diff options
Diffstat (limited to 'recipes-security/bastille/files/organize_distro_discovery.patch')
| -rw-r--r-- | recipes-security/bastille/files/organize_distro_discovery.patch | 476 |
1 files changed, 0 insertions, 476 deletions
diff --git a/recipes-security/bastille/files/organize_distro_discovery.patch b/recipes-security/bastille/files/organize_distro_discovery.patch deleted file mode 100644 index d64d1e2..0000000 --- a/recipes-security/bastille/files/organize_distro_discovery.patch +++ /dev/null @@ -1,476 +0,0 @@ -Upstream Status: Inappropriate [No upstream maintenance] - -Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org> - ---- - -Index: Bastille/Bastille/API.pm -=================================================================== ---- Bastille.orig/Bastille/API.pm 2013-08-22 04:32:38.269968002 -0400 -+++ Bastille/Bastille/API.pm 2013-08-22 11:29:53.137968002 -0400 -@@ -141,7 +141,7 @@ - checkProcsForService - - -- $GLOBAL_OS $GLOBAL_ACTUAL_OS $CLI -+ $CLI - $GLOBAL_LOGONLY $GLOBAL_VERBOSE $GLOBAL_DEBUG $GLOBAL_AUDITONLY $GLOBAL_AUDIT_NO_BROWSER $errorFlag - %GLOBAL_BIN %GLOBAL_DIR %GLOBAL_FILE - %GLOBAL_BDIR %GLOBAL_BFILE -@@ -198,7 +198,7 @@ - my $err ="ERROR: "; - my $spc =" "; - my $GLOBAL_OS="None"; --my $GLOBAL_ACTUAL_OS="None"; -+my $GLOBAL_INFERRED_OS="None"; - my %GLOBAL_SUMS=(); - my $CLI=''; - -@@ -306,7 +306,7 @@ - - ########################################################################### - # --# GetDistro checks to see if the target is a known distribution and reports -+# InferDistro checks to see if the target is a known distribution and reports - # said distribution. - # - # This is used throughout the script, but also by ConfigureForDistro. -@@ -314,205 +314,194 @@ - # - ########################################################################### - --sub GetDistro() { -+sub InferDistro() { - - my ($release,$distro); - -- # Only read files for the distro once. -- # if the --os option was used then -- if ($GLOBAL_OS eq "None") { -- if ( -e "/etc/mandrake-release" ) { -- open(MANDRAKE_RELEASE,"/etc/mandrake-release"); -- $release=<MANDRAKE_RELEASE>; -- -- if ( ($release =~ /^Mandrake Linux release (\d+\.\d+\w*)/) or ($release =~ /^Linux Mandrake release (\d+\.\d+\w*)/) ) { -- $distro="MN$1"; -- } -- elsif ( $release =~ /^Mandrakelinux release (\d+\.\d+)\b/ ) { -- $distro="MN$1"; -- } -- else { -- print STDERR "$err Couldn't determine Mandrake/Mandriva version! Setting to 10.1!\n"; -- $distro="MN10.1"; -- } -- -- close(MANDRAKE_RELEASE); -- } -- elsif ( -e "/etc/immunix-release" ) { -- open(IMMUNIX_RELEASE,"/etc/immunix-release"); -- $release=<IMMUNIX_RELEASE>; -- unless ($release =~ /^Immunix Linux release (\d+\.\d+\w*)/) { -- print STDERR "$err Couldn't determine Immunix version! Setting to 6.2!\n"; -- $distro="RH6.2"; -- } -- else { -- $distro="RH$1"; -- } -- close(*IMMUNIX_RELEASE); -- } -- elsif ( -e '/etc/fedora-release' ) { -- open(FEDORA_RELEASE,'/etc/fedora-release'); -- $release=<FEDORA_RELEASE>; -- close FEDORA_RELEASE; -- if ($release =~ /^Fedora Core release (\d+\.?