diff options
Diffstat (limited to 'meta-security/meta-hardening')
9 files changed, 12 insertions, 12 deletions
diff --git a/meta-security/meta-hardening/conf/distro/harden.conf b/meta-security/meta-hardening/conf/distro/harden.conf index 66db9b797..1a5eb3da7 100644 --- a/meta-security/meta-hardening/conf/distro/harden.conf +++ b/meta-security/meta-hardening/conf/distro/harden.conf @@ -6,6 +6,6 @@ DISTRO_FEATURES = " acl xattr pci ext2 pam ipv4 ipv6 ipsec largefile usbhost" VIRTUAL-RUNTIME_base-utils-syslog ?= "rsyslog" IMAGE_ROOTFS_EXTRA_SPACE = "524288" -EXTRA_IMAGE_FEATURES_remove = "debug-tweaks" +EXTRA_IMAGE_FEATURES:remove = "debug-tweaks" DISABLE_ROOT ?= "True" diff --git a/meta-security/meta-hardening/conf/layer.conf b/meta-security/meta-hardening/conf/layer.conf index 085ea45c5..1cd6f4f08 100644 --- a/meta-security/meta-hardening/conf/layer.conf +++ b/meta-security/meta-hardening/conf/layer.conf @@ -8,6 +8,6 @@ BBFILE_COLLECTIONS += "harden-layer" BBFILE_PATTERN_harden-layer = "^${LAYERDIR}/" BBFILE_PRIORITY_harden-layer = "10" -LAYERSERIES_COMPAT_harden-layer = "hardknott" +LAYERSERIES_COMPAT_harden-layer = "honister" LAYERDEPENDS_harden-layer = "core openembedded-layer" diff --git a/meta-security/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend b/meta-security/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend index 67be3f313..17c06ed40 100644 --- a/meta-security/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend +++ b/meta-security/meta-hardening/recipes-connectivity/openssh/openssh_%.bbappend @@ -1,4 +1,4 @@ -do_install_append_harden () { +do_install:append_harden () { # to hardend sed -i -e 's:#AllowTcpForwarding yes:AllowTcpForwarding no:' ${D}${sysconfdir}/ssh/sshd_config sed -i -e 's:ClientAliveCountMax 4:ClientAliveCountMax 2:' ${D}${sysconfdir}/ssh/sshd_config diff --git a/meta-security/meta-hardening/recipes-core/base-files/base-files_%.bbappend b/meta-security/meta-hardening/recipes-core/base-files/base-files_%.bbappend index 395630460..0f0384fe3 100644 --- a/meta-security/meta-hardening/recipes-core/base-files/base-files_%.bbappend +++ b/meta-security/meta-hardening/recipes-core/base-files/base-files_%.bbappend @@ -1,4 +1,4 @@ -do_install_append_harden () { +do_install:append_harden () { sed -i 's/umask.*/umask 027/g' ${D}/${sysconfdir}/profile } diff --git a/meta-security/meta-hardening/recipes-core/images/harden-image-minimal.bb b/meta-security/meta-hardening/recipes-core/images/harden-image-minimal.bb index daed3fbcc..c35c2577e 100644 --- a/meta-security/meta-hardening/recipes-core/images/harden-image-minimal.bb +++ b/meta-security/meta-hardening/recipes-core/images/harden-image-minimal.bb @@ -1,7 +1,7 @@ SUMMARY = "A small image for an example hardening OE." IMAGE_INSTALL = "packagegroup-core-boot packagegroup-hardening" -IMAGE_INSTALL_append = " os-release" +IMAGE_INSTALL:append = " os-release" IMAGE_FEATURES = "" IMAGE_LINGUAS = " " diff --git a/meta-security/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend b/meta-security/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend index f943cb371..b27dee9d0 100644 --- a/meta-security/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend +++ b/meta-security/meta-hardening/recipes-core/initscripts/initscripts_1.0.bbappend @@ -1,8 +1,8 @@ -FILESEXTRAPATHS_prepend_harden := "${THISDIR}/files:" +FILESEXTRAPATHS:prepend_harden := "${THISDIR}/files:" -SRC_URI_append_harden = " file://mountall.sh" +SRC_URI:append_harden = " file://mountall.sh" -do_install_append_harden() { +do_install:append_harden() { install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/mountall.sh ${D}${sysconfdir}/init.d } diff --git a/meta-security/meta-hardening/recipes-core/packagegroups/packagegroup-hardening.bb b/meta-security/meta-hardening/recipes-core/packagegroups/packagegroup-hardening.bb index 1dcd5fc3d..51676b22d 100644 --- a/meta-security/meta-hardening/recipes-core/packagegroups/packagegroup-hardening.bb +++ b/meta-security/meta-hardening/recipes-core/packagegroups/packagegroup-hardening.bb @@ -11,7 +11,7 @@ PACKAGES = "${PN} \ packagegroup-${PN} \ " -RDEPENDS_${PN} = "\ +RDEPENDS:${PN} = "\ init-ifupdown \ ${VIRTUAL-RUNTIME_base-utils-syslog} \ sudo \ diff --git a/meta-security/meta-hardening/recipes-extended/shadow/shadow_%.bbappend b/meta-security/meta-hardening/recipes-extended/shadow/shadow_%.bbappend index 3f363f069..3058b5582 100644 --- a/meta-security/meta-hardening/recipes-extended/shadow/shadow_%.bbappend +++ b/meta-security/meta-hardening/recipes-extended/shadow/shadow_%.bbappend @@ -1,4 +1,4 @@ -do_install_append_harden () { +do_install:append_harden () { # to hardend sed -i -e 's:UMASK.*:UMASK 027:' ${D}${sysconfdir}/login.defs sed -i -e 's:PASS_MAX_DAYS.*:PASS_MAX_DAYS 365:' ${D}${sysconfdir}/login.defs diff --git a/meta-security/meta-hardening/recipes-extended/sudo/sudo_%.bbappend b/meta-security/meta-hardening/recipes-extended/sudo/sudo_%.bbappend index a31c081fe..97c5f492b 100644 --- a/meta-security/meta-hardening/recipes-extended/sudo/sudo_%.bbappend +++ b/meta-security/meta-hardening/recipes-extended/sudo/sudo_%.bbappend @@ -1,6 +1,6 @@ -PACKAGECONFIG_append_harden = " pam-wheel" -do_install_append_harden () { +PACKAGECONFIG:append_harden = " pam-wheel" +do_install:append_harden () { if [ "${@bb.utils.contains('DISABLE_ROOT', 'True', 'yes', 'no', d)}" = "yes" ]; then sed -i -e 's:root ALL=(ALL) ALL:#root ALL=(ALL) ALL:' ${D}${sysconfdir}/sudoers fi |