Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 1 | #The functionality of Bastille that is actually available is restricted. Please |
| 2 | #consult the README file for the meta-security layer for additional information. |
| 3 | SUMMARY = "Linux hardening tool" |
| 4 | DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling." |
Patrick Williams | de0582f | 2022-04-08 10:23:27 -0500 | [diff] [blame] | 5 | LICENSE = "GPL-2.0-only" |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 6 | LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b" |
| 7 | # Bash is needed for set +o privileged (check busybox), might also need ncurses |
| 8 | DEPENDS = "virtual/kernel" |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 9 | RDEPENDS:${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd libcurses-perl coreutils" |
| 10 | FILES:${PN} += "/run/lock/subsys/bastille" |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 11 | |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 12 | SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3.2.1/Bastille-3.2.1.tar.bz2 \ |
| 13 | file://AccountPermission.pm \ |
| 14 | file://FileContent.pm \ |
| 15 | file://HPSpecific.pm \ |
| 16 | file://Miscellaneous.pm \ |
| 17 | file://ServiceAdmin.pm \ |
| 18 | file://config \ |
| 19 | file://fix_version_parse.patch \ |
| 20 | file://fixed_defined_warnings.patch \ |
| 21 | file://call_output_config.patch \ |
| 22 | file://fix_missing_use_directives.patch \ |
| 23 | file://fix_number_of_modules.patch \ |
| 24 | file://remove_questions_text_file_references.patch \ |
| 25 | file://simplify_B_place.patch \ |
| 26 | file://find_existing_config.patch \ |
| 27 | file://upgrade_options_processing.patch \ |
| 28 | file://accept_os_flag_in_backend.patch \ |
| 29 | file://allow_os_with_assess.patch \ |
| 30 | file://edit_usage_message.patch \ |
| 31 | file://organize_distro_discovery.patch \ |
| 32 | file://do_not_apply_config.patch \ |
| 33 | " |
| 34 | |
| 35 | SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b" |
| 36 | SRC_URI[sha256sum] = "0ea25191b1dc1c8f91e1b6f8cb5436a3aa1e57418809ef902293448efed5021a" |
| 37 | |
| 38 | S = "${WORKDIR}/Bastille" |
| 39 | |
| 40 | do_install () { |
| 41 | install -d ${D}${sbindir} |
Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 42 | install -d ${D}${libdir}/perl5/site_perl/Curses |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 43 | |
| 44 | install -d ${D}${libdir}/Bastille |
| 45 | install -d ${D}${libdir}/Bastille/API |
| 46 | install -d ${D}${datadir}/Bastille |
| 47 | install -d ${D}${datadir}/Bastille/OSMap |
| 48 | install -d ${D}${datadir}/Bastille/OSMap/Modules |
| 49 | install -d ${D}${datadir}/Bastille/Questions |
| 50 | install -d ${D}${datadir}/Bastille/FKL/configs/ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 51 | install -d ${D}${sysconfdir}/Bastille |
| 52 | install -m 0755 AutomatedBastille ${D}${sbindir} |
| 53 | install -m 0755 BastilleBackEnd ${D}${sbindir} |
| 54 | install -m 0755 InteractiveBastille ${D}${sbindir} |
| 55 | install -m 0644 Modules.txt ${D}${datadir}/Bastille |
| 56 | # New Weights file(s). |
| 57 | install -m 0644 Weights.txt ${D}${datadir}/Bastille |
| 58 | # Castle graphic |
| 59 | install -m 0644 bastille.jpg ${D}${datadir}/Bastille/ |
| 60 | # Javascript file |
| 61 | install -m 0644 wz_tooltip.js ${D}${datadir}/Bastille/ |
| 62 | install -m 0644 Credits ${D}${datadir}/Bastille |
