blob: 2d82983521f234d8d9ce39d7ceca131b98637fd9 [file] [log] [blame]
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +05301#The functionality of Bastille that is actually available is restricted. Please
2#consult the README file for the meta-security layer for additional information.
3SUMMARY = "Linux hardening tool"
4DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling."
5LICENSE = "GPLv2"
6LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=c93c0550bd3173f4504b2cbd8991e50b"
7# Bash is needed for set +o privileged (check busybox), might also need ncurses
8DEPENDS = "virtual/kernel"
Patrick Williams213cb262021-08-07 19:21:33 -05009RDEPENDS:${PN} = "perl bash tcl perl-module-getopt-long perl-module-text-wrap lib-perl perl-module-file-path perl-module-mime-base64 perl-module-file-find perl-module-errno perl-module-file-glob perl-module-tie-hash-namedcapture perl-module-file-copy perl-module-english perl-module-exporter perl-module-cwd libcurses-perl coreutils"
10FILES:${PN} += "/run/lock/subsys/bastille"
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +053011
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +053012SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3.2.1/Bastille-3.2.1.tar.bz2 \
13 file://AccountPermission.pm \
14 file://FileContent.pm \
15 file://HPSpecific.pm \
16 file://Miscellaneous.pm \
17 file://ServiceAdmin.pm \
18 file://config \
19 file://fix_version_parse.patch \
20 file://fixed_defined_warnings.patch \
21 file://call_output_config.patch \
22 file://fix_missing_use_directives.patch \
23 file://fix_number_of_modules.patch \
24 file://remove_questions_text_file_references.patch \
25 file://simplify_B_place.patch \
26 file://find_existing_config.patch \
27 file://upgrade_options_processing.patch \
28 file://accept_os_flag_in_backend.patch \
29 file://allow_os_with_assess.patch \
30 file://edit_usage_message.patch \
31 file://organize_distro_discovery.patch \
32 file://do_not_apply_config.patch \
33 "
34
35SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b"
36SRC_URI[sha256sum] = "0ea25191b1dc1c8f91e1b6f8cb5436a3aa1e57418809ef902293448efed5021a"
37
38S = "${WORKDIR}/Bastille"
39
40do_install () {
41 install -d ${D}${sbindir}
Brad Bishop15ae2502019-06-18 21:44:24 -040042 install -d ${D}${libdir}/perl5/site_perl/Curses
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +053043
44 install -d ${D}${libdir}/Bastille
45 install -d ${D}${libdir}/Bastille/API
46 install -d ${D}${datadir}/Bastille
47 install -d ${D}${datadir}/Bastille/OSMap
48 install -d ${D}${datadir}/Bastille/OSMap/Modules
49 install -d ${D}${datadir}/Bastille/Questions
50 install -d ${D}${datadir}/Bastille/FKL/configs/
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +053051 install -d ${D}${sysconfdir}/Bastille
52 install -m 0755 AutomatedBastille ${D}${sbindir}
53 install -m 0755 BastilleBackEnd ${D}${sbindir}
54 install -m 0755 InteractiveBastille ${D}${sbindir}
55 install -m 0644 Modules.txt ${D}${datadir}/Bastille
56 # New Weights file(s).
