Message ID | 20220121163239.1922917-1-akshay.bhat@timesys.com |
---|---|
State | New |
Headers | show |
Series | [meta-hardening] meta-hardening: Fix override syntax | expand |
On Fri, Jan 21, 2022 at 11:33 AM Akshay Bhat <nodeax@gmail.com> wrote: > > Commit 352e6498a missed updating the override syntax for the > "harden" distro override. > > Fixes: 352e6498a ("meta-hardening: Convert to new override syntax") > > Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com> > --- Ping... any feedback on the patch? If not can it be applied? Thanks :) <snip>
On 2/14/22 09:05, Akshay Bhat wrote: > On Fri, Jan 21, 2022 at 11:33 AM Akshay Bhat <nodeax@gmail.com> wrote: >> Commit 352e6498a missed updating the override syntax for the >> "harden" distro override. >> >> Fixes: 352e6498a ("meta-hardening: Convert to new override syntax") >> >> Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com> >> --- > Ping... any feedback on the patch? If not can it be applied? Thanks :) > <snip> Thanks for the ping. I didn't find this in my inbox but found it on lore mailing list. Patch looks fine. thanks, -armin
diff --git a/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend b/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend index 17c06ed..e192d3d 100644 --- a/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend +++ b/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend @@ -1,4 +1,4 @@ -do_install:append_harden () { +do_install:append:harden () { # to hardend sed -i -e 's:#AllowTcpForwarding yes:AllowTcpForwarding no:' ${D}${sysconfdir}/ssh/sshd_config sed -i -e 's:ClientAliveCountMax 4:ClientAliveCountMax 2:' ${D}${sysconfdir}/ssh/sshd_config diff --git a/meta-hardening/recipes-core/base-files/base-files_%.bbappend b/meta-hardening/recipes-core/base-files/base-files_%.bbappend index 0f0384f..4710b49 100644 --- a/meta-hardening/recipes-core/base-files/base-files_%.bbappend +++ b/meta-hardening/recipes-core/base-files/base-files_%.bbappend @@ -1,4 +1,4 @@ -do_install:append_harden () { +do_install:append:harden () { sed -i 's/umask.*/umask 027/g' ${D}/${sysconfdir}/profile } diff --git a/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend b/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend index b27dee9..92e364c 100644 --- a/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend +++ b/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend @@ -1,8 +1,8 @@ -FILESEXTRAPATHS:prepend_harden := "${THISDIR}/files:" +FILESEXTRAPATHS:prepend:harden := "${THISDIR}/files:" -SRC_URI:append_harden = " file://mountall.sh" +SRC_URI:append:harden = " file://mountall.sh" -do_install:append_harden() { +do_install:append:harden() { install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/mountall.sh ${D}${sysconfdir}/init.d } diff --git a/meta-hardening/recipes-extended/shadow/shadow_%.bbappend b/meta-hardening/recipes-extended/shadow/shadow_%.bbappend index 3058b55..793a075 100644 --- a/meta-hardening/recipes-extended/shadow/shadow_%.bbappend +++ b/meta-hardening/recipes-extended/shadow/shadow_%.bbappend @@ -1,4 +1,4 @@ -do_install:append_harden () { +do_install:append:harden () { # to hardend sed -i -e 's:UMASK.*:UMASK 027:' ${D}${sysconfdir}/login.defs sed -i -e 's:PASS_MAX_DAYS.*:PASS_MAX_DAYS 365:' ${D}${sysconfdir}/login.defs diff --git a/meta-hardening/recipes-extended/sudo/sudo_%.bbappend b/meta-hardening/recipes-extended/sudo/sudo_%.bbappend index 97c5f49..2860e8a 100644 --- a/meta-hardening/recipes-extended/sudo/sudo_%.bbappend +++ b/meta-hardening/recipes-extended/sudo/sudo_%.bbappend @@ -1,6 +1,6 @@ -PACKAGECONFIG:append_harden = " pam-wheel" -do_install:append_harden () { +PACKAGECONFIG:append:harden = " pam-wheel" +do_install:append:harden () { if [ "${@bb.utils.contains('DISABLE_ROOT', 'True', 'yes', 'no', d)}" = "yes" ]; then sed -i -e 's:root ALL=(ALL) ALL:#root ALL=(ALL) ALL:' ${D}${sysconfdir}/sudoers fi
Commit 352e6498a missed updating the override syntax for the "harden" distro override. Fixes: 352e6498a ("meta-hardening: Convert to new override syntax") Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com> --- .../recipes-connectivity/openssh/openssh_%.bbappend | 2 +- .../recipes-core/base-files/base-files_%.bbappend | 2 +- .../recipes-core/initscripts/initscripts_1.0.bbappend | 6 +++--- meta-hardening/recipes-extended/shadow/shadow_%.bbappend | 2 +- meta-hardening/recipes-extended/sudo/sudo_%.bbappend | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-)