Merge branch 'master' of ssh://git-amr-1.devtools.intel.com:29418/openbmc-openbmc into update

author: Jason M. Bills <jason.m.bills@linux.intel.com> 2019-12-16 23:15:45 +0300
committer: Jason M. Bills <jason.m.bills@linux.intel.com> 2019-12-16 23:15:45 +0300
commit: 506611d226c82d05215ec3d2dab50a43a531b691 (patch)
tree: 302e0e255b959be532f5e26329db97740118f5f5 /meta-security
parent: 243c130a919c7037b5edd3a8097317340796ce85 (diff)
parent: 9dfc7e69bc505f474dd4117a8d690b1287e2a48f (diff)
download: openbmc-506611d226c82d05215ec3d2dab50a43a531b691.tar.xz
20 files changed, 87 insertions, 78 deletions
diff --git a/meta-security/README b/meta-security/README
index 5abb0e262..c419d506d 100644
--- a/meta-security/README
+++ b/meta-security/README
@@ -52,14 +52,14 @@ other layers needed. e.g.:
 Maintenance
 -----------
 
-Send pull requests, patches, comments or questions to yocto@yoctoproject.org
+Send pull requests, patches, comments or questions to yocto@lists.yoctoproject.org
 
 When sending single patches, please using something like:
-'git send-email -1 --to yocto@yoctoproject.org --subject-prefix=meta-security][PATCH'
+'git send-email -1 --to yocto@lists.yoctoproject.org --subject-prefix=meta-security][PATCH'
 
 These values can be set as defaults for this repository:
 
-$ git config sendemail.to yocto@yoctoproject.org
+$ git config sendemail.to yocto@lists.yoctoproject.org
 $ git config format.subjectPrefix meta-security][PATCH
 
 Now you can just do 'git send-email origin/master' to send all local patches.
diff --git a/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb b/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb
index 8385c9403..b706d1505 100644
--- a/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb
@@ -32,6 +32,7 @@ RRECOMMENDS_${PN} = "kernel-module-aes-generic \
                      kernel-module-xts \
                     "
 
+FILES_${PN} += "${libdir}/tmpfiles.d"
 RDEPENDS_${PN} += "lvm2 libdevmapper"
 RRECOMMENDS_${PN} += "lvm2-udevrules"
 
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.2.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb
index 021c96930..991364ad3 100644
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.2.0.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb
@@ -18,7 +18,7 @@ SRC_URI = "\
     file://tpm2-abrmd.default \
 "
 
-SRCREV = "ac2a5a4b5a4e548177ed7a5b74cea23e00fd30b4"
+SRCREV = "ac82192df1158cb58eac02777cf15c965b02cfbc"
 
 S = "${WORKDIR}/git"
 
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_0.9.9.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_0.9.9.bb
index 218574999..351e03e5b 100644
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_0.9.9.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_0.9.9.bb
@@ -10,7 +10,7 @@ SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git \
            file://bootstrap_fixup.patch \
           "
 
-SRCREV = "caf20c04651029626466c59d88b36c05cc6ea20b"
+SRCREV = "6de3f6f9c6e0a4983f3fb90e35feb34906f8aea7"
 
 S = "${WORKDIR}/git"
 
