Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 40d8f44b51f83548f7ca8df062dd7435b784c0a8 / . / meta-security / recipes-core / packagegroup / packagegroup-core-security.bb
blob: 8e06f30bcd75c80f7eef598f686fea58133b81f7 [file] [log] [blame]
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]1DESCRIPTION = "Security packagegroup for Poky"
2LICENSE = "MIT"
3LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
4 file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
5
6inherit packagegroup
7
8PACKAGES = "\
9 packagegroup-core-security \
10 packagegroup-security-utils \
11 packagegroup-security-scanners \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]12 packagegroup-security-audit \
13 packagegroup-security-hardening \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]14 packagegroup-security-ids \
15 packagegroup-security-mac \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]16 ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]17 "
18
19RDEPENDS_packagegroup-core-security = "\
20 packagegroup-security-utils \
21 packagegroup-security-scanners \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]22 packagegroup-security-audit \
23 packagegroup-security-hardening \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]24 packagegroup-security-ids \
25 packagegroup-security-mac \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]26 ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]27 "
28
29SUMMARY_packagegroup-security-utils = "Security utilities"
30RDEPENDS_packagegroup-security-utils = "\
31 checksec \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]32 ding-libs \
33 ecryptfs-utils \
34 fscryptctl \
35 keyutils \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]36 nmap \
37 pinentry \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]38 python3-privacyidea \
39 python3-fail2ban \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]40 softhsm \
41 libest \
42 opendnssec \
Andrew Geissler59125e02021-07-23 12:56:22 -0400[diff] [blame]43 sshguard \
Andrew Geisslerb2fe8632020-08-21 15:57:21 -0500[diff] [blame]44 ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 ", "", " libseccomp",d)} \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]45 ${@bb.utils.contains("DISTRO_FEATURES", "pam", "sssd google-authenticator-libpam", "",d)} \
46 ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]47 "
48
49SUMMARY_packagegroup-security-scanners = "Security scanners"
50RDEPENDS_packagegroup-security-scanners = "\
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]51 isic \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]52 nikto \
53 checksecurity \
William A. Kennington IIIee32beb2021-06-02 12:48:35 -0700[diff] [blame]54 ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]55 "
William A. Kennington IIIee32beb2021-06-02 12:48:35 -0700[diff] [blame]56RDEPENDS_packagegroup-security-scanners_remove_libc-musl = "clamav clamav-daemon clamav-freshclam"
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]57
58SUMMARY_packagegroup-security-audit = "Security Audit tools "
59RDEPENDS_packagegroup-security-audit = " \
60 buck-security \
61 redhat-security \
62 "
63
64SUMMARY_packagegroup-security-hardening = "Security Hardening tools"
65RDEPENDS_packagegroup-security-hardening = " \
66 bastille \
67 "
68
69SUMMARY_packagegroup-security-ids = "Security Intrusion Detection systems"
70RDEPENDS_packagegroup-security-ids = " \
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800[diff] [blame]71 samhain-standalone \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]72 ${@bb.utils.contains_any("TUNE_FEATURES", "ppc7400 riscv32 riscv64", "", " suricata",d)} \
William A. Kennington IIIee32beb2021-06-02 12:48:35 -0700[diff] [blame]73 ossec-hids \
74 aide \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]75 "
76
Andrew Geisslera1a6aef2021-06-25 14:23:58 -0500[diff] [blame]77RDEPENDS_packagegroup-security-ids_remove_libc-musl = "ossec-hids"
78
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]79SUMMARY_packagegroup-security-mac = "Security Mandatory Access Control systems"
80RDEPENDS_packagegroup-security-mac = " \
81 ${@bb.utils.contains("DISTRO_FEATURES", "tomoyo", "ccs-tools", "",d)} \
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800[diff] [blame]82 ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", "",d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]83 ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \
84 "
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]85
William A. Kennington IIIee32beb2021-06-02 12:48:35 -0700[diff] [blame]86RDEPENDS_packagegroup-security-mac_remove_mipsarch = "apparmor"
Andrew Geissler5e7fd512021-05-07 16:09:00 -0500[diff] [blame]87
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]88RDEPENDS_packagegroup-meta-security-ptest-packages = "\
89 ptest-runner \
90 samhain-standalone-ptest \
91 libseccomp-ptest \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]92 suricata-ptest \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]93 python3-fail2ban-ptest \
94 ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
95"