diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-09-01 22:21:06 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-09-01 22:21:07 +0300 |
commit | 49e29a10ccf9979817e7c40b903e7c7925ab2e5c (patch) | |
tree | e425e17846a1bbe48def05d872841610568584cd /meta-security/recipes-security/ecryptfs-utils | |
parent | 0f291cce3faf2fd387c0db8f04bd2f9f4187f6df (diff) | |
download | openbmc-49e29a10ccf9979817e7c40b903e7c7925ab2e5c.tar.xz |
meta-security: subtree update:6d399b34ab..30ea7a89dc
Adrian Bunk (2):
xmlsec1: Remove, moved to meta-oe
libenv-perl: Remove, moved to meta-perl
Armin Kuster (3):
apparmor: fix RDPENDS
apparmor: update to 2.13.3
integrity-image: IMA_EVM_KEY_DIR has no affect, remove
Qi.Chen@windriver.com (2):
ecryptfs-utils: remove openssl PACKAGECONFIG
ecryptfs-utils: fix race condition in do_install
Yuan Chao (2):
python-scapy: upgrade 2.4.2 -> 2.4.3
checksec: upgrade 1.11.1 -> 2.1.0
Change-Id: I888703dc3a3df6fa0da471e1d112f9d88dcdc44b
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-security/recipes-security/ecryptfs-utils')
-rw-r--r-- | meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb | 3 | ||||
-rw-r--r-- | meta-security/recipes-security/ecryptfs-utils/files/0001-avoid-race-condition.patch | 32 |
2 files changed, 34 insertions, 1 deletions
diff --git a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb index 1f780f9e3..e45ee0ba0 100644 --- a/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb +++ b/meta-security/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb @@ -14,6 +14,7 @@ DEPENDS = "keyutils libgcrypt intltool-native glib-2.0-native" SRC_URI = "\ https://launchpad.net/ecryptfs/trunk/${PV}/+download/${BPN}_${PV}.orig.tar.gz \ file://ecryptfs-utils-CVE-2016-6224.patch \ + file://0001-avoid-race-condition.patch \ file://ecryptfs.service \ " @@ -30,13 +31,13 @@ EXTRA_OECONF = "\ --disable-pywrap \ --disable-nls \ --with-pamdir=${base_libdir}/security \ + --disable-openssl \ " PACKAGECONFIG ??= "nss \ ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ " PACKAGECONFIG[nss] = "--enable-nss,--disable-nss,nss," -PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl," PACKAGECONFIG[pam] = "--enable-pam,--disable-pam,libpam," do_configure_prepend() { diff --git a/meta-security/recipes-security/ecryptfs-utils/files/0001-avoid-race-condition.patch b/meta-security/recipes-security/ecryptfs-utils/files/0001-avoid-race-condition.patch new file mode 100644 index 000000000..af28d5810 --- /dev/null +++ b/meta-security/recipes-security/ecryptfs-utils/files/0001-avoid-race-condition.patch @@ -0,0 +1,32 @@ +From ab671b02e3aaf65dd1fd279789ea933b8140fe52 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 27 Aug 2019 16:08:00 +0800 +Subject: [PATCH] avoid race condition + +The rootsbin directory is self defined. The install-rootsbinPROGRAMS +is actually treated as part of install-data. + +This would avoid race condition which causes install failure. + +Upstream-Status: Pending + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/utils/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/utils/Makefile.am b/src/utils/Makefile.am +index 83cf851..344883a 100644 +--- a/src/utils/Makefile.am ++++ b/src/utils/Makefile.am +@@ -67,6 +67,6 @@ ecryptfs_stat_LDADD = $(top_builddir)/src/libecryptfs/libecryptfs.la + test_SOURCES = test.c io.c + test_LDADD = $(top_builddir)/src/libecryptfs/libecryptfs.la + +-install-exec-hook: install-rootsbinPROGRAMS ++install-data-hook: install-rootsbinPROGRAMS + -rm -f "$(DESTDIR)/$(rootsbindir)/umount.ecryptfs_private" + $(LN_S) "mount.ecryptfs_private" "$(DESTDIR)/$(rootsbindir)/umount.ecryptfs_private" +-- +2.17.1 + |