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_3.2.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_3.2.0.bb
deleted file mode 100644
index b6f1be0d9..000000000
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_3.2.0.bb
+++ /dev/null
@@ -1,15 +0,0 @@
-SUMMARY = "Tools for TPM2."
-DESCRIPTION = "tpm2-tools"
-LICENSE = "BSD"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=91b7c548d73ea16537799e8060cea819"
-SECTION = "tpm"
-
-DEPENDS = "pkgconfig tpm2-tss openssl curl autoconf-archive"
-
-SRCREV = "a17daa948fc67685651bf3b7a589ed341080ddd3"
-
-SRC_URI = "git://github.com/tpm2-software/tpm2-tools.git;branch=3.X"
-
-S = "${WORKDIR}/git"
-
-inherit autotools pkgconfig
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.0.1.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.0.1.bb
new file mode 100644
index 000000000..8f9497252
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.0.1.bb
@@ -0,0 +1,14 @@
+SUMMARY = "Tools for TPM2."
+DESCRIPTION = "tpm2-tools"
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc"
+SECTION = "tpm"
+
+DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive"
+
+SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"
+
+SRC_URI[md5sum] = "071aa40bc8721700ea4ed19cc2fdeabf"
+SRC_URI[sha256sum] = "ccec3fca6370341a102c5c2ef1ddb4e5cd242bf1bbc6c51d969f77fc78ca67d1"
+
+inherit autotools pkgconfig bash-completion
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/files/litpm2_totp_build_fix.patch b/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/files/litpm2_totp_build_fix.patch
deleted file mode 100644
index c14705458..000000000
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/files/litpm2_totp_build_fix.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-C99 fixes:
-
- src/libtpm2-totp.c:172:13: error: format '%li' expects argument of type 'long int', but argument 3 has type 'size_t' {aka 'unsigned int'} [-Werror=format=]
-|          dbg("Calling Esys_GetRandom for %li bytes", SECRETLEN - *secret_size);
-
-src/tpm2-totp.c:343:23: error: format '%ld' expects argument of type 'long int', but argument 3 has type 'uint64_t' {aka 'long long unsigned int'} [-Werror=format=]
-
-Upstream-Status: Pending
-Signed-off-by: Armin Kuster <akuster808@gmail.com>
-
-Index: git/src/libtpm2-totp.c
-===================================================================
---- git.orig/src/libtpm2-totp.c
-+++ git/src/libtpm2-totp.c
-@@ -169,7 +169,7 @@ tpm2totp_generateKey(uint32_t pcrs, uint
-     if (rc != TPM2_RC_INITIALIZE) chkrc(rc, goto error);
- 
-     while (*secret_size < SECRETLEN) {
--        dbg("Calling Esys_GetRandom for %li bytes", SECRETLEN - *secret_size);
-+        dbg("Calling Esys_GetRandom for %li bytes", (long int) (SECRETLEN - *secret_size));
-         rc = Esys_GetRandom(ctx,
-                             ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
-                             SECRETLEN - *secret_size, &t);
-Index: git/src/tpm2-totp.c
-===================================================================
---- git.orig/src/tpm2-totp.c
-+++ git/src/tpm2-totp.c
-@@ -340,7 +340,7 @@ main(int argc, char **argv)
-                             localtime (&now));
-             chkrc(rc, exit(1));
-         }
--        printf("%s%06ld", timestr, totp);
-+        printf("%s%06ld", timestr, (long int)totp);
-         break;
-     case CMD_RESEAL:
-         rc = tpm2totp_loadKey_nv(opt.nvindex, &keyBlob, &keyBlob_size);
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.1.2.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb
index 8a2504d94..0dad67306 100644
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.1.2.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb
@@ -9,9 +9,9 @@ DEPENDS = "autoconf-archive libtss2-dev qrencode"
 
 PE = "1"
 
-SRCREV = "15cc8fbc8fe71be9c04c3169ee1f70450d52a51a"
-SRC_URI = "git://github.com/tpm2-software/tpm2-totp.git;branch=v0.1.x \
-           file://litpm2_totp_build_fix.patch "
+SRCREV = "994b4203e4769baefa6e7719915629bc8210e90a"
+SRC_URI = "git://github.com/tpm2-software/tpm2-totp.git;branch=v0.2.x \
+          "
 
 inherit autotools-brokensep pkgconfig
 
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss-engine/tpm2-tss-engine_1.0.1.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss-engine/tpm2-tss-engine_1.0.1.bb
index 8825737ee..3641b1b76 100644
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss-engine/tpm2-tss-engine_1.0.1.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss-engine/tpm2-tss-engine_1.0.1.bb
@@ -2,13 +2,13 @@ SUMMARY = "The tpm2-tss-engine project implements a cryptographic engine for Ope
 DESCRIPTION = "The tpm2-tss-engine project implements a cryptographic engine for OpenSSL for Trusted Platform Module (TPM 2.0) using the tpm2-tss software stack that follows the Trusted Computing Groups (TCG) TPM Software Stack (TSS 2.0). It uses the Enhanced System API (ESAPI) interface of the TSS 2.0 for downwards communication. It supports RSA decryption and signatures as well as ECDSA signatures."
 