\d*)/) { -- $distro = "RHFC$1"; -- } -- elsif ($release =~ /^Fedora release (\d+\.?\d*)/) { -- $distro = "RHFC$1"; -- } -- else { -- print STDERR "$err Could not determine Fedora version! Setting to Fedora Core 8\n"; -- $distro='RHFC8'; -- } -+ if ( -e "/etc/mandrake-release" ) { -+ open(MANDRAKE_RELEASE,"/etc/mandrake-release"); -+ $release=<MANDRAKE_RELEASE>; -+ -+ if ( ($release =~ /^Mandrake Linux release (\d+\.\d+\w*)/) or ($release =~ /^Linux Mandrake release (\d+\.\d+\w*)/) ) { -+ $distro="MN$1"; -+ } -+ elsif ( $release =~ /^Mandrakelinux release (\d+\.\d+)\b/ ) { -+ $distro="MN$1"; -+ } -+ else { -+ print STDERR "$err Could not infer Mandrake/Mandriva version! Setting to 10.1!\n"; -+ $distro="MN10.1"; -+ } -+ -+ close(MANDRAKE_RELEASE); -+ } -+ elsif ( -e "/etc/immunix-release" ) { -+ open(IMMUNIX_RELEASE,"/etc/immunix-release"); -+ $release=<IMMUNIX_RELEASE>; -+ unless ($release =~ /^Immunix Linux release (\d+\.\d+\w*)/) { -+ print STDERR "$err Could not infer Immunix version! Setting to 6.2!\n"; -+ $distro="RH6.2"; -+ } -+ else { -+ $distro="RH$1"; - } -- elsif ( -e "/etc/redhat-release" ) { -- open(*REDHAT_RELEASE,"/etc/redhat-release"); -- $release=<REDHAT_RELEASE>; -- if ($release =~ /^Red Hat Linux release (\d+\.?\d*\w*)/) { -- $distro="RH$1"; -- } -- elsif ($release =~ /^Red Hat Linux .+ release (\d+)\.?\d*([AEW]S)/) { -- $distro="RHEL$1$2"; -- } -- elsif ($release =~ /^Red Hat Enterprise Linux ([AEW]S) release (\d+)/) { -- $distro="RHEL$2$1"; -+ close(*IMMUNIX_RELEASE); -+ } -+ elsif ( -e '/etc/fedora-release' ) { -+ open(FEDORA_RELEASE,'/etc/fedora-release'); -+ $release=<FEDORA_RELEASE>; -+ close FEDORA_RELEASE; -+ if ($release =~ /^Fedora Core release (\d+\.?\d*)/) { -+ $distro = "RHFC$1"; -+ } -+ elsif ($release =~ /^Fedora release (\d+\.?\d*)/) { -+ $distro = "RHFC$1"; -+ } -+ else { -+ print STDERR "$err Could not infer Fedora version! Setting to Fedora Core 8\n"; -+ $distro='RHFC8'; -+ } -+ } -+ elsif ( -e "/etc/redhat-release" ) { -+ open(*REDHAT_RELEASE,"/etc/redhat-release"); -+ $release=<REDHAT_RELEASE>; -+ if ($release =~ /^Red Hat Linux release (\d+\.?\d*\w*)/) { -+ $distro="RH$1"; -+ } -+ elsif ($release =~ /^Red Hat Linux .+ release (\d+)\.?\d*([AEW]S)/) { -+ $distro="RHEL$1$2"; -+ } -+ elsif ($release =~ /^Red Hat Enterprise Linux ([AEW]S) release (\d+)/) { -+ $distro="RHEL$2$1"; -+ } -+ elsif ($release =~ /^CentOS release (\d+\.\d+)/) { -+ my $version = $1; -+ if ($version =~ /^4\./) { -+ $distro='RHEL4AS'; - } -- elsif ($release =~ /^CentOS release (\d+\.\d+)/) { -- my $version = $1; -- if ($version =~ /^4\./) { -- $distro='RHEL4AS'; -- } -- elsif ($version =~ /^3\./) { -- $distro='RHEL3AS'; -- } -- else { -- print STDERR "$err Could not determine CentOS version! Setting to Red Hat Enterprise 4 AS.\n"; -- $distro='RHEL4AS'; -- } -- } -- else { -- # JJB/HP - Should this be B_log? -- print STDERR "$err Couldn't determine Red Hat version! Setting to 9!