Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 1 | DESCRIPTION = "Security packagegroup for Poky" |
| 2 | LICENSE = "MIT" |
| 3 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \ |
| 4 | file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" |
| 5 | |
| 6 | inherit packagegroup |
| 7 | |
| 8 | PACKAGES = "\ |
| 9 | packagegroup-core-security \ |
| 10 | packagegroup-security-utils \ |
| 11 | packagegroup-security-scanners \ |
Andrew Geissler | cc58928 | 2020-09-18 13:34:40 -0500 | [diff] [blame] | 12 | packagegroup-security-audit \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 13 | packagegroup-security-ids \ |
| 14 | packagegroup-security-mac \ |
Patrick Williams | 520786c | 2023-06-25 16:20:36 -0500 | [diff] [blame] | 15 | packagegroup-security-compliance \ |
Andrew Geissler | d1d22e6 | 2020-10-16 10:14:32 -0500 | [diff] [blame] | 16 | ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 17 | " |
| 18 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 19 | RDEPENDS:packagegroup-core-security = "\ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 20 | packagegroup-security-utils \ |
| 21 | packagegroup-security-scanners \ |
Andrew Geissler | cc58928 | 2020-09-18 13:34:40 -0500 | [diff] [blame] | 22 | packagegroup-security-audit \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 23 | packagegroup-security-ids \ |
| 24 | packagegroup-security-mac \ |
Patrick Williams | 520786c | 2023-06-25 16:20:36 -0500 | [diff] [blame] | 25 | packagegroup-security-compliance \ |
Andrew Geissler | d1d22e6 | 2020-10-16 10:14:32 -0500 | [diff] [blame] | 26 | ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 27 | " |
| 28 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 29 | SUMMARY:packagegroup-security-utils = "Security utilities" |
| 30 | RDEPENDS:packagegroup-security-utils = "\ |
Patrick Williams | db4c27e | 2022-08-05 08:10:29 -0500 | [diff] [blame] | 31 | bubblewrap \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 32 | checksec \ |
Patrick Williams | 92b42cb | 2022-09-03 06:53:57 -0500 | [diff] [blame] | 33 | cryptmount \ |
Andrew Geissler | cc58928 | 2020-09-18 13:34:40 -0500 | [diff] [blame] | 34 | ding-libs \ |
| 35 | ecryptfs-utils \ |
| 36 | fscryptctl \ |
Patrick Williams | 92b42cb | 2022-09-03 06:53:57 -0500 | [diff] [blame] | 37 | glome \ |
Andrew Geissler | cc58928 | 2020-09-18 13:34:40 -0500 | [diff] [blame] | 38 | keyutils \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 39 | nmap \ |
| 40 | pinentry \ |
Andrew Geissler | d1d22e6 | 2020-10-16 10:14:32 -0500 | [diff] [blame] | 41 | softhsm \ |
Andrew Geissler | 59125e0 | 2021-07-23 12:56:22 -0400 | [diff] [blame] | 42 | sshguard \ |
Andrew Geissler | b2fe863 | 2020-08-21 15:57:21 -0500 | [diff] [blame] | 43 | ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 ", "", " libseccomp",d)} \ |
Andrew Geissler | 2daf84b | 2023-03-31 09:57:23 -0500 | [diff] [blame] | 44 | ${@bb.utils.contains("DISTRO_FEATURES", "pam", "google-authenticator-libpam", "",d)} \ |
Andrew Geissler | cc58928 | 2020-09-18 13:34:40 -0500 | [diff] [blame] | 45 | ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 46 | " |
| 47 | |
Andrew Geissler | 2daf84b | 2023-03-31 09:57:23 -0500 | [diff] [blame] | 48 | have_krill = "${@bb.utils.contains("DISTRO_FEATURES", "pam", "krill", "",d)}" |
| 49 | RDEPENDS:packagegroup-security-utils:append:x86 = " chipsec ${have_krill}" |
Patrick Williams | 2a25492 | 2023-08-11 09:48:11 -0500 | [diff] [blame] | 50 | RDEPENDS:packagegroup-security-utils:append:x86-64 = " firejail chipsec ${have_krill}" |
| 51 | RDEPENDS:packagegroup-security-utils:append:aarch64 = " firejail ${have_krill}" |
Patrick Williams | db4c27e | 2022-08-05 08:10:29 -0500 | [diff] [blame] | 52 | RDEPENDS:packagegroup-security-utils:remove:libc-musl = "krill" |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame] | 53 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 54 | SUMMARY:packagegroup-security-scanners = "Security scanners" |
| 55 | RDEPENDS:packagegroup-security-scanners = "\ |
Andrew Geissler | 78b7279 | 2022-06-14 06:47:25 -0500 | [diff] [blame] | 56 | ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " arpwatch",d)} \ |
| 57 | chkrootkit \ |
Andrew Geissler | cc58928 | 2020-09-18 13:34:40 -0500 | [diff] [blame] | 58 | isic \ |
