doc" -FILES_${PN} = "\ +FILES:${PN} = "\ ${sbindir}/* \ ${base_sbindir}/* \ ${libdir}/* \ " -FILES_${PN}-doc = "\ +FILES:${PN}-doc = "\ ${mandir}/man8/* \ " -FILES_${PN}-dbg = "\ +FILES:${PN}-dbg = "\ ${base_sbindir}/.debug/* \ ${sbindir}/.debug/* \ ${libdir}/.debug/* \ diff --git a/recipes-mac/smack/smack-test_1.0.bb b/recipes-mac/smack/smack-test_1.0.bb index d5de607..d7824ae 100644 --- a/recipes-mac/smack/smack-test_1.0.bb +++ b/recipes-mac/smack/smack-test_1.0.bb @@ -22,4 +22,4 @@ do_install() { install -m 0755 *.sh ${D}${sbindir} } -RDEPENDS_${PN} = "smack python mmap-smack-test tcp-smack-test udp-smack-test" +RDEPENDS:${PN} = "smack python mmap-smack-test tcp-smack-test udp-smack-test" diff --git a/recipes-mac/smack/smack_1.3.1.bb b/recipes-mac/smack/smack_1.3.1.bb index 88ae56c..6c2f041 100644 --- a/recipes-mac/smack/smack_1.3.1.bb +++ b/recipes-mac/smack/smack_1.3.1.bb @@ -28,15 +28,15 @@ REQUIRED_DISTRO_FEATURES = "smack" S = "${WORKDIR}/git" PACKAGECONFIG ??= "" -PACKAGECONFIG_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" +PACKAGECONFIG:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, --without-systemdsystemunitdir, systemd" -do_compile_append () { +do_compile:append () { oe_runmake -C ${S}/tests generator } -do_install_append () { +do_install:append () { install -d ${D}${sysconfdir}/init.d install -d ${D}${sysconfdir}/smack install -d ${D}${sysconfdir}/smack/accesses.d @@ -55,10 +55,10 @@ INITSCRIPT_PACKAGES = "${PN}" INITSCRIPT_NAME = "smack" INITSCRIPT_PARAMS = "start 16 2 3 4 5 . stop 35 0 1 6 ." -FILES_${PN} += "${sysconfdir}/init.d/smack" -FILES_${PN}-ptest += "generator" +FILES:${PN} += "${sysconfdir}/init.d/smack" +FILES:${PN}-ptest += "generator" -RDEPENDS_${PN} += "coreutils python3-core" -RDEPENDS_${PN}-ptest += "make bash bc" +RDEPENDS:${PN} += "coreutils python3-core" +RDEPENDS:${PN}-ptest += "make bash bc" BBCLASSEXTEND = "native" diff --git a/recipes-mac/smack/tcp-smack-test/tcp_client.c b/recipes-mac/smack/tcp-smack-test/tcp_client.c index 185f973..6c0a474 100644 --- a/recipes-mac/smack/tcp-smack-test/tcp_client.c +++ b/recipes-mac/smack/tcp-smack-test/tcp_client.c @@ -1,111 +1,111 @@ -// (C) Copyright 2015 Intel Corporation -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in -// all copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -// THE SOFTWARE. -#include -#include -#include -#include -#include -#include -#include -#include -#include - -int main(int argc, char* argv[]) -{ - - int sock; - char message[255] = "hello"; - struct sockaddr_in server_addr; - char* label_in; - char* label_out; - char* attr_out = "security.SMACK64IPOUT"; - char* attr_in = "security.SMACK64IPIN"; - char out[256]; - int port; - - struct timeval timeout; - timeout.tv_sec = 15; - timeout.tv_usec = 0; - - struct hostent* host = gethostbyname("localhost"); - - if (argc != 4) - { - perror("Client: Arguments missing, please provide socket labels"); - return 2; - } - - port = atoi(argv[1]); - label_in = argv[2]; - label_out = argv[3]; - - if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) - { - perror("Client: Socket failure"); - return 2; - } - - - if(fsetxattr(sock, attr_out, label_out, strlen(label_out), 0) < 0) - { - perror("Client: Unable to set attribute SMACK64IPOUT"); - return 2; - } - - if(fsetxattr(sock, attr_in, label_in, strlen(label_in), 0) < 0) - { - perror("Client: Unable to set attribute SMACK64IPIN"); - return 2; - } - - server_addr.sin_family = AF_INET; - server_addr.sin_port = htons(port); - bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length); - bzero(&(server_addr.sin_zero),8); - - if(setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &timeout, sizeof(timeout)) < 0) - { - perror("Client: Set timeout failed\n"); - return 2; - } - - if (connect(sock, (struct sockaddr *)&server_addr,sizeof(struct sockaddr)) == -1) - { - perror("Client: Connection failure"); - close(sock); - return 1; - } - - - if(write(sock, message, strlen(message)) < 0) - { - perror("Client: Error sending data\n"); - close(sock); - return 1; - } - close(sock); - return 0; -} - - - - - - +// (C) Copyright 2015 Intel Corporation +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +#include +#include +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char* argv[]) +{ + + int sock; + char message[255] = "hello"; + struct sockaddr_in server_addr; + char* label_in; + char* label_out; + char* attr_out = "security.SMACK64IPOUT"; + char* attr_in = "security.SMACK64IPIN"; + char out[256]; + int port; + + struct timeval timeout; + timeout.tv_sec = 15; + timeout.tv_usec = 0; + + struct hostent* host = gethostbyname("localhost"); + + if (argc != 4) + { + perror("Client: Arguments missing, please provide socket labels"); + return 2; + } + + port = atoi(argv[1]); + label_in = argv[2]; + label_out = argv[3]; + + if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) + { + perror("Client: Socket failure"); + return 2; + } + + + if(fsetxattr(sock, attr_out, label_out, strlen(label_out), 0) < 0) + { + perror("Client: Unable to set attribute SMACK64IPOUT"); + return 2; + } + + if(fsetxattr(sock, attr_in, label_in, strlen(label_in), 0) < 0) + { + perror("Client: Unable to set attribute SMACK64IPIN"); + return 2; + } + + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(port); + bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length); + bzero(&(server_addr.sin_zero),8); + + if(setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, &timeout, sizeof(timeout)) < 0) + { + perror("Client: Set timeout failed\n"); + return 2; + } + + if (connect(sock, (struct sockaddr *)&server_addr,sizeof(struct sockaddr)) == -1) + { + perror("Client: Connection failure"); + close(sock); + return 1; + } + + + if(write(sock, message, strlen(message)) < 0) + { + perror("Client: Error sending data\n"); + close(sock); + return 1; + } + close(sock); + return 0; +} + + + + + + diff --git a/recipes-mac/smack/tcp-smack-test/tcp_server.c b/recipes-mac/smack/tcp-smack-test/tcp_server.c index 9285dc6..3c8921f 100644 --- a/recipes-mac/smack/tcp-smack-test/tcp_server.c +++ b/recipes-mac/smack/tcp-smack-test/tcp_server.c @@ -1,118 +1,118 @@ -// (C) Copyright 2015 Intel Corporation -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in -// all copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -// THE SOFTWARE. -#include -#include -#include -#include -#include -#include -#include - -int main(int argc, char* argv[]) -{ - - int sock; - int clientsock; - char message[255]; - socklen_t client_length; - struct sockaddr_in server_addr, client_addr; - char* label_in; - char* attr_in = "security.SMACK64IPIN"; - int port; - - struct timeval timeout; - timeout.tv_sec = 15; - timeout.tv_usec = 0; - - if (argc != 3) - { - perror("Server: Argument missing please provide port and label for SMACK64IPIN"); - return 2; - } - - port = atoi(argv[1]); - label_in = argv[2]; - bzero(message,255); - - - if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) - { - perror("Server: Socket failure"); - return 2; - } - - - if(fsetxattr(sock, attr_in, label_in, strlen(label_in),0) < 0) - { - perror("Server: Unable to set attribute ipin 2"); - return 2; - } - - server_addr.sin_family = AF_INET; - server_addr.sin_port = htons(port); - server_addr.sin_addr.s_addr = INADDR_ANY; - bzero(&(server_addr.sin_zero),8); - - if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0) - { - perror("Server: Set timeout failed\n"); - return 2; - } - - if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0) - { - perror("Server: Bind failure "); - return 2; - } - - listen(sock, 1); - client_length = sizeof(client_addr); - - clientsock = accept(sock,(struct sockaddr*) &client_addr, &client_length); - - if (clientsock < 0) - { - perror("Server: Connection failed"); - close(sock); - return 1; - } - - - if(fsetxattr(clientsock, "security.SMACK64IPIN", label_in, strlen(label_in),0) < 0) - { - perror(" Server: Unable to set attribute ipin 2"); - close(sock); - return 2; - } - - if(read(clientsock, message, 254) < 0) - { - perror("Server: Error when reading from socket"); - close(clientsock); - close(sock); - return 1; - } - - - close(clientsock); - close(sock); - - return 0; -} +// (C) Copyright 2015 Intel Corporation +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char* argv[]) +{ + + int sock; + int clientsock; + char message[255]; + socklen_t client_length; + struct sockaddr_in server_addr, client_addr; + char* label_in; + char* attr_in = "security.SMACK64IPIN"; + int port; + + struct timeval timeout; + timeout.tv_sec = 15; + timeout.tv_usec = 0; + + if (argc != 3) + { + perror("Server: Argument missing please provide port and label for SMACK64IPIN"); + return 2; + } + + port = atoi(argv[1]); + label_in = argv[2]; + bzero(message,255); + + + if((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) + { + perror("Server: Socket failure"); + return 2; + } + + + if(fsetxattr(sock, attr_in, label_in, strlen(label_in),0) < 0) + { + perror("Server: Unable to set attribute ipin 2"); + return 2; + } + + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(port); + server_addr.sin_addr.s_addr = INADDR_ANY; + bzero(&(server_addr.sin_zero),8); + + if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0) + { + perror("Server: Set timeout failed\n"); + return 2; + } + + if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0) + { + perror("Server: Bind failure "); + return 2; + } + + listen(sock, 1); + client_length = sizeof(client_addr); + + clientsock = accept(sock,(struct sockaddr*) &client_addr, &client_length); + + if (clientsock < 0) + { + perror("Server: Connection failed"); + close(sock); + return 1; + } + + + if(fsetxattr(clientsock, "security.SMACK64IPIN", label_in, strlen(label_in),0) < 0) + { + perror(" Server: Unable to set attribute ipin 2"); + close(sock); + return 2; + } + + if(read(clientsock, message, 254) < 0) + { + perror("Server: Error when reading from socket"); + close(clientsock); + close(sock); + return 1; + } + + + close(clientsock); + close(sock); + + return 0; +} diff --git a/recipes-mac/smack/udp-smack-test/udp_client.c b/recipes-mac/smack/udp-smack-test/udp_client.c index 4d3afbe..23f3e00 100644 --- a/recipes-mac/smack/udp-smack-test/udp_client.c +++ b/recipes-mac/smack/udp-smack-test/udp_client.c @@ -1,75 +1,75 @@ -// (C) Copyright 2015 Intel Corporation -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in -// all copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -// THE SOFTWARE. -#include -#include -#include -#include -#include - -int main(int argc, char* argv[]) -{ - char* message = "hello"; - int sock, ret; - struct sockaddr_in server_addr; - struct hostent* host = gethostbyname("localhost"); - char* label; - char* attr = "security.SMACK64IPOUT"; - int port; - if (argc != 3) - { - perror("Client: Argument missing, please provide port and label for SMACK64IPOUT"); - return 2; - } - - port = atoi(argv[1]); - label = argv[2]; - sock = socket(AF_INET, SOCK_DGRAM,0); - if(sock < 0) - { - perror("Client: Socket failure"); - return 2; - } - - - if(fsetxattr(sock, attr, label, strlen(label),0) < 0) - { - perror("Client: Unable to set attribute "); - return 2; - } - - - server_addr.sin_family = AF_INET; - server_addr.sin_port = htons(port); - bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length); - bzero(&(server_addr.sin_zero),8); - - ret = sendto(sock, message, strlen(message),0,(const struct sockaddr*)&server_addr, - sizeof(struct sockaddr_in)); - - close(sock); - if(ret < 0) - { - perror("Client: Error sending message\n"); - return 1; - } - - return 0; -} - +// (C) Copyright 2015 Intel Corporation +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +#include +#include +#include +#include +#include + +int main(int argc, char* argv[]) +{ + char* message = "hello"; + int sock, ret; + struct sockaddr_in server_addr; + struct hostent* host = gethostbyname("localhost"); + char* label; + char* attr = "security.SMACK64IPOUT"; + int port; + if (argc != 3) + { + perror("Client: Argument missing, please provide port and label for SMACK64IPOUT"); + return 2; + } + + port = atoi(argv[1]); + label = argv[2]; + sock = socket(AF_INET, SOCK_DGRAM,0); + if(sock < 0) + { + perror("Client: Socket failure"); + return 2; + } + + + if(fsetxattr(sock, attr, label, strlen(label),0) < 0) + { + perror("Client: Unable to set attribute "); + return 2; + } + + + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(port); + bcopy((char*) host->h_addr, (char*) &server_addr.sin_addr.s_addr,host->h_length); + bzero(&(server_addr.sin_zero),8); + + ret = sendto(sock, message, strlen(message),0,(const struct sockaddr*)&server_addr, + sizeof(struct sockaddr_in)); + + close(sock); + if(ret < 0) + { + perror("Client: Error sending message\n"); + return 1; + } + + return 0; +} + diff --git a/recipes-mac/smack/udp-smack-test/udp_server.c b/recipes-mac/smack/udp-smack-test/udp_server.c index cbab71e..7d2fcf5 100644 --- a/recipes-mac/smack/udp-smack-test/udp_server.c +++ b/recipes-mac/smack/udp-smack-test/udp_server.c @@ -1,93 +1,93 @@ -// (C) Copyright 2015 Intel Corporation -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in -// all copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -// THE SOFTWARE. -#include -#include -#include -#include -#include - -int main(int argc, char* argv[]) -{ - int sock,ret; - struct sockaddr_in server_addr, client_addr; - socklen_t len; - char message[5]; - char* label; - char* attr = "security.SMACK64IPIN"; - int port; - - if(argc != 3) - { - perror("Server: Argument missing, please provide port and label for SMACK64IPIN"); - return 2; - } - - port = atoi(argv[1]); - label = argv[2]; - - struct timeval timeout; - timeout.tv_sec = 15; - timeout.tv_usec = 0; - - sock = socket(AF_INET,SOCK_DGRAM,0); - if(sock < 0) - { - perror("Server: Socket error"); - return 2; - } - - - if(fsetxattr(sock, attr, label, strlen(label), 0) < 0) - { - perror("Server: Unable to set attribute "); - return 2; - } - - server_addr.sin_family = AF_INET; - server_addr.sin_port = htons(port); - server_addr.sin_addr.s_addr = INADDR_ANY; - bzero(&(server_addr.sin_zero),8); - - - if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0) - { - perror("Server: Set timeout failed\n"); - return 2; - } - - if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0) - { - perror("Server: Bind failure"); - return 2; - } - - len = sizeof(client_addr); - ret = recvfrom(sock, message, sizeof(message), 0, (struct sockaddr*)&client_addr, - &len); - close(sock); - if(ret < 0) - { - perror("Server: Error receiving"); - return 1; - - } - return 0; -} - +// (C) Copyright 2015 Intel Corporation +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +#include +#include +#include +#include +#include + +int main(int argc, char* argv[]) +{ + int sock,ret; + struct sockaddr_in server_addr, client_addr; + socklen_t len; + char message[5]; + char* label; + char* attr = "security.SMACK64IPIN"; + int port; + + if(argc != 3) + { + perror("Server: Argument missing, please provide port and label for SMACK64IPIN"); + return 2; + } + + port = atoi(argv[1]); + label = argv[2]; + + struct timeval timeout; + timeout.tv_sec = 15; + timeout.tv_usec = 0; + + sock = socket(AF_INET,SOCK_DGRAM,0); + if(sock < 0) + { + perror("Server: Socket error"); + return 2; + } + + + if(fsetxattr(sock, attr, label, strlen(label), 0) < 0) + { + perror("Server: Unable to set attribute "); + return 2; + } + + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(port); + server_addr.sin_addr.s_addr = INADDR_ANY; + bzero(&(server_addr.sin_zero),8); + + + if(setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &timeout, sizeof(timeout)) < 0) + { + perror("Server: Set timeout failed\n"); + return 2; + } + + if(bind(sock, (struct sockaddr*) &server_addr, sizeof(server_addr)) < 0) + { + perror("Server: Bind failure"); + return 2; + } + + len = sizeof(client_addr); + ret = recvfrom(sock, message, sizeof(message), 0, (struct sockaddr*)&client_addr, + &len); + close(sock); + if(ret < 0) + { + perror("Server: Error receiving"); + return 1; + + } + return 0; +} + diff --git a/recipes-perl/perl/libwhisker2-perl_2.5.bb b/recipes-perl/perl/libwhisker2-perl_2.5.bb index 71857ab..5889a05 100644 --- a/recipes-perl/perl/libwhisker2-perl_2.5.bb +++ b/recipes-perl/perl/libwhisker2-perl_2.5.bb @@ -24,6 +24,6 @@ do_install() { oe_runmake install DESTDIR=${D} INSTALLDIR=${PERLLIBDIRS}/vendor_perl/${PERLVERSION} MANDIR=${datadir}/perl/${PERLVERSION} } -FILES_${PN} += "${datadir}/perl" +FILES:${PN} += "${datadir}/perl" BBCLASSEXTEND = "native" diff --git a/recipes-python/python/python3-oauth2client_4.1.3.bb b/recipes-python/python/python3-oauth2client_4.1.3.bb index ca25d14..3a07461 100644 --- a/recipes-python/python/python3-oauth2client_4.1.3.bb +++ b/recipes-python/python/python3-oauth2client_4.1.3.bb @@ -8,4 +8,4 @@ SRC_URI[sha256sum] = "d486741e451287f69568a4d26d70d9acd73a2bbfa275746c535b420989 inherit pypi setuptools3 -RDEPENDS_${PN} = "python3-six python3-rsa python3-httplib2 python3-pyasn1 python3-pyasn1-modules" +RDEPENDS:${PN} = "python3-six python3-rsa python3-httplib2 python3-pyasn1 python3-pyasn1-modules" diff --git a/recipes-scanners/arpwatch/arpwatch_3.1.bb b/recipes-scanners/arpwatch/arpwatch_3.1.bb index 44aeca0..c152b8c 100644 --- a/recipes-scanners/arpwatch/arpwatch_3.1.bb +++ b/recipes-scanners/arpwatch/arpwatch_3.1.bb @@ -66,14 +66,14 @@ INITSCRIPT_NAME = "arpwatch" INITSCRIPT_PARAMS = "start 02 2 3 4 5 . stop 20 0 1 6 ." USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system ${ARPWATCH_UID}" -USERADD_PARAM_${PN} = "--system -g ${ARPWATCH_GID} --home-dir \ +GROUPADD_PARAM:${PN} = "--system ${ARPWATCH_UID}" +USERADD_PARAM:${PN} = "--system -g ${ARPWATCH_GID} --home-dir \ ${localstatedir}/spool/${BPN} \ --no-create-home --shell /bin/false ${BPN}" CONFFILE_FILES = "${sysconfdir}/${PN}.conf" -FILES_${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \ +FILES:${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \ ${sysconfdir} /var/lib/arpwatch" -RDEPENDS_${PN} = "libpcap postfix postfix-cfg" +RDEPENDS:${PN} = "libpcap postfix postfix-cfg" diff --git a/recipes-scanners/buck-security/buck-security_0.7.bb b/recipes-scanners/buck-security/buck-security_0.7.bb index 20a1fb0..63e4d7a 100644 --- a/recipes-scanners/buck-security/buck-security_0.7.bb +++ b/recipes-scanners/buck-security/buck-security_0.7.bb @@ -26,16 +26,16 @@ do_install() { } -FILES_${PN} = "${bindir}/*" +FILES:${PN} = "${bindir}/*" -RDEPENDS_${PN} = "coreutils gnupg net-tools perl perl-module-data-dumper \ +RDEPENDS:${PN} = "coreutils gnupg net-tools perl perl-module-data-dumper \ perl-module-file-basename perl-module-file-spec perl-module-getopt-long \ perl-module-lib perl-module-posix perl-module-term-ansicolor \ perl-module-time-localtime