diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2020-01-06 17:48:41 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2020-01-06 17:48:43 +0300 |
commit | a48c014e7bf11391734c05fac6552bbef2dc2086 (patch) | |
tree | e24b69c6931f59a59f20290059eb15d9d655b295 /meta-security | |
parent | 870eb53cd2dd418fcd6e26356392b6366e51cae5 (diff) | |
download | openbmc-a48c014e7bf11391734c05fac6552bbef2dc2086.tar.xz |
meta-security: subtree update:3001c3ebfc..b72cc7f87c
Armin Kuster (10):
apparmor: add distro check
smack: add distro check
python-fail2ban: Drop python2 package
python3-fail2ban: include python-fail2ban.inc
google-authenticator-libpam: update to 1.07
smack-test: add feature check for smack
lib/oeqa/runtime: fix clamav test order
clamav: update to 0.101.5
meta-integrity: fix issues with yocto-check-layer
fail2ban: fix runtime error
Change-Id: I4f7e656b0f9e2e9dc32989a1756c94e4e0143c42
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-security')
16 files changed, 115 insertions, 114 deletions
diff --git a/meta-security/lib/oeqa/runtime/cases/clamav.py b/meta-security/lib/oeqa/runtime/cases/clamav.py index 2808df4dc..cf8393732 100644 --- a/meta-security/lib/oeqa/runtime/cases/clamav.py +++ b/meta-security/lib/oeqa/runtime/cases/clamav.py @@ -48,6 +48,15 @@ class ClamavTest(OERuntimeTestCase): self.assertEqual(status, 0, msg = msg) @OETestDepends(['clamav.ClamavTest.test_ping_clamav_net']) + def test_freshclam_check_mirrors(self): + status, output = self.target.run('freshclam --list-mirrors') + match = re.search('Failures: 0', output) + if not match: + msg = ('freshclam --list-mirrors: failed. ' + 'Status and output:%s and %s' % (status, output)) + self.assertEqual(status, 1, msg = msg) + + @OETestDepends(['clamav.ClamavTest.test_freshclam_check_mirrors']) def test_freshclam_download(self): status, output = self.target.run('freshclam --show-progress') match = re.search('Database updated', output) @@ -57,12 +66,3 @@ class ClamavTest(OERuntimeTestCase): 'Status and output:%s and %s' % (status, output)) self.assertEqual(status, 1, msg = msg) - @OETestDepends(['clamav.ClamavTest.test_ping_clamav_net']) - def test_freshclam_check_mirrors(self): - status, output = self.target.run('freshclam --list-mirrors') - match = re.search('Failures: 0', output) - if not match: - msg = ('freshclam --list-mirrors: failed. ' - 'Status and output:%s and %s' % (status, output)) - self.assertEqual(status, 1, msg = msg) - diff --git a/meta-security/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb b/meta-security/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb index 95c853a72..dacdc8bf0 100644 --- a/meta-security/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb +++ b/meta-security/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb @@ -16,6 +16,9 @@ IMA_POLICY ?= "ima-policy-hashed" SRC_URI = " file://ima" +inherit features_check +REQUIRED_DISTRO_FEATURES = "ima" + do_install () { install -d ${D}/${sysconfdir}/ima install -d ${D}/init.d diff --git a/meta-security/meta-integrity/recipes-core/packagegroups/packagegroup-ima-evm-utils.bb b/meta-security/meta-integrity/recipes-core/packagegroups/packagegroup-ima-evm-utils.bb index 18acc9dca..8196edb20 100644 --- a/meta-security/meta-integrity/recipes-core/packagegroups/packagegroup-ima-evm-utils.bb +++ b/meta-security/meta-integrity/recipes-core/packagegroups/packagegroup-ima-evm-utils.bb @@ -1,7 +1,9 @@ SUMMARY = "IMA/EVM userspace tools" LICENSE = "MIT" -inherit packagegroup +inherit packagegroup features_check + +REQUIRED_DISTRO_FEATURES = "ima" # Only one at the moment, but perhaps more will come in the future. RDEPENDS_${PN} = " \ diff --git a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb index 92c24c902..7f649c2d6 100644 --- a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb +++ b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb @@ -23,7 +23,9 @@ SRC_URI += "file://command-line-apply-operation-to-all-paths.patch" S = "${WORKDIR}/git" -inherit pkgconfig autotools +inherit pkgconfig autotools features_check + +REQUIRED_DISTRO_FEATURES = "ima" EXTRA_OECONF_append_class-target = " --with-kernel-headers=${STAGING_KERNEL_BUILDDIR}" diff --git a/meta-security/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb b/meta-security/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb index b58d3fed9..da62a4cf8 100644 --- a/meta-security/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb +++ b/meta-security/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb @@ -9,6 +9,9 @@ IMA_POLICY ?= "ima_policy_appraise_all" SRC_URI = " file://${IMA_POLICY}" +inherit features_check +REQUIRED_DISTRO_FEATURES = "ima" + do_install () { install -d ${D}/${sysconfdir}/ima install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy diff --git a/meta-security/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb b/meta-security/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb index 3352daa03..ebb042646 100644 --- a/meta-security/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb +++ b/meta-security/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb @@ -11,6 +11,9 @@ SRC_URI = " \ file://${IMA_POLICY} \ " +inherit features_check +REQUIRED_DISTRO_FEATURES = "ima" + do_install () { install -d ${D}/${sysconfdir}/ima install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy diff --git a/meta-security/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb b/meta-security/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb index 17132aa22..cb4b6b8ab 100644 --- a/meta-security/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb +++ b/meta-security/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb @@ -9,6 +9,9 @@ IMA_POLICY ?= "ima_policy_simple" SRC_URI = " file://${IMA_POLICY}" +inherit features_check +REQUIRED_DISTRO_FEATURES = "ima" + do_install () { install -d ${D}/${sysconfdir}/ima install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy diff --git a/meta-security/recipes-mac/AppArmor/apparmor_2.13.3.bb b/meta-security/recipes-mac/AppArmor/apparmor_2.13.3.bb index 60d5e6880..32230a57d 100644 --- a/meta-security/recipes-mac/AppArmor/apparmor_2.13.3.bb +++ b/meta-security/recipes-mac/AppArmor/apparmor_2.13.3.bb @@ -30,7 +30,8 @@ S = "${WORKDIR}/git" PARALLEL_MAKE = "" -inherit pkgconfig autotools-brokensep update-rc.d python3native perlnative ptest cpan manpages systemd +inherit pkgconfig autotools-brokensep update-rc.d python3native perlnative ptest cpan manpages systemd features_check +REQUIRED_DISTRO_FEATURES = "apparmor" PACKAGECONFIG ??= "python perl aa-decode" PACKAGECONFIG[manpages] = "--enable-man-pages, --disable-man-pages" diff --git a/meta-security/recipes-mac/smack/smack-test_1.0.bb b/meta-security/recipes-mac/smack/smack-test_1.0.bb index 7cf8f2e04..d5de6076a 100644 --- a/meta-security/recipes-mac/smack/smack-test_1.0.bb +++ b/meta-security/recipes-mac/smack/smack-test_1.0.bb @@ -12,6 +12,10 @@ SRC_URI = " \ S = "${WORKDIR}" +inherit features_check + +REQUIRED_DISTRO_FEATURES = "smack" + do_install() { install -d ${D}${sbindir} install -m 0755 notroot.py ${D}${sbindir} diff --git a/meta-security/recipes-mac/smack/smack_1.3.1.bb b/meta-security/recipes-mac/smack/smack_1.3.1.bb index f32d91ba3..b1ea4e9ff 100644 --- a/meta-security/recipes-mac/smack/smack_1.3.1.bb +++ b/meta-security/recipes-mac/smack/smack_1.3.1.bb @@ -13,7 +13,12 @@ SRC_URI = " \ PV = "1.3.1" -inherit autotools update-rc.d pkgconfig ptest ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)} +inherit autotools update-rc.d pkgconfig ptest +inherit ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)} +inherit features_check + +REQUIRED_DISTRO_FEATURES = "smack" + S = "${WORKDIR}/git" diff --git a/meta-security/recipes-security/clamav/clamav_0.99.4.bb b/meta-security/recipes-security/clamav/clamav_0.101.5.bb index a340b4856..a4c32e1a6 100644 --- a/meta-security/recipes-security/clamav/clamav_0.99.4.bb +++ b/meta-security/recipes-security/clamav/clamav_0.101.5.bb @@ -4,14 +4,14 @@ HOMEPAGE = "http://www.clamav.net/index.html" SECTION = "security" LICENSE = "LGPL-2.1" -DEPENDS = "libtool db libmspack openssl zlib llvm chrpath-replacement-native clamav-native" -DEPENDS_class-native = "db-native openssl-native zlib-native" +DEPENDS = "libtool db libxml2 openssl zlib curl llvm clamav-native libmspack" +DEPENDS_class-native = "db-native openssl-native zlib-native llvm-native curl-native" LIC_FILES_CHKSUM = "file://COPYING.LGPL;beginline=2;endline=3;md5=4b89c05acc71195e9a06edfa2fa7d092" -SRCREV = "b66e5e27b48c0a07494f9df9b809ed933cede047" +SRCREV = "482fcd413b07e9fd3ef9850e6d01a45f4e187108" -SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.99 \ +SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.101 \ file://clamd.conf \ file://freshclam.conf \ file://volatiles.03_clamav \ @@ -23,20 +23,14 @@ SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.99 \ S = "${WORKDIR}/git" LEAD_SONAME = "libclamav.so" -SO_VER = "7.1.1" +SO_VER = "9.0.2" -EXTRANATIVEPATH += "chrpath-native" +inherit autotools pkgconfig useradd systemd -inherit autotools-brokensep pkgconfig useradd systemd - -UID = "clamav" -GID = "clamav" +CLAMAV_UID ?= "clamav" +CLAMAV_GID ?= "clamav" INSTALL_CLAMAV_CVD ?= "1" -# Clamav has a built llvm version 2 but does not build with gcc 6.x, -# disable the internal one. This is a known issue -# If you want LLVM support, use the one in core - CLAMAV_USR_DIR = "${STAGING_DIR_NATIVE}/usr" CLAMAV_USR_DIR_class-target = "${STAGING_DIR_HOST}/usr" @@ -45,49 +39,40 @@ PACKAGECONFIG_class-target += " ${@bb.utils.contains("DISTRO_FEATURES", "ipv6", PACKAGECONFIG_class-target += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" PACKAGECONFIG[pcre] = "--with-pcre=${STAGING_LIBDIR}, --without-pcre, libpcre" -PACKAGECONFIG[xml] = "--with-xml=${CLAMAV_USR_DIR}, --disable-xml, libxml2," -PACKAGECONFIG[json] = "--with-libjson=${STAGING_LIBDIR}, --without-libjson, json," -PACKAGECONFIG[curl] = "--with-libcurl=${STAGING_LIBDIR}, --without-libcurl, curl," +PACKAGECONFIG[json] = "--with-libjson=${STAGING_LIBDIR}, --without-libjson, json-c," PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6" -PACKAGECONFIG[bz2] = "--with-libbz2-prefix=${CLAMAV_USR_DIR}, --without-libbz2-prefix, " +PACKAGECONFIG[bz2] = "--with-libbz2-prefix=${CLAMAV_USR_DIR}, --disable-bzip2, bzip2" PACKAGECONFIG[ncurses] = "--with-libncurses-prefix=${CLAMAV_USR_DIR}, --without-libncurses-prefix, ncurses, " PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/, --without-systemdsystemunitdir, " EXTRA_OECONF_CLAMAV = "--without-libcheck-prefix --disable-unrar \ - --with-system-llvm --with-llvm-linking=dynamic --disable-llvm \ --disable-mempool \ --program-prefix="" \ - --disable-yara \ - --disable-xml \ + --disable-zlib-vcheck \ + --with-xml=${CLAMAV_USR_DIR} \ + --with-zlib=${CLAMAV_USR_DIR} \ --with-openssl=${CLAMAV_USR_DIR} \ - --with-zlib=${CLAMAV_USR_DIR} --disable-zlib-vcheck \ + --with-libcurl=${CLAMAV_USR_DIR} \ + --with-system-libmspack=${CLAMAV_USR_DIR} \ + --with-iconv=no \ + --enable-check=no \ " EXTRA_OECONF_class-native += "${EXTRA_OECONF_CLAMAV}" -EXTRA_OECONF_class-target += "--with-user=${UID} --with-group=${GID} --disable-rpath ${EXTRA_OECONF_CLAMAV}" +EXTRA_OECONF_class-target += "--with-user=${CLAMAV_UID} --with-group=${CLAMAV_GID} ${EXTRA_OECONF_CLAMAV}" do_configure () { ${S}/configure ${CONFIGUREOPTS} ${EXTRA_OECONF} - install -d ${S}/clamav_db } do_configure_class-native () { ${S}/configure ${CONFIGUREOPTS} ${EXTRA_OECONF} } - do_compile_append_class-target() { - # brute force removing RPATH - chrpath -d ${B}/libclamav/.libs/libclamav.so.