diff options
Diffstat (limited to 'meta-security/recipes-scanners')
10 files changed, 184 insertions, 38 deletions
diff --git a/meta-security/recipes-scanners/arpwatch/arpwatch_3.1.bb b/meta-security/recipes-scanners/arpwatch/arpwatch_3.1.bb index 44aeca015..c152b8c5c 100644 --- a/meta-security/recipes-scanners/arpwatch/arpwatch_3.1.bb +++ b/meta-security/recipes-scanners/arpwatch/arpwatch_3.1.bb @@ -66,14 +66,14 @@ INITSCRIPT_NAME = "arpwatch" INITSCRIPT_PARAMS = "start 02 2 3 4 5 . stop 20 0 1 6 ." USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system ${ARPWATCH_UID}" -USERADD_PARAM_${PN} = "--system -g ${ARPWATCH_GID} --home-dir \ +GROUPADD_PARAM:${PN} = "--system ${ARPWATCH_UID}" +USERADD_PARAM:${PN} = "--system -g ${ARPWATCH_GID} --home-dir \ ${localstatedir}/spool/${BPN} \ --no-create-home --shell /bin/false ${BPN}" CONFFILE_FILES = "${sysconfdir}/${PN}.conf" -FILES_${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \ +FILES:${PN} = "${bindir} ${sbindir} ${prefix}/etc/rc.d \ ${sysconfdir} /var/lib/arpwatch" -RDEPENDS_${PN} = "libpcap postfix postfix-cfg" +RDEPENDS:${PN} = "libpcap postfix postfix-cfg" diff --git a/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb b/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb index 20a1fb026..63e4d7a8b 100644 --- a/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb +++ b/meta-security/recipes-scanners/buck-security/buck-security_0.7.bb @@ -26,16 +26,16 @@ do_install() { } -FILES_${PN} = "${bindir}/*" +FILES:${PN} = "${bindir}/*" -RDEPENDS_${PN} = "coreutils gnupg net-tools perl perl-module-data-dumper \ +RDEPENDS:${PN} = "coreutils gnupg net-tools perl perl-module-data-dumper \ perl-module-file-basename perl-module-file-spec perl-module-getopt-long \ perl-module-lib perl-module-posix perl-module-term-ansicolor \ perl-module-time-localtime pinentry perl-module-pod-usage \ perl-module-pod-text perl-module-file-glob \ " -RDEPENDS_${PN}_class-native = "coreutils net-tools perl perl-module-data-dumper \ +RDEPENDS:${PN}:class-native = "coreutils net-tools perl perl-module-data-dumper \ perl-module-file-basename perl-module-file-spec perl-module-getopt-long \ perl-module-lib perl-module-posix perl-module-term-ansicolor \ perl-module-time-localtime perl-module-file-glob\ diff --git a/meta-security/recipes-scanners/checksec/checksec_2.4.0.bb b/meta-security/recipes-scanners/checksec/checksec_2.4.0.bb index 52bcf7cfb..000e3bb73 100644 --- a/meta-security/recipes-scanners/checksec/checksec_2.4.0.bb +++ b/meta-security/recipes-scanners/checksec/checksec_2.4.0.bb @@ -16,4 +16,4 @@ do_install() { install -m 0755 ${S}/checksec ${D}${bindir} } -RDEPENDS_${PN} = "bash openssl-bin binutils" +RDEPENDS:${PN} = "bash openssl-bin binutils" diff --git a/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb b/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb index 0161b4cc2..9a1d77a0c 100644 --- a/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb +++ b/meta-security/recipes-scanners/checksecurity/checksecurity_2.0.15.bb @@ -18,4 +18,4 @@ do_install() { oe_runmake PREFIX=${D} } -RDEPENDS_${PN} = "perl libenv-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob perl-module-carp perl-module-env perl-module-tap-parser-iterator-array