Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 14fddefae2cdb1255279465f2f9fcff5f3da222e^! / . / import-layers / meta-security / recipes-security / ecryptfs-utils / ecryptfs-utils_111.bb
commit14fddefae2cdb1255279465f2f9fcff5f3da222e[log] [tgz]
authorRichard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>Fri Jul 13 23:55:56 2018 +0530
committerBrad Bishop <bradleyb@fuzziesquirrel.com>Fri Jul 27 03:12:32 2018 +0000
treec741979d99c5cd5e7477483611a0003f44790b49
parentc6ed65665d5392d677c63b836ce6ac358a9db7f7 [diff] [blame]
Squashed 'import-layers/meta-security/' content from commit 4d139b9

Subtree from git://git.yoctoproject.org/meta-security

Change-Id: I14bb13faa3f2b2dc1f5d81b339dd48ffedf8562f
git-subtree-dir: import-layers/meta-security
git-subtree-split: 4d139b95c4f152d132592f515c5151f4dd6269c1
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>

diff --git a/import-layers/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/import-layers/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
new file mode 100644
index 0000000..f55b0c3
--- /dev/null
+++ b/import-layers/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb

@@ -0,0 +1,63 @@
+SUMMARY = "The eCryptfs mount helper and support libraries"
+DESCRIPTION = "eCryptfs is a stacked cryptographic filesystem \
+    that ships in Linux kernel versions 2.6.19 and above. This \
+    package provides the mount helper and supporting libraries \
+    to perform key management and mount functions."
+HOMEPAGE = "https://launchpad.net/ecryptfs"
+SECTION = "base"
+
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b"
+
+DEPENDS = "keyutils libgcrypt intltool-native glib-2.0-native"
+
+SRC_URI = "\
+    https://launchpad.net/ecryptfs/trunk/${PV}/+download/${BPN}_${PV}.orig.tar.gz \
+    file://ecryptfs-utils-CVE-2016-6224.patch \
+    file://ecryptfs.service \
+    "
+
+SRC_URI[md5sum] = "83513228984f671930752c3518cac6fd"
+SRC_URI[sha256sum] = "112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f118750a987f"
+
+inherit autotools pkgconfig systemd
+
+SYSTEMD_PACKAGES = "${PN}"
+SYSTEMD_SERVICE_${PN} = "ecryptfs.service"
+
+EXTRA_OECONF = "\
+    --libdir=${base_libdir} \
+    --disable-pywrap \
+    --disable-nls \
+    "
+
+PACKAGECONFIG ??= "nss \
+    ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
+    "
+PACKAGECONFIG[nss] = "--enable-nss,--disable-nss,nss,"
+PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,"
+PACKAGECONFIG[pam] = "--enable-pam,--disable-pam,libpam,"
+
+do_configure_prepend() {
+    export NSS_CFLAGS="-I${STAGING_INCDIR}/nspr4 -I${STAGING_INCDIR}/nss3"
+    export NSS_LIBS="-L${STAGING_BASELIBDIR} -lssl3 -lsmime3 -lnss3 -lsoftokn3 -lnssutil3"
+    export KEYUTILS_CFLAGS="-I${STAGING_INCDIR}"
+    export KEYUTILS_LIBS="-L${STAGING_LIBDIR} -lkeyutils"
+}
+
+do_install_append() {
+    chmod 4755 ${D}${base_sbindir}/mount.ecryptfs_private
+    mkdir -p ${D}/${libdir}
+    mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}
+    sed -i -e 's:-I${STAGING_INCDIR}::' \
+           -e 's:-L${STAGING_LIBDIR}::' ${D}/${libdir}/pkgconfig/libecryptfs.pc
+    sed -i -e "s: ${base_sbindir}/cryptsetup: ${sbindir}/cryptsetup:" ${D}${bindir}/ecryptfs-setup-swap
+    if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+        install -D -m 0644 ${WORKDIR}/ecryptfs.service ${D}${systemd_system_unitdir}/ecryptfs.service
+    fi
+}
+
+FILES_${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
+
+RDEPENDS_${PN} += "cryptsetup"
+RRECOMMENDS_${PN} = "gettext-runtime"