diff options
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-security')
3 files changed, 127 insertions, 0 deletions
diff --git a/meta-openembedded/meta-oe/recipes-security/passwdqc/passwdqc/makefile-add-ldflags.patch b/meta-openembedded/meta-oe/recipes-security/passwdqc/passwdqc/makefile-add-ldflags.patch new file mode 100644 index 000000000..e9023492e --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/passwdqc/passwdqc/makefile-add-ldflags.patch @@ -0,0 +1,31 @@ +Add LDFLAGS variable to Makefile so that extra linker flags can be sent via this variable. + +Upstream-Status: Pending + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> + +diff --git a/Makefile b/Makefile +index 49d622d..cd17334 100644 +--- a/Makefile ++++ b/Makefile +@@ -48,18 +48,17 @@ CFLAGS = -Wall -W -O2 + CFLAGS_lib = $(CFLAGS) -fPIC + CFLAGS_bin = $(CFLAGS) -fomit-frame-pointer + +-LDFLAGS = + LDFLAGS_shared = --shared + LDFLAGS_shared_LINUX = --shared + LDFLAGS_shared_SUN = -G + LDFLAGS_shared_HP = -b + LDFLAGS_lib = $(LDFLAGS_shared) +-LDFLAGS_lib_LINUX = $(LDFLAGS_shared_LINUX) \ ++LDFLAGS_lib_LINUX = $(LDFLAGS) $(LDFLAGS_shared_LINUX) \ + -Wl,--soname,$(SHARED_LIB),--version-script,$(MAP_LIB) + LDFLAGS_lib_SUN = $(LDFLAGS_shared_SUN) + LDFLAGS_lib_HP = $(LDFLAGS_shared_HP) + LDFLAGS_pam = $(LDFLAGS_shared) +-LDFLAGS_pam_LINUX = $(LDFLAGS_shared_LINUX) \ ++LDFLAGS_pam_LINUX = $(LDFLAGS) $(LDFLAGS_shared_LINUX) \ + -Wl,--version-script,$(MAP_PAM) + LDFLAGS_pam_SUN = $(LDFLAGS_shared_SUN) + LDFLAGS_pam_HP = $(LDFLAGS_shared_HP) diff --git a/meta-openembedded/meta-oe/recipes-security/passwdqc/passwdqc_1.3.1.bb b/meta-openembedded/meta-oe/recipes-security/passwdqc/passwdqc_1.3.1.bb new file mode 100644 index 000000000..8fc0b3591 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/passwdqc/passwdqc_1.3.1.bb @@ -0,0 +1,66 @@ +SUMMARY = "A password/passphrase strength checking and enforcement toolset" +DESCRIPTION = "\ +passwdqc is a password/passphrase strength checking and policy enforcement \ +toolset, including an optional PAM module (pam_passwdqc), command-line \ +programs (pwqcheck and pwqgen), and a library (libpasswdqc). \ +pam_passwdqc is normally invoked on password changes by programs such as \ +passwd(1). It is capable of checking password or passphrase strength, \ +enforcing a policy, and offering randomly-generated passphrases, with \ +all of these features being optional and easily (re-)configurable. \ +\ +pwqcheck and pwqgen are standalone password/passphrase strength checking \ +and random passphrase generator programs, respectively, which are usable \ +from scripts. \ +\ +libpasswdqc is the underlying library, which may also be used from \ +third-party programs. \ +" + +HOMEPAGE = "http://www.openwall.com/passwdqc" +SECTION = "System Environment/Base" + +DEPENDS += "libpam" + +inherit distro_features_check +REQUIRED_DISTRO_FEATURES = "pam" + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=1b4af6f3d4ee079a38107366e93b334d" + +SRC_URI = "http://www.openwall.com/${BPN}/${BP}.tar.gz \ + file://makefile-add-ldflags.patch \ + " +SRC_URI[md5sum] = "3878b57bcd3fdbcf3d4b362dbc6228b9" +SRC_URI[sha256sum] = "d1fedeaf759e8a0f32d28b5811ef11b5a5365154849190f4b7fab670a70ffb14" + +# explicitly define LINUX_PAM in case DISTRO_FEATURES no pam +# this package's pam_passwdqc.so needs pam +CFLAGS_append += "-Wall -fPIC -DHAVE_SHADOW -DLINUX_PAM" + +# -e is no longer default setting in bitbake.conf +EXTRA_OEMAKE = "-e" + +do_compile() { + # make sure sub make use environment to override variables in Makefile + # Linux) $(MAKE), there is a tab between + sed -i -e 's/Linux) $(MAKE) CFLAGS_lib/Linux) $(MAKE) -e CFLAGS_lib/' ${S}/Makefile + + # LD_lib and LD must be CC because of Makefile + oe_runmake LD="${CC}" +} + +do_install() { + oe_runmake install DESTDIR=${D} SHARED_LIBDIR=${base_libdir} \ + DEVEL_LIBDIR=${libdir} SECUREDIR=${base_libdir}/security \ + INSTALL="install -p" +} + +PROVIDES += "pam-${BPN}" +PACKAGES =+ "lib${BPN} pam-${BPN}" + +FILES_lib${BPN} = "${base_libdir}/libpasswdqc.so.0" +FILES_pam-${BPN} = "${base_libdir}/security/pam_passwdqc.so" +FILES_${PN}-dbg += "${base_libdir}/security/.debug" + +RDEPENDS_${PN} = "lib${BPN} pam-${BPN}" +RDEPENDS_pam-${BPN} = "lib${BPN}" diff --git a/meta-openembedded/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb b/meta-openembedded/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb new file mode 100644 index 000000000..f36277599 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb @@ -0,0 +1,30 @@ +SUMMARY = "TOMOYO Linux tools" +DESCRIPTION = "TOMOYO Linux is a Mandatory Access Control (MAC) implementation \ +for Linux that can be used to increase the security of a system, while also \ +being useful purely as a system analysis tool." +HOMEPAGE = "http://tomoyo.sourceforge.jp/" +SECTION = "System Environment/Kernel" + +SRC_URI = "http://jaist.dl.sourceforge.jp/tomoyo/53357/${BP}-20170102.tar.gz" +SRC_URI[md5sum] = "888804d58742452fe213a68f7eadd0ad" +SRC_URI[sha256sum] = "00fedfac5e514321250bbe69eaccc732c8a8158596f77a785c2e3ae9f9968283" + +S = "${WORKDIR}/${BPN}" + +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING.tomoyo;md5=751419260aa954499f7abaabaa882bbe" + +FILES_${PN} += "${libdir}/tomoyo" +FILES_${PN}-dbg += "${libdir}/tomoyo/.debug" + +DEPENDS = "linux-libc-headers ncurses" + +EXTRA_OEMAKE = "-e USRLIBDIR=${libdir}" + +do_compile () { + oe_runmake 'CC=${CC}' +} + +do_install() { + oe_runmake install INSTALLDIR=${D} +} |