 LICENSE = "BSD-2-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=3fb0047fd29391478a71e8e6101c76eb"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=7b3ab643b9ce041de515d1ed092a36d4"
 
 SECTION = "security/tpm"
 
 DEPENDS = "autoconf-archive-native bash-completion libtss2 libgcrypt openssl"
 
-SRCREV = "e1bbabe29377e45282d753a1b103625c420a19cf"
+SRCREV = "fdc8f65dfc8bad8b5a3aed181fae338267308f70"
 SRC_URI = "git://github.com/tpm2-software/tpm2-tss-engine.git"
 
 inherit autotools-brokensep pkgconfig systemd
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb
index 3e77f71d2..dfdf73424 100644
--- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb
@@ -17,6 +17,8 @@ S = "${WORKDIR}/git"
 PACKAGECONFIG ??= ""
 PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, "
 
+EXTRA_OECONF += "--with-udevrulesdir=${base_prefix}/lib/udev/rules.d/"
+
 do_configure_prepend () {
        ./bootstrap
 }
@@ -74,6 +76,6 @@ FILES_libtss2-dev = " \
     ${libdir}/libtss2*so"
 FILES_libtss2-staticdev = "${libdir}/libtss*a"
 
-FILES_${PN} = "${libdir}/udev"
+FILES_${PN} = "${libdir}/udev ${base_prefix}/lib/udev"
 
 RDEPENDS_libtss2 = "libgcrypt"
diff --git a/meta-security/recipes-ids/suricata/files/tmpfiles.suricata b/meta-security/recipes-ids/suricata/files/tmpfiles.suricata
new file mode 100644
index 000000000..fbf37848e
--- /dev/null
+++ b/meta-security/recipes-ids/suricata/files/tmpfiles.suricata
@@ -0,0 +1,2 @@
+#Type Path        Mode UID  GID  Age Argument
+d /var/log/suricata 0755 root root
diff --git a/meta-security/recipes-ids/suricata/suricata_4.1.5.bb b/meta-security/recipes-ids/suricata/suricata_4.1.5.bb
index e15a9a337..b2700d63f 100644
--- a/meta-security/recipes-ids/suricata/suricata_4.1.5.bb
+++ b/meta-security/recipes-ids/suricata/suricata_4.1.5.bb
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=2;md5=c70d8d3310941dcdfcd
 
 SRC_URI += " \
     file://volatiles.03_suricata \
+    file://tmpfiles.suricata \
     file://suricata.yaml \
     file://suricata.service \
     file://run-ptest \
@@ -59,14 +60,19 @@ do_install_append () {
 
     install -m 0644 ${S}/threshold.config ${D}${sysconfdir}/suricata
 
-    install -d ${D}${systemd_unitdir}/system
-    sed  -e s:/etc:${sysconfdir}:g \
-         -e s:/var/run:/run:g \
-         -e s:/var:${localstatedir}:g \
-         -e s:/usr/bin:${bindir}:g \
-         -e s:/bin/kill:${base_bindir}/kill:g \
-         -e s:/usr/lib:${libdir}:g \
-         ${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
+    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+        install -d ${D}${sysconfdir}/tmpfiles.d
+        install -m 0644 ${WORKDIR}/tmpfiles.suricata ${D}${sysconfdir}/tmpfiles.d/suricata.conf
+
+        install -d ${D}${systemd_unitdir}/system
+        sed  -e s:/etc:${sysconfdir}:g \
+             -e s:/var/run:/run:g \
+             -e s:/var:${localstatedir}:g \
+             -e s:/usr/bin:${bindir}:g \
+             -e s:/bin/kill:${base_bindir}/kill:g \
+             -e s:/usr/lib:${libdir}:g \
+             ${WORKDIR}/suricata.service > ${D}${systemd_unitdir}/system/suricata.service
+    fi
 
     # Remove /var/run as it is created on startup
     rm -rf ${D}${localstatedir}/run
@@ -74,7 +80,9 @@ do_install_append () {
 }
 
 pkg_postinst_ontarget_${PN} () {
-if [ -e /etc/init.d/populate-volatile.sh ] ; then
+if command -v systemd-tmpfiles >/dev/null; then
+    systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/suricata.conf
+elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
     ${sysconfdir}/init.d/populate-volatile.sh update
 fi
 }
@@ -82,7 +90,7 @@ fi
 SYSTEMD_PACKAGES = "${PN}"
 
 PACKAGES =+ "${PN}-socketcontrol"
-FILES_${PN} += "${systemd_unitdir}"
+FILES_${PN} += "${systemd_unitdir} ${sysconfdir}/tmpfiles.d"
 FILES_${PN}-socketcontrol = "${bindir}/suricatasc ${PYTHON_SITEPACKAGES_DIR}"
 