57 install -m 0644 Weights.txt ${D}${datadir}/Bastille
58 # Castle graphic
59 install -m 0644 bastille.jpg ${D}${datadir}/Bastille/
60 # Javascript file
61 install -m 0644 wz_tooltip.js ${D}${datadir}/Bastille/
62 install -m 0644 Credits ${D}${datadir}/Bastille
63 install -m 0644 FKL/configs/fkl_config_redhat.cfg ${D}${datadir}/Bastille/FKL/configs/
64 install -m 0755 RevertBastille ${D}${sbindir}
65 install -m 0755 bin/bastille ${D}${sbindir}
66 install -m 0644 bastille-firewall ${D}${datadir}/Bastille
67 install -m 0644 bastille-firewall-reset ${D}${datadir}/Bastille
68 install -m 0644 bastille-firewall-schedule ${D}${datadir}/Bastille
69 install -m 0644 bastille-tmpdir-defense.sh ${D}${datadir}/Bastille
70 install -m 0644 bastille-tmpdir.csh ${D}${datadir}/Bastille
71 install -m 0644 bastille-tmpdir.sh ${D}${datadir}/Bastille
72 install -m 0644 bastille-firewall.cfg ${D}${datadir}/Bastille
73 install -m 0644 bastille-ipchains ${D}${datadir}/Bastille
74 install -m 0644 bastille-netfilter ${D}${datadir}/Bastille
75 install -m 0644 bastille-firewall-early.sh ${D}${datadir}/Bastille
76 install -m 0644 bastille-firewall-pre-audit.sh ${D}${datadir}/Bastille
77 install -m 0644 complete.xbm ${D}${datadir}/Bastille
78 install -m 0644 incomplete.xbm ${D}${datadir}/Bastille
79 install -m 0644 disabled.xpm ${D}${datadir}/Bastille
80 install -m 0644 ifup-local ${D}${datadir}/Bastille
81 install -m 0644 hosts.allow ${D}${datadir}/Bastille
82
83 install -m 0644 Bastille/AccountSecurity.pm ${D}${libdir}/Bastille
84 install -m 0644 Bastille/Apache.pm ${D}${libdir}/Bastille
85 install -m 0644 Bastille/API.pm ${D}${libdir}/Bastille
86 install -m 0644 ${WORKDIR}/AccountPermission.pm ${D}${libdir}/Bastille/API
87 install -m 0644 ${WORKDIR}/FileContent.pm ${D}${libdir}/Bastille/API
88 install -m 0644 ${WORKDIR}/HPSpecific.pm ${D}${libdir}/Bastille/API
89 install -m 0644 ${WORKDIR}/ServiceAdmin.pm ${D}${libdir}/Bastille/API
90 install -m 0644 ${WORKDIR}/Miscellaneous.pm ${D}${libdir}/Bastille/API
91 install -m 0644 Bastille/BootSecurity.pm ${D}${libdir}/Bastille
92 install -m 0644 Bastille/ConfigureMiscPAM.pm ${D}${libdir}/Bastille
93 install -m 0644 Bastille/DisableUserTools.pm ${D}${libdir}/Bastille
94 install -m 0644 Bastille/DNS.pm ${D}${libdir}/Bastille
95 install -m 0644 Bastille/FilePermissions.pm ${D}${libdir}/Bastille
96 install -m 0644 Bastille/FTP.pm ${D}${libdir}/Bastille
97 install -m 0644 Bastille/Firewall.pm ${D}${libdir}/Bastille
98 install -m 0644 Bastille/OSX_API.pm ${D}${libdir}/Bastille
99 install -m 0644 Bastille/LogAPI.pm ${D}${libdir}/Bastille
100 install -m 0644 Bastille/HP_UX.pm ${D}${libdir}/Bastille
101 install -m 0644 Bastille/IOLoader.pm ${D}${libdir}/Bastille
102 install -m 0644 Bastille/Patches.pm ${D}${libdir}/Bastille
103 install -m 0644 Bastille/Logging.pm ${D}${libdir}/Bastille
104 install -m 0644 Bastille/MiscellaneousDaemons.pm ${D}${libdir}/Bastille
105 install -m 0644 Bastille/PatchDownload.pm ${D}${libdir}/Bastille
106 install -m 0644 Bastille/Printing.pm ${D}${libdir}/Bastille
107 install -m 0644 Bastille/PSAD.pm ${D}${libdir}/Bastille
108 install -m 0644 Bastille/RemoteAccess.pm ${D}${libdir}/Bastille
109 install -m 0644 Bastille/SecureInetd.pm ${D}${libdir}/Bastille
