From patchwork Thu Jul 24 07:25:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marta Rybczynska X-Patchwork-Id: 67381 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B3FC0C83F26 for ; Thu, 24 Jul 2025 07:27:21 +0000 (UTC) Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) by mx.groups.io with SMTP id smtpd.web11.6898.1753342035822891656 for ; Thu, 24 Jul 2025 00:27:16 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=BvNuPZFL; spf=pass (domain: gmail.com, ip: 209.85.221.50, mailfrom: rybczynska@gmail.com) Received: by mail-wr1-f50.google.com with SMTP id ffacd0b85a97d-3a507e88b0aso405199f8f.1 for ; Thu, 24 Jul 2025 00:27:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753342034; x=1753946834; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Fw30muO6xHZBsG+VnfSnUZ1lN73Y/WEe7ubXx9XY7bo=; b=BvNuPZFLZ6u12m1Ja9/6rVd8bcXrPHmT9+Q+0PulOY4aorwzixwnDdtcE6CYWf/19q B7YK35/HDGAdOj+Y2GoISCbNQznYK4G52AlvyMUr4XekANSnGqOn4YdijHEFdHpNZ5uC 9fDDuhQa9Ml/T1AVpHelNFtT6mueGXp3imkAxj/3dOcWBQIt+pSY71WbUyAB+SoOJoN8 tKOVrtjDNcchT5Gcxa4CUzuqjIWGZZ1Oo0uh+yrfxSz504+DlLP86bO0t+N9hfxlPin1 4vi9E4xBh1u9/HHeS/h1upaRjxEG1LVhL3i/059Hg2vbAHfXakaq6koEqpi0K+QIcNK4 2CeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753342034; x=1753946834; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Fw30muO6xHZBsG+VnfSnUZ1lN73Y/WEe7ubXx9XY7bo=; b=UHbDQxb1IX0cDO+DCp4u6gRqsQxIPyqQMRaWCa3T8YyHY8KpdGx1pAQCh9D5033I32 hf5nvC5RNz6wOMAguB+eEwoZgJAL9qRPOsIm7gmhzyIoxFGjy6g2GDQh/sQ3+qBZ1+TC FVaFghGJFNUD/Ns8nzmF71JbiINR2Q3TziIV0X8oZ5ixhdDGwKR02VH5X8p0X3M4jNi/ MhOIGDKonT8WT8fMsfni5RJ3fmyhCkWsZ8oZhOpWdHK75HQJtiKXVoLtFIA1tZX/Tf7F U3rXsK1iQc37eX+nQH0FyrLdpuv5EO5GJPEpl/M9xw7T2yumHnttafeQ0btHRxeU7Qr/ csfg== X-Gm-Message-State: AOJu0YxzApaq2Yphd378NTVWQqemr/Xlzlezvd4nBSJK7Q9kVOKAJ1v7 g1Vd8ZZkTwp04xi3HEIifuItwwH28ZBOuUNhq1e3SprwJUtw+QezKL+3U/I7KA== X-Gm-Gg: ASbGncsWP6B3hzK0IbaA+R4lXBdKgTE0p5YGlvw8TN1C6panji3eTUaVTy5XRpI4Ki2 rMPJmaBgBQ8jAncq5m7Dxz9CVMBbKiPTVH8zK0UXuUObaobTBTCCy34Fz6JYSvsv2QenkJNbtpC uzEeNF/Xo+c59UTG23W9J9/ByvDv7+ZoPDOyg9xDwHEjkMRRu/KdgsmMz8CLGQv4wnX8u1GAaxi 5KsGDYS29MR/zDU3sYV4XmMnFojCs1My1YPf9SmugifaxongDFTEKapgw8zuXTPJrZFlNiZejP5 Spsaf48658XKy3WIAkooRERZzHaJJa+Y8U32MCO16kqrFMDfSV2hIfz8JfIM1cuUZ60M/BvnNhx Uaws9ybldTzpPKrNq9X1yhHUGbFycBl8dSkQ= X-Google-Smtp-Source: AGHT+IGm2K5TryP51KTzz4eliPCeYMIIEnb93hGzwchP49kPYZUr8CSPIHCmIImlyAAIzjK+gyOedg== X-Received: by 2002:a05:6000:26cf:b0:3a5:2cf3:d6ab with SMTP id ffacd0b85a97d-3b768f076dbmr4727864f8f.39.1753342033574; Thu, 24 Jul 2025 00:27:13 -0700 (PDT) Received: from voyage.lan ([2a0d:3341:cd4f:d110:cf6f:2013:cd74:cf4e]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b76fcad23bsm1231723f8f.44.2025.07.24.00.27.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jul 2025 00:27:12 -0700 (PDT) From: Marta Rybczynska X-Google-Original-From: Marta Rybczynska To: yocto-patches@lists.yoctoproject.org Cc: Marta Rybczynska Subject: [PATCH 1/7] gitlab-ci.yml: fix file redirection for qemux86 build logs Date: Thu, 24 Jul 2025 09:25:43 +0200 Message-ID: <20250724072642.7358-2-marta.rybczynska@ygreky.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250724072642.7358-1-marta.rybczynska@ygreky.com> References: <20250724072642.7358-1-marta.rybczynska@ygreky.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 24 Jul 2025 07:27:21 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/1858 Signed-off-by: Marta Rybczynska --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 628b0e6..80b2dfd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -59,7 +59,7 @@ qemux86: extends: .base script: - kas shell kas/$CI_JOB_NAME.yml -c "bitbake -k security-build-image integrity-image-minimal" 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_security_image.txt - - kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml 2>&1 | tee