Age | Commit message (Collapse) | Author |
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
infopipe was previously on by default, so add it to the default
PACKAGECONFIG.
The systemd files are only installed when --with-infopipe is passed to
configure, so conditionally add them to SYSTEMD_SERVICE.
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
When building with the curl PACKAGECONFIG, sssd will depend on the
jansson library.
Fixes the following error:
| checking for JANSSON... no
| checking jansson.h usability... no
| checking jansson.h presence... no
| checking for jansson.h... no
| configure: error:
| You must have the header file jansson.h installed to build sssd
| with secrets and KCM responder. If you want to build sssd without
these
| responders then specify --without-secrets --without-kcm when running
configure.
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
These files are installed when the ssh or curl PACKAGECONFIGs are enabled.
Fixes the following error:
ERROR: sssd-1.16.4-r0 do_package: QA Issue: sssd: Files/directories were
installed but not shipped in any package:
/lib/systemd/system/sssd-kcm.socket
/lib/systemd/system/sssd-kcm.service
/lib/systemd/system/sssd-ssh.socket
/lib/systemd/system/sssd-ssh.service
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
sudo was previously on by default, so add it to the default
PACKAGECONFIG.
The systemd files are only installed when --with-sudo is passed to
configure, so conditionally add them to SYSTEMD_SERVICE.
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
autofs was previously on by default, so add it to the default
PACKAGECONFIG.
The systemd files are only installed when --with-autofs is passed to
configure, so conditionally add them to SYSTEMD_SERVICE.
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
add findutils
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add missing runtime dependencies otherwise /usr/bin/oscapd can not
startup.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
dropped patch now included in update
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
As linux-yocto upgraded to 5.x in oe-core, update
the bbappend to 5.x to remove the warning
ERROR: No recipes available for:
.../meta-security/meta-tpm/recipes-kernel/linux/linux-yocto_4.%.bbappend
This patch hasn't been verified any further than allowing bitbake
to complete with a non-linux-yocto kernel. In particular options could
be different, or new ones needed / desired.
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
sssd will attempt to build against nss if no crypto is selected. If a
bbappend sets PACKAGECONFIG = <list without nss or crypto>, the
appropriate DEPEND is not established.
Fixes the following configure error:
... snip ...
| checking for NSS... configure: error: Package requirements (nss) were not met:
|
| No package 'nss' found
|
| Consider adjusting the PKG_CONFIG_PATH environment variable if you
| installed software in a non-standard prefix.
|
| Alternatively, you may set the environment variables NSS_CFLAGS
| and NSS_LIBS to avoid the need to call pkg-config.
| See the pkg-config man page for more details.
|
| WARNING: exit code 1 from a shell command.
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes the following build error:
.. snip ..
| checking for python2... no
| checking for python3... (cached) python3.8
| configure: error:
| The program python2 was not found in search path.
| Please ensure that it is installed and its directory is included in the search
| path. It is required for building python2 bindings. If you do not want to build
| them please use argument --without-python2-bindings when running configure.
| WARNING: exit code 1 from a shell command.
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
/bin/bash: pod2man: command not found
| Makefile:585: recipe for target 'TPMLIB_CancelCommand.3' failed
inherit perlnative to fix
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fix sssd issue for ldblibdir, systemd, pam etc.
* fix ldblibdir which is not calculated right for cross compile
* create directory /var/log/sssd which is required by sssd daemon
* disable building python2 binding
* fix pam module path
* update systemd configure options and service files
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
As linux-yocto upgraded to 5.x in oe-core, update
the bbappend to 5.x to remove the warning:
WARNING: No recipes available for:
/buildarea/layers/meta-security/recipes-kernel/linux/linux-yocto_4.%.bbappend
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
[Droped 4.x part]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
There is a build error when using openscap-native sstate cache.
Steps to reproduce:
Create a new build project in build-1 directory.
$ bitbake openscap-native
Then remove the whole build directory only keep the sstate-cache
directory as a sstate mirror.
Create another new build project in build-2 directory.
Set SSTATE_MIRRORS
$ bitbake scap-security-guide
Error message:
OpenSCAP Error: Schema file 'xccdf/1.1/xccdf-schema.xsd' not found in path
'/buildarea/build-1/tmp/work-shared/openscap/oscap-build-artifacts/usr/share/openscap/schemas' when trying to validate
'/buildarea/build-2/tmp/work/core2-64-poky-linux/scap-security-guide/0.1.44+gitAUTOINC+5fdfdcb2e9-r0/git/build/jre/xccdf-unlinked-resolved.xml'
[/buildarea/build-1/tmp/work/x86_64-linux/openscap-native/1.3.1+gitAUTOINC+4bbdb46ff6-r0/git/src/source/validate.c:104]
The oscap command from openscap-native tries to find the schema files in
build-1 directory since these paths are hardcoded when building
openscap-native.
We need to pass the correct schema/xslt/cpe paths to oscap to make sure
it can find the files in right location.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
v4.19 LTS has been dropped in poky in favor of v5.4. Drop the bbappend
from meta-security as right now the build fails.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
take over layer
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
fixes build issue:
clamav/0.101.5-r0/git/config/ylwrap: line 176: yacc: command not found
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
fixes Python3.8 configure issues
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
pam_google_authenticator.so was being installed where pam could not find
it. Move it where the rest of the pam modules site.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Had to use the fail2ban-2.3 program to create py3 code
Add it as a patch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
fix build issue
[v2]
Fix subject line
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
clean up reciped. drop git fetching
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport 2 patches to fix the build error:
Processing fix.text for: java_jre_configure_crypto_policy rule
Unable to extract part of the fix.text after inclusion of remediation functions. Aborting..
jre/CMakeFiles/generate-internal-jre-bash-fixes.xml.dir/build.make:60:
recipe for target 'jre/bash-fixes.xml' failed
make[2]: *** [jre/bash-fixes.xml] Error 1
make[2]: *** Deleting file 'jre/bash-fixes.xml'
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
checking for whether to build with seccomp profile... configure: error: "Is libseccomp-devel installed? -- could not get cflags for libseccomp"
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
add some missing perl modules
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
See changelog: https://github.com/google/google-authenticator-libpam/releases/tag/1.08
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The attr/xattr.h has been removed from attr 2.4.48 with commit:
http://git.savannah.nongnu.org/cgit/attr.git/commit/include?id=7921157890d07858d092f4003ca4c6bae9fd2c38
The xattr syscalls are provided by sys/xattr.h from glibc now.
Remove the checking code to adapt it otherwise it would fail to build
with selinux support.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|