Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / db4c27ee07165dd36a758f4ab5236918f133e65b / . / meta-security / recipes-core / packagegroup / packagegroup-core-security.bb
blob: a12a4c2d3d9ea9d6aad322b4ea567b4fcbd256ed [file] [log] [blame]
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]1DESCRIPTION = "Security packagegroup for Poky"
2LICENSE = "MIT"
3LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
4 file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
5
6inherit packagegroup
7
8PACKAGES = "\
9 packagegroup-core-security \
10 packagegroup-security-utils \
11 packagegroup-security-scanners \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]12 packagegroup-security-audit \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]13 packagegroup-security-ids \
14 packagegroup-security-mac \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]15 ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]16 "
17
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]18RDEPENDS:packagegroup-core-security = "\
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]19 packagegroup-security-utils \
20 packagegroup-security-scanners \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]21 packagegroup-security-audit \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]22 packagegroup-security-ids \
23 packagegroup-security-mac \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]24 ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]25 "
26
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]27SUMMARY:packagegroup-security-utils = "Security utilities"
28RDEPENDS:packagegroup-security-utils = "\
Patrick Williamsdb4c27e2022-08-05 08:10:29 -0500[diff] [blame^]29 bubblewrap \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]30 checksec \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]31 ding-libs \
32 ecryptfs-utils \
33 fscryptctl \
34 keyutils \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]35 nmap \
36 pinentry \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]37 softhsm \
Andrew Geissler59125e02021-07-23 12:56:22 -0400[diff] [blame]38 sshguard \
Andrew Geissler615f2f12022-07-15 14:00:58 -0500[diff] [blame]39 firejail \
Andrew Geisslerb2fe8632020-08-21 15:57:21 -0500[diff] [blame]40 ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 ", "", " libseccomp",d)} \
Patrick Williamsdb4c27e2022-08-05 08:10:29 -0500[diff] [blame^]41 ${@bb.utils.contains("DISTRO_FEATURES", "pam", "google-authenticator-libpam krill", "",d)} \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]42 ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]43 "
44
Patrick Williamsdb4c27e2022-08-05 08:10:29 -0500[diff] [blame^]45RDEPENDS:packagegroup-security-utils:append:x86 = "chipsec"
46RDEPENDS:packagegroup-security-utils:append:x86-64 = "chipsec"
47RDEPENDS:packagegroup-security-utils:remove:mipsarch = "firejail krill"
48RDEPENDS:packagegroup-security-utils:remove:libc-musl = "krill"
49RDEPENDS:packagegroup-security-utils:remove:riscv64 = "krill"
50RDEPENDS:packagegroup-security-utils:remove:armv7ve = " krill"
Andrew Geissler615f2f12022-07-15 14:00:58 -0500[diff] [blame]51
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]52SUMMARY:packagegroup-security-scanners = "Security scanners"
53RDEPENDS:packagegroup-security-scanners = "\
Andrew Geissler78b72792022-06-14 06:47:25 -0500[diff] [blame]54 ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " arpwatch",d)} \
55 chkrootkit \
Andrew Geisslercc589282020-09-18 13:34:40 -0500[diff] [blame]56 isic \
William A. Kennington IIIee32beb2021-06-02 12:48:35 -0700[diff] [blame]57 ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]58 "
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]59RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "clamav clamav-daemon clamav-freshclam"
Andrew Geissler78b72792022-06-14 06:47:25 -0500[diff] [blame]60RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "arpwatch"
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]61
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]62SUMMARY:packagegroup-security-audit = "Security Audit tools "
63RDEPENDS:packagegroup-security-audit = " \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]64 buck-security \
65 redhat-security \
66 "
67
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]68SUMMARY:packagegroup-security-ids = "Security Intrusion Detection systems"
69RDEPENDS:packagegroup-security-ids = " \
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800[diff] [blame]70 samhain-standalone \
Andrew Geisslerd5838332022-05-27 11:33:10 -0500[diff] [blame]71 suricata \
William A. Kennington IIIee32beb2021-06-02 12:48:35 -0700[diff] [blame]72 ossec-hids \
73 aide \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]74 "
75
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]76RDEPENDS:packagegroup-security-ids:remove:powerpc = "suricata"
77RDEPENDS:packagegroup-security-ids:remove:powerpc64le = "suricata"
78RDEPENDS:packagegroup-security-ids:remove:powerpc64 = "suricata"
79RDEPENDS:packagegroup-security-ids:remove:riscv32 = "suricata"
80RDEPENDS:packagegroup-security-ids:remove:riscv64 = "suricata"
81RDEPENDS:packagegroup-security-ids:remove:libc-musl = "ossec-hids"
Andrew Geisslera1a6aef2021-06-25 14:23:58 -0500[diff] [blame]82
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]83SUMMARY:packagegroup-security-mac = "Security Mandatory Access Control systems"
84RDEPENDS:packagegroup-security-mac = " \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]85 ${@bb.utils.contains("DISTRO_FEATURES", "tomoyo", "ccs-tools", "",d)} \
Brad Bishop1a4b7ee2018-12-16 17:11:34 -0800[diff] [blame]86 ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", "",d)} \
Richard Marian Thomaiyar14fddef2018-07-13 23:55:56 +0530[diff] [blame]87 ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \
88 "
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]89
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]90RDEPENDS:packagegroup-security-mac:remove:mipsarch = "apparmor"
Andrew Geissler5e7fd512021-05-07 16:09:00 -0500[diff] [blame]91
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]92RDEPENDS:packagegroup-meta-security-ptest-packages = "\
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]93 ptest-runner \
94 samhain-standalone-ptest \
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]95 ${@bb.utils.contains("BBLAYERS", "meta-rust", "suricata-ptest","", d)} \
Andrew Geisslerd1d22e62020-10-16 10:14:32 -0500[diff] [blame]96 ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
97"
Patrick Williams213cb262021-08-07 19:21:33 -0500[diff] [blame]98
99RDEPENDS:packagegroup-security-ptest-packages:remove:powerpc = "suricata-ptest"
100RDEPENDS:packagegroup-security-ptest-packages:remove:powerpc64le = "suricata-ptest"
101RDEPENDS:packagegroup-security-ptest-packages:remove:powerpc64 = "suricata-ptest"
102RDEPENDS:packagegroup-security-ptest-packages:remove:riscv32 = "suricata-ptest"
103RDEPENDS:packagegroup-security-ptest-packages:remove:riscv64 = "suricata-ptest"