CI_PROJECT_DIR/log/qemux86_harden_image.txt + - kas build --target harden-image-minimal kas/$CI_JOB_NAME-harden.yml 2>&1 | tee $CI_PROJECT_DIR/log/qemux86_harden_image.txt qemux86-musl: extends: .musl From patchwork Thu Jul 24 07:25:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marta Rybczynska X-Patchwork-Id: 67380 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C15ACC83F1A for ; Thu, 24 Jul 2025 07:27:21 +0000 (UTC) Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by mx.groups.io with SMTP id smtpd.web10.6917.1753342038956741329 for ; Thu, 24 Jul 2025 00:27:19 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=i6wAgrlh; spf=pass (domain: gmail.com, ip: 209.85.221.46, mailfrom: rybczynska@gmail.com) Received: by mail-wr1-f46.google.com with SMTP id ffacd0b85a97d-3ab112dea41so357479f8f.1 for ; Thu, 24 Jul 2025 00:27:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753342037; x=1753946837; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HfCqZVP13wfx5T3ft9xNQXpigDpi2Kz9ST8JEERYcow=; b=i6wAgrlhhXyypO6ZaGHyVaBHwW1lbjSa2WrdPRqt0T+hCEIIprSs50iRB5ca+K9NZP kPbPdSVogP14W+BQWNQPuLaUKtnlW7XB0WNEn98g6k+qLj7QP9A+QBynTgLJhOLVjRDX oHkW7Wmwc4zCUNYc1SDKeATvwssDrcj88sSUns+xIYXo9v1NrxOb8fqUxhvDdNaBzuo1 2sJ5G8RhmsxrX23IRYfJGL74IURbt1oISMgpygSvM72KUQm9Ons4uFBHyIx1PygqHM80 l0bPvwS0r23za3FN8SP3zgxIXDgxOMK9LIy7JFJpV5SooXEtDGI+ZA7bfUpNs3v45TTY /MAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753342037; x=1753946837; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HfCqZVP13wfx5T3ft9xNQXpigDpi2Kz9ST8JEERYcow=; b=M2+khbaLCHCtxE1t+w0pk3t2Vs7a4yNB1rc0W8ntzq8eMbKMxv3ds42rMp6XKhYgYE gFFDTCBEOE9pDNvod/qHa6iTKzEiXQyGrJzkhBYwofd1ahYM8jM+zbRrfmRk0XftgbRm QsgZkCrv300M1vnVKFnJLm2ltxKOvPM4xQJKQj7FbCbCmwHfQx8lqRubnT85e2Njr3Ck EdZugDthI8+vIBRlHpCnS7nUEXfZjlYVzJP+4+Bk/3w0PVvvMc85jwf1FyuCNmkSgUk6 XEp29U+ofUP6ES1Nsjm84Wos7zFajh84mKC4WhyXhvpK3odxlxkq3puDZmTtW+GP+dDp gDTg== X-Gm-Message-State: AOJu0YyQ9yJCIf62/AQHPM0v17k37LuJxKJkvJJckNvoxzXV66ZJvWc+ z4aHb8sEwq3sMX1/bWNEvzp4DN97F+J05s1NH/Hi6r9kivlsuT/W34C8lZn+pQ== X-Gm-Gg: ASbGncuw6yeYUOx3zugsvg9lShGwA472AyGudM4tdfgEkcqYPRzy5J4cnxQeRqFZobr 1GpQpCQrESKXCO2//NCyN8TvPIyTzm0VCb6pX8Dyg3qsOGM5W4I2/i241z934FWPOIgs4olKKy+ 6axFdoChvsSDj9eqGElf15SSpPJbGXT18BVfEzJzOFgwiJjE9miV34wkzdEUl3PsHgWMt8EryNe QC3diKb2eyB1x60lYGbs/esznS68xex23CxN7BI++4amcfr1FIZjLeP1kaRj3/ECQZUtAPSBWQ/ RkClX/jglpwo3PScBrz7cXAAkCO6bc/ICwNZrYItp/Uvv15J2Lf1qzitxdT8dl1WSm+RsddvUOX 1FbNQ7O0PP8Bl4hd6Ws1x1MRA8UKbSqVkP4M= X-Google-Smtp-Source: AGHT+IGYciOrOevLieWDt9GGB1aXZImCU6GSczyXvgmBBZJhLa1nVJbsLI/BGcPnJ65DcIMODaXtxQ== X-Received: by 2002:a05:6000:40db:b0:3b5:f93a:bcc with SMTP id ffacd0b85a97d-3b768ef9668mr6082237f8f.35.1753342036619; Thu, 24 Jul 2025 00:27:16 -0700 (PDT) Received: from voyage.lan ([2a0d:3341:cd4f:d110:cf6f:2013:cd74:cf4e]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b76fcad23bsm1231723f8f.44.2025.07.24.00.27.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jul 2025 00:27:15 -0700 (PDT) From: Marta Rybczynska X-Google-Original-From: Marta Rybczynska To: yocto-patches@lists.yoctoproject.org Cc: Marta Rybczynska Subject: [PATCH 2/7] packagegroup-core-security: unify conditional adding of packages on RISCV Date: Thu, 24 Jul 2025 09:25:44 +0200 Message-ID: <20250724072642.7358-3-marta.rybczynska@ygreky.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250724072642.7358-1-marta.rybczynska@ygreky.com> References: <20250724072642.7358-1-marta.rybczynska@ygreky.