diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2022-01-20 20:06:23 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2022-01-20 20:06:26 +0300 |
commit | 53961c2d8a97d0f9e5a90c17ca48380657e79c3e (patch) | |
tree | 0f30b66a917f31dfd698059e03d254464b48c564 /meta-security/recipes-security | |
parent | cbf46010eab661117b0225bdb30fcf565c1d8b3c (diff) | |
download | openbmc-53961c2d8a97d0f9e5a90c17ca48380657e79c3e.tar.xz |
meta-security: subtree update:a85fbe980e..c20b35b527
Anton Antonov (1):
Parsec service. Update PACKAGECONFIG definitions and README.md
Armin Kuster (20):
python3-fail2ban: fix build failure and cleanup
meta-parsec/README: remove rust layer req.
opendnssec: blacklist do to ldns being blacklisted
apparmor: Add a python 3.10 compatability patch
tpm2-tools: update to 5.2
openssl-tpm-engine: fix build issue with openssl 3
tpm2-openssl: add new pkg
tpm2-pkcs11: update to 1.7.0
recipes: Update SRC_URI branch and protocols
sssd: Create /var/log/sssd in runtime
bastille: Create /var/log/Bastille in runtime
python3-fail2ban: remove /run
tpm2-pkcs11: update to 1.7.0
libest: does not build with openssl 3.x
clamav: fix useradd warning
python3-fail2ban: update to tip
tpm2-pkcs11: backport openssl 3.x build fixes
packagegroup-security-tpm2: drop ibmswtpm2
meta-integrity: drop strongswan bbappends
meta-tpm: drop strongswan bbappends
Kai Kang (2):
sssd: re-package to fix QA issues
apparmor: fix warning of remove operator combined with +=
Kristian Klausen (2):
swtpm: update to 0.6.1
dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
Liwei Song (1):
recipes-security/chipsec: platform security assessment framework
Stefan Mueller-Klieser (1):
tpm2-tss: fix fapi package config
Yi Zhao (2):
openssl-tpm-engine: fix warning for append operator combined with +=
meta-parsec/README.md: fix for append operator combined with +=
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I2156e47cf3f4f45daa2b60a73e3b46be3b6a86c0
Diffstat (limited to 'meta-security/recipes-security')
13 files changed, 91 insertions, 196 deletions
diff --git a/meta-security/recipes-security/bastille/bastille_3.2.1.bb b/meta-security/recipes-security/bastille/bastille_3.2.1.bb index 72281c5379..2d82983521 100644 --- a/meta-security/recipes-security/bastille/bastille_3.2.1.bb +++ b/meta-security/recipes-security/bastille/bastille_3.2.1.bb @@ -48,7 +48,6 @@ do_install () { install -d ${D}${datadir}/Bastille/OSMap/Modules install -d ${D}${datadir}/Bastille/Questions install -d ${D}${datadir}/Bastille/FKL/configs/ - install -d ${D}${localstatedir}/log/Bastille install -d ${D}${sysconfdir}/Bastille install -m 0755 AutomatedBastille ${D}${sbindir} install -m 0755 BastilleBackEnd ${D}${sbindir} @@ -148,6 +147,20 @@ do_install () { ${THISDIR}/files/set_required_questions.py ${D}${sysconfdir}/Bastille/config ${D}${datadir}/Bastille/Questions ln -s RevertBastille ${D}${sbindir}/UndoBastille + + # Create /var/log/Bastille in runtime. + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" ]; then + install -d ${D}${nonarch_libdir}/tmpfiles.d + echo "d ${localstatedir}/log/Bastille - - - -" > ${D}${nonarch_libdir}/tmpfiles.d/Bastille.conf + fi + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then + install -d ${D}${sysconfdir}/default/volatiles + echo "d root root 0755 ${localstatedir}/log/Bastille none" > ${D}${sysconfdir}/default/volatiles/99_Bastille + fi } -FILES:${PN} += "${datadir}/Bastille ${libdir}/Bastille ${libdir}/perl* ${sysconfdir}/*" +FILES:${PN} += "${datadir}/Bastille \ + ${libdir}/Bastille \ + ${libdir}/perl* \ + ${sysconfdir}/* \ + ${nonarch_libdir}/tmpfiles.d" diff --git a/meta-security/recipes-security/chipsec/chipsec_git.bb b/meta-security/recipes-security/chipsec/chipsec_git.bb new file mode 100644 index 