\n"; -- $distro="RH9"; -- } -- close(REDHAT_RELEASE); -- -- } -- elsif ( -e "/etc/debian_version" ) { -- $stable="3.1"; #Change this when Debian stable changes -- open(*DEBIAN_RELEASE,"/etc/debian_version"); -- $release=<DEBIAN_RELEASE>; -- unless ($release =~ /^(\d+\.\d+\w*)/) { -- print STDERR "$err System is not running a stable Debian GNU/Linux version. Setting to $stable.\n"; -- $distro="DB$stable"; -+ elsif ($version =~ /^3\./) { -+ $distro='RHEL3AS'; - } - else { -- $distro="DB$1"; -- } -- close(DEBIAN_RELEASE); -- } -- elsif ( -e "/etc/SuSE-release" ) { -- open(*SUSE_RELEASE,"/etc/SuSE-release"); -- $release=<SUSE_RELEASE>; -- if ($release =~ /^SuSE Linux (\d+\.\d+\w*)/i) { -- $distro="SE$1"; -- } -- elsif ($release =~ /^SUSE LINUX Enterprise Server (\d+\.?\d?\w*)/i) { -- $distro="SESLES$1"; -- } -- elsif ($release =~ /^SUSE Linux Enterprise Server (\d+\.?\d?\w*)/i) { -- $distro="SESLES$1"; -- } -- elsif ($release =~ /^openSuSE (\d+\.\d+\w*)/i) { -- $distro="SE$1"; -+ print STDERR "$err Could not infer CentOS version! Setting to Red Hat Enterprise 4 AS.\n"; -+ $distro='RHEL4AS'; - } -- else { -- print STDERR "$err Couldn't determine SuSE version! Setting to 10.3!\n"; -- $distro="SE10.3"; -- } -- close(SUSE_RELEASE); -- } -- elsif ( -e "/etc/turbolinux-release") { -- open(*TURBOLINUX_RELEASE,"/etc/turbolinux-release"); -- $release=<TURBOLINUX_RELEASE>; -- unless ($release =~ /^Turbolinux Workstation (\d+\.\d+\w*)/) { -- print STDERR "$err Couldn't determine TurboLinux version! Setting to 7.0!\n"; -- $distro="TB7.0"; -- } -- else { -- $distro="TB$1"; -- } -- close(TURBOLINUX_RELEASE); -+ } -+ else { -+ # JJB/HP - Should this be B_log? -+ print STDERR "$err Could not infer Red Hat version! Setting to 9!\n"; -+ $distro="RH9"; -+ } -+ close(REDHAT_RELEASE); -+ -+ } -+ elsif ( -e "/etc/debian_version" ) { -+ $stable="3.1"; #Change this when Debian stable changes -+ open(*DEBIAN_RELEASE,"/etc/debian_version"); -+ $release=<DEBIAN_RELEASE>; -+ unless ($release =~ /^(\d+\.\d+\w*)/) { -+ print STDERR "$err System is not running a stable Debian GNU/Linux version. Setting to $stable.\n"; -+ $distro="DB$stable"; -+ } -+ else { -+ $distro="DB$1"; -+ } -+ close(DEBIAN_RELEASE); -+ } -+ elsif ( -e "/etc/SuSE-release" ) { -+ open(*SUSE_RELEASE,"/etc/SuSE-release"); -+ $release=<SUSE_RELEASE>; -+ if ($release =~ /^SuSE Linux (\d+\.\d+\w*)/i) { -+ $distro="SE$1"; -+ } -+ elsif ($release =~ /^SUSE LINUX Enterprise Server (\d+\.?\d?\w*)/i) { -+ $distro="SESLES$1"; -+ } -+ elsif ($release =~ /^SUSE Linux Enterprise Server (\d+\.?\d?\w*)/i) { -+ $distro="SESLES$1"; -+ } -+ elsif ($release =~ /^openSuSE (\d+\.\d+\w*)/i) { -+ $distro="SE$1"; -+ } -+ else { -+ print STDERR "$err Could not infer SuSE version! Setting to 10.3!\n"; -+ $distro="SE10.3"; - } -+ close(SUSE_RELEASE); -+ } -+ elsif ( -e "/etc/turbolinux-release") { -+ open(*TURBOLINUX_RELEASE,"/etc/turbolinux-release"); -+ $release=<TURBOLINUX_RELEASE>; -+ unless ($release =~ /^Turbolinux Workstation (\d+\.