pinentry perl-module-pod-usage \ perl-module-pod-text perl-module-file-glob \ " -RDEPENDS_${PN}_class-native = "coreutils net-tools perl perl-module-data-dumper \ +RDEPENDS:${PN}:class-native = "coreutils net-tools perl perl-module-data-dumper \ perl-module-file-basename perl-module-file-spec perl-module-getopt-long \ perl-module-lib perl-module-posix perl-module-term-ansicolor \ perl-module-time-localtime perl-module-file-glob\ diff --git a/recipes-scanners/checksec/checksec_2.4.0.bb b/recipes-scanners/checksec/checksec_2.4.0.bb index 52bcf7c..000e3bb 100644 --- a/recipes-scanners/checksec/checksec_2.4.0.bb +++ b/recipes-scanners/checksec/checksec_2.4.0.bb @@ -16,4 +16,4 @@ do_install() { install -m 0755 ${S}/checksec ${D}${bindir} } -RDEPENDS_${PN} = "bash openssl-bin binutils" +RDEPENDS:${PN} = "bash openssl-bin binutils" diff --git a/recipes-scanners/checksecurity/checksecurity_2.0.15.bb b/recipes-scanners/checksecurity/checksecurity_2.0.15.bb index 0161b4c..9a1d77a 100644 --- a/recipes-scanners/checksecurity/checksecurity_2.0.15.bb +++ b/recipes-scanners/checksecurity/checksecurity_2.0.15.bb @@ -18,4 +18,4 @@ do_install() { oe_runmake PREFIX=${D} } -RDEPENDS_${PN} = "perl libenv-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob perl-module-carp perl-module-env perl-module-tap-parser-iterator-array util-linux findutils coreutils" +RDEPENDS:${PN} = "perl libenv-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob perl-module-carp perl-module-env perl-module-tap-parser-iterator-array util-linux findutils coreutils" diff --git a/recipes-scanners/clamav/clamav_0.104.0.bb b/recipes-scanners/clamav/clamav_0.104.0.bb index 5759ddd..0d3a678 100644 --- a/recipes-scanners/clamav/clamav_0.104.0.bb +++ b/recipes-scanners/clamav/clamav_0.104.0.bb @@ -52,7 +52,7 @@ PACKAGECONFIG[systemd] = "-DENABLE_SYSTEMD=ON -DSYSTEMD_UNIT_DIR=${systemd_syste export OECMAKE_C_FLAGS += " -I${STAGING_INCDIR} -L ${RECIPE_SYSROOT}${nonarch_libdir} -L${STAGING_LIBDIR} -lpthread" -do_install_append () { +do_install:append () { install -d ${D}/${sysconfdir} install -d ${D}/${localstatedir}/lib/clamav install -d ${D}${sysconfdir}/clamav ${D}${sysconfdir}/default/volatiles @@ -76,7 +76,7 @@ do_install_append () { oe_multilib_header clamav-types.h } -pkg_postinst_${PN} () { +pkg_postinst:${PN} () { if [ -z "$D" ]; then if command -v systemd-tmpfiles >/dev/null; then systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/clamav.conf @@ -89,17 +89,17 @@ pkg_postinst_${PN} () { PACKAGES += "${PN}-daemon ${PN}-clamdscan ${PN}-freshclam ${PN}-libclamav" -FILES_${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \ +FILES:${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \ ${bindir}/*sigtool ${mandir}/man1/clambc* ${mandir}/man1/clamscan* \ ${mandir}/man1/sigtool* ${mandir}/man1/clambsubmit* \ ${docdir}/clamav/*" -FILES_${PN}-clamdscan = " ${bindir}/clamdscan \ +FILES:${PN}-clamdscan = " ${bindir}/clamdscan \ ${docdir}/clamdscan/* \ ${mandir}/man1/clamdscan* \ " -FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ +FILES:${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ ${mandir}/man1/clamconf* ${mandir}/man1/clamdtop* \ ${mandir}/man5/clamd* ${mandir}/man8/clamd* \ ${sysconfdir}/clamd.conf* \ @@ -111,7 +111,7 @@ FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ ${systemd_system_unitdir}/clamav-clamonacc.service \ " -FILES_${PN}-freshclam = "${bindir}/freshclam \ +FILES:${PN}-freshclam = "${bindir}/freshclam \ ${sysconfdir}/freshclam.conf* \ /usr/etc/freshclam.conf* \ ${sysconfdir}/clamav ${sysconfdir}/default/volatiles \ @@ -121,33 +121,33 @@ FILES_${PN}-freshclam = "${bindir}/freshclam \ ${mandir}/man5/freshclam.conf.* \ ${systemd_system_unitdir}/clamav-freshclam.service" -FILES_${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \ +FILES:${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \ ${libdir}/pkgconfig/*.pc \ ${mandir}/man1/clamav-config.* \ ${includedir}/*.h ${docdir}/libclamav* " -FILES_${PN}-staticdev = "${libdir}/*.a" +FILES:${PN}-staticdev = "${libdir}/*.a" -FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \ +FILES:${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \ ${libdir}/libfreshclam.so* ${docdir}/libclamav/* \ ${libdir}/libmspack* " -FILES_${PN}-doc = "${mandir}/man/* \ +FILES:${PN}-doc = "${mandir}/man/* \ ${datadir}/man/* \ ${docdir}/* " USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system ${CLAMAV_UID}" -USERADD_PARAM_${PN} = "--system -g ${CLAMAV_GID} --home-dir \ +GROUPADD_PARAM:${PN} = "--system ${CLAMAV_UID}" +USERADD_PARAM:${PN} = "--system -g ${CLAMAV_GID} --home-dir \ ${localstatedir}/lib/${BPN} \ --no-create-home --shell /sbin/nologin ${BPN}" -RPROVIDES_${PN} += "${PN}-systemd" -RREPLACES_${PN} += "${PN}-systemd" -RCONFLICTS_${PN} += "${PN}-systemd" +RPROVIDES:${PN} += "${PN}-systemd" +RREPLACES:${PN} += "${PN}-systemd" +RCONFLICTS:${PN} += "${PN}-systemd" SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-freshclam" -SYSTEMD_SERVICE_${PN}-daemon = "clamav-daemon.service" -SYSTEMD_SERVICE_${PN}-freshclam = "clamav-freshclam.service" +SYSTEMD_SERVICE:${PN}-daemon = "clamav-daemon.service" +SYSTEMD_SERVICE:${PN}-freshclam = "clamav-freshclam.service" -RDEPENDS_${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav" -RDEPENDS_${PN}-daemon = "clamav" +RDEPENDS:${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav" +RDEPENDS:${PN}-daemon = "clamav" diff --git a/recipes-scanners/clamav/files/fix2_libcurl_check.patch b/recipes-scanners/clamav/files/fix2_libcurl_check.patch new file mode 100644 index 0000000..46406e9 --- /dev/null +++ b/recipes-scanners/clamav/files/fix2_libcurl_check.patch @@ -0,0 +1,122 @@ +clamav .102.2 tries to find clamav using culf_config. Use EO pkg_config instead + +Upstream-Status: OE specific +Signed-off-by: Armin Kuster + +Index: git/configure +=================================================================== +--- git.orig/configure ++++ git/configure +@@ -28850,39 +28850,14 @@ $as_echo_n "checking for libcurl install + if test "${with_libcurl+set}" = set; then : + withval=$with_libcurl; + find_curl="no" +-if test "X$withval" = "Xyes"; then +- find_curl="yes" +-else +- if test "X$withval" != "Xno"; then +- if test -f "${withval}/bin/curl-config"; then +- LIBCURL_HOME="$withval" +- have_curl="yes" +- fi +- fi +-fi +- +-else +- find_curl="yes" +-fi +- +- +-if test "X$find_curl" = "Xyes"; then +- for p in /usr/local /usr ; do +- if test -f "${p}/bin/curl-config"; then +- LIBCURL_HOME=$p +- have_curl="yes" +- fi +- done +-fi +- +-if test "X$have_curl" = "Xyes"; then +- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBCURL_HOME" >&5 +-$as_echo "$LIBCURL_HOME" >&6; } +- if test -f "$LIBCURL_HOME/bin/curl-config"; then ++ #save_LDFLAGS="$LDFLAGS" ++ if test "X$withval" != "Xno"; then ++ LIBCURL_HOME="$withval" ++ if test "${PKG_CONFIG} libcurl --exists"; then + CURL_LDFLAGS="$LDFLAGS" +- CURL_LIBS=$($LIBCURL_HOME/bin/curl-config --libs) +- CURL_CPPFLAGS=$($LIBCURL_HOME/bin/curl-config --cflags) +- else ++ CURL_LIBS=$($PKG_CONFIG libcurl --libs) ++ CURL_CPPFLAGS=$($PKG_CONFIG libcurl --cflags) ++ else + if test "$LIBCURL_HOME" != "/usr"; then + CURL_LDFLAGS="-L$LIBCURL_HOME/lib" + CURL_CPPFLAGS="-I$LIBCURL_HOME/include" +@@ -28891,60 +28866,12 @@ $as_echo "$LIBCURL_HOME" >&6; } + CURL_CPPFLAGS="" + fi + CURL_LIBS="-lcurl" +- fi +- save_LDFLAGS="$LDFLAGS" +- LDFLAGS="$CURL_LDFLAGS $CURL_LIBS" +- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_easy_init in -lcurl" >&5 +-$as_echo_n "checking for curl_easy_init in -lcurl... " >&6; } +-if ${ac_cv_lib_curl_curl_easy_init+:} false; then : +- $as_echo_n "(cached) " >&6 +-else +- ac_check_lib_save_LIBS=$LIBS +-LIBS="-lcurl $CURL_LIBS +- $LIBS" +-cat confdefs.h - <<_ACEOF >conftest.$ac_ext +-/* end confdefs.h. */ +- +-/* Override any GCC internal prototype to avoid an error. +- Use char because int might match the return type of a GCC +- builtin and then its argument prototype would still apply. */ +-#ifdef __cplusplus +-extern "C" +-#endif +-char curl_easy_init (); +-int +-main () +-{ +-return curl_easy_init (); +- ; +- return 0; +-} +-_ACEOF +-if ac_fn_c_try_link "$LINENO"; then : +- ac_cv_lib_curl_curl_easy_init=yes +-else +- ac_cv_lib_curl_curl_easy_init=no +-fi +-rm -f core conftest.err conftest.$ac_objext \ +- conftest$ac_exeext conftest.$ac_ext +-LIBS=$ac_check_lib_save_LIBS +-fi +-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_curl_curl_easy_init" >&5 +-$as_echo "$ac_cv_lib_curl_curl_easy_init" >&6; } +-if test "x$ac_cv_lib_curl_curl_easy_init" = xyes; then : +- +- curl_msg=""; +- have_curl="yes"; +- CLAMSUBMIT_LIBS="$CLAMSUBMIT_LIBS $CURL_LDFLAGS $CURL_LIBS"; +- CLAMSUBMIT_CFLAGS="$CLAMSUBMIT_CFLAGS $CURL_CPPFLAGS"; +- FRESHCLAM_LIBS="$FRESHCLAM_LIBS $CURL_LDFLAGS $CURL_LIBS"; +- FRESHCLAM_CPPFLAGS="$FRESHCLAM_CPPFLAGS $CURL_CPPFLAGS" +- +-else +- +- as_fn_error $? "Your libcurl is misconfigured. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit." "$LINENO" 5 ++ fi + +-fi ++ have_curl="yes" ++ LDFLAGS="$save_LDFLAGS" ++ LDFLAGS="$CURL_LDFLAGS $CURL_LIBS" ++ fi + + LDFLAGS="$save_LDFLAGS" + else diff --git a/recipes-scanners/clamav/files/test.patch b/recipes-scanners/clamav/files/test.patch new file mode 100644 index 0000000..a22b45d --- /dev/null +++ b/recipes-scanners/clamav/files/test.patch @@ -0,0 +1,24 @@ +Index: clamav-0.103.0/Makefile.am +=================================================================== +--- clamav-0.103.0.orig/Makefile.am ++++ clamav-0.103.0/Makefile.am +@@ -28,7 +28,6 @@ else + SUBDIRS = libltdl libclamav shared libfreshclam clamscan clamd clamdscan freshclam sigtool clamconf database docs etc clamav-milter test clamdtop clambc unit_tests + EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh + +-bin_SCRIPTS=clamav-config + + if BUILD_CLAMONACC + SUBDIRS += clamonacc +Index: clamav-0.103.0/Makefile.in +=================================================================== +--- clamav-0.103.0.orig/Makefile.in ++++ clamav-0.103.0/Makefile.in +@@ -641,7 +641,6 @@ ACLOCAL_AMFLAGS = -I m4 + @BUILD_LIBCLAMAV_ONLY_TRUE@SUBDIRS = libclamav $(am__append_1) \ + @BUILD_LIBCLAMAV_ONLY_TRUE@ $(am__append_2) $(am__append_3) + @BUILD_LIBCLAMAV_ONLY_FALSE@bin_SCRIPTS = clamav-config +-@BUILD_LIBCLAMAV_ONLY_TRUE@bin_SCRIPTS = clamav-config + @BUILD_LIBCLAMAV_ONLY_FALSE@EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh + pkgconfigdir = $(libdir)/pkgconfig + pkgconfig_DATA = libclamav.pc diff --git a/recipes-security/aircrack-ng/aircrack-ng_1.6.bb b/recipes-security/aircrack-ng/aircrack-ng_1.6.bb index 8d3b531..f76f1df 100644 --- a/recipes-security/aircrack-ng/aircrack-ng_1.6.bb +++ b/recipes-security/aircrack-ng/aircrack-ng_1.6.bb @@ -29,8 +29,8 @@ do_install () { make DESTDIR=${D} ${OEMAKE_EXTRA} ext_scripts=true install } -FILES_${PN} += "${libdir}/*.so" +FILES:${PN} += "${libdir}/*.so" FILES_SOLIBSDEV = "" -INSANE_SKIP_${PN} += "dev-so" +INSANE_SKIP:${PN} += "dev-so" -RDEPENDS_${PN} = "libpcap" +RDEPENDS:${PN} = "libpcap" diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb index 0290cae..72281c5 100644 --- a/recipes-security/bastille/bastille_3.2.1.bb +++ b/recipes-security/bastille/bastille_3.2.1.bb @@ -6,8 +6,8 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b" # Bash is needed for set +o privileged (check busybox), might also need ncurses DEPENDS = "virtual/kernel" -RDEPENDS_${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd libcurses-perl coreutils" -FILES_${PN} += "/run/lock/subsys/bastille" +RDEPENDS:${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd libcurses-perl coreutils" +FILES:${PN} += "/run/lock/subsys/bastille" SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3.2.1/Bastille-3.2.1.tar.bz2 \ file://AccountPermission.pm \ @@ -150,4 +150,4 @@ do_install () { ln -s RevertBastille ${D}${sbindir}/UndoBastille } -FILES_${PN} += "${datadir}/Bastille ${libdir}/Bastille ${libdir}/perl* ${sysconfdir}/*" +FILES:${PN} += "${datadir}/Bastille ${libdir}/Bastille ${libdir}/perl* ${sysconfdir}/*" diff --git a/recipes-security/bastille/files/AccountPermission.pm b/recipes-security/bastille/files/AccountPermission.pm index cfbaab1..132b30c 100644 --- a/recipes-security/bastille/files/AccountPermission.pm +++ b/recipes-security/bastille/files/AccountPermission.pm @@ -16,7 +16,7 @@ B_chgrp B_chgrp_link B_userdel B_groupdel -B_remove_user_from_group +B:remove_user_from_group B_check_owner_group B_is_unowned_file B_is_ungrouped_file @@ -28,7 +28,7 @@ B_is_suid B_is_sgid B_get_user_list B_get_group_list -B_remove_suid +B:remove_suid ); our @EXPORT = @EXPORT_OK; @@ -74,7 +74,7 @@ sub B_chmod($$) { if ($new_perm =~ /([ugo]+)([+-]{1})([rwxst]+)/) { $symbolic = 1; $chmod_noun = $1; - $add_remove = $2; + $add:remove = $2; $capability = $3; } @@ -466,7 +466,7 @@ sub B_chgrp_link($$) { # # In the future, we may also choose to make a B_lock_account routine. # -# This routine depends on B_remove_user_from_group. +# This routine depends on B:remove_user_from_group. ########################################################################### sub B_userdel($) { @@ -506,7 +506,7 @@ sub B_userdel($) { # # Next find out what groups the user is in, so we can call - # B_remove_user_from_group($user,$group) + # B:remove_user_from_group($user,$group) # # TODO: add this to the helper functions for the test suite. # @@ -586,7 +586,7 @@ sub B_groupdel($) { ########################################################################### -# B_remove_user_from_group($user,$group) removes $user from $group, +# B:remove_user_from_group($user,$group) removes $user from $group, # by modifying $group's /etc/group line, pulling the user out. This # uses B_chunk_replace thrice to replace these patterns: # @@ -595,7 +595,7 @@ sub B_groupdel($) { # ########################################################################### -sub B_remove_user_from_group($$) { +sub B:remove_user_from_group($$) { my ($user_to_remove,$group) = @_; @@ -1022,7 +1022,7 @@ sub B_get_group_list() # ########################################################################### -sub B_remove_suid($) { +sub B:remove_suid($) { my $file_expr = $_[0]; &B_log("ACTION","Removing SUID bit from \"$file_expr\"."); diff --git a/recipes-security/bastille/files/FileContent.pm b/recipes-security/bastille/files/FileContent.pm index 0a5d609..1ef89dd 100644 --- a/recipes-security/bastille/files/FileContent.pm +++ b/recipes-security/bastille/files/FileContent.pm @@ -10,8 +10,8 @@ B_blank_file B_insert_line_after B_insert_line_before B_insert_line -B_append_line -B_prepend_line +B:append_line +B:prepend_line B_replace_line B_replace_lines B_replace_pattern @@ -262,7 +262,7 @@ sub B_insert_line($$$$) { # # Additionally, if $pattern is set equal to "", the line is always appended. # -# B_append_line uses B_open_plus and B_close_plus, so that the file +# B:append_line uses B_open_plus and B_close_plus, so that the file # modified is backed up... # # Here's examples of where you might use this: @@ -273,7 +273,7 @@ sub B_insert_line($$$$) { # ########################################################################### -sub B_append_line($$$) { +sub B:append_line($$$) { my ($filename,$pattern,$line_to_append) = @_; @@ -308,11 +308,11 @@ sub B_append_line($$$) { ########################################################################### # &B_prepend_line ($filename,$pattern,$line_to_prepend) modifies $filename, -# pre-pending $line_to_prepend unless one or more lines in the file matches +# pre-pending $line_to:prepend unless one or more lines in the file matches # $pattern. This is an enhancement to the prepend_line_if_no_such_line_exists # idea. # -# B_prepend_line uses B_open_plus and B_close_plus, so that the file +# B:prepend_line uses B_open_plus and B_close_plus, so that the file # modified is backed up... # # Here's examples of where you might use this: @@ -322,7 +322,7 @@ sub B_append_line($$$) { # ########################################################################### -sub B_prepend_line($$$) { +sub B:prepend_line($$$) { my ($filename,$pattern,$line_to_prepend) = @_; @@ -348,7 +348,7 @@ sub B_prepend_line($$$) { # Log the action &B_log("ACTION","Pre-pended the following line to $filename:\n"); - &B_log("ACTION","$line_to_prepend"); + &B_log("ACTION","$line_to:prepend"); } else { $retval=0; diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb index 4a99b5a..9aefc32 100644 --- a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb +++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb @@ -25,7 +25,7 @@ SRC_URI[sha256sum] = "112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f11875 inherit autotools pkgconfig systemd SYSTEMD_PACKAGES = "${PN}" -SYSTEMD_SERVICE_${PN} = "ecryptfs.service" +SYSTEMD_SERVICE:${PN} = "ecryptfs.service" EXTRA_OECONF = "\ --libdir=${base_libdir} \ @@ -41,7 +41,7 @@ PACKAGECONFIG ??= "nss \ PACKAGECONFIG[nss] = "--enable-nss,--disable-nss,nss," PACKAGECONFIG[pam] = "--enable-pam,--disable-pam,libpam," -do_configure_prepend() { +do_configure:prepend() { export NSS_CFLAGS="-I${STAGING_INCDIR}/nspr -I${STAGING_INCDIR}/nss3" export NSS_LIBS="-L${STAGING_BASELIBDIR} -lssl3 -lsmime3 -lnss3 -lsoftokn3 -lnssutil3" export KEYUTILS_CFLAGS="-I${STAGING_INCDIR}" @@ -49,7 +49,7 @@ do_configure_prepend() { sed -i -e "s;rootsbindir=\"/sbin\";rootsbindir=\"\${base_sbindir}\";g" ${S}/configure.ac } -do_install_append() { +do_install:append() { chmod 4755 ${D}${base_sbindir}/mount.ecryptfs_private # ${base_libdir} is identical to ${libdir} when usrmerge enabled if ! ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then @@ -64,7 +64,7 @@ do_install_append() { fi } -FILES_${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*" +FILES:${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*" -RDEPENDS_${PN} += "cryptsetup" -RRECOMMENDS_${PN} = "gettext-runtime" +RDEPENDS:${PN} += "cryptsetup" +RRECOMMENDS:${PN} = "gettext-runtime" diff --git a/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb b/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb index b480c76..ed75a0e 100644 --- a/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb +++ b/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb @@ -20,34 +20,34 @@ inherit update-rc.d ptest setuptools3 S = "${WORKDIR}/git" -do_compile_prepend () { +do_compile:prepend () { cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py cd ${S} ./fail2ban-2to3 } -do_install_append () { +do_install:append () { install -d ${D}/${sysconfdir}/fail2ban install -d ${D}/${sysconfdir}/init.d install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server chown -R root:root ${D}/${bindir} } -do_install_ptest_append () { +do_install_ptest:append () { install -d ${D}${PTEST_PATH} install -d ${D}${PTEST_PATH}/bin sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest install -D ${S}/bin/* ${D}${PTEST_PATH}/bin } -FILES_${PN} += "/run" +FILES:${PN} += "/run" INITSCRIPT_PACKAGES = "${PN}" INITSCRIPT_NAME = "fail2ban-server" INITSCRIPT_PARAMS = "defaults 25" -INSANE_SKIP_${PN}_append = "already-stripped" +INSANE_SKIP:${PN}:append = "already-stripped" -RDEPENDS_${PN} = "${VIRTUAL-RUNTIME_base-utils-syslog} iptables sqlite3 python3-core python3-pyinotify" -RDEPENDS_${PN} += " python3-logging python3-fcntl python3-json" -RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" +RDEPENDS:${PN} = "${VIRTUAL-RUNTIME_base-utils-syslog} iptables sqlite3 python3-core python3-pyinotify" +RDEPENDS:${PN} += " python3-logging python3-fcntl python3-json" +RDEPENDS:${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" diff --git a/recipes-security/fscryptctl/fscryptctl_1.0.0.bb b/recipes-security/fscryptctl/fscryptctl_1.0.0.bb index df76a3d..26f549b 100644 --- a/recipes-security/fscryptctl/fscryptctl_1.0.0.bb +++ b/recipes-security/fscryptctl/fscryptctl_1.0.0.bb @@ -18,7 +18,7 @@ do_install() { oe_runmake DESTDIR=${D} PREFIX=/usr install } -RRECOMMENDS_${PN} += "\ +RRECOMMENDS:${PN} += "\ keyutils \ kernel-module-cbc \ kernel-module-cts \ diff --git a/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb b/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb index f9ca092..4ab8374 100644 --- a/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb +++ b/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb @@ -18,6 +18,6 @@ REQUIRED_DISTRO_FEATURES = "pam" EXTRA_OECONF = "--libdir=${base_libdir}" PACKAGES += "pam-google-authenticator" -FILES_pam-google-authenticator = "${base_libdir}/security/pam_google_authenticator.so" +FILES:pam-google-authenticator = "${base_libdir}/security/pam_google_authenticator.so" RDEPNEDS_pam-google-authenticator = "libpam" diff --git a/recipes-security/libest/libest_3.2.0.bb b/recipes-security/libest/libest_3.2.0.bb index 5b6dc99..fda2df4 100644 --- a/recipes-security/libest/libest_3.2.0.bb +++ b/recipes-security/libest/libest_3.2.0.bb @@ -11,17 +11,17 @@ SRC_URI = "git://github.com/cisco/libest;branch=main" DEPENDS = "openssl" #fatal error: execinfo.h: No such file or directory -DEPENDS_append_libc-musl = " libexecinfo" +DEPENDS:append:libc-musl = " libexecinfo" inherit autotools-brokensep EXTRA_OECONF = "--disable-pthreads --with-ssl-dir=${STAGING_LIBDIR}" CFLAGS += "-fcommon" -LDFLAGS_append_libc-musl = " -lexecinfo" +LDFLAGS:append:libc-musl = " -lexecinfo" S = "${WORKDIR}/git" PACKAGES = "${PN} ${PN}-dbg ${PN}-dev" -FILES_${PN} = "${bindir}/* ${libdir}/libest-3.2.0p.so" +FILES:${PN} = "${bindir}/* ${libdir}/libest-3.2.0p.so" diff --git a/recipes-security/libgssglue/libgssglue_0.4.bb b/recipes-security/libgssglue/libgssglue_0.4.bb index 88c58ed..3085ee6 100644 --- a/recipes-security/libgssglue/libgssglue_0.4.bb +++ b/recipes-security/libgssglue/libgssglue_0.4.bb @@ -33,11 +33,11 @@ SRC_URI[md5sum] = "5ce81940965fa68c7635c42dcafcddfe" SRC_URI[sha256sum] = "bb47b2de78409f461811d0db8595c66e6631a9879c3621a35e4434b104ee52f5" # gssglue can use krb5, spkm3... as gssapi library, configurable -RRECOMMENDS_${PN} += "krb5" +RRECOMMENDS:${PN} += "krb5" inherit autotools -do_install_append() { +do_install:append() { # install some docs install -d -m 0755 ${D}${docdir}/${BPN} install -m 0644 ${S}/AUTHORS ${S}/ChangeLog ${S}/NEWS ${S}/README ${D}${docdir}/${BPN} diff --git a/recipes-security/mfa/python3-privacyidea_3.5.2.bb b/recipes-security/mfa/python3-privacyidea_3.5.2.bb index cd0acf8..a4ab59d 100644 --- a/recipes-security/mfa/python3-privacyidea_3.5.2.bb +++ b/recipes-security/mfa/python3-privacyidea_3.5.2.bb @@ -10,31 +10,31 @@ SRC_URI[sha256sum] = "26aeb0d353af1f212c4df476202516953c20f7f31566cfe0b67cbb553d inherit pypi setuptools3 -do_install_append () { +do_install:append () { #install ${D}/var/log/privacyidea rm -fr ${D}${libdir}/${PYTHON_DIR}/site-packages/tests } USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system privacyidea" -USERADD_PARAM_${PN} = "--system -g privacyidea -o -r -d /opt/${BPN} \ +GROUPADD_PARAM:${PN} = "--system privacyidea" +USERADD_PARAM:${PN} = "--system -g privacyidea -o -r -d /opt/${BPN} \ --shell /bin/false privacyidea" -FILES_${PN} += " ${datadir}/etc/privacyidea/* ${datadir}/lib/privacyidea/*" - -RDEPENDS_${PN} += " bash perl freeradius-mysql freeradius-utils" - -RDEPENDS_${PN} += "python3 python3-alembic python3-babel python3-backports-functools-lru-cache python3-bcrypt" -RDEPENDS_${PN} += "python3-beautifulsoup4 python3-cbor2 python3-certifi python3-cffi python3-chardet" -RDEPENDS_${PN} += "python3-click python3-configobj python3-croniter python3-cryptography python3-defusedxml" -RDEPENDS_${PN} += "python3-ecdsa python3-flask python3-flask-babel python3-flask-migrate" -RDEPENDS_${PN} += "python3-flask-script python3-flask-sqlalchemy python3-flask-versioned" -RDEPENDS_${PN} += "python3-future python3-httplib2 python3-huey python3-idna python3-ipaddress" -RDEPENDS_${PN} += "python3-itsdangerous python3-jinja2 python3-ldap python3-lxml python3-mako" -RDEPENDS_${PN} += "python3-markupsafe python3-netaddr python3-oauth2client python3-passlib python3-pillow" -RDEPENDS_${PN} += "python3-pyasn1 python3-pyasn1-modules python3-pycparser python3-pyjwt python3-pymysql" -RDEPENDS_${PN} += "python3-pyopenssl python3-pyrad python3-dateutil python3-editor python3-gnupg" -RDEPENDS_${PN} += "python3-pytz python3-pyyaml python3-qrcode python3-redis python3-requests python3-rsa" -RDEPENDS_${PN} += "python3-six python3-smpplib python3-soupsieve python3-soupsieve " -RDEPENDS_${PN} += "python3-sqlalchemy python3-sqlsoup python3-urllib3 python3-werkzeug" +FILES:${PN} += " ${datadir}/etc/privacyidea/* ${datadir}/lib/privacyidea/*" + +RDEPENDS:${PN} += " bash perl freeradius-mysql freeradius-utils" + +RDEPENDS:${PN} += "python3 python3-alembic python3-babel python3-backports-functools-lru-cache python3-bcrypt" +RDEPENDS:${PN} += "python3-beautifulsoup4 python3-cbor2 python3-certifi python3-cffi python3-chardet" +RDEPENDS:${PN} += "python3-click python3-configobj python3-croniter python3-cryptography python3-defusedxml" +RDEPENDS:${PN} += "python3-ecdsa python3-flask python3-flask-babel python3-flask-migrate" +RDEPENDS:${PN} += "python3-flask-script python3-flask-sqlalchemy