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 24 Jul 2025 07:27:21 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/1859 The package choice was using TUNE_FEATURES that doesn't work anymore with multiple sub-architectures of RISCV. Instead use the overrides and make sure to take into account also qemu versions. Only riscv32/riscv64 does not work, fail on RDEPEND for qemu targets. Signed-off-by: Marta Rybczynska --- .../packagegroup/packagegroup-core-security.bb | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb index 764ec02..77782c9 100644 --- a/recipes-core/packagegroup/packagegroup-core-security.bb +++ b/recipes-core/packagegroup/packagegroup-core-security.bb @@ -51,13 +51,23 @@ RDEPENDS:packagegroup-security-utils:append:x86-64 = " firejail chipsec ${have_k RDEPENDS:packagegroup-security-utils:append:aarch64 = " firejail ${have_krill}" RDEPENDS:packagegroup-security-utils:remove:libc-musl = "krill firejail" +ARPWATCH = "arpwatch" +ARPWATCH:riscv32 = "" +ARPWATCH:riscv64 = "" +ARPWATCH:qemuriscv64 = "" +CLAMAV = "clamav clamav-daemon clamav-freshclam" +CLAMAV:riscv32 = "" +CLAMAV:riscv64 = "" +CLAMAV:qemuriscv64 = "" + SUMMARY:packagegroup-security-scanners = "Security scanners" RDEPENDS:packagegroup-security-scanners = "\ - ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " arpwatch",d)} \ + ${ARPWATCH} \ chkrootkit \ isic \ - ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-daemon clamav-freshclam",d)} \ + ${CLAMAV} \ " + RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "clamav clamav-daemon clamav-freshclam" RDEPENDS:packagegroup-security-scanners:remove:libc-musl = "arpwatch" From patchwork Thu Jul 24 07:25:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marta Rybczynska X-Patchwork-Id: 67382 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2479C87FCA for ; Thu, 24 Jul 2025 07:27:21 +0000 (UTC) Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) by mx.groups.io with SMTP id smtpd.web11.6900.1753342041095536911 for ; Thu, 24 Jul 2025 00:27:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=AqcLSkI7; spf=pass (domain: gmail.com, ip: 209.85.221.49, mailfrom: rybczynska@gmail.com) Received: by mail-wr1-f49.google.com with SMTP id ffacd0b85a97d-3b611665b96so375664f8f.2 for ; Thu, 24 Jul 2025 00:27:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753342039; x=1753946839; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=RyQiS9kXGyoF/yZq5jueymRo9pLyoBUY0gA1PIy4BcI=; b=AqcLSkI7zv/sO1K4AauQc+qejvQdtp4rOfVwN1j70X745T1QZJ/9ClTVDEfLpiIqh2 8x+X6DhJJ7aGBaEwZt5+OviQNkvEpcOfYEQj4NFIOPAjmVrvUQpbrNpVrLLv2KO1TAfq WS30jzhJf5aGpcJWB1TKzUsFtUZaHIXKIcPoCjYa0KUgV85eTJcue+vVx1lNAhxUDcgW t/1dMHNY+NKQEG2TSK6w01mxtQqnrlHcyl3juyZtzZQvb2eXZUQ0YlWhIE5Sj/UEXTrz FKGyrepFagNl3me7zfeCMhkTvU5z84YDbEtKHGV+9pZos88/+p3pwqBw6da3TIfP7nzW mxAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753342039; x=1753946839; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RyQiS9kXGyoF/yZq5jueymRo9pLyoBUY0gA1PIy4BcI=; b=DZJ7CrhbNlmkGOw69O1Q2ZVRmkTV8N+YU2elow7akrJO+ZDpp83+H+TBs5yF2N3RS5 otyA5PTX28PDihc6zdEqsoNHgZ3+CF37SgBzK6KmycQvzjcrSChglEi1F332qzvTSEp2 fOADcVuYwW6KoGxBZeS5pU7ubgGNW30kcgvmGb9MMR34rKuaef93NE60uvOfCUsMZJRI LwjHpD0klF1AwB+DTKALLsgeFc40R3+vn3gXSlH+edxd8O2ghKo3P4K7HgYcfLIjQMjm tE4SSL7YZCatX5UVch4iNgHggZ4PxCGrMMdnNunuUh2X9ng+yyEgsLgVvjhyuKfNjaVy lLgg== X-Gm-Message-State: AOJu0Yzoy/+2Lof8BSXH0Nd5dFjhQFrJ8NGKW5jDjHbgaeb5GILkeI8Q kJUwdmo7xEv3VQ4hTis0at4nIhTlNU3htKDwOZKhu7PCIILG83cQzT/ca1W4LA== X-Gm-Gg: ASbGncsWAxtGRmdkTfUCBMQm1eUuUV+Fs4O84Bh0dkr/Nr/KvXEi3dZagS1Skwq3iUo igy8e2nJautLq3aL5NjZXMwMSxJMJ1QlUXEzSFWMvEKaFSI6tsdP/22yz8lhvZUa0d4draPnrle 6FdPA0epytz4GgixnE+EzSyKRtPJtYsTMb4IqVw1rDxeZMNco3zEwzdMsFdAEksBv+RVXDlsjJh xdcdBPmcafgHETS6iVqwHIRNKMJ3dCbKEXUD+86B/EvKSvCnzhz00NRKPwvbW6x5npxE7ZEp0yz RYB3PitGuSdToZ6gjglqeXpYk6Cxmy90TaakHP0ugzY+4HQz3R+jF/zfz4DI75eJWI/y+eXSlr6 8BUERFoZjTwBhPXiHNg0sZr/0RV+B3rP5N+c= X-Google-Smtp-Source: AGHT+IGMiY8sOSCq62rCTP18oTMJnHp2WTHvUPx7nPIEy3xMPZ6uH26oWSLAh7tRk37/kX5eNkbJsQ== X-Received: by 2002:a05:6000:2c10:b0:3b3:bd27:f2b0 with SMTP id ffacd0b85a97d-3b768f044dfmr3874921f8f.43.1753342038965; Thu, 24 Jul 2025 00:27:18 -0700 (PDT) Received: from voyage.lan ([2a0d:3341:cd4f:d110:cf6f:2013:cd74:cf4e]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b76fcad23bsm1231723f8f.44.2025.07.24.00.27.