William A. Kennington III | ee32beb | 2021-06-02 12:48:35 -0700 | [diff] [blame] | 59 | ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 60 | " |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 61 | RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "clamav clamav-daemon clamav-freshclam" |
Andrew Geissler | 78b7279 | 2022-06-14 06:47:25 -0500 | [diff] [blame] | 62 | RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "arpwatch" |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 63 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 64 | SUMMARY:packagegroup-security-audit = "Security Audit tools " |
| 65 | RDEPENDS:packagegroup-security-audit = " \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 66 | buck-security \ |
| 67 | redhat-security \ |
| 68 | " |
| 69 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 70 | SUMMARY:packagegroup-security-ids = "Security Intrusion Detection systems" |
| 71 | RDEPENDS:packagegroup-security-ids = " \ |
Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 72 | samhain-standalone \ |
Andrew Geissler | d583833 | 2022-05-27 11:33:10 -0500 | [diff] [blame] | 73 | suricata \ |
William A. Kennington III | ee32beb | 2021-06-02 12:48:35 -0700 | [diff] [blame] | 74 | ossec-hids \ |
| 75 | aide \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 76 | " |
| 77 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 78 | RDEPENDS:packagegroup-security-ids:remove:powerpc = "suricata" |
| 79 | RDEPENDS:packagegroup-security-ids:remove:powerpc64le = "suricata" |
| 80 | RDEPENDS:packagegroup-security-ids:remove:powerpc64 = "suricata" |
| 81 | RDEPENDS:packagegroup-security-ids:remove:riscv32 = "suricata" |
| 82 | RDEPENDS:packagegroup-security-ids:remove:riscv64 = "suricata" |
| 83 | RDEPENDS:packagegroup-security-ids:remove:libc-musl = "ossec-hids" |
Andrew Geissler | a1a6aef | 2021-06-25 14:23:58 -0500 | [diff] [blame] | 84 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 85 | SUMMARY:packagegroup-security-mac = "Security Mandatory Access Control systems" |
| 86 | RDEPENDS:packagegroup-security-mac = " \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 87 | ${@bb.utils.contains("DISTRO_FEATURES", "tomoyo", "ccs-tools", "",d)} \ |
Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame] | 88 | ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", "",d)} \ |
Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 89 | ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \ |
| 90 | " |
Andrew Geissler | d1d22e6 | 2020-10-16 10:14:32 -0500 | [diff] [blame] | 91 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 92 | RDEPENDS:packagegroup-security-mac:remove:mipsarch = "apparmor" |
Andrew Geissler | 5e7fd51 | 2021-05-07 16:09:00 -0500 | [diff] [blame] | 93 | |
Patrick Williams | 520786c | 2023-06-25 16:20:36 -0500 | [diff] [blame] | 94 | SUMMARY:packagegroup-security-compliance = "Security Compliance applications" |
| 95 | RDEPENDS:packagegroup-security-compliance = " \ |
| 96 | lynis \ |
| 97 | openscap \ |
| 98 | scap-security-guide \ |
| 99 | os-release \ |
| 100 | " |
| 101 | |
| 102 | RDEPENDS:packagegroup-security-compliance:remove:libc-musl = "openscap scap-security-guide" |
| 103 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 104 | RDEPENDS:packagegroup-meta-security-ptest-packages = "\ |
Andrew Geissler | d1d22e6 | 2020-10-16 10:14:32 -0500 | [diff] [blame] | 105 | ptest-runner \ |
| 106 | samhain-standalone-ptest \ |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 107 | ${@bb.utils.contains("BBLAYERS", "meta-rust", "suricata-ptest","", d)} \ |
Andrew Geissler | d1d22e6 | 2020-10-16 10:14:32 -0500 | [diff] [blame] | 108 | ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \ |
| 109 | " |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 110 | |
| 111 | RDEPENDS:packagegroup-security-ptest-packages:remove:powerpc = "suricata-ptest" |
| 112 | RDEPENDS:packagegroup-security-ptest-packages:remove:powerpc64le = "suricata-ptest" |
| 113 | RDEPENDS:packagegroup-security-ptest-packages:remove:powerpc64 = "suricata-ptest" |
| 114 | RDEPENDS:packagegroup-security-ptest-packages:remove:riscv32 = "suricata-ptest" |
| 115 | RDEPENDS:packagegroup-security-ptest-packages:remove:riscv64 = "suricata-ptest" |