minor recipe cleanup Signed-off-by: Armin Kuster <akuster808@...> --- .../{chipsec_git.bb => chipsec_1.8.5.bb} | 21 +++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) rename r

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-core/packagegroup/packagegroup-core-security.bb | 2 ++ recipes-security/Firejail/firejail_0.9.70.bb | 2 ++ 2 files changed, 4 insertions(

fyi: I started to archive some of the test runs at: https://github.com/akuster/meta-security-testresults Not sure if I am doing this correctly but is at least a snapshot. -armin

Signed-off-by: Armin Kuster <akuster808@...> --- meta-security-compliance/README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-security-compliance/README b/meta-security

See changelog for details: https://cisofy.com/changelog/lynis/#308 Signed-off-by: Armin Kuster <akuster808@...> --- .../recipes-auditors/lynis/{lynis_3.0.0.bb => lynis_3.0.8.bb} | 2 +- 1 file ch

Signed-off-by: Armin Kuster <akuster808@...> --- .../ccs-tools/{ccs-tools_1.8.4.bb => ccs-tools_1.8.9.bb} | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) rename recipes-mac/ccs-tools/{

fixes: swtpm: Could not open TCP socket: Address already in use Signed-off-by: Armin Kuster <akuster808@...> --- meta-parsec/lib/oeqa/runtime/cases/parsec.py | 5 +++++ 1 file changed, 5 insertio

fixes: swtpm: Could not open TCP socket: Address already in use Signed-off-by: Armin Kuster <akuster808@...> --- meta-tpm/lib/oeqa/runtime/cases/swtpm.py | 2 ++ meta-tpm/lib/oeqa/runtime/cases/t

Fix download test Signed-off-by: Armin Kuster <akuster808@...> --- lib/oeqa/runtime/cases/clamav.py | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/lib/o

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-core/images/security-test-image.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-core/images/security-test-im

Currently check if --help works. RESULTS: RESULTS - ping.PingTest.test_ping: PASSED (0.07s) RESULTS - ssh.SSHTest.test_ssh: PASSED (2.41s) RESULTS - firejail.FirejailTest.test_firejail_basic: PASSED (

Signed-off-by: Armin Kuster <akuster808@...> --- .../exclude_seccomp_util_compiles.patch | 45 ++++++++++++++ recipes-security/Firejail/firejail_0.9.70.bb | 61 +++++++++++++++++++ 2 files changed

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-ids/aide/aide/aide.conf | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/recipes-ids/aide/aide/aide.conf b/r

This will help create a aide db during build that is then installed on the rootfs for verification at boot time. This work was inspired by: Marco Cavallini Yocto Project Ambassador Signed-off-by: Armi

Signed-off-by: Armin Kuster <akuster808@...> --- classes/aide-base.bbclass | 11 ++++++++ classes/aide-db-init.bbclass | 52 ++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+)

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-security/libmhash/libmhash_0.9.9.9.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes-security/libmhash/libmhash_0.9.9.9.bb b

Signed-off-by: Armin Kuster <akuster808@...> --- lib/oeqa/runtime/cases/aide.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 lib/oeqa/runtime/cases/aide.py

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-ids/aide/aide_0.17.4.bb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/recipes-ids/aide/aide_0.17.4.bb b/recipes-id

drop test_smack_mmap_enforced as is was skipped do to possible licensing issues Signed-off-by: Armin Kuster <akuster808@...> --- lib/oeqa/runtime/cases/smack.py | 103 +++++----------------------

Signed-off-by: Armin Kuster <akuster808@...> --- recipes-mac/smack/smack-test/notroot.py | 12 ++++++------ .../smack/smack-test/smack_test_file_access.sh | 10 +++++----- 2 files changed, 11 inse