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jul 2025 00:27:18 -0700 (PDT) From: Marta Rybczynska X-Google-Original-From: Marta Rybczynska To: yocto-patches@lists.yoctoproject.org Cc: Marta Rybczynska Subject: [PATCH 3/7] checksecurity: update the debian package Date: Thu, 24 Jul 2025 09:25:45 +0200 Message-ID: <20250724072642.7358-4-marta.rybczynska@ygreky.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250724072642.7358-1-marta.rybczynska@ygreky.com> References: <20250724072642.7358-1-marta.rybczynska@ygreky.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 24 Jul 2025 07:27:21 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/1860 The previously used package (nmu1) is not longer available, use the latest current one (nmu3). The changelog between the two: checksecurity (2.0.16+nmu3) unstable; urgency=medium * Non-maintainer upload. * Fix "missing required debian/rules targets build-arch and/or build- indep": Add targets to debian/rules. (Closes: #999082) * Fix "Removal of obsolete debhelper compat 5 and 6 in bookworm": Bump to 7 in debian/{compat,control}. (Closes: #965448) * Fix some grave packaging errors: - move debhelper from Build-Depends-Indep to Build-Depends - remove temporary files debian/postrm.debhelper and debian/substvars from source package -- gregor herrmann Sun, 26 Dec 2021 01:56:10 +0100 checksecurity (2.0.16+nmu2) unstable; urgency=medium * Non maintainer upload by the Reproducible Builds team. * No source change upload to rebuild on buildd with .buildinfo files. -- Holger Levsen Fri, 01 Jan 2021 19:17:53 +0100 Signed-off-by: Marta Rybczynska --- .../recipes-scanners/checksecurity/checksecurity_2.0.16.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dynamic-layers/meta-perl/recipes-scanners/checksecurity/checksecurity_2.0.16.bb b/dynamic-layers/meta-perl/recipes-scanners/checksecurity/checksecurity_2.0.16.bb index 8dfb1cc..75e7783 100644 --- a/dynamic-layers/meta-perl/recipes-scanners/checksecurity/checksecurity_2.0.16.bb +++ b/dynamic-layers/meta-perl/recipes-scanners/checksecurity/checksecurity_2.0.16.bb @@ -4,13 +4,13 @@ SECTION = "security" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6" -SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}+nmu1.tar.gz \ +SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}+nmu3.tar.gz \ file://check-setuid-use-more-portable-find-args.patch \ " -SRC_URI[sha256sum] = "9803b3760e9ec48e06ebaf48cec081db48c6fe72254a476224e4c5c55ed97fb0" +SRC_URI[sha256sum] = "12b043dc7b38512cdf0735c7c147a4f9e60d83a397b5b8ec130c65ceddbe1a0c" -S = "${UNPACKDIR}/checksecurity-${PV}+nmu1" +S = "${UNPACKDIR}/checksecurity-${PV}+nmu3" # allow for anylocal, no need to patch LOGDIR = "/etc/checksecurity" From patchwork Thu Jul 24 07:25:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marta Rybczynska X-Patchwork-Id: 67384 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5691C83F1A for ; Thu, 24 Jul 2025 07:27:31 +0000 (UTC) Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) by mx.groups.io with SMTP id smtpd.web10.6918.1753342043116629821 for ; Thu, 24 Jul 2025 00:27:23 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=BhrvWkW2; spf=pass (domain: gmail.com, ip: 209.85.221.48, mailfrom: rybczynska@gmail.com) Received: by mail-wr1-f48.google.com with SMTP id ffacd0b85a97d-3a6e2d85705so342863f8f.0 for ; Thu, 24 Jul 2025 00:27:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753342041; x=1753946841; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=g3ORcBnRbAkwEXPSNBhBEAN4+0e5vLYXFWGV48vgpts=; b=BhrvWkW2eDUj20Dk4s46fJQMeqBHtLZLGZ6eS1eMJsYHYKcXUp+HLD92Xx0yEtZcXl pBGcxT6MBOts9q8vtD+UcFLc5/Ilc62vprPpF2n3n2Lv2IFIW+7nx3SXJZSgsE+RsQmh QrXRdcAhLLIpTei45asQZq+gPub4lJAunIcBi2LpYoIkZyFPrUcrreozHvM/+pQF2rxm