util-linux findutils coreutils" +RDEPENDS:${PN} = "perl libenv-perl perl-module-tie-array perl-module-getopt-long perl-module-file-glob perl-module-carp perl-module-env perl-module-tap-parser-iterator-array util-linux findutils coreutils" diff --git a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb index 4f203095c..0d3a678e2 100644 --- a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb +++ b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb @@ -8,10 +8,10 @@ DEPENDS = "glibc llvm libtool db openssl zlib curl libxml2 bison pcre2 json-c li LIC_FILES_CHKSUM = "file://COPYING.txt;beginline=2;endline=3;md5=f7029fbbc5898b273d5902896f7bbe17" -# May 15th -SRCREV = "fe96de86bb90c489aa509ee9135f776b7a2a7eb4" +# July 27th +SRCREV = "c389dfa4c3af92b006ada4f7595bbc3e6df3f356" -SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=dev/0.104 \ +SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.104 \ file://clamd.conf \ file://freshclam.conf \ file://volatiles.03_clamav \ @@ -52,7 +52,7 @@ PACKAGECONFIG[systemd] = "-DENABLE_SYSTEMD=ON -DSYSTEMD_UNIT_DIR=${systemd_syste export OECMAKE_C_FLAGS += " -I${STAGING_INCDIR} -L ${RECIPE_SYSROOT}${nonarch_libdir} -L${STAGING_LIBDIR} -lpthread" -do_install_append () { +do_install:append () { install -d ${D}/${sysconfdir} install -d ${D}/${localstatedir}/lib/clamav install -d ${D}${sysconfdir}/clamav ${D}${sysconfdir}/default/volatiles @@ -76,7 +76,7 @@ do_install_append () { oe_multilib_header clamav-types.h } -pkg_postinst_${PN} () { +pkg_postinst:${PN} () { if [ -z "$D" ]; then if command -v systemd-tmpfiles >/dev/null; then systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/clamav.conf @@ -89,17 +89,17 @@ pkg_postinst_${PN} () { PACKAGES += "${PN}-daemon ${PN}-clamdscan ${PN}-freshclam ${PN}-libclamav" -FILES_${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \ +FILES:${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \ ${bindir}/*sigtool ${mandir}/man1/clambc* ${mandir}/man1/clamscan* \ ${mandir}/man1/sigtool* ${mandir}/man1/clambsubmit* \ ${docdir}/clamav/*" -FILES_${PN}-clamdscan = " ${bindir}/clamdscan \ +FILES:${PN}-clamdscan = " ${bindir}/clamdscan \ ${docdir}/clamdscan/* \ ${mandir}/man1/clamdscan* \ " -FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ +FILES:${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ ${mandir}/man1/clamconf* ${mandir}/man1/clamdtop* \ ${mandir}/man5/clamd* ${mandir}/man8/clamd* \ ${sysconfdir}/clamd.conf* \ @@ -111,7 +111,7 @@ FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ ${systemd_system_unitdir}/clamav-clamonacc.service \ " -FILES_${PN}-freshclam = "${bindir}/freshclam \ +FILES:${PN}-freshclam = "${bindir}/freshclam \ ${sysconfdir}/freshclam.conf* \ /usr/etc/freshclam.conf* \ ${sysconfdir}/clamav ${sysconfdir}/default/volatiles \ @@ -121,33 +121,33 @@ FILES_${PN}-freshclam = "${bindir}/freshclam \ ${mandir}/man5/freshclam.conf.* \ ${systemd_system_unitdir}/clamav-freshclam.service" -FILES_${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \ +FILES:${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \ ${libdir}/pkgconfig/*.pc \ ${mandir}/man1/clamav-config.