aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-security
AgeCommit message (Collapse)AuthorFilesLines
24 hoursaircrack-ng: update to 1.6Federico Pellegrin1-3/+5
Signed-off-by: Federico Pellegrin <fede@evolware.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
24 hourssssd: add fix-ldblibdir.patch backKai Kang2-0/+26
The patch fix-ldblibdir.patch has been dropped when update sssd to 2.5.0. But it fails to start sssd without this patch. So add it back. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
24 hourssssd: set pid path with /runKai Kang1-2/+3
/var/run is deprecated and set pid path with /run to store pid files for the SSSD. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05libgssglue: update SRC_URIYi Zhao1-3/+3
Update SRC_URI to use Debian mirror because the original site is unaccessible. Fixes do_fetch error: ERROR: libgssglue-0.4-r0 do_fetch: Fetcher failure for URL: 'http://www.citi.umich.edu/projects/nfsv4/linux/libgssglue/libgssglue-0.4.tar.gz'. Unable to fetch URL from any source. Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
2021-06-05python3-scapy: drop , now in meta-pythonArmin Kuster2-34/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05sssd: update to 2.5.0Armin Kuster8-183/+89
Add new depends Drop obsolete patches Signed-off-by: Armin Kuster <akuster808@gmail.com> ---- v2] Fix issue with nsupdate check don't use host bind
2021-06-05python3-scapy: update to 2.4.5Armin Kuster1-3/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05opendnssec: upgrade 2.1.8 -> 2.1.9Upgrade Helper1-1/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16python3-scapy: add UPSTREAM_CHECK_COMMITSArmin Kuster1-0/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-26libseccomp: drop recipe. In core nowArmin Kuster2-51/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-12Use libest "main" branch instead of "master".Anton Antonov1-1/+1
This patch fixes the issue: WARNING: libest-3.2.0-r0 do_fetch: Failed to fetch URL git://github.com/cisco/libest, attempting MIRRORS if available ERROR: libest-3.2.0-r0 do_fetch: Fetcher failure: Unable to find revision 4ca02c6d7540f2b1bcea278a4fbe373daac7103b in branch master even from upstream ERROR: libest-3.2.0-r0 do_fetch: Fetcher failure for URL: 'git://github.com/cisco/libest'. Unable to fetch URL from any source. Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-02python3-privacyidea: upgrade 3.5.1 -> 3.5.2Armin Kuster1-1/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-03-18fscryptctl: Fix installation pathlukasz plachno1-1/+1
- Without the patch fscryptctl is installed in /usr/bin/usr/local/bin instead of /usr/bin. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-03-09python3-fail2ban: fix building with ptest enabledArmin Kuster2-2/+3
Use new structure for testing. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-03-02python3-fail2ban: update to 0.11.2Armin Kuster2-2530/+4
drop hard python3 patch and create it dufing compile. Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-03-02opendnssec: update to 2.1.8Armin Kuster3-53/+24
refresh libdns_conf_fix.patch Drop fix_fprint.patch includd in update Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-03-02python3-scapy: upgrade 2.4.3 -> 2.4.4Armin Kuster1-1/+1
2021-03-02python3-privacyidea: upgrade 3.3 -> 3.5.1Armin Kuster1-1/+1
2021-03-02libseccomp: upgrade 2.5.0 -> 2.5.1Armin Kuster2-52/+2
drop patch merged in update
2021-03-02fscryptctl: upgrade 0.1.0 -> 1.0.0Armin Kuster1-1/+1
2021-03-02ding-libs: upgrade 0.5.0 -> 0.6.1Armin Kuster1-2/+1
2021-02-23nikito: Update common-licenses references to match new namesArmin Kuster2-2/+2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-02-23softhsm: drop pkg as meta-oe has itArmin Kuster1-30/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-10-10sssd: update to latest ltm 1.16.5Armin Kuster2-3/+37
fix musl support Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-10-10libest: fix musl build.Armin Kuster1-0/+4
fixes est.c:38:10: fatal error: execinfo.h: No such file or directory | 38 | #include <execinfo.h> | | ^~~~~~~~~~~~ Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-10-10ecryptfs-utils: fix musl buildArmin Kuster2-0/+16
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-10-01libseccomp: fix ptest failures.Armin Kuster1-1/+1
Fixes: BusyBox v1.32.0 () multi-call binary. Usage: dd [if=FILE] [of=FILE] [bs=N] [count=N] [skip=N] Don't use Busybox dd, not compatable. Use coreutils Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-09-29opendnssec: add recipeArmin Kuster4-0/+391
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-09-29libest: add recipeArmin Kuster1-0/+23
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-09-29softHSM: add pkgArmin Kuster1-0/+30
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-09-12nss: update patch to fix do_patch errorQi.Chen@windriver.com1-77/+78
Currently sssd's do_patch task fails. Update the patch to fix this problem. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-09-05sssd: Avoid nss function conflicts with glibc nss.hArmin Kuster2-0/+78