110 install -m 0644 Bastille/Sendmail.pm ${D}${libdir}/Bastille
111 install -m 0644 Bastille/TestDriver.pm ${D}${libdir}/Bastille
112 install -m 0644 Bastille/TMPDIR.pm ${D}${libdir}/Bastille
113 install -m 0644 Bastille/test_AccountSecurity.pm ${D}${libdir}/Bastille
114 install -m 0644 Bastille/test_Apache.pm ${D}${libdir}/Bastille
115 install -m 0644 Bastille/test_DNS.pm ${D}${libdir}/Bastille
116 install -m 0644 Bastille/test_FTP.pm ${D}${libdir}/Bastille
117 install -m 0644 Bastille/test_HP_UX.pm ${D}${libdir}/Bastille
118 install -m 0644 Bastille/test_MiscellaneousDaemons.pm ${D}${libdir}/Bastille
119 install -m 0644 Bastille/test_Patches.pm ${D}${libdir}/Bastille
120 install -m 0644 Bastille/test_SecureInetd.pm ${D}${libdir}/Bastille
121 install -m 0644 Bastille/test_Sendmail.pm ${D}${libdir}/Bastille
122 install -m 0644 Bastille/test_BootSecurity.pm ${D}${libdir}/Bastille
123 install -m 0644 Bastille/test_DisableUserTools.pm ${D}${libdir}/Bastille
124 install -m 0644 Bastille/test_FilePermissions.pm ${D}${libdir}/Bastille
125 install -m 0644 Bastille/test_Logging.pm ${D}${libdir}/Bastille
126 install -m 0644 Bastille/test_Printing.pm ${D}${libdir}/Bastille
127 install -m 0644 Bastille/IPFilter.pm ${D}${libdir}/Bastille
128 install -m 0644 Bastille_Curses.pm ${D}${libdir}/perl5/site_perl
129 install -m 0644 Bastille_Tk.pm ${D}${libdir}/perl5/site_perl
130 install -m 0644 Curses/Widgets.pm ${D}${libdir}/perl5/site_perl/Curses
131
132 install -m 0644 OSMap/LINUX.bastille ${D}${datadir}/Bastille/OSMap
133 install -m 0644 OSMap/LINUX.system ${D}${datadir}/Bastille/OSMap
134 install -m 0644 OSMap/LINUX.service ${D}${datadir}/Bastille/OSMap
135 install -m 0644 OSMap/HP-UX.bastille ${D}${datadir}/Bastille/OSMap
136 install -m 0644 OSMap/HP-UX.system ${D}${datadir}/Bastille/OSMap
137 install -m 0644 OSMap/HP-UX.service ${D}${datadir}/Bastille/OSMap
138 install -m 0644 OSMap/OSX.bastille ${D}${datadir}/Bastille/OSMap
139 install -m 0644 OSMap/OSX.system ${D}${datadir}/Bastille/OSMap
140
141 install -m 0777 ${WORKDIR}/config ${D}${sysconfdir}/Bastille/config
142
143 for file in `cat Modules.txt` ; do
144 install -m 0644 Questions/$file.txt ${D}${datadir}/Bastille/Questions
145 done
146
147 ${THISDIR}/files/set_required_questions.py ${D}${sysconfdir}/Bastille/config ${D}${datadir}/Bastille/Questions
148
149 ln -s RevertBastille ${D}${sbindir}/UndoBastille
Patrick Williams53961c22022-01-20 11:06:23 -0600150
151 # Create /var/log/Bastille in runtime.
152 if [ "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" ]; then
153 install -d ${D}${nonarch_libdir}/tmpfiles.d
154 echo "d ${localstatedir}/log/Bastille - - - -" > ${D}${nonarch_libdir}/tmpfiles.d/Bastille.conf
155 fi
156 if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then
157 install -d ${D}${sysconfdir}/default/volatiles
158 echo "d root root 0755 ${localstatedir}/log/Bastille none" > ${D}${sysconfdir}/default/volatiles/99_Bastille
159 fi
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530160}
161
Patrick Williams53961c22022-01-20 11:06:23 -0600162FILES:${PN} += "${datadir}/Bastille \
163 ${libdir}/Bastille \
164 ${libdir}/perl* \
165 ${sysconfdir}/* \
166 ${nonarch_libdir}/tmpfiles.d"