0000000000..e265a082ed --- /dev/null +++ b/meta-security/recipes-security/chipsec/chipsec_git.bb @@ -0,0 +1,35 @@ +SUMMARY = "CHIPSEC: Platform Security Assessment Framework" + +DESCRIPTION = "CHIPSEC is a framework for analyzing the security \ + of PC platforms including hardware, system firmware \ + (BIOS/UEFI), and platform components." + +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=bc2d1f9b427be5fb63f6af9da56f7c5d" + +SRC_URI = "git://github.com/chipsec/chipsec.git;branch=master;protocol=https \ + " + +SRCREV = "b2a61684826dc8b9f622a844a40efea579cd7e7d" + +COMPATIBLE_HOST = "(i.86|x86_64).*-linux" + +S = "${WORKDIR}/git" +EXTRA_OEMAKE = "CC='${CC}' LDFLAGS='${LDFLAGS}' CFLAGS='${CFLAGS}'" + +DEPENDS = "virtual/kernel nasm-native python3-setuptools-native" +RDEPENDS:${PN} += "python3 python3-modules" + +inherit module distutils3 + +do_compile:append() { + cd ${S}/drivers/linux + oe_runmake KSRC=${STAGING_KERNEL_BUILDDIR} +} + +do_install:append() { + install -m 0644 ${S}/drivers/linux/chipsec.ko ${D}${PYTHON_SITEPACKAGES_DIR}/chipsec/helper/linux +} + +FILES:${PN} += "${exec_prefix} \ +" diff --git a/meta-security/recipes-security/fail2ban/files/fail2ban_setup.py b/meta-security/recipes-security/fail2ban/files/fail2ban_setup.py deleted file mode 100755 index e23194986f..0000000000 --- a/meta-security/recipes-security/fail2ban/files/fail2ban_setup.py +++ /dev/null @@ -1,174 +0,0 @@ -# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*- -# vi: set ft=python sts=4 ts=4 sw=4 noet : - -# This file is part of Fail2Ban. -# -# Fail2Ban is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# Fail2Ban is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Fail2Ban; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -__author__ = "Cyril Jaquier, Steven Hiscocks, Yaroslav Halchenko" -__copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2008-2016 Fail2Ban Contributors" -__license__ = "GPL" - -import platform - -try: - import setuptools - from setuptools import setup - from setuptools.command.install import install - from setuptools.command.install_scripts import install_scripts -except ImportError: - setuptools = None - from distutils.core import setup - -# all versions -from distutils.command.build_py import build_py -from distutils.command.build_scripts import build_scripts -if setuptools is None: - from distutils.command.install import install - from distutils.command.install_scripts import install_scripts -try: - # python 3.x - from distutils.command.build_py import build_py_2to3 - from distutils.command.build_scripts import build_scripts_2to3 - _2to3 = True -except ImportError: - # python 2.x - _2to3 = False - -import os -from os.path import isfile, join, isdir, realpath -import sys -import warnings -from glob import glob - -from fail2ban.setup import updatePyExec - -if setuptools and "test" in sys.argv: - import logging - logSys = logging.getLogger("fail2ban") - hdlr = logging.StreamHandler(sys.stdout) - fmt = logging.Formatter("%(asctime)-15s %(message)s") - hdlr.setFormatter(fmt) - logSys.addHandler(hdlr) - if set(["-q", "--quiet"]) & set(sys.argv): - logSys.setLevel(logging.CRITICAL) - warnings.simplefilter("ignore") - sys.warnoptions.append("ignore") - elif set(["-v", "--verbose"]) & set(sys.argv): - logSys.setLevel(logging.DEBUG) - else: - logSys.setLevel(logging.INFO) -elif "test" in sys.argv: - print("python distribute required to execute fail2ban tests") - print("") - -longdesc = ''' -Fail2Ban scans log files like /var/log/pwdfail or -/var/log/apache/error_log and bans IP that makes -too many password failures. It updates firewall rules -to reject the IP address or executes user defined -commands.''' - -if setuptools: - setup_extra = { - 'test_suite': "fail2ban.tests.utils.gatherTests", - 