* \ ${includedir}/*.h ${docdir}/libclamav* " -FILES_${PN}-staticdev = "${libdir}/*.a" +FILES:${PN}-staticdev = "${libdir}/*.a" -FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \ +FILES:${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \ ${libdir}/libfreshclam.so* ${docdir}/libclamav/* \ ${libdir}/libmspack* " -FILES_${PN}-doc = "${mandir}/man/* \ +FILES:${PN}-doc = "${mandir}/man/* \ ${datadir}/man/* \ ${docdir}/* " USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system ${CLAMAV_UID}" -USERADD_PARAM_${PN} = "--system -g ${CLAMAV_GID} --home-dir \ +GROUPADD_PARAM:${PN} = "--system ${CLAMAV_UID}" +USERADD_PARAM:${PN} = "--system -g ${CLAMAV_GID} --home-dir \ ${localstatedir}/lib/${BPN} \ --no-create-home --shell /sbin/nologin ${BPN}" -RPROVIDES_${PN} += "${PN}-systemd" -RREPLACES_${PN} += "${PN}-systemd" -RCONFLICTS_${PN} += "${PN}-systemd" +RPROVIDES:${PN} += "${PN}-systemd" +RREPLACES:${PN} += "${PN}-systemd" +RCONFLICTS:${PN} += "${PN}-systemd" SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-freshclam" -SYSTEMD_SERVICE_${PN}-daemon = "clamav-daemon.service" -SYSTEMD_SERVICE_${PN}-freshclam = "clamav-freshclam.service" +SYSTEMD_SERVICE:${PN}-daemon = "clamav-daemon.service" +SYSTEMD_SERVICE:${PN}-freshclam = "clamav-freshclam.service" -RDEPENDS_${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav" -RDEPENDS_${PN}-daemon = "clamav" +RDEPENDS:${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav" +RDEPENDS:${PN}-daemon = "clamav" diff --git a/meta-security/recipes-scanners/clamav/files/fix2_libcurl_check.patch b/meta-security/recipes-scanners/clamav/files/fix2_libcurl_check.patch new file mode 100644 index 000000000..46406e9d0 --- /dev/null +++ b/meta-security/recipes-scanners/clamav/files/fix2_libcurl_check.patch @@ -0,0 +1,122 @@ +clamav .102.2 tries to find clamav using culf_config. Use EO pkg_config instead + +Upstream-Status: OE specific +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: git/configure +=================================================================== +--- git.orig/configure ++++ git/configure +@@ -28850,39 +28850,14 @@ $as_echo_n "checking for libcurl install + if test "${with_libcurl+set}" = set; then : + withval=$with_libcurl; + find_curl="no" +-if test "X$withval" = "Xyes"; then +- find_curl="yes" +-else +- if test "X$withval" != "Xno"; then +- if test -f "${withval}/bin/curl-config"; then +- LIBCURL_HOME="$withval" +- have_curl="yes" +- fi +- fi +-fi +- +-else +- find_curl="yes" +-fi +- +- +-if test "X$find_curl" = "Xyes"; then +- for p in /usr/local /usr ; do +- if test -f "${p}/bin/curl-config"; then +- LIBCURL_HOME=$p +- have_curl="yes" +- fi +- done +-fi +- +-if test "X$have_curl" = "Xyes"; then +- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBCURL_HOME" >&5 +-$as_echo "$LIBCURL_HOME" >&6; } +- if test -f "$LIBCURL_HOME/bin/curl-config"; then ++ #save_LDFLAGS="$LDFLAGS" ++ if test "X$withval" != "Xno"; then ++ LIBCURL_HOME="$withval" ++ if test "${PKG_CONFIG} libcurl --exists"; then + CURL_LDFLAGS="$LDFLAGS" +- CURL_LIBS=$($LIBCURL_HOME/bin/curl-config --libs) +- CURL_CPPFLAGS=$($LIBCURL_HOME/bin/curl-config --cflags) +- else ++ CURL_LIBS=$($PKG_CONFIG libcurl --libs) ++ CURL_CPPFLAGS=$($PKG_CONFIG libcurl --cflags) ++ else + if test "$LIBCURL_HOME" != "/usr"; then + CURL_LDFLAGS="-L$LIBCURL_HOME/lib" + CURL_CPPFLAGS="-I$LIBCURL_HOME/include" +@@ -28891,60 +28866,12 @@ $as_echo "$LIBCURL_HOME" >&6; } + CURL_CPPFLAGS="" + fi + CURL_LIBS="-lcurl" +- fi +- save_LDFLAGS="$LDFLAGS" +- LDFLAGS="$CURL_LDFLAGS $CURL_LIBS" +- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_easy_init in -lcurl" >&5 +-$as_echo_n "checking for curl_easy_init in -lcurl... " >&6; } +-if ${ac_cv_lib_curl_curl_easy_init+:} false; then : +- $as_echo_n "(cached) " >&6 +-else +- ac_check_lib_save_LIBS=$LIBS +-LIBS="-lcurl $CURL_LIBS +- $LIBS" +-cat confdefs.h - <<_ACEOF >conftest.$ac_ext +-/* end confdefs.h. */ +- +-/* Override any GCC internal prototype to avoid an error. +- Use char because int might match the return type of a GCC +- builtin and then its argument prototype would still apply. */ +-#ifdef __cplusplus +-extern "C" +-#endif +-char curl_easy_init (); +-int +-main () +-{ +-return curl_easy_init (); +- ; +- return 0; +-} +-_ACEOF +-if ac_fn_c_try_link "$LINENO"; then : +- ac_cv_lib_curl_curl_easy_init=yes +-else +- ac_cv_lib_curl_curl_easy_init=no +-fi +-rm -f core conftest.err conftest.$ac_objext \ +- conftest$ac_exeext conftest.$ac_ext +-LIBS=$ac_check_lib_save_LIBS +-fi +-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_curl_curl_easy_init" >&5 +-$as_echo "$ac_cv_lib_curl_curl_easy_init" >&6; } +-if test "x$ac_cv_lib_curl_curl_easy_init" = xyes; then : +- +- curl_msg=""; +- have_curl="yes"; +- CLAMSUBMIT_LIBS="$CLAMSUBMIT_LIBS $CURL_LDFLAGS $CURL_LIBS"; +- CLAMSUBMIT_CFLAGS="$CLAMSUBMIT_CFLAGS $CURL_CPPFLAGS"; +- FRESHCLAM_LIBS="$FRESHCLAM_LIBS $CURL_LDFLAGS $CURL_LIBS"; +- FRESHCLAM_CPPFLAGS="$FRESHCLAM_CPPFLAGS $CURL_CPPFLAGS" +- +-else +- +- as_fn_error $? "Your libcurl is misconfigured. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit." "$LINENO" 5 ++ fi + +-fi ++ have_curl="yes" ++ LDFLAGS="$save_LDFLAGS" ++ LDFLAGS="$CURL_LDFLAGS $CURL_LIBS" ++ fi + + LDFLAGS="$save_LDFLAGS" + else diff --git a/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch b/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch index 3e9abe236..334777028 100644 --- a/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch +++ b/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch @@ -12,9 +12,9 @@ Index: git/clamd/CMakeLists.txt =================================================================== --- git.orig/clamd/CMakeLists.txt +++ git/clamd/CMakeLists.txt -@@ -54,4 +54,10 @@ if(SYSTEMD_FOUND) +@@ -60,4 +60,10 @@ if(SYSTEMD_FOUND) install( - FILES ${CMAKE_CURRENT_BINARY_DIR}/clamav-daemon.service + FILES ${CMAKE_CURRENT_BINARY_DIR}/clamav-daemon.socket DESTINATION ${SYSTEMD_UNIT_DIR}) + configure_file( + ${CMAKE_CURRENT_SOURCE_DIR}/clamav-daemon.socket.in diff --git a/meta-security/recipes-scanners/clamav/files/headers_fixup.patch b/meta-security/recipes-scanners/clamav/files/headers_fixup.patch index 9de0a26db..369aa588e 100644 --- a/meta-security/recipes-scanners/clamav/files/headers_fixup.patch +++ b/meta-security/recipes-scanners/clamav/files/headers_fixup.patch @@ -7,7 +7,7 @@ Index: git/CMakeLists.txt =================================================================== --- git.orig/CMakeLists.txt +++ git/CMakeLists.txt -@@ -374,8 +373,6 @@ check_include_file("stdlib.h" +@@ -443,8 +443,6 @@ check_include_file("stdlib.h" check_include_file("string.h" HAVE_STRING_H) check_include_file("strings.h" HAVE_STRINGS_H) check_include_file("sys/cdefs.h" HAVE_SYS_CDEFS_H) @@ -16,7 +16,7 @@ Index: git/CMakeLists.txt check_include_file("sys/mman.h" HAVE_SYS_MMAN_H) check_include_file("sys/param.h" HAVE_SYS_PARAM_H) check_include_file("sys/queue.h" HAVE_SYS_QUEUE_H) -@@ -410,8 +407,6 @@ endif() +@@ -479,8 +477,6 @@ endif() # int-types variants check_include_file("inttypes.h" HAVE_INTTYPES_H) @@ -25,7 +25,7 @@ Index: git/CMakeLists.txt check_include_file("stdint.h" HAVE_STDINT_H) # this hack required to silence warnings on systems with inttypes.h -@@ -539,17 +528,11 @@ check_type_size("time_t" SIZEOF_TIME_T) +@@ -608,17 +604,11 @@ check_type_size("time_t" SIZEOF_TIME_T) # Checks for library functions. include(CheckSymbolExists) check_symbol_exists(_Exit "stdlib.h" HAVE__EXIT) @@ -44,7 +44,7 @@ Index: git/CMakeLists.txt check_symbol_exists(timegm "time.h" HAVE_TIMEGM) check_symbol_exists(vsnprintf "stdio.h" HAVE_VSNPRINTF) -@@ -563,10 +546,9 @@ else() +@@ -632,10 +622,9 @@ else() check_symbol_exists(fseeko "stdio.h" HAVE_FSEEKO) check_symbol_exists(getaddrinfo "netdb.h" HAVE_GETADDRINFO) check_symbol_exists(getpagesize "unistd.h" HAVE_GETPAGESIZE) diff --git a/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch b/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch index b284915b8..c9c88b930 100644 --- a/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch +++ b/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch @@ -22,7 +22,7 @@ Index: git/CMakeLists.txt if(C_LINUX) if(CMAKE_COMPILER_IS_GNUCXX) # Set _GNU_SOURCE for O_LARGEFILE, O_CLOEXEC, O_DIRECTORY, O_NOFOLLOW, etc flags on older systems -@@ -512,14 +506,8 @@ include(TestInline) +@@ -581,14 +575,8 @@ include(TestInline) include(CheckFileOffsetBits) # Determine how to pack structs on this platform. include(CheckStructPacking) diff --git a/meta-security/recipes-scanners/clamav/files/test.patch b/meta-security/recipes-scanners/clamav/files/test.patch new file mode 100644 index 000000000..a22b45def --- /dev/null +++ b/meta-security/recipes-scanners/clamav/files/test.patch @@ -0,0 +1,24 @@ +Index: clamav-0.103.0/Makefile.am +=================================================================== +--- clamav-0.103.0.orig/Makefile.am ++++ clamav-0.103.0/Makefile.am +@@ -28,7 +28,6 @@ else + SUBDIRS = libltdl libclamav shared libfreshclam clamscan clamd clamdscan freshclam sigtool clamconf database docs etc clamav-milter test clamdtop clambc unit_tests + EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh + +-bin_SCRIPTS=clamav-config + + if BUILD_CLAMONACC + SUBDIRS += clamonacc +Index: clamav-0.103.0/Makefile.in +=================================================================== +--- clamav-0.103.0.orig/Makefile.in ++++ clamav-0.103.0/Makefile.in +@@ -641,7 +641,6 @@ ACLOCAL_AMFLAGS = -I m4 + @BUILD_LIBCLAMAV_ONLY_TRUE@SUBDIRS = libclamav $(am__append_1) \ + @BUILD_LIBCLAMAV_ONLY_TRUE@ $(am__append_2) $(am__append_3) + @BUILD_LIBCLAMAV_ONLY_FALSE@bin_SCRIPTS = clamav-config +-@BUILD_LIBCLAMAV_ONLY_TRUE@bin_SCRIPTS = clamav-config + @BUILD_LIBCLAMAV_ONLY_FALSE@EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh + pkgconfigdir = $(libdir)/pkgconfig + pkgconfig_DATA = libclamav.pc |