| 63 | install -m 0644 FKL/configs/fkl_config_redhat.cfg ${D}${datadir}/Bastille/FKL/configs/ |
| 64 | install -m 0755 RevertBastille ${D}${sbindir} |
| 65 | install -m 0755 bin/bastille ${D}${sbindir} |
| 66 | install -m 0644 bastille-firewall ${D}${datadir}/Bastille |
| 67 | install -m 0644 bastille-firewall-reset ${D}${datadir}/Bastille |
| 68 | install -m 0644 bastille-firewall-schedule ${D}${datadir}/Bastille |
| 69 | install -m 0644 bastille-tmpdir-defense.sh ${D}${datadir}/Bastille |
| 70 | install -m 0644 bastille-tmpdir.csh ${D}${datadir}/Bastille |
| 71 | install -m 0644 bastille-tmpdir.sh ${D}${datadir}/Bastille |
| 72 | install -m 0644 bastille-firewall.cfg ${D}${datadir}/Bastille |
| 73 | install -m 0644 bastille-ipchains ${D}${datadir}/Bastille |
| 74 | install -m 0644 bastille-netfilter ${D}${datadir}/Bastille |
| 75 | install -m 0644 bastille-firewall-early.sh ${D}${datadir}/Bastille |
| 76 | install -m 0644 bastille-firewall-pre-audit.sh ${D}${datadir}/Bastille |
| 77 | install -m 0644 complete.xbm ${D}${datadir}/Bastille |
| 78 | install -m 0644 incomplete.xbm ${D}${datadir}/Bastille |
| 79 | install -m 0644 disabled.xpm ${D}${datadir}/Bastille |
| 80 | install -m 0644 ifup-local ${D}${datadir}/Bastille |
| 81 | install -m 0644 hosts.allow ${D}${datadir}/Bastille |
| 82 | |
| 83 | install -m 0644 Bastille/AccountSecurity.pm ${D}${libdir}/Bastille |
| 84 | install -m 0644 Bastille/Apache.pm ${D}${libdir}/Bastille |
| 85 | install -m 0644 Bastille/API.pm ${D}${libdir}/Bastille |
| 86 | install -m 0644 ${WORKDIR}/AccountPermission.pm ${D}${libdir}/Bastille/API |
| 87 | install -m 0644 ${WORKDIR}/FileContent.pm ${D}${libdir}/Bastille/API |
| 88 | install -m 0644 ${WORKDIR}/HPSpecific.pm ${D}${libdir}/Bastille/API |
| 89 | install -m 0644 ${WORKDIR}/ServiceAdmin.pm ${D}${libdir}/Bastille/API |
| 90 | install -m 0644 ${WORKDIR}/Miscellaneous.pm ${D}${libdir}/Bastille/API |
| 91 | install -m 0644 Bastille/BootSecurity.pm ${D}${libdir}/Bastille |
| 92 | install -m 0644 Bastille/ConfigureMiscPAM.pm ${D}${libdir}/Bastille |
| 93 | install -m 0644 Bastille/DisableUserTools.pm ${D}${libdir}/Bastille |
| 94 | install -m 0644 Bastille/DNS.pm ${D}${libdir}/Bastille |
| 95 | install -m 0644 Bastille/FilePermissions.pm ${D}${libdir}/Bastille |
| 96 | install -m 0644 Bastille/FTP.pm ${D}${libdir}/Bastille |
| 97 | install -m 0644 Bastille/Firewall.pm ${D}${libdir}/Bastille |
| 98 | install -m 0644 Bastille/OSX_API.pm ${D}${libdir}/Bastille |
| 99 | install -m 0644 Bastille/LogAPI.pm ${D}${libdir}/Bastille |
| 100 | install -m 0644 Bastille/HP_UX.pm ${D}${libdir}/Bastille |
| 101 | install -m 0644 Bastille/IOLoader.pm ${D}${libdir}/Bastille |
| 102 | install -m 0644 Bastille/Patches.pm ${D}${libdir}/Bastille |
| 103 | install -m 0644 Bastille/Logging.pm ${D}${libdir}/Bastille |
| 104 | install -m 0644 Bastille/MiscellaneousDaemons.pm ${D}${libdir}/Bastille |
| 105 | install -m 0644 Bastille/PatchDownload.pm ${D}${libdir}/Bastille |
| 106 | install -m 0644 Bastille/Printing.pm ${D}${libdir}/Bastille |
| 107 | install -m 0644 Bastille/PSAD.pm ${D}${libdir}/Bastille |
| 108 | install -m 0644 Bastille/RemoteAccess.pm ${D}${libdir}/Bastille |
| 109 | install -m 0644 Bastille/SecureInetd.pm ${D}${libdir}/Bastille |
| 110 | install -m 0644 Bastille/Sendmail.pm ${D}${libdir}/Bastille |
| 111 | install -m 0644 Bastille/TestDriver.pm ${D}${libdir}/Bastille |