'use_2to3': True, - } -else: - setup_extra = {} - -data_files_extra = [] - -# Installing documentation files only under Linux or other GNU/ systems -# (e.g. GNU/kFreeBSD), since others might have protective mechanisms forbidding -# installation there (see e.g. #1233) -platform_system = platform.system().lower() -doc_files = ['README.md', 'DEVELOP', 'FILTERS', 'doc/run-rootless.txt'] -if platform_system in ('solaris', 'sunos'): - doc_files.append('README.Solaris') -if platform_system in ('linux', 'solaris', 'sunos') or platform_system.startswith('gnu'): - data_files_extra.append( - ('/usr/share/doc/fail2ban', doc_files) - ) - -# Get version number, avoiding importing fail2ban. -# This is due to tests not functioning for python3 as 2to3 takes place later -exec(open(join("fail2ban", "version.py")).read()) - -setup( - name = "fail2ban", - version = version, - description = "Ban IPs that make too many password failures", - long_description = longdesc, - author = "Cyril Jaquier & Fail2Ban Contributors", - author_email = "cyril.jaquier@fail2ban.org", - url = "http://www.fail2ban.org", - license = "GPL", - platforms = "Posix", - cmdclass = { - 'build_py': build_py, 'build_scripts': build_scripts, - }, - scripts = [ - 'bin/fail2ban-client', - 'bin/fail2ban-server', - 'bin/fail2ban-regex', - 'bin/fail2ban-testcases', - # 'bin/fail2ban-python', -- link (binary), will be installed via install_scripts_f2b wrapper - ], - packages = [ - 'fail2ban', - 'fail2ban.client', - 'fail2ban.server', - 'fail2ban.tests', - 'fail2ban.tests.action_d', - ], - package_data = { - 'fail2ban.tests': - [ join(w[0], f).replace("fail2ban/tests/", "", 1) - for w in os.walk('fail2ban/tests/files') - for f in w[2]] + - [ join(w[0], f).replace("fail2ban/tests/", "", 1) - for w in os.walk('fail2ban/tests/config') - for f in w[2]] + - [ join(w[0], f).replace("fail2ban/tests/", "", 1) - for w in os.walk('fail2ban/tests/action_d') - for f in w[2]] - }, - data_files = [ - ('/etc/fail2ban', - glob("config/*.conf") - ), - ('/etc/fail2ban/filter.d', - glob("config/filter.d/*.conf") - ), - ('/etc/fail2ban/filter.d/ignorecommands', - [p for p in glob("config/filter.d/ignorecommands/*") if isfile(p)] - ), - ('/etc/fail2ban/action.d', - glob("config/action.d/*.conf") + - glob("config/action.d/*.py") - ), - ('/etc/fail2ban/fail2ban.d', - '' - ), - ('/etc/fail2ban/jail.d', - '' - ), - ('/var/lib/fail2ban', - '' - ), - ] + data_files_extra, - **setup_extra -) diff --git a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb index ed75a0e7dd..f6394cc8a3 100644 --- a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb +++ b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.11.2.bb @@ -9,10 +9,9 @@ HOMEPAGE = "http://www.fail2ban.org" LICENSE = "GPL-2.0" LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" -SRCREV ="eea1881b734b73599a21df2bfbe58b11f78d0a46" -SRC_URI = " git://github.com/fail2ban/fail2ban.git;branch=0.11 \ +SRCREV ="4fe4ac8dde6ba14841da598ec37f8c6911fe0f64" +SRC_URI = " git://github.com/fail2ban/fail2ban.git;branch=0.11;protocol=https \ file://initd \ - file://fail2ban_setup.py \ file://run-ptest \ " @@ -20,17 +19,18 @@ inherit update-rc.d ptest setuptools3 S = "${WORKDIR}/git" -do_compile:prepend () { - cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py +do_compile () { cd ${S} ./fail2ban-2to3 } do_install:append () { + rm -f ${D}/${bindir}/fail2ban-python install -d ${D}/${sysconfdir}/fail2ban install -d ${D}/${sysconfdir}/init.d install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server chown -R root:root ${D}/${bindir} + rm -rf ${D}/run } do_install_ptest:append () { @@ -38,9 +38,9 @@ do_install_ptest:append () { install -d ${D}${PTEST_PATH}/bin sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest install -D ${S}/bin/* ${D}${PTEST_PATH}/bin + rm -f ${D}${PTEST_PATH}/bin/fail2ban-python } -FILES:${PN} += "/run" INITSCRIPT_PACKAGES = "${PN}" INITSCRIPT_NAME = "fail2ban-server" diff --git a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb index a70d310a5b..66bf429a46 100644 --- a/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb +++ b/meta-security/recipes-security/fscrypt/fscrypt_1.0.0.bb @@ -14,7 +14,7 @@ BBCLASSEXTEND = "native nativesdk" DEPENDS += "go-dep-native libpam" SRCREV = "92b1e9a8670ccd3916a7d24a06cab1e4c9815bc4" -SRC_URI = "git://github.com/google/fscrypt.git" +SRC_URI = "git://github.com/google/fscrypt.git;branch=master;protocol=https" GO_IMPORT = "import" S = "${WORKDIR}/git" diff --git a/meta-security/recipes-security/fscryptctl/fscryptctl_1.0.0.bb b/meta-security/recipes-security/fscryptctl/fscryptctl_1.0.0.bb index 26f549b6c0..d319e48dbe 100644 --- a/meta-security/recipes-security/fscryptctl/fscryptctl_1.0.0.bb +++ b/meta-security/recipes-security/fscryptctl/fscryptctl_1.0.0.bb @@ -10,7 +10,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SRCREV = "56b898c896240328adef7407090215abbe9ee03d" -SRC_URI = "git://github.com/google/fscryptctl.git" +SRC_URI = "git://github.com/google/fscryptctl.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb b/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb index 4ab8374854..e8ddf291e6 100644 --- a/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb +++ b/meta-security/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.08.bb @@ -3,7 +3,7 @@ HOME_PAGE = "https://github.com/google/google-authenticator-libpam" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" LICENSE = "Apache-2.0" -SRC_URI = "git://github.com/google/google-authenticator-libpam.git" +SRC_URI = "git://github.com/google/google-authenticator-libpam.git;branch=master;protocol=https" SRCREV = "2c7415d950fb0b4a7f779f045910666447b100ef" DEPENDS = "libpam" diff --git a/meta-security/recipes-security/libest/libest_3.2.0.bb b/meta-security/recipes-security/libest/libest_3.2.0.bb index fda2df4c99..41a4025601 100644 --- a/meta-security/recipes-security/libest/libest_3.2.0.bb +++ b/meta-security/recipes-security/libest/libest_3.2.0.bb @@ -6,7 +6,7 @@ LICENSE = "OpenSSL" LIC_FILES_CHKSUM = "file://LICENSE;md5=ecb78acde8e3b795de8ef6b61aed5885" SRCREV = "4ca02c6d7540f2b1bcea278a4fbe373daac7103b" -SRC_URI = "git://github.com/cisco/libest;branch=main" +SRC_URI = "git://github.com/cisco/libest;branch=main;protocol=https" DEPENDS = "openssl" @@ -25,3 +25,6 @@ S = "${WORKDIR}/git" PACKAGES = "${PN} ${PN}-dbg ${PN}-dev" FILES:${PN} = "${bindir}/* ${libdir}/libest-3.2.0p.so" + +# https://github.com/cisco/libest/issues/104 +PNBLACKLIST[libest] ?= "Needs porting to openssl 3.x" diff --git a/meta-security/recipes-security/libmspack/libmspack_1.9.1.bb b/meta-security/recipes-security/libmspack/libmspack_1.9.1.bb index 8c288beebc..65db10f976 100644 --- a/meta-security/recipes-security/libmspack/libmspack_1.9.1.bb +++ b/meta-security/recipes-security/libmspack/libmspack_1.9.1.bb @@ -7,7 +7,7 @@ DEPENDS = "" LIC_FILES_CHKSUM = "file://COPYING.LIB;beginline=1;endline=2;md5=5b1fd1f66ef926b3c8a5bb00a72a28dd" SRCREV = "63d3faf90423a4a6c174539a7d32111a840adadc" -SRC_URI = "git://github.com/kyz/libmspack.git" +SRC_URI = "git://github.com/kyz/libmspack.git;branch=master;protocol=https" inherit autotools diff --git a/meta-security/recipes-security/ncrack/ncrack_0.7.bb b/meta-security/recipes-security/ncrack/ncrack_0.7.bb index 8b221e53c1..f151e4e139 100644 --- a/meta-security/recipes-security/ncrack/ncrack_0.7.bb +++ b/meta-security/recipes-security/ncrack/ncrack_0.7.bb @@ -7,7 +7,7 @@ LICENSE = "GPL-2.0" LIC_FILES_CHKSUM = "file://COPYING;beginline=7;endline=12;md5=66938a7e5b4c118eda78271de14874c2" SRCREV = "dc570e7e3cec1fb176c0168eaedc723084bd0426" -SRC_URI = "git://github.com/nmap/ncrack.git" +SRC_URI = "git://github.com/nmap/ncrack.git;branch=master;protocol=https" DEPENDS = "openssl zlib" diff --git a/meta-security/recipes-security/nikto/nikto_2.1.6.bb b/meta-security/recipes-security/nikto/nikto_2.1.6.bb index 242f3acc57..8542d69216 100644 --- a/meta-security/recipes-security/nikto/nikto_2.1.6.bb +++ b/meta-security/recipes-security/nikto/nikto_2.1.6.bb @@ -7,7 +7,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6" SRCREV = "f1bbd1a8756c076c8fd4f4dd0bc34a8ef215ae79" -SRC_URI = "git://github.com/sullo/nikto.git \ +SRC_URI = "git://github.com/sullo/nikto.git;branch=master;protocol=https \ file://location.patch" S = "${WORKDIR}/git/program" diff --git a/meta-security/recipes-security/opendnssec/opendnssec_2.1.9.bb b/meta-security/recipes-security/opendnssec/opendnssec_2.1.10.bb index 6c1bd46b7d..6b537112c7 100644 --- a/meta-security/recipes-security/opendnssec/opendnssec_2.1.9.bb +++ b/meta-security/recipes-security/opendnssec/opendnssec_2.1.10.bb @@ -10,7 +10,7 @@ SRC_URI = "https://dist.opendnssec.org/source/opendnssec-${PV}.tar.gz \ file://libdns_conf_fix.patch \ " -SRC_URI[sha256sum] = "6d1d466c8d7f507f3e665f4bfe4d16a68d6bff9d7c2ab65f852e2b2a821c28b5" +SRC_URI[sha256sum] = "c0a8427de241118dccbf7abc508e4dd53fb75b45e9f386addbadae7ecc092756" inherit autotools pkgconfig perlnative @@ -32,3 +32,5 @@ do_install:append () { } RDEPENDS:${PN} = "softhsm" + +PNBLACKLIST[opendnssec] ?= "Needs porting to openssl 3.x" diff --git a/meta-security/recipes-security/sssd/sssd_2.5.2.bb b/meta-security/recipes-security/sssd/sssd_2.5.2.bb index 76d6e03e9b..8bc8787b88 100644 --- a/meta-security/recipes-security/sssd/sssd_2.5.2.bb +++ b/meta-security/recipes-security/sssd/sssd_2.5.2.bb @@ -86,13 +86,23 @@ do_install () { rmdir --ignore-fail-on-non-empty "${D}/${bindir}" install -d ${D}/${sysconfdir}/${BPN} install -m 600 ${WORKDIR}/${BPN}.conf ${D}/${sysconfdir}/${BPN} - install -D -m 644 ${WORKDIR}/volatiles.99_sssd ${D}/${sysconfdir}/default/volatiles/99_sssd + + # /var/log/sssd needs to be created in runtime. Use rmdir to catch if + # upstream stops creating /var/log/sssd, or adds something else in + # /var/log. + rmdir ${D}${localstatedir}/log/${BPN} ${D}${localstatedir}/log + rmdir --ignore-fail-on-non-empty ${D}${localstatedir} if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/tmpfiles.d echo "d /var/log/sssd 0750 - - - -" > ${D}${sysconfdir}/tmpfiles.d/sss.conf fi + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then + install -d ${D}${sysconfdir}/default/volatiles + echo "d ${SSSD_UID}:${SSSD_GID} 0755 ${localstatedir}/log/${BPN} none" > ${D}${sysconfdir}/default/volatiles/99_${BPN} + fi + # Remove /run as it is created on startup rm -rf ${D}/run @@ -106,6 +116,8 @@ fi chown ${SSSD_UID}:${SSSD_GID} ${sysconfdir}/${BPN}/${BPN}.conf } +FILES:${PN} += "${nonarch_libdir}/tmpfiles.d" + CONFFILES:${PN} = "${sysconfdir}/${BPN}/${BPN}.conf" INITSCRIPT_NAME = "sssd" @@ -125,10 +137,14 @@ SYSTEMD_SERVICE:${PN} = " \ " SYSTEMD_AUTO_ENABLE = "disable" -FILES:${PN} += "${libdir} ${datadir} ${base_libdir}/security/pam_sss*.so" -FILES:${PN}-dev = " ${includedir}/* ${libdir}/*la ${libdir}/*/*la" +PACKAGES =+ "libsss-sudo" +ALLOW_EMPTY:libsss-sudo = "1" -# The package contains symlinks that trip up insane -INSANE_SKIP:${PN} = "dev-so" +FILES:${PN} += "${base_libdir}/security/pam_sss*.so \ + ${datadir}/dbus-1/system-services/*.service \ + ${libdir}/krb5/* \ + ${libdir}/ldb/* \ + " +FILES:libsss-sudo = "${libdir}/libsss_sudo.so" -RDEPENDS:${PN} = "bind bind-utils dbus libldb libpam" +RDEPENDS:${PN} = "bind bind-utils dbus libldb libpam libsss-sudo" |