glibc 2.32 will define these varibles [1] which results in conflicts with these static function names, backport a fix from upstream [1] https://sourceware.org/git/?p=glibc.git;a=commit;h=499a92df8b9fc64a054cf3b7f728f8967fc1da7d Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-08-29sssd: Make manpages buildableJonatan Pålsson2-1/+37
Some XML related fixes are needed to make the sssd manpages buildable Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-08-04libseccomp: fix cross compile error for mipsKai Kang2-0/+50
Backport patch to fix cross compile error for mips: | syscalls.h:44:6: error: expected identifier or '(' before numeric constant | 44 | int mips; | | ^~~~ Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-07-27libseccomp: update to 2.5.0Armin Kuster1-4/+5
Notable changes: Add support for the 64-bit RISC-V architecture Update the syscall tables to Linux v5.8.0-rc5 Python bindings and build now default to Python 3.x for more info see: https://github.com/seccomp/libseccomp/blob/master/CHANGELOG Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-07-27libsecomp: rv32/rv64 target builds are not supported yetArmin Kuster1-0/+3
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-07-25security packagegroups: move to recipes-coreArmin Kuster2-96/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-07-25security images: Move to recipe-coreArmin Kuster4-87/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-07-18python3-privacyidea: adding initial support for mfaArmin Kuster1-0/+40
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-07-14bastille: Deleted redundant inherit to fix error when enable multilib.Zheng Ruoqin1-2/+0
There is no need to inherit module-base. Because this inherit will stop bastille to build to lib32-bastille. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-07-06packagegroup-core-security-ptest: update fail2ban ptest pkg nameArmin Kuster1-1/+1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-06-23sssd: disable build secretsKai Kang1-4/+3
It requires http_parser.h to build secrets: | configure: error: | You must have the header file http_parser.h installed to build sssd | with secrets responder. If you want to build sssd without secret responder | then specify --without-secrets when running configure. The header file is from package http-parser[1] rather than apache2. But there is no recipe http-parser in openembedded. So disable build secrets for sssd and remove related systemd service and socket files. Reference: 1. https://github.com/nodejs/http-parser Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27sssd: Add infopipe PACKAGECONFIGJonatan Pålsson1-2/+3
infopipe was previously on by default, so add it to the default PACKAGECONFIG. The systemd files are only installed when --with-infopipe is passed to configure, so conditionally add them to SYSTEMD_SERVICE. Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27sssd: Add missing DEPENDS on janssonJonatan Pålsson1-1/+1
When building with the curl PACKAGECONFIG, sssd will depend on the jansson library. Fixes the following error: | checking for JANSSON... no | checking jansson.h usability... no | checking jansson.h presence... no | checking for jansson.h... no | configure: error: | You must have the header file jansson.h installed to build sssd | with secrets and KCM responder. If you want to build sssd without these | responders then specify --without-secrets --without-kcm when running configure. Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27sssd: Add missing files to SYSTEMD_SERVICEJonatan Pålsson1-0/+2
These files are installed when the ssh or curl PACKAGECONFIGs are enabled. Fixes the following error: ERROR: sssd-1.16.4-r0 do_package: QA Issue: sssd: Files/directories were installed but not shipped in any package: /lib/systemd/system/sssd-kcm.socket /lib/systemd/system/sssd-kcm.service /lib/systemd/system/sssd-ssh.socket /lib/systemd/system/sssd-ssh.service Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27sssd: Add sudo PACKAGECONFIGJonatan Pålsson1-3/+3
sudo was previously on by default, so add it to the default PACKAGECONFIG. The systemd files are only installed when --with-sudo is passed to configure, so conditionally add them to SYSTEMD_SERVICE. Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27sssd: Add autofs PACKAGECONFIGJonatan Pålsson1-3/+3
autofs was previously on by default, so add it to the default PACKAGECONFIG. The systemd files are only installed when --with-autofs is passed to configure, so conditionally add them to SYSTEMD_SERVICE. Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27sssd: Sort PACKAGECONFIG entriesJonatan Pålsson1-9/+9
Signed-off-by: Jonatan Pålsson <jonatan.p@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27buck-security: move to recipes-scannersArmin Kuster1-45/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27checksecurity: move to recipes-scannersArmin Kuster3-96/+0
Signed-off-by: Armin Kuster <akuster808@gmail.com>