\d+\w*)/) { -+ print STDERR "$err Could not infer TurboLinux version! Setting to 7.0!\n"; -+ $distro="TB7.0"; -+ } - else { -- # We're either on Mac OS X, HP-UX or an unsupported O/S. -- if ( -x '/usr/bin/uname') { -+ $distro="TB$1"; -+ } -+ close(TURBOLINUX_RELEASE); -+ } -+ else { -+ # We're either on Mac OS X, HP-UX or an unsupported O/S. -+ if ( -x '/usr/bin/uname') { - # uname is in /usr/bin on Mac OS X and HP-UX -- $release=`/usr/bin/uname -sr`; -- } -- else { -- print STDERR "$err Could not determine operating system version!\n"; -- $distro="unknown" -- } -- -- # Figure out what kind of system we're on. -- if ($release ne "") { -- if ($release =~ /^Darwin\s+(\d+)\.(\d+)/) { -- if ($1 == 6 ) { -- $distro = "OSX10.2"; -- } -- elsif ($1 == 7) { -- $distro = "OSX10.3"; -- } -- elsif ($1 == 8) { -- $distro = "OSX10.3"; -- } -- else { -- $distro = "unknown"; -- } -+ $release=`/usr/bin/uname -sr`; -+ } -+ else { -+ print STDERR "$err Could not infer operating system version from filesystem context. Setting inferred distro to 'unknown'.\n"; -+ $distro="unknown"; -+ } -+ -+ # Figure out what kind of system we're on. -+ if ($release ne "") { -+ if ($release =~ /^Darwin\s+(\d+)\.(\d+)/) { -+ if ($1 == 6 ) { -+ $distro = "OSX10.2"; - } -- elsif ( $release =~ /(^HP-UX)\s*B\.(\d+\.\d+)/ ) { -- $distro="$1$2"; -+ elsif ($1 == 7) { -+ $distro = "OSX10.3"; - } -+ elsif ($1 == 8) { -+ $distro = "OSX10.3"; -+ } - else { -- print STDERR "$err Could not determine operating system version!\n"; -- $distro="unknown"; -+ print STDERR "$err Could not infer operating system version from filesystem context. Setting inferred distro to 'unknown'.\n"; -+ $distro = "unknown"; - } - } -+ elsif ( $release =~ /(^HP-UX)\s*B\.(\d+\.\d+)/ ) { -+ $distro="$1$2"; -+ } -+ else { -+ print STDERR "$err Could not infer operating system version from filesystem context. Setting inferred distro to 'unknown'.\n"; -+ $distro="unknown"; -+ } - } -- -- $GLOBAL_OS=$distro; -- } elsif (not (defined $GLOBAL_OS)) { -- print "ERROR: GLOBAL OS Scoping Issue\n"; -- } else { -- $distro = $GLOBAL_OS; - } -- - return $distro; - } - - ################################################################################### --# &getActualDistro; # -+# &getInferredDistro; # - # # - # This subroutine returns the actual os version in which is running on. This # - # os version is independent of the --os switch feed to bastille. # - # # - ################################################################################### --sub getActualDistro { -- # set local variable to $GLOBAL_OS -+sub getInferredDistro { -+ if ($GLOBAL_INFERRED_OS eq "None") { -+ $GLOBAL_INFERRED_OS = &InferDistro; -+ } -+ return $GLOBAL_INFERRED_OS; -+} - -- if ($GLOBAL_ACTUAL_OS eq "None") { -- my $os = $GLOBAL_OS; -- # undef GLOBAL_OS so that the GetDistro routine will return -- # the actualDistro, it might otherwise return the distro