 CONFFILES_${PN} = "${sysconfdir}/suricata/suricata.yaml"
diff --git a/meta-security/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb b/meta-security/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb
index 189504a55..2e37c0b3c 100644
--- a/meta-security/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb
+++ b/meta-security/recipes-mac/ccs-tools/ccs-tools_1.8.4.bb
@@ -15,7 +15,7 @@ SRC_URI[sha256sum] = "c358b80a2ea77a9dda79dc2a056dae3acaf3a72fcb8481cfb1cd1f1674
 
 S = "${WORKDIR}/${PN}"
 
-inherit distro_features_check
+inherit features_check
 
 do_make(){
     oe_runmake USRLIBDIR=${libdir} all
diff --git a/meta-security/recipes-security/checksecurity/checksecurity_2.0.15.bb b/meta-security/recipes-security/checksecurity/checksecurity_2.0.15.bb
index a9616911b..030bf2515 100644
--- a/meta-security/recipes-security/checksecurity/checksecurity_2.0.15.bb
+++ b/meta-security/recipes-security/checksecurity/checksecurity_2.0.15.bb
@@ -5,7 +5,8 @@ LICENSE = "GPL-2.0"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
 
 SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecurity_${PV}.tar.gz \
-           file://setuid-log-folder.patch"
+           file://setuid-log-folder.patch \
+           file://check-setuid-use-more-portable-find-args.patch"
 
 SRC_URI[md5sum] = "a30161c3e24d3be710b2fd13fcd1f32f"
 SRC_URI[sha256sum] = "67abe3d6391c96146e96f376d3fd6eb7a9418b0f7fe205b465219889791dba32"
diff --git a/meta-security/recipes-security/checksecurity/files/check-setuid-use-more-portable-find-args.patch b/meta-security/recipes-security/checksecurity/files/check-setuid-use-more-portable-find-args.patch
new file mode 100644
index 000000000..f1fe8edce
--- /dev/null
+++ b/meta-security/recipes-security/checksecurity/files/check-setuid-use-more-portable-find-args.patch
@@ -0,0 +1,23 @@
+From f3073b8e06a607677d47ad9a19533b2e33408a4f Mon Sep 17 00:00:00 2001
+From: Christopher Larson <chris_larson@mentor.com>
+Date: Wed, 5 Sep 2018 23:21:43 +0500
+Subject: [PATCH] check-setuid: use more portable find args
+
+Signed-off-by: Christopher Larson <chris_larson@mentor.com>
+---
+ plugins/check-setuid | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+Index: checksecurity-2.0.15/plugins/check-setuid
+===================================================================
+--- checksecurity-2.0.15.orig/plugins/check-setuid	2018-09-06 00:49:23.930934294 +0500
++++ checksecurity-2.0.15/plugins/check-setuid	2018-09-06 00:49:49.694934757 +0500
+@@ -99,7 +99,7 @@
+ ionice -t -c3 \
+ find `mount | grep -vE "$CHECKSECURITY_FILTER" | cut -d ' ' -f 3` \
+ 	-xdev $PATHCHK \
+-	\( -type f -perm +06000 -o \( \( -type b -o -type c \) \
++	\( -type f \( -perm -4000 -o -perm -2000 \) -o \( \( -type b -o -type c \) \
+ 	$DEVCHK \) \) \
+         -ignore_readdir_race  \
+ 	-printf "%8i %5m %3n %-10u %-10g %9s %t %h/%f\n" |
diff --git a/meta-security/recipes-security/clamav/clamav_0.99.4.bb b/meta-security/recipes-security/clamav/clamav_0.99.4.bb
index 7f0433777..a340b4856 100644
--- a/meta-security/recipes-security/clamav/clamav_0.99.4.bb
+++ b/meta-security/recipes-security/clamav/clamav_0.99.4.bb
@@ -15,6 +15,7 @@ SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.99 \
     file://clamd.conf \
     file://freshclam.conf \
     file://volatiles.03_clamav \
+    file://tmpfiles.clamav \
     file://${BPN}.service \
     file://freshclam-native.conf \
     "
@@ -104,11 +105,15 @@ do_install_append_class-target () {
     install -m 666 ${S}/clamav_db/* ${D}/${localstatedir}/lib/clamav/.
     if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)};then
         install -D -m 0644 ${WORKDIR}/clamav.service ${D}${systemd_unitdir}/system/clamav.service
+        install -d ${D}${sysconfdir}/tmpfiles.d
+        install -m 0644 ${WORKDIR}/tmpfiles.clamav ${D}${sysconfdir}/tmpfiles.d/clamav.conf
     fi
 }
 