XF3quh6shsXGgp/Qjma8DMTWiUYnqC56APr+fkYyKX2Yf/b62NMlkURp7dAIi4KD4r6X izOpz1vmZ0Ukv9Dj3Z6Hq2ZMl9SrsWR8whe+oUZMG2nevndZ+K62GPA9uPfmWeUBolPR PmKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753342041; x=1753946841; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=g3ORcBnRbAkwEXPSNBhBEAN4+0e5vLYXFWGV48vgpts=; b=rPKlGkxI6lsUw0wZOkJYl87Su/q4zIVq+PuE+4NMWAzfpr4O/r0mdbNfQUuMSR6uLU Zov+yDhuvBbkmifFM+XPFpHvPNxg1GGFHc5ZCkavZvYLzrhcZAVAEJFxkbdhwSDCB/1G 7M1n+y6fWH340W4kxMTKj+vKvW7mztTlL8kVGzlC07m5fIEpPUUcKK+sj6628+ttew/v aVMPN758rdQH1bpkpj6xshwYw7lTNqje5AimnCtgifpyvmNmN4rFeD6VFj87mD1bFduw kVjDJCVzlgq0EdsKEgLWClm4j7wBnUBVvlASHh5iDaqVS3GOPAeTIQr8Iov8h0yCa2ip YCkw== X-Gm-Message-State: AOJu0YxtKhVJ+EXU3HzlqVowuU7MYlujmkiLa4QMCfE1plBGuZ2Q0LLG EZiABXxkj0gP6b2enE1E3/7FpBoW0ZYYrbJMwZDnykoY7SYtRUx7KBTgBxWg2A== X-Gm-Gg: ASbGncsLrtZCijibdX7itVoqSHWH5vmXZ7tdUJTNmva1sXIp5FjQK4SCdEroLc3b+1V hawxiNNFuQeZlAVvkplWqZCL+D0EPnftSmNeHgO3z5fyZ2/Xu2qyE4z6MRPVFMWJXSY9BLTRNN4 l5B7lAopXhJ4gqu4c+fkqzTBnfxsgHFfhVZOgg6a3w7EILMkAgmARBfzM8mMoDDdLC+Bv2iJXwZ Z1rt40slN22EYHtWvTNpjBakYzcGsG79gqFzt8Fv3825sl02yLdHkDa2CS1Hzj2aHI3z0OECvry mjQrDf8Po1iPIvE43O+bQ+U8YrkA8njQEYhFWeXIPgjqstzM4IpNpcasN7ir/BIYZBXgYGl45mY exZVHMiqYzeV7vp46RMUN6gGFYJ9DK30+HIc= X-Google-Smtp-Source: AGHT+IHyKhx69Za2gn+5qEB3LPHYzAA1b2iCVQstSQDQ0crNZDxj1bK66JBKQJplOuG9XVxv3Zw6Iw== X-Received: by 2002:a05:6000:2389:b0:3aa:34f4:d437 with SMTP id ffacd0b85a97d-3b768ef9577mr4223711f8f.37.1753342040940; Thu, 24 Jul 2025 00:27:20 -0700 (PDT) Received: from voyage.lan ([2a0d:3341:cd4f:d110:cf6f:2013:cd74:cf4e]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b76fcad23bsm1231723f8f.44.2025.07.24.00.27.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jul 2025 00:27:20 -0700 (PDT) From: Marta Rybczynska X-Google-Original-From: Marta Rybczynska To: yocto-patches@lists.yoctoproject.org Cc: Marta Rybczynska Subject: [PATCH 4/7] bastille: prevent host uids on files Date: Thu, 24 Jul 2025 09:25:46 +0200 Message-ID: <20250724072642.7358-5-marta.rybczynska@ygreky.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250724072642.7358-1-marta.rybczynska@ygreky.com> References: <20250724072642.7358-1-marta.rybczynska@ygreky.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 24 Jul 2025 07:27:31 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/1861 We get an intermittent QA error about file permissions, happening roughly on 1 build of 10. The change adds chown to prevent host ids on files related to the set_required_questions.py script, to avoid long debugging for now. Signed-off-by: Marta Rybczynska --- .../meta-perl/recipes-security/bastille/bastille_3.2.1.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb b/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb index b95ec2d..fa9a964 100644 --- a/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb +++ b/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb @@ -146,6 +146,8 @@ do_install () { ${THISDIR}/files/set_required_questions.py ${D}${sysconfdir}/Bastille/config ${D}${datadir}/Bastille/Questions + chown root:root -R ${D}/${datadir}/Bastille + ln -s RevertBastille ${D}${sbindir}/UndoBastille # Create /var/log/Bastille in runtime. From patchwork Thu Jul 24 07:25:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marta Rybczynska X-Patchwork-Id: 67383 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BD086C87FC5 for ; Thu, 24 Jul 2025 07:27:31 +0000 (UTC) Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by mx.groups.io with SMTP id smtpd.web10.6920.1753342045443465771 for ; Thu, 24 Jul 2025 00:27:25 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=fWR12NMo; spf=pass (domain: gmail.com, ip: 209.85.221.46, mailfrom: rybczynska@gmail.com) Received: by mail-wr1-f46.google.com with SMTP id ffacd0b85a97d-3a4fb9c2436so316541f8f.1 for ; Thu, 24 Jul 2025 