Age | Commit message (Collapse) | Author |
|
* update to version 4.2.2
* Add new recipe for standalone mode
* Add systemd support
* Add patches to fix several issues
* samhain-standalone: add ptest support
* samhain-server: no need to depend on samhain-server-native
* Move common things from the bb to the inc file
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
include meta-python for AppArmor changes
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
- We need various python3 modules and we can only really solve this
problem by including all python3-modules.
- aa-easyprof needs to have its shebang corrected, do so.
- The apparmor initscript depends on functions that LSB does not require
so we must provide them. In some cases it's using non-standard
function, so we just use more appropriate names.
- The apparmor sysvinit-style initscript assumes that
systemd-detect-virt will exist on the filesystem. Change this to
check that it does before trying to execute it.
[for aa-easyprof:]
Reported-by: Anders Montonen <Anders.Montonen@iki.fi>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Mhash is a free (under GNU Lesser GPL) library which provides
a uniform interface to a large number of hash algorithms.
These algorithms can be used to compute checksums, message
digests, and other signatures.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
libgssglue exports a gssapi interface which calls
other gssapi libraries.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
- Add a patch to fix python library install dir for multilib.
- Add a patch to fix race condition with mkdir command.
- Inherit pythonnative instead of python-dir and install
python modules for ndiff to fix the following errors:
"""
root@qemux86-64:~# ndiff --help
-sh: /usr/bin/ndiff: /path_to_build/tmp/hosttools/python: bad interpreter: No such file or directory
root@qemux86-64:~# python /usr/bin/ndiff
Could not import the ndiff module: 'No module named ndiff'.
"""
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
KeyNote is a simple and flexible trust-management system
designed to work well for a variety of large- and small-
scale Internet-based applications
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
XML Security Library is a C library based on LibXML2 and OpenSSL.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This introduces a number of changes:
- Fix the python PACKAGECONFIG knob
- The included python support is python3-based, so use those classes.
- When set, make sure to RDEPEND on the python modules the tools use.
- Fix the perl PACKAGECONFIG knob
- Add two patches so that configure will find perl and then compile
will cross-compile the library correctly.
- So that we place perl modules in the correct location we need cpan
to be inherited.
- When disabled, remove the RDEPENDS on perl as the RDEPENDS comes in
via inherit.
- Default to enabling the python and perl PACKAGECONFIG knobs as the
majority of the userspace tools are python3 based, and the few that
aren't that nor C based are perl based.
- Because of the above we must drop the -python package because it's
required for the utilities in the main package.
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
WARNING: apparmor-2.11.0-r0 do_package: QA Issue: apparmor: Files/directories were installed but not shipped in any package:
/usr/lib/python2.7
/usr/lib/python2.7/site-packages
/usr/lib/python2.7/site-packages/apparmor-2.11.0-py2.7.egg-info
/usr/lib/python2.7/site-packages/apparmor
/usr/lib/python2.7/site-packages/apparmor/regex.py
use python2 instead of python3
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
eCryptfs is a stacked cryptographic filesystem that ships
in Linux kernel versions 2.6.19 and above. This package
provides the mount helper and supporting libraries to
perform key management and mount functions.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
keyutils is utilities to control the kernel key
management facility and to provide a mechanism by
which the kernel call back to userspace to get a
key instantiated.
It's required by ecryptfs-utils.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fix "ERROR: ExpansionError during parsing" when building with multilib.
Signed-off-by: Peter Lei <peter.lei@ieee.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
configure: error: The installed zlib version may contain a security bug. Please upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this check with --disable-zlib-vcheck but DO NOT REPORT any stability issues then!
bypass check as our zlib is 1.2.11
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
build fixes too
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
add modules and i2c support
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
this should help mitgate the need to pull in too many layers
if swtpm in not wanted
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
netstat from net-tools-native is needed for swtpm_setup.sh, which uses
it to check whether the swtpm daemon has started. The scripts hangs in
a loop during startup when netstat is missing.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Native recipes must be called <foo>-native. This is more than just a
recommendation, there's actual code which checks for the suffix.
Not following that rule broke swtpm-wrappers when using the "usrmerge"
DISTRO_FEATURE, because the code in native.bbclass which cleans up
DISTRO_FEATURES for native recipes was skipped and thus swtpm-wrappers
ended up using different paths than the other native recipes.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
remove merged patch now in tip
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
remove patch integrated into update
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Pull in changes to support passing client control sockets(--ctrl
type=unixio,clientfd=<fd>), that allows to fork swtpm and communicate using
socketpair.
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
update to 2.11
Add basic ptest support
v2: remove none existent file
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
[v2]:
include new hash
LICENSE file changes do to removal of TCG
minor changes do to configure and makefile updates
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
minor changes to reflect configure/makefile updates
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
[v2]: Correct musl malloc fix.
remove HAVE_MALLOC_H define; this enables using the included defined mallinfo.
[V1]: Fix c99
x_dnmalloc.c:563:26: error: return type is an incomplete type
| #define public_mALLINFo mallinfo
| ^
| x_dnmalloc.c:1689:17: note: in expansion of macro 'public_mALLINFo'
| struct mallinfo public_mALLINFo() {
and
_dnmalloc.c:5527:17: error: unknown type name 'u_int'
| u_int rnd[(128 - 2*sizeof(struct timeval)) / sizeof(u_int)];
| ^~~~~
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Install systemd resource.mgr service and it needed user/group.
version 2:
- do not hardcode sbin directory in a patch but use ${sbindir} instead
Signed-off-by: Benjamin Gaignard <benjamin.gaignard@linaro.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Soon it might be possible to let qemu start swtpm directly, without
requiring root privileges as for swtpm_cuse. For that to work
we also need to wrap the swtpm binary. Just in case we now also
do it for everything.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
when acl is enabled this error occurrs.
configure: error: in `/home/akuster/oss/maint/openembedded-core/build/tmp-glibc/work/x86_64-linux/samhain-server-native/4.2.0-r0/samhain-4.2.0':
| configure: error: --enable-posix-acl was given, but test for acl support failed
add missing depends.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
use POSIX getpwent instead of getpwent_r
This was causing the libtspi to have the getpwent_r with when loaded via tpm-tools, it would fail.
[ Yocto #11095]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|