commit 59125e0dc92e9e1d6f103f91c865ad6f6c1f51f6
author Andrew Geissler <geissonator@yahoo.com> Fri Jul 23 12:56:22 2021 -0400
committer Andrew Geissler <geissonator@yahoo.com> Wed Jul 28 17:22:04 2021 +0000
tree 4910bed43893ebe31491cb8cea41fa82733ecddd
parent ad7fa35594a3fae494741eb1eedb30b3cef38b1f

meta-security: subtree update:46f7e7acbe..152cdb506b

Anton Antonov (1):
      Do not use clang toolchain in Parsec recipes

Armin Kuster (9):
      initramfs-framework: fix typo in conditional
      ssshgaurd: add packaage
      packagegroup-core-security: add sshguard
      initramfs-framework: rename files dir
      sssd: update to 2.5.1
      suricata: update to 6.0.3
      kas/kas-security-alt.yml: add meta-rust
      .gitlab-ci.yml: fix qemux86 musl order
      tpm-tools: fix build issue

Yi Zhao (2):
      apparmor: upgrade 3.0 -> 3.0.1
      apparmor: use its own initscript and service files

Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Idf435d7f6b767d87ae2cc720b520e57c22645935

meta-security/recipes-security/sssd/files/musl_fixup.patch

diff --git a/meta-security/recipes-security/sssd/files/musl_fixup.patch b/meta-security/recipes-security/sssd/files/musl_fixup.patch
new file mode 100644
index 0000000..68f267c
--- /dev/null
+++ b/meta-security/recipes-security/sssd/files/musl_fixup.patch
@@ -0,0 +1,53 @@
+fix musl build failures
+
+Missing _PATH_HOSTS and some NETDB defines when musl is enabled.
+
+These are work arounds for now while we figure out where the real fix should reside (musl, gcompact, sssd):
+
+./sssd-2.5.1/src/providers/fail_over.c:1199:19: error: '_PATH_HOSTS' undeclared (first use in this function)
+|  1199 |                   _PATH_HOSTS);
+|       |                   ^~~~~~~~~~~
+
+and 
+
+i./sssd-2.5.1/src/sss_client/nss_ipnetworks.c:415:21: error: 'NETDB_INTERNAL' undeclared (first use in this function)
+|   415 |         *h_errnop = NETDB_INTERNAL;
+
+
+Upstream-Status: Pending
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+Index: sssd-2.5.1/src/providers/fail_over.c
+===================================================================
+--- sssd-2.5.1.orig/src/providers/fail_over.c
++++ sssd-2.5.1/src/providers/fail_over.c
+@@ -31,6 +31,10 @@
+ #include <talloc.h>
+ #include <netdb.h>
+ 
++#if !defined(_PATH_HOSTS)
++#define _PATH_HOSTS     "/etc/hosts"
++#endif
++
+ #include "util/dlinklist.h"
+ #include "util/refcount.h"
+ #include "util/util.h"
+Index: sssd-2.5.1/src/sss_client/sss_cli.h
+===================================================================
+--- sssd-2.5.1.orig/src/sss_client/sss_cli.h
++++ sssd-2.5.1/src/sss_client/sss_cli.h
+@@ -44,6 +44,14 @@ typedef int errno_t;
+ #define EOK 0
+ #endif
+ 
++#ifndef NETDB_INTERNAL
++# define NETDB_INTERNAL (-1)
++#endif
++
++#ifndef NETDB_SUCCESS
++# define NETDB_SUCCESS (0)
++#endif
++
+ #define SSS_NSS_PROTOCOL_VERSION 1
+ #define SSS_PAM_PROTOCOL_VERSION 3
+ #define SSS_SUDO_PROTOCOL_VERSION 1