00:27:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753342043; x=1753946843; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YzLu83BmvS8tARvGjnfUoQ73TII1WlE85rl9qt+2VXk=; b=fWR12NMon0IYHaGFhnLkfLOzpcty1gyG8qYgFQceB31vnP6C2VdEfKzOsN0titlNMW hyw6xKjQLSmTZIoHn+6+jYEsg2IjAcXjWatas+LPLi4RB2jBaNZjhGET3tl3UPcIEgkw GBiR28gy3cIQpkdoIWZlLJ9tTHmLNxU7Kb9GnIFVm3WCXnMyTx8G125TIP0Ws98QGK9h Fbqa257tyDAqCbHoa3hD8nvdqMzUl2jTgZDlCwn4ugycohoTo0EyUeSqzygK8ymS32lq +a4jiCOcgHcbS0Rt8Vq9TO+f8/XB93tExN+HB1g3v6pE5IPvwGdufQD4mF0Dl+99GmpP 7SsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753342043; x=1753946843; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YzLu83BmvS8tARvGjnfUoQ73TII1WlE85rl9qt+2VXk=; b=vKn2b/0dydAlPEPK9gauFeTKgUo1Ytvcuz7rH10LxVaAWqyHhQ1Ho5GoNZQjbkxGgF /+bbbFpGNXS4c6mKwvAHVKFnfoAQZSV2tE58il3apQ5HtbU8kjsQwy637ykMRAcfiqU0 AllJsEDuTSa7datd4rIeXuZMeRgnAepGgDdj25KfZ7HaWG2PXKSKQUZGLowW6jIHoxxA oQpb4+CI4PZA5oAv8kJBUrvocwOAqIvDNLSoU0AsUVQ7FvjDM+dohU+jOYm8EOxunMln HphnTVIXPS/L95wJV4Y2/q/uUjTBeSqOEU+Gn0F6b5qRVTfb3Vpw//Iv2OGcDDcfJqcD r6Jg== X-Gm-Message-State: AOJu0Ywm1d1UchQ2B1JpZ4q2R3HPbGMidK4nSkuASCocf35TdpLPjz0A jXcgSP9YJbTKI0wPU/VmkPeQySsEw+fTAgYSqr9GwzoBmrRUqKiL/mAa++QpEQ== X-Gm-Gg: ASbGnctvyodT57DVXdmtQOeO0EBqwIarrD+HQ56yiO7hiamTm0GL1VDTBZd3LgZ4IL0 G6rlgqv9abblbK0XQ9UBZu8pv0bCjPNsZK62nycSgMapF/9JUnhPs3iRUlKfPVHURH7JLZTH9Ti VAFq/p813ZNkfYmn+IroJMzDTm94gyayDNex0SRdqrDb9erGJfBKf8/vG/cUoAS/OvNsHP4yh/j EZoeXiPOLhoNRsFUMe5c4dUN06Wn6+FUPIwMe36Yknw0cCjJQtA592+XB7dqDownrbnoAgMYcjq fEIL6YEe5l8J/hZlgXwLzvFyGrI5lblUL++/tj1BOV0f86g0dYdTOzf6KR2inV/4s4RfOMiRDD1 zl12evsvA1j0o7YojQAfIl9ohvIBmQ/wU5c0= X-Google-Smtp-Source: AGHT+IEC1kZvy0Fmy/AAL1f1ecI6bFz14IzADNtQX7w9D00wZGqSYnV8QUuo/9prMYvKlO5D7bJqow== X-Received: by 2002:a05:6000:248a:b0:3a6:d604:a017 with SMTP id ffacd0b85a97d-3b768eedfa6mr4233965f8f.24.1753342043274; Thu, 24 Jul 2025 00:27:23 -0700 (PDT) Received: from voyage.lan ([2a0d:3341:cd4f:d110:cf6f:2013:cd74:cf4e]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b76fcad23bsm1231723f8f.44.2025.07.24.00.27.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jul 2025 00:27:22 -0700 (PDT) From: Marta Rybczynska X-Google-Original-From: Marta Rybczynska To: yocto-patches@lists.yoctoproject.org Cc: Marta Rybczynska Subject: [PATCH 5/7] kas: add common dldir/sstate Date: Thu, 24 Jul 2025 09:25:47 +0200 Message-ID: <20250724072642.7358-6-marta.rybczynska@ygreky.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250724072642.7358-1-marta.rybczynska@ygreky.com> References: <20250724072642.7358-1-marta.rybczynska@ygreky.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 24 Jul 2025 07:27:31 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/1862 Signed-off-by: Marta Rybczynska --- kas/kas-security-base.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml index 6d53071..3ff2ae3 100644 --- a/kas/kas-security-base.yml +++ b/kas/kas-security-base.yml @@ -60,6 +60,10 @@ local_conf_header: HALT,${SSTATE_DIR},100M,1K \ HALT,/tmp,10M,1K" + dlsstate: | + DL_DIR = "/home/gitlab-runner/build/downloads" + SSTATE_DIR = "/home/gitlab-runner/build/sstate-cache" + bblayers_conf_header: base: | BBPATH = "${TOPDIR}" From patchwork Thu Jul 24 07:25:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marta Rybczynska X-Patchwork-Id: 67386 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C3401C83F26 for ; Thu, 24 Jul 2025 07:27:31 +0000 (UTC) Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) by mx.groups.io with SMTP id smtpd.web11.6901.1753342047498097728 for ; Thu, 24 Jul 2025 00:27:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=APHsx7PA; spf=pass (domain: gmail.com, ip: 209.85.128.47, mailfrom: rybczynska@gmail.com) Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-4550709f2c1so4293085e9.3 for ; Thu, 24 Jul 2025 