Add libcap-native to libcap PACKAGECONFIG making native setcap available during the build. This assures its availability during install and prevents meson from searching absolute paths and the resulting possible host contamination.
Move -DNO_SETCAP_OR_SUID=true to the libcap PACKAGECONFIG negative case This will prevent possible non-determinism for the setuid case. Signed-off-by: Jate Sujjavanich <[email protected]> --- meta/recipes-extended/iputils/iputils_s20200821.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-extended/iputils/iputils_s20200821.bb b/meta/recipes-extended/iputils/iputils_s20200821.bb index 28dd194a12..b7bb7ec84f 100644 --- a/meta/recipes-extended/iputils/iputils_s20200821.bb +++ b/meta/recipes-extended/iputils/iputils_s20200821.bb @@ -13,6 +13,7 @@ DEPENDS = "gnutls" SRC_URI = "git://github.com/iputils/iputils \ file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \ " + SRCREV = "23c3782ae0c7f9c6ae59dbed8ad9204f8758542b" S = "${WORKDIR}/git" @@ -26,7 +27,7 @@ CVE_CHECK_WHITELIST += "CVE-2000-1213 CVE-2000-1214" PACKAGECONFIG ??= "libcap rarpd \ ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ninfod traceroute6', '', d)} \ ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" -PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false, libcap" +PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false -DNO_SETCAP_OR_SUID=true, libcap libcap-native" PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2" PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext" PACKAGECONFIG[ninfod] = "-DBUILD_NINFOD=true,-DBUILD_NINFOD=false," @@ -38,8 +39,7 @@ PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MAN inherit meson systemd update-alternatives -# Have to disable setcap/suid as its not deterministic -EXTRA_OEMESON += "--prefix=${root_prefix}/ -DNO_SETCAP_OR_SUID=true" +EXTRA_OEMESON += "--prefix=${root_prefix}/" ALTERNATIVE_PRIORITY = "100" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#148711): https://lists.openembedded.org/g/openembedded-core/message/148711 Mute This Topic: https://lists.openembedded.org/mt/80942057/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