 pkg_postinst_ontarget_${PN} () {
-    if [ -e /etc/init.d/populate-volatile.sh ] ; then
+    if command -v systemd-tmpfiles >/dev/null; then
+        systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/clamav.conf
+    elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
         ${sysconfdir}/init.d/populate-volatile.sh update
     fi
     mkdir -p ${localstatedir}/lib/clamav
@@ -140,6 +145,7 @@ FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \
 FILES_${PN}-freshclam = "${bindir}/freshclam \
                         ${sysconfdir}/freshclam.conf*  \
                         ${sysconfdir}/clamav ${sysconfdir}/default/volatiles \
+                        ${sysconfdir}/tmpfiles.d/*.conf \
                         ${localstatedir}/lib/clamav \
                         ${docdir}/${PN}-freshclam ${mandir}/man1/freshclam.* \
                         ${mandir}/man5/freshclam.conf.* \
diff --git a/meta-security/recipes-security/clamav/files/tmpfiles.clamav b/meta-security/recipes-security/clamav/files/tmpfiles.clamav
new file mode 100644
index 000000000..fd5adfeeb
--- /dev/null
+++ b/meta-security/recipes-security/clamav/files/tmpfiles.clamav
@@ -0,0 +1,3 @@
+#Type Path        Mode UID  GID  Age Argument
+d /var/log/clamav 0755 clamav clamav -
+f /var/log/clamav/freshclam.log 0644 clamav clamav -
diff --git a/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.05.bb b/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.05.bb
index 73b802fb9..2181629bd 100644
--- a/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.05.bb
+++ b/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.05.bb
@@ -10,7 +10,7 @@ DEPENDS = "libpam"
 
 S = "${WORKDIR}/git"
 
-inherit autotools distro_features_check
+inherit autotools features_check
 
 REQUIRED_DISTRO_FEATURES = "pam"
 
diff --git a/meta-security/recipes-security/packagegroup/packagegroup-core-security-ptest.bb b/meta-security/recipes-security/packagegroup/packagegroup-core-security-ptest.bb
index 39873b850..83a9ed83e 100644
--- a/meta-security/recipes-security/packagegroup/packagegroup-core-security-ptest.bb
+++ b/meta-security/recipes-security/packagegroup/packagegroup-core-security-ptest.bb
@@ -3,7 +3,7 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
                     file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
 
-inherit distro_features_check
+inherit features_check
 
 REQUIRED_DISTRO_FEATURES = "ptest"
 
diff --git a/meta-security/recipes-security/sssd/sssd_1.16.4.bb b/meta-security/recipes-security/sssd/sssd_1.16.4.bb
index 34bc8c804..089a99e0d 100644
--- a/meta-security/recipes-security/sssd/sssd_1.16.4.bb
+++ b/meta-security/recipes-security/sssd/sssd_1.16.4.bb
@@ -14,7 +14,7 @@ SRC_URI = "https://releases.pagure.org/SSSD/${BPN}/${BP}.tar.gz\
 SRC_URI[md5sum] = "757bbb6f15409d8d075f4f06cb678d50"
 SRC_URI[sha256sum] = "6bb212cd6b75b918e945c24e7c3f95a486fb54d7f7d489a9334cfa1a1f3bf959"
 
-inherit autotools pkgconfig gettext python-dir distro_features_check
+inherit autotools pkgconfig gettext python-dir features_check
 
 REQUIRED_DISTRO_FEATURES = "pam"
author	Jason M. Bills <jason.m.bills@linux.intel.com>	2019-12-16 23:15:45 +0300
committer	Jason M. Bills <jason.m.bills@linux.intel.com>	2019-12-16 23:15:45 +0300
commit	506611d226c82d05215ec3d2dab50a43a531b691 (patch)
tree	302e0e255b959be532f5e26329db97740118f5f5 /meta-security
parent	243c130a919c7037b5edd3a8097317340796ce85 (diff)
parent	9dfc7e69bc505f474dd4117a8d690b1287e2a48f (diff)
download	openbmc-506611d226c82d05215ec3d2dab50a43a531b691.tar.xz