00:27:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753342045; x=1753946845; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/MQBCCw4tMdixUvsriFLJNx/IB/eSKUeFVwA5q56PI4=; b=APHsx7PAxCoh8ewjTgJh0+z+tjN8YBhI3Nbd1/0BH94j6qa61tyMfwWYwugCkwqxIN FzH7oDEl0a5EBjkB0jc5GAtIvlI1BEXv/QbXxHkNJcPh+zaa/jgpcQA9fbXIDljDREbS fWZ4yZKoSLot/Z1oi3EaxRrYWPAhwNmClfCVys3emo1pIwmoXH4nY8IT8ttSGxbzT4bd Gz4TTHoLuZ1TarCxom5+oiKgwfrswm6o6mwPIeHCzSfU9PEo2FCQ2lDhKcy8OPTUzSbJ 1c+iN5Oim30tcEW2DbuJMiQxMa5qpWhTIpZX7CJ17NbL/KfCxwOVVWEKjt//Uk6Fykmq bT7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753342045; x=1753946845; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/MQBCCw4tMdixUvsriFLJNx/IB/eSKUeFVwA5q56PI4=; b=MNDpo5wAMglpC1tXGRfY/m2wOC3rfvfEcLX5koskx+sz+98doF3W7eFE28MysMf3sY 7q1zHwP5VTBrocFTi+CMmLSMZ/W+nslEaOW5wwSljW45dxVDVXE5lFYdi6/zzCmwfg02 JnEA+smc6v0eXnksMi1d7tOuuCb9NQl9NzNmFKBc1RuI3bXXzt8kRb6NzgTGgFd3tJBG NQI48qslvg6cjLkSOe6uLDFAoGbrjrdmd9v/kqHIdqVldhGobIwisTbPLyRSCeS07LYd gVw5jSgO1PYtxDG3IVvmiiN+yhypgeZHChOJT+4PW1IUlGGNSoJrm6+yWwnDeNwQElYH VD6g== X-Gm-Message-State: AOJu0Yw90zpImJftUi47a1sjD1UCj/N+GALpesTGEO76wI67mEJG88BG /Dj5NDuE7sM/c+Eds9FnBvMO6nTZGBEfDdr8IVpJbD3QBSF4lOeu5innL1/ndw== X-Gm-Gg: ASbGncuccXTIVFodYOGFCdE0Vo48ZzZZnWH/TyL8svq2NVn1csdRRHH9OZcUdkZbFlz 86BMTq6jYiCJ0FRmfGra0gyG6YS4HZDq+5/J5n/8C17cPIunhsMrw6uvVumfg0VPLo6mQyT7SCy aJ3pS92+s9utHaK/G3sNOHOWh3e8aHSfVMLgsKHhBV/7BQbUl4M/yeWM2+AsEVQRAW91aMNIgdo Co5k9XLqC51jZ8b6/cOqj+9jt0U+ZLK3ZckJ79oVjIssaerJ0YA7Z+pf0gJmFvANTGuPHRZK+8r CW2zSaxd8i619F0qMJN4gIQPcW+XLr73Cjs1bEZbJOjfOWUDhABI+12gzpwXkKYayRpniEf6rj7 LoOmiLZCiZKLwO4CySH5lMZ/z2s566BsEcS0= X-Google-Smtp-Source: AGHT+IFODYLDOcvn3Mlkv0RfKI+y61PJmeIDrr/ezkY6moB4I2bhvr1ths5igRTM0QwKStPvnliWFg== X-Received: by 2002:a05:600c:8b10:b0:456:1121:3ad8 with SMTP id 5b1f17b1804b1-45868c9d357mr62699205e9.10.1753342045241; Thu, 24 Jul 2025 00:27:25 -0700 (PDT) Received: from voyage.lan ([2a0d:3341:cd4f:d110:cf6f:2013:cd74:cf4e]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b76fcad23bsm1231723f8f.44.2025.07.24.00.27.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jul 2025 00:27:24 -0700 (PDT) From: Marta Rybczynska X-Google-Original-From: Marta Rybczynska To: yocto-patches@lists.yoctoproject.org Cc: Marta Rybczynska Subject: [PATCH 6/7] aide: remove for musl Date: Thu, 24 Jul 2025 09:25:48 +0200 Message-ID: <20250724072642.7358-7-marta.rybczynska@ygreky.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250724072642.7358-1-marta.rybczynska@ygreky.com> References: <20250724072642.7358-1-marta.rybczynska@ygreky.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 24 Jul 2025 07:27:31 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/1863 Aide currently doesn't compile with musl because of copied getopt prototypes and implementation. Signed-off-by: Marta Rybczynska --- recipes-core/packagegroup/packagegroup-core-security.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb index 77782c9..bda78ce 100644 --- a/recipes-core/packagegroup/packagegroup-core-security.bb +++ b/recipes-core/packagegroup/packagegroup-core-security.bb @@ -91,6 +91,7 @@ RDEPENDS:packagegroup-security-ids:remove:powerpc64 = "suricata" RDEPENDS:packagegroup-security-ids:remove:riscv32 = "suricata" RDEPENDS:packagegroup-security-ids:remove:riscv64 = "suricata" RDEPENDS:packagegroup-security-ids:remove:libc-musl = "ossec-hids" +RDEPENDS:packagegroup-security-ids:remove:libc-musl = "aide" SUMMARY:packagegroup-security-mac = "Security Mandatory Access Control systems" RDEPENDS:packagegroup-security-mac = " \ From patchwork Thu Jul 24 07:25:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marta Rybczynska X-Patchwork-Id: 67385 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CD590C87FCA for ; Thu, 24 Jul 2025 07:27:31 +0000 (UTC) Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) by mx.groups.io with SMTP id