From b23e7eac2d4f40acf1d40cb3d8ba9dc2756d37f7 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Thu, 27 Feb 2020 12:24:56 +0800 Subject: scap-security-guide: pass the correct schema file path to openscap-native There is a build error when using openscap-native sstate cache. Steps to reproduce: Create a new build project in build-1 directory. $ bitbake openscap-native Then remove the whole build directory only keep the sstate-cache directory as a sstate mirror. Create another new build project in build-2 directory. Set SSTATE_MIRRORS $ bitbake scap-security-guide Error message: OpenSCAP Error: Schema file 'xccdf/1.1/xccdf-schema.xsd' not found in path '/buildarea/build-1/tmp/work-shared/openscap/oscap-build-artifacts/usr/share/openscap/schemas' when trying to validate '/buildarea/build-2/tmp/work/core2-64-poky-linux/scap-security-guide/0.1.44+gitAUTOINC+5fdfdcb2e9-r0/git/build/jre/xccdf-unlinked-resolved.xml' [/buildarea/build-1/tmp/work/x86_64-linux/openscap-native/1.3.1+gitAUTOINC+4bbdb46ff6-r0/git/src/source/validate.c:104] The oscap command from openscap-native tries to find the schema files in build-1 directory since these paths are hardcoded when building openscap-native. We need to pass the correct schema/xslt/cpe paths to oscap to make sure it can find the files in right location. Signed-off-by: Yi Zhao Signed-off-by: Armin Kuster --- .../recipes-openscap/scap-security-guide/scap-security-guide.inc | 3 +++ 1 file changed, 3 insertions(+) (limited to 'meta-security-compliance') diff --git a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc index 3212310..66c2623 100644 --- a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc +++ b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc @@ -13,6 +13,9 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig python3native STAGING_OSCAP_BUILDDIR = "${TMPDIR}/work-shared/openscap/oscap-build-artifacts" +export OSCAP_CPE_PATH="${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/cpe" +export OSCAP_SCHEMA_PATH="${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/schemas" +export OSCAP_XSLT_PATH="${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/xsl" OECMAKE_GENERATOR = "Unix Makefiles" -- cgit v1.2.3-54-g00ecf