| 112 | install -m 0644 Bastille/TMPDIR.pm ${D}${libdir}/Bastille |
| 113 | install -m 0644 Bastille/test_AccountSecurity.pm ${D}${libdir}/Bastille |
| 114 | install -m 0644 Bastille/test_Apache.pm ${D}${libdir}/Bastille |
| 115 | install -m 0644 Bastille/test_DNS.pm ${D}${libdir}/Bastille |
| 116 | install -m 0644 Bastille/test_FTP.pm ${D}${libdir}/Bastille |
| 117 | install -m 0644 Bastille/test_HP_UX.pm ${D}${libdir}/Bastille |
| 118 | install -m 0644 Bastille/test_MiscellaneousDaemons.pm ${D}${libdir}/Bastille |
| 119 | install -m 0644 Bastille/test_Patches.pm ${D}${libdir}/Bastille |
| 120 | install -m 0644 Bastille/test_SecureInetd.pm ${D}${libdir}/Bastille |
| 121 | install -m 0644 Bastille/test_Sendmail.pm ${D}${libdir}/Bastille |
| 122 | install -m 0644 Bastille/test_BootSecurity.pm ${D}${libdir}/Bastille |
| 123 | install -m 0644 Bastille/test_DisableUserTools.pm ${D}${libdir}/Bastille |
| 124 | install -m 0644 Bastille/test_FilePermissions.pm ${D}${libdir}/Bastille |
| 125 | install -m 0644 Bastille/test_Logging.pm ${D}${libdir}/Bastille |
| 126 | install -m 0644 Bastille/test_Printing.pm ${D}${libdir}/Bastille |
| 127 | install -m 0644 Bastille/IPFilter.pm ${D}${libdir}/Bastille |
| 128 | install -m 0644 Bastille_Curses.pm ${D}${libdir}/perl5/site_perl |
| 129 | install -m 0644 Bastille_Tk.pm ${D}${libdir}/perl5/site_perl |
| 130 | install -m 0644 Curses/Widgets.pm ${D}${libdir}/perl5/site_perl/Curses |
| 131 | |
| 132 | install -m 0644 OSMap/LINUX.bastille ${D}${datadir}/Bastille/OSMap |
| 133 | install -m 0644 OSMap/LINUX.system ${D}${datadir}/Bastille/OSMap |
| 134 | install -m 0644 OSMap/LINUX.service ${D}${datadir}/Bastille/OSMap |
| 135 | install -m 0644 OSMap/HP-UX.bastille ${D}${datadir}/Bastille/OSMap |
| 136 | install -m 0644 OSMap/HP-UX.system ${D}${datadir}/Bastille/OSMap |
| 137 | install -m 0644 OSMap/HP-UX.service ${D}${datadir}/Bastille/OSMap |
| 138 | install -m 0644 OSMap/OSX.bastille ${D}${datadir}/Bastille/OSMap |
| 139 | install -m 0644 OSMap/OSX.system ${D}${datadir}/Bastille/OSMap |
| 140 | |
| 141 | install -m 0777 ${WORKDIR}/config ${D}${sysconfdir}/Bastille/config |
| 142 | |
| 143 | for file in `cat Modules.txt` ; do |
| 144 | install -m 0644 Questions/$file.txt ${D}${datadir}/Bastille/Questions |
| 145 | done |
| 146 | |
| 147 | ${THISDIR}/files/set_required_questions.py ${D}${sysconfdir}/Bastille/config ${D}${datadir}/Bastille/Questions |
| 148 | |
| 149 | ln -s RevertBastille ${D}${sbindir}/UndoBastille |
Patrick Williams | 53961c2 | 2022-01-20 11:06:23 -0600 | [diff] [blame] | 150 | |
| 151 | # Create /var/log/Bastille in runtime. |
| 152 | if [ "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" ]; then |
| 153 | install -d ${D}${nonarch_libdir}/tmpfiles.d |
| 154 | echo "d ${localstatedir}/log/Bastille - - - -" > ${D}${nonarch_libdir}/tmpfiles.d/Bastille.conf |
| 155 | fi |
| 156 | if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then |
| 157 | install -d ${D}${sysconfdir}/default/volatiles |
| 158 | echo "d root root 0755 ${localstatedir}/log/Bastille none" > ${D}${sysconfdir}/default/volatiles/99_Bastille |
| 159 | fi |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 160 | } |
| 161 | |
Patrick Williams | 53961c2 | 2022-01-20 11:06:23 -0600 | [diff] [blame] | 162 | FILES:${PN} += "${datadir}/Bastille \ |
| 163 | ${libdir}/Bastille \ |
| 164 | ${libdir}/perl* \ |
| 165 | ${sysconfdir}/* \ |
| 166 | ${nonarch_libdir}/tmpfiles.d" |