smtpd.web10.6921.1753342050051079708 for ; Thu, 24 Jul 2025 00:27:30 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=OeBMRQVn; spf=pass (domain: gmail.com, ip: 209.85.221.41, mailfrom: rybczynska@gmail.com) Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-3a575a988f9so353614f8f.0 for ; Thu, 24 Jul 2025 00:27:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753342048; x=1753946848; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dZQdw6X0kuf3VSpB1FNBw9S+gb5HiCvE/F+v3c2foR8=; b=OeBMRQVnJILGlF8ZL5MPeUfch4YRptiZFwoOQVeiXR1HrtEapj4oJSzmKN/sD97PP0 rmcLRZISIvEFIohupVDWFoZkb3mabF9EeZb4Ukd2Whaj/y/b+hfpJ0yw+XJ5+re2D4z8 bdk2nF7f2FnyEwTTobyfa6DXZI26hPtX7f0R0+/k4ny4iJ+BmSywAJaLcx4nzQGQbcFo G6a4yAPw5SWht5OFxgj+EvodOUzv2DuZmC8IRy4E8topIMmgRoF51nRDtvW32oWSnQaE NP1feoLppUTmQ93yxCcsIWnKrBwyIAwUTNFa96Lj2dGuRlK5N1MQ/WRNcPqWWroWiXxk iBYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753342048; x=1753946848; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dZQdw6X0kuf3VSpB1FNBw9S+gb5HiCvE/F+v3c2foR8=; b=BTpxisR5VukQReDvUmb7is6sBHLYbS9QJQJ0clHgTlvXq9CHszo2v2u9FEPTfnUPSk YHRyOnMR6MtHzmzN3DnUPRln/OIkitLGdoR9Fx1ZSIBVdV6UGgT0BlvkZtdqrOcdXTqe Yb8FdN/Fmjzj94TZDdduyd66E8h6A/R56kbclvXdTRHPbjKmg9rivstFo3j4tpmUJhZq ApFPwKHJKhSV6XXwHc2pNGt87h5p52s6LqfgoFTcuGhkkYGi0FgL9FW1g17d7CQhoN6V ggOoeE5hnLMn43CMF7JJwKuxlQfx0cQmrHS2gN2YOCT7XMDKIh/t7Eub/MzGTZUl2OKE FZkA== X-Gm-Message-State: AOJu0Yxn7KcsZSfTZvRXIHTm5AqLdgN+agImS+wLmtphVVf2zpV2DFbG EUGDEIdXaRs8CuQSFl7ZWYzM3z2djBX1FwC+l4/CZO8hHW4QWLhX25hwP0HoYg== X-Gm-Gg: ASbGncsXRtiKbQv9mCoH0qeuUXhFu+CGYR3/ugVMmCHZ30LlEDeJgg5BLzK8T+bB60q /5R9dY64f4IGgHzaUJKyogIBisOE6voYnaWip6aPVY6vM4Vv1oo9v33q8SFn/QEjAJqKfERffWq HD3hUQ+eoML0k7U8WXcyfaHOFGDwEupWBB+KbkI7h40nx+92JIPjvGBySq7voVNWME+5SURiA2a rgi20bOKi2fPb4d/z33ZcXFt3D1NsGvsc74ui5UbySZDvkTJtr5AMCuzontcuoh6eNuG2m0p2nh tFEWkjQvOXhC+DCxbsNvGWSNGN6vXOKtxoTGf1ESa19m4Ps5HwTK+wz4fwvn3wHvAui+YOprZFk ISyWDOIw0X9a1kBS1J2XYS27FqYfwmccRa50= X-Google-Smtp-Source: AGHT+IHgALhm1PTXrOBBL25WqtSQRe9BVnAEYwS76wex5qLGe7FCiXiYAc1qA3ZYoGNhwvKKILpp0Q== X-Received: by 2002:a05:6000:2284:b0:3b6:d95:a3a4 with SMTP id ffacd0b85a97d-3b768ecf288mr4192944f8f.4.1753342047931; Thu, 24 Jul 2025 00:27:27 -0700 (PDT) Received: from voyage.lan ([2a0d:3341:cd4f:d110:cf6f:2013:cd74:cf4e]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b76fcad23bsm1231723f8f.44.2025.07.24.00.27.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Jul 2025 00:27:26 -0700 (PDT) From: Marta Rybczynska X-Google-Original-From: Marta Rybczynska To: yocto-patches@lists.yoctoproject.org Cc: Marta Rybczynska Subject: [PATCH 7/7] kas: add whitespaces around assignement Date: Thu, 24 Jul 2025 09:25:49 +0200 Message-ID: <20250724072642.7358-8-marta.rybczynska@ygreky.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250724072642.7358-1-marta.rybczynska@ygreky.com> References: <20250724072642.7358-1-marta.rybczynska@ygreky.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 24 Jul 2025 07:27:31 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/1864 Add whitespaces when assigning variables in kas cofiguration. We were getting: WARNING: ... has a lack of whitespace around the assignment: 'BB_NUMBER_THREADS="24"' WARNING: ... has a lack of whitespace around the assignment: 'BB_NUMBER_PARSE_THREADS="12"' Signed-off-by: Marta Rybczynska --- kas/kas-security-base.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml index 3ff2ae3..17f4bb3 100644 --- a/kas/kas-security-base.yml +++ b/kas/kas-security-base.yml @@ -36,8 +36,8 @@ local_conf_header: INHERIT += "buildstats buildstats-summary buildhistory" INHERIT += "report-error" IMAGE_CLASSES += "testimage" - BB_NUMBER_THREADS="24" - BB_NUMBER_PARSE_THREADS="12" + BB_NUMBER_THREADS = "24" + BB_NUMBER_PARSE_THREADS = "12" BB_TASK_NICE_LEVEL = '5' BB_TASK_NICE_LEVEL_task-testimage = '0' BB_TASK_IONICE_LEVEL = '2.7'