set -- # by the --os switch. -- $GLOBAL_OS = "None"; -- $GLOBAL_ACTUAL_OS = &GetDistro; -- # reset the GLOBAL_OS variable -- $GLOBAL_OS = $os; -+sub GetDistro { -+ if ($GLOBAL_OS eq "None") { -+ return &getInferredDistro; - } -- return $GLOBAL_ACTUAL_OS; -+ return $GLOBAL_OS; - } -+ - # These are helper routines which used to be included inside GetDistro - sub is_OS_supported($) { - my $os=$_[0]; -@@ -556,7 +545,8 @@ - "SE7.2","SE7.3", "SE8.0","SE8.1","SE9.0","SE9.1", - "SE9.2","SE9.3","SE10.0","SE10.1","SE10.2","SE10.3", - "SESLES8","SESLES9","SESLES10", -- "TB7.0" -+ "TB7.0", -+ "Yocto" - ], - - "HP-UX" => [ -@@ -882,23 +872,19 @@ - ########################################################################### - sub ConfigureForDistro { - -- my $retval=1; -- -- # checking to see if the os version given is in fact supported - my $distro = &GetDistro; - -- # checking to see if the actual os version is in fact supported -- my $actualDistro = &getActualDistro; -+ my $inferredDistro = &getInferredDistro; -+ -+ if (! ($inferredDistro eq $distro) ) { -+ print STDERR "WARNING: Inferred distro $inferredDistro is not the same as specified distro $distro. Using specified distro.\n"; -+ } -+ - $ENV{'LOCALE'}=''; # So that test cases checking for english results work ok. -- if ((! &is_OS_supported($distro)) or (! &is_OS_supported($actualDistro)) ) { -- # if either is not supported then print out a list of supported versions -- if (! &is_OS_supported($distro)) { -- print STDERR "$err '$distro' is not a supported operating system.\n"; -- } -- else { -- print STDERR "$err Bastille is unable to operate correctly on this\n"; -- print STDERR "$spc $distro operating system.\n"; -- } -+ -+ if (! &is_OS_supported($distro)) { -+ print STDERR "$err '$distro' is not a supported operating system.\n"; -+ - my %supportedOSHash = &getSupportedOSHash; - print STDERR "$spc Valid operating system versions are as follows:\n"; - -@@ -930,7 +916,7 @@ - # intend via setting the Perl umask - umask(077); - -- &getFileAndServiceInfo($distro,$actualDistro); -+ &getFileAndServiceInfo($distro,$distro); - - # &dumpFileInfo; # great for debuging file location issues - # &dumpServiceInfo; # great for debuging service information issues -@@ -942,7 +928,7 @@ - "$spc You must use Bastille\'s -n flag (for example:\n" . - "$spc bastille -f -n) or \'touch $nodisclaim_file \'\n"; - -- return $retval; -+ return 1; - } - - -Index: Bastille/Bastille/LogAPI.pm -=================================================================== ---- Bastille.orig/Bastille/LogAPI.pm 2013-08-22 04:32:38.269968002 -0400 -+++ Bastille/Bastille/LogAPI.pm 2013-08-22 04:32:47.509968002 -0400 -@@ -111,7 +111,7 @@ - # do this here to prevent bootstrapping problem, where we need to - # write an error that the errorlog location isn't defined. - my $logdir="/var/log/Bastille"; -- if(&getActualDistro =~ "^HP-UX"){ -+ if(&getInferredDistro =~ "^HP-UX"){ - $logdir = "/var/opt/sec_mgmt/bastille/log/"; - } - |