merged. thanks -armin
On 3/22/21 6:02 AM, [email protected] wrote: > From: Ming Liu <[email protected]> > > IMA_POLICY is being referred as policy recipe name in some places and it > is also being referred as policy file in other places, they are > conflicting with each other which make it impossible to set a IMA_POLICY > global variable in config file. > > Fix it by dropping IMA_POLICY definitions from policy recipes > > Signed-off-by: Ming Liu <[email protected]> > --- > .../ima-policy-appraise-all_1.0.bb | 9 ++------- > .../ima_policy_hashed/ima-policy-hashed_1.0.bb | 9 ++------- > .../ima_policy_simple/ima-policy-simple_1.0.bb | 9 ++------- > 3 files changed, 6 insertions(+), 21 deletions(-) > > diff --git > a/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb > > b/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb > index da62a4c..84ea161 100644 > --- > a/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb > +++ > b/meta-integrity/recipes-security/ima_policy_appraise_all/ima-policy-appraise-all_1.0.bb > @@ -2,19 +2,14 @@ SUMMARY = "IMA sample simple appraise policy " > LICENSE = "MIT" > LIC_FILES_CHKSUM = > "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" > > -# This policy file will get installed as /etc/ima/ima-policy. > -# It is located via the normal file search path, so a .bbappend > -# to this recipe can just point towards one of its own files. > -IMA_POLICY ?= "ima_policy_appraise_all" > - > -SRC_URI = " file://${IMA_POLICY}" > +SRC_URI = " file://ima_policy_appraise_all" > > inherit features_check > REQUIRED_DISTRO_FEATURES = "ima" > > do_install () { > install -d ${D}/${sysconfdir}/ima > - install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy > + install ${WORKDIR}/ima_policy_appraise_all > ${D}/${sysconfdir}/ima/ima-policy > } > > FILES_${PN} = "${sysconfdir}/ima" > diff --git > a/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb > b/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb > index ebb0426..ff7169e 100644 > --- > a/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb > +++ > b/meta-integrity/recipes-security/ima_policy_hashed/ima-policy-hashed_1.0.bb > @@ -2,13 +2,8 @@ SUMMARY = "IMA sample hash policy" > LICENSE = "MIT" > LIC_FILES_CHKSUM = > "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" > > -# This policy file will get installed as /etc/ima/ima-policy. > -# It is located via the normal file search path, so a .bbappend > -# to this recipe can just point towards one of its own files. > -IMA_POLICY ?= "ima_policy_hashed" > - > SRC_URI = " \ > - file://${IMA_POLICY} \ > + file://ima_policy_hashed \ > " > > inherit features_check > @@ -16,7 +11,7 @@ REQUIRED_DISTRO_FEATURES = "ima" > > do_install () { > install -d ${D}/${sysconfdir}/ima > - install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy > + install ${WORKDIR}/ima_policy_hashed ${D}/${sysconfdir}/ima/ima-policy > } > > FILES_${PN} = "${sysconfdir}/ima" > diff --git > a/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb > b/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb > index cb4b6b8..0e56aec 100644 > --- > a/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb > +++ > b/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb > @@ -2,19 +2,14 @@ SUMMARY = "IMA sample simple policy" > LICENSE = "MIT" > LIC_FILES_CHKSUM = > "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" > > -# This policy file will get installed as /etc/ima/ima-policy. > -# It is located via the normal file search path, so a .bbappend > -# to this recipe can just point towards one of its own files. > -IMA_POLICY ?= "ima_policy_simple" > - > -SRC_URI = " file://${IMA_POLICY}" > +SRC_URI = " file://ima_policy_simple" > > inherit features_check > REQUIRED_DISTRO_FEATURES = "ima" > > do_install () { > install -d ${D}/${sysconfdir}/ima > - install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy > + install ${WORKDIR}/ima_policy_simple ${D}/${sysconfdir}/ima/ima-policy > } > > FILES_${PN} = "${sysconfdir}/ima"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#53125): https://lists.yoctoproject.org/g/yocto/message/53125 Mute This Topic: https://lists.yoctoproject.org/mt/81523442/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