python3-flask-versioned" +RDEPENDS:${PN} += "python3-future python3-httplib2 python3-huey python3-idna python3-ipaddress" +RDEPENDS:${PN} += "python3-itsdangerous python3-jinja2 python3-ldap python3-lxml python3-mako" +RDEPENDS:${PN} += "python3-markupsafe python3-netaddr python3-oauth2client python3-passlib python3-pillow" +RDEPENDS:${PN} += "python3-pyasn1 python3-pyasn1-modules python3-pycparser python3-pyjwt python3-pymysql" +RDEPENDS:${PN} += "python3-pyopenssl python3-pyrad python3-dateutil python3-editor python3-gnupg" +RDEPENDS:${PN} += "python3-pytz python3-pyyaml python3-qrcode python3-redis python3-requests python3-rsa" +RDEPENDS:${PN} += "python3-six python3-smpplib python3-soupsieve python3-soupsieve " +RDEPENDS:${PN} += "python3-sqlalchemy python3-sqlsoup python3-urllib3 python3-werkzeug" diff --git a/recipes-security/ncrack/ncrack_0.7.bb b/recipes-security/ncrack/ncrack_0.7.bb index ba26965..8b221e5 100644 --- a/recipes-security/ncrack/ncrack_0.7.bb +++ b/recipes-security/ncrack/ncrack_0.7.bb @@ -15,4 +15,4 @@ inherit autotools-brokensep S = "${WORKDIR}/git" -INSANE_SKIP_${PN} = "already-stripped" +INSANE_SKIP:${PN} = "already-stripped" diff --git a/recipes-security/nikto/nikto_2.1.6.bb b/recipes-security/nikto/nikto_2.1.6.bb index 615cc30..242f3ac 100644 --- a/recipes-security/nikto/nikto_2.1.6.bb +++ b/recipes-security/nikto/nikto_2.1.6.bb @@ -111,7 +111,7 @@ do_install() { install -m 0644 docs/nikto_manual.html ${D}${datadir}/doc/nikto } -RDEPENDS_${PN} = "perl libnet-ssleay-perl libwhisker2-perl \ +RDEPENDS:${PN} = "perl libnet-ssleay-perl libwhisker2-perl \ perl-module-getopt-long perl-module-time-local \ perl-module-io-socket perl-module-overloading \ perl-module-base perl-module-b perl-module-bytes" diff --git a/recipes-security/opendnssec/opendnssec_2.1.9.bb b/recipes-security/opendnssec/opendnssec_2.1.9.bb index 2b79609..8e36812 100644 --- a/recipes-security/opendnssec/opendnssec_2.1.9.bb +++ b/recipes-security/opendnssec/opendnssec_2.1.9.bb @@ -27,8 +27,8 @@ PACKAGECONFIG[mysql] = "--with-mysql=yes, , mariadb, mariadb" PACKAGECONFIG[readline] = "--with-readline, --without-readline, readline" PACKAGECONFIG[unwind] = "--with-libunwind, --without-libunwind" -do_install_append () { +do_install:append () { rm -rf ${D}${localstatedir}/run } -RDEPENDS_${PN} = "softhsm" +RDEPENDS:${PN} = "softhsm" diff --git a/recipes-security/paxctl/paxctl_0.9.bb b/recipes-security/paxctl/paxctl_0.9.bb index 3c04141..55a0dca 100644 --- a/recipes-security/paxctl/paxctl_0.9.bb +++ b/recipes-security/paxctl/paxctl_0.9.bb @@ -24,7 +24,7 @@ do_install() { # install: cannot change ownership of '.../sbin/paxctl': \ # Operation not permitted # Drop '--owner 0 --group 0' to fix the issue. -do_install_class-native() { +do_install:class-native() { local PROG=paxctl install -d ${D}${base_sbindir} install -d ${D}${mandir}/man1 @@ -33,6 +33,6 @@ do_install_class-native() { } # Avoid QA Issue: No GNU_HASH in the elf binary -INSANE_SKIP_${PN} = "ldflags" +INSANE_SKIP:${PN} = "ldflags" BBCLASSEXTEND = "native" diff --git a/recipes-security/redhat-security/redhat-security_1.0.bb b/recipes-security/redhat-security/redhat-security_1.0.bb index 0d70dc6..d6d4cea 100644 --- a/recipes-security/redhat-security/redhat-security_1.0.bb +++ b/recipes-security/redhat-security/redhat-security_1.0.bb @@ -37,4 +37,4 @@ do_install() { install -m 0755 ${WORKDIR}/selinux-ls-unconfined.sh ${D}${bindir} } -RDEPENDS_${PN} = "file libcap-ng procps findutils" +RDEPENDS:${PN} = "file libcap-ng procps findutils" diff --git a/recipes-security/sssd/sssd_2.5.1.bb b/recipes-security/sssd/sssd_2.5.1.bb index 9205843..1c77480 100644 --- a/recipes-security/sssd/sssd_2.5.1.bb +++ b/recipes-security/sssd/sssd_2.5.1.bb @@ -6,9 +6,9 @@ LICENSE = "GPLv3+" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" DEPENDS = "acl attr openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive" -DEPENDS_append = " libldb dbus libtalloc libpcre glib-2.0 popt e2fsprogs libtevent bind p11-kit" +DEPENDS:append = " libldb dbus libtalloc libpcre glib-2.0 popt e2fsprogs libtevent bind p11-kit" -DEPENDS_append_libc-musl = " musl-nscd" +DEPENDS:append:libc-musl = " musl-nscd" # If no crypto has been selected, default to DEPEND on nss, since that's what # sssd will pick if no active choice is made during configure @@ -69,7 +69,7 @@ EXTRA_OECONF += " \ --with-pid-path=/run \ " -do_configure_prepend() { +do_configure:prepend() { mkdir -p ${AUTOTOOLS_AUXDIR}/build cp ${STAGING_DATADIR_NATIVE}/gettext/config.rpath ${AUTOTOOLS_AUXDIR}/build/ @@ -77,7 +77,7 @@ do_configure_prepend() { sed -i -e "s#\$sss_extra_libdir##" ${S}/src/external/libresolv.m4 } -do_compile_prepend () { +do_compile:prepend () { echo '#define NSUPDATE_PATH "${bindir}"' >> ${B}/config.h } do_install () { @@ -98,18 +98,18 @@ do_install () { rm -f ${D}${systemd_system_unitdir}/sssd-secrets.* } -pkg_postinst_ontarget_${PN} () { +pkg_postinst_ontarget:${PN} () { if [ -e /etc/init.d/populate-volatile.sh ] ; then ${sysconfdir}/init.d/populate-volatile.sh update fi chown ${SSSD_UID}:${SSSD_GID} ${sysconfdir}/${BPN}/${BPN}.conf } -CONFFILES_${PN} = "${sysconfdir}/${BPN}/${BPN}.conf" +CONFFILES:${PN} = "${sysconfdir}/${BPN}/${BPN}.conf" INITSCRIPT_NAME = "sssd" INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ." -SYSTEMD_SERVICE_${PN} = " \ +SYSTEMD_SERVICE:${PN} = " \ ${@bb.utils.contains('PACKAGECONFIG', 'autofs', 'sssd-autofs.service sssd-autofs.socket', '', d)} \ ${@bb.utils.contains('PACKAGECONFIG', 'curl', 'sssd-kcm.service sssd-kcm.socket', '', d)} \ ${@bb.utils.contains('PACKAGECONFIG', 'infopipe', 'sssd-ifp.service ', '', d)} \ @@ -124,10 +124,10 @@ SYSTEMD_SERVICE_${PN} = " \ " SYSTEMD_AUTO_ENABLE = "disable" -FILES_${PN} += "${libdir} ${datadir} ${base_libdir}/security/pam_sss*.so" -FILES_${PN}-dev = " ${includedir}/* ${libdir}/*la ${libdir}/*/*la" +FILES:${PN} += "${libdir} ${datadir} ${base_libdir}/security/pam_sss*.so" +FILES:${PN}-dev = " ${includedir}/* ${libdir}/*la ${libdir}/*/*la" # The package contains symlinks that trip up insane -INSANE_SKIP_${PN} = "dev-so" +INSANE_SKIP:${PN} = "dev-so" -RDEPENDS_${PN} = "bind bind-utils dbus libldb libpam" +RDEPENDS:${PN} = "bind bind-utils dbus libldb libpam" -- cgit v1.2.3-54-g00ecf