${SO_VER} - chrpath -d ${B}/sigtool/.libs/sigtool - chrpath -d ${B}/clambc/.libs/clambc - chrpath -d ${B}/clamscan/.libs/clamscan - chrpath -d ${B}/clamconf/.libs/clamconf - chrpath -d ${B}/clamd/.libs/clamd - chrpath -d ${B}/freshclam/.libs/freshclam - if [ "${INSTALL_CLAMAV_CVD}" = "1" ]; then bbnote "CLAMAV creating cvd" + install -d ${S}/clamav_db ${STAGING_BINDIR_NATIVE}/freshclam --datadir=${S}/clamav_db --config=${WORKDIR}/freshclam-native.conf fi } @@ -117,7 +102,7 @@ pkg_postinst_ontarget_${PN} () { ${sysconfdir}/init.d/populate-volatile.sh update fi mkdir -p ${localstatedir}/lib/clamav - chown -R ${UID}:${GID} ${localstatedir}/lib/clamav + chown -R ${CLAMAV_UID}:${CLAMAV_GID} ${localstatedir}/lib/clamav } @@ -158,7 +143,7 @@ FILES_${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \ FILES_${PN}-staticdev = "${libdir}/*.a" -FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libmspack.so*\ +FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so*\ ${docdir}/libclamav/* " FILES_${PN}-doc = "${mandir}/man/* \ @@ -168,8 +153,8 @@ FILES_${PN}-doc = "${mandir}/man/* \ FILES_${PN}-cvd = "${localstatedir}/lib/clamav/*.cvd ${localstatedir}/lib/clamav/*.dat" USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system ${UID}" -USERADD_PARAM_${PN} = "--system -g ${GID} --home-dir \ +GROUPADD_PARAM_${PN} = "--system ${CLAMAV_UID}" +USERADD_PARAM_${PN} = "--system -g ${CLAMAV_GID} --home-dir \ ${localstatedir}/spool/${BPN} \ --no-create-home --shell /bin/false ${BPN}" @@ -178,7 +163,7 @@ RREPLACES_${PN} += "${PN}-systemd" RCONFLICTS_${PN} += "${PN}-systemd" SYSTEMD_SERVICE_${PN} = "${BPN}.service" -RDEPENDS_${PN} = "openssl ncurses-libncurses libbz2 ncurses-libtinfo clamav-freshclam clamav-libclamav" +RDEPENDS_${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav" RDEPENDS_${PN}_class-native = "" BBCLASSEXTEND = "native" diff --git a/meta-security/recipes-security/fail2ban/files/initd b/meta-security/recipes-security/fail2ban/files/initd index 4f4b394c4..586b3dac3 100644 --- a/meta-security/recipes-security/fail2ban/files/initd +++ b/meta-security/recipes-security/fail2ban/files/initd @@ -39,9 +39,9 @@ start() { RETVAL=$? if [ $RETVAL = 0 ]; then touch ${lockfile} - echo_success + success else - echo_failure + failure fi echo return $RETVAL @@ -53,9 +53,9 @@ stop() { RETVAL=$? if [ $RETVAL = 0 ]; then rm -f ${lockfile} ${pidfile} - echo_success + success else - echo_failure + failure fi echo return $RETVAL diff --git a/meta-security/recipes-security/fail2ban/python-fail2ban.inc b/meta-security/recipes-security/fail2ban/python-fail2ban.inc deleted file mode 100644 index 7270ed8ac..000000000 --- a/meta-security/recipes-security/fail2ban/python-fail2ban.inc +++ /dev/null @@ -1,49 +0,0 @@ -SUMMARY = "Daemon to ban hosts that cause multiple authentication errors." -DESCRIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \ -many failed login attempts. It does this by updating system firewall rules to reject new \ -connections from those IP addresses, for a configurable amount of time. Fail2Ban comes \ -out-of-the-box ready to read many standard log files, such as those for sshd and Apache, \ -and is easy to configure to read any log file you choose, for any error you choose." -HOMEPAGE = "http://www.fail2ban.org" - -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" - -SRCREV ="aa565eb80ec6043317e8430cabcaf9c3f4e61578" -SRC_URI = " \ - git://github.com/fail2ban/fail2ban.git;branch=0.11 \ - file://initd \ - file://fail2ban_setup.py \ - file://run-ptest \ -" - -inherit update-rc.d ptest - -S = "${WORKDIR}/git" - -INITSCRIPT_PACKAGES = "${PN}" -INITSCRIPT_NAME = "fail2ban-server" -INITSCRIPT_PARAMS = "defaults 25" - -do_compile_prepend () { - cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py -} - -do_install_append () { - install -d ${D}/${sysconfdir}/fail2ban - install -d ${D}/${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server - chown -R root:root ${D}/${bindir} -} - -do_install_ptest_append () { - install -d ${D}${PTEST_PATH} - sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest - install -D ${S}/bin/fail2ban-testcases ${D}${PTEST_PATH} -} - -FILES_${PN} += "/run" - -INSANE_SKIP_${PN}_append = "already-stripped" - -RDEPENDS_${PN} = "sysklogd iptables sqlite3 ${PYTHON_PN} ${PYTHON_PN}-pyinotify" diff --git a/meta-security/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb b/meta-security/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb deleted file mode 100644 index 17a7dd8dd..000000000 --- a/meta-security/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb +++ /dev/null @@ -1,4 +0,0 @@ -inherit setuptools -require python-fail2ban.inc - -RDEPENDS_${PN}-ptest = "python python-modules python-fail2ban" diff --git a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb index 23ef027b3..53f94ff9f 100644 --- a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb +++ b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb @@ -1,8 +1,51 @@ -inherit setuptools3 -require python-fail2ban.inc +SUMMARY = "Daemon to ban hosts that cause multiple authentication errors." +DESCRIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \ +many failed login attempts. It does this by updating system firewall rules to reject new \ +connections from those IP addresses, for a configurable amount of time. Fail2Ban comes \ +out-of-the-box ready to read many standard log files, such as those for sshd and Apache, \ +and is easy to configure to read any log file you choose, for any error you choose." +HOMEPAGE = "http://www.fail2ban.org" -RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" -SRC_URI += " \ +SRCREV ="aa565eb80ec6043317e8430cabcaf9c3f4e61578" +SRC_URI = " \ + git://github.com/fail2ban/fail2ban.git;branch=0.11 \ + file://initd \ + file://fail2ban_setup.py \ + file://run-ptest \ file://0001-To-fix-build-error-of-xrang.patch \ " + +inherit update-rc.d ptest setuptools3 + +S = "${WORKDIR}/git" + +do_compile_prepend () { + cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py +} + +do_install_append () { + install -d ${D}/${sysconfdir}/fail2ban + install -d ${D}/${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server + chown -R root:root ${D}/${bindir} +} + +do_install_ptest_append () { + install -d ${D}${PTEST_PATH} + sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest + install -D ${S}/bin/fail2ban-testcases ${D}${PTEST_PATH} +} + +FILES_${PN} += "/run" + +INITSCRIPT_PACKAGES = "${PN}" +INITSCRIPT_NAME = "fail2ban-server" +INITSCRIPT_PARAMS = "defaults 25" + +INSANE_SKIP_${PN}_append = "already-stripped" + +RDEPENDS_${PN} = "sysklogd iptables sqlite3 ${PYTHON_PN} ${PYTHON_PN}-pyinotify" +RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" diff --git a/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.05.bb b/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.07.bb index 2181629bd..98f895c44 100644 --- a/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.05.bb +++ b/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.07.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" LICENSE = "Apache-2.0" SRC_URI = "git://github.com/google/google-authenticator-libpam.git" -SRCREV = "7365ed10d54393fb4c100cac063ae8edb744eac6" +SRCREV = "c9280f43610ce896f91eafd0f740a4eb4dcecedd" DEPENDS = "libpam" |