@@ -44,7 +44,6 @@ RECIPE_MAINTAINER:pn-libseccomp = "Scott Murray <scott.murray@konsulko.com>"
RECIPE_MAINTAINER:pn-libwhisker2-perl = "Scott Murray <scott.murray@konsulko.com>"
RECIPE_MAINTAINER:pn-ncrack = "Scott Murray <scott.murray@konsulko.com>"
RECIPE_MAINTAINER:pn-nikto = "Scott Murray <scott.murray@konsulko.com>"
-RECIPE_MAINTAINER:pn-paxctl = "Scott Murray <scott.murray@konsulko.com>"
RECIPE_MAINTAINER:pn-python3-fail2ban = "Scott Murray <scott.murray@konsulko.com>"
RECIPE_MAINTAINER:pn-python3-scapy = "Scott Murray <scott.murray@konsulko.com>"
RECIPE_MAINTAINER:pn-python-fail2ban = "Scott Murray <scott.murray@konsulko.com>"
@@ -103,33 +103,6 @@ help for each package.
usage : simply invoke the script name in the terminal.
- == pax-utils ==
-
- ( This package can be found in oe-core )
-
- pax-utils is a small set of various PaX aware and related utilities for
- ELF binaries.
-
- - scanelf : With this application you can print out information specific to the ELF structure of a binary.
- For more help please consult the man pages or the readme file.
-
- - pspax : is a user-space utility that scans the proc directory and list
- ELF types, as well as their respective PaX flags and filenames and
- attributes. Depending on build options, it may additionaly display the
- process running set of capabilities.
-
- - scanmacho : is a user-space utility to quickly scan given
- Mach-Os, directories, or common system paths for different information. This
- may include Mach-O types, their install_names, etc.
-
- - dumpelf : is a user-space utility to dump all of the internal
- ELF structures into the equivalent C structures for fun debugging and/or
- reference purposes.
-
-
- usage : simply invoke the script name in the terminal.
-
-
== buck-security ==
Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux
@@ -42,7 +42,6 @@ RDEPENDS:packagegroup-security-utils = "\
sshguard \
${@bb.utils.contains("DISTRO_FEATURES", "seccomp ", "libseccomp", "",d)} \
${@bb.utils.contains("DISTRO_FEATURES", "pam", "google-authenticator-libpam", "",d)} \
- ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \
"
have_krill = "${@bb.utils.contains("DISTRO_FEATURES", "pam", "krill", "",d)}"
deleted file mode 100644
@@ -1,26 +0,0 @@
-From 824c5d7b96aeef1b4e182f657ac002bed6e14cd5 Mon Sep 17 00:00:00 2001
-From: Lei Maohui <leimaohui@fujitsu.com>
-Date: Thu, 31 Aug 2023 08:20:56 +0000
-Subject: [PATCH] To fix package error if DESTDIR is set to /usr.
-
-Upstream-Status: Inappropriate
-Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
----
- Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile b/Makefile
-index 0d7bc0c..46fd664 100644
---- a/Makefile
-+++ b/Makefile
-@@ -19,7 +19,7 @@ $(PROG).o: $(PROG).c $(PROG).h $(PROG)-elf.c
-
- install: $(PROG)
- # $(MKDIR) $(DESTDIR)/sbin $(DESTDIR)$(MANDIR)
-- $(INSTALL) -D --owner 0 --group 0 --mode a=rx $(PROG) $(DESTDIR)/sbin/$(PROG)
-+ $(INSTALL) -D --owner 0 --group 0 --mode a=rx $(PROG) $(DESTDIR)/usr/sbin/$(PROG)
- $(INSTALL) -D --owner 0 --group 0 --mode a=r $(PROG).1 $(DESTDIR)/$(MANDIR)/$(PROG).1
-
- clean:
---
-2.34.1
deleted file mode 100644
@@ -1,40 +0,0 @@
-DESCRIPTION = "paxctl is a tool that allows PaX flags to be modified on a \
- per-binary basis. PaX is part of common security-enhancing \
- kernel patches and secure distributions, such as \
- GrSecurity or Adamantix and Hardened Gen-too, respectively."
-HOMEPAGE = "https://pax.grsecurity.net/"
-LICENSE = "GPL-2.0-only"
-LIC_FILES_CHKSUM = "file://paxctl.c;beginline=1;endline=5;md5=0ddd065c61020dda79729e6bedaed2c7 \
- file://paxctl-elf.c;beginline=1;endline=5;md5=99f453ce7f6d1687ee808982e2924813 \
- "
-
-SRC_URI = "http://pax.grsecurity.net/${BP}.tar.gz \
- file://0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch \
-"
-
-SRC_URI[md5sum] = "9bea59b1987dc4e16c2d22d745374e64"
-SRC_URI[sha256sum] = "a330ddd812688169802a3ba29e5e3b19956376b8f6f73b8d7e9586eb04423c2e"
-
-EXTRA_OEMAKE = "CC='${CC}' DESTDIR='${D}'"
-
-do_install() {
- oe_runmake install
-}
-
-# The install target in the Makefile will fail for paxctl-native with error:
-# install -D --owner 0 --group 0 --mode a=rx paxctl .../sbin/paxctl
-# install: cannot change ownership of '.../sbin/paxctl': \
-# Operation not permitted
-# Drop '--owner 0 --group 0' to fix the issue.
-do_install:class-native() {
- local PROG=paxctl
- install -d ${D}${base_sbindir}
- install -d ${D}${mandir}/man1
- install --mode a=rx $PROG ${D}${base_sbindir}/$PROG
- install --mode a=r $PROG.1 ${D}${mandir}/man1/$PROG.1
-}
-
-# Avoid QA Issue: No GNU_HASH in the elf binary
-INSANE_SKIP:${PN} = "ldflags"
-
-BBCLASSEXTEND = "native"
Remove the paxctl recipe since it has seemingly been broken for a while without anyone noticing, and there likely have been no actual users since grsecurity stopped doing public releases in 2017. Signed-off-by: Scott Murray <scott.murray@konsulko.com> --- .../include/maintainers-meta-security.inc | 1 - docs/overview.txt | 27 ------------- .../packagegroup-core-security.bb | 1 - ...ckage-error-if-DESTDIR-is-set-to-usr.patch | 26 ------------ recipes-security/paxctl/paxctl_0.9.bb | 40 ------------------- 5 files changed, 95 deletions(-) delete mode 100644 recipes-security/paxctl/paxctl/0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch delete mode 100644 recipes-security/paxctl/paxctl_0.9.bb