1 files changed, 73 insertions, 0 deletions
diff --git a/meta-oe/recipes-security/usbguard/usbguard_1.1.3.bb b/meta-oe/recipes-security/usbguard/usbguard_1.1.3.bb
new file mode 100644
index 0000000000..558f4347b6
--- /dev/null
+++ b/meta-oe/recipes-security/usbguard/usbguard_1.1.3.bb
@@ -0,0 +1,73 @@
+# Copyright (c) 2021 Koninklijke Philips N.V.
+#
+# SPDX-License-Identifier: MIT
+#
+SUMMARY = "USBGuard daemon for blacklisting and whitelisting of USB devices"
+DESCRIPTION = "The USBGuard software framework helps to protect your computer against \
+rogue USB devices (a.k.a. Bad USB) by implementing basic whitelisting and blacklisting \
+capabilities based on device attributes. This recipe takes OpenSSL as crypto-backend for \
+computing device hashes (Supported values are sodium, gcrypt, openssl)."
+HOMEPAGE = "https://usbguard.github.io/"
+LICENSE = "GPL-2.0-only"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+SRC_URI = "https://github.com/USBGuard/usbguard/releases/download/${BPN}-${PV}/${BPN}-${PV}.tar.gz \
+    file://0001-Add-and-use-pkgconfig-instead-of-libgcrypt-config.patch \
+    file://0001-Adapt-for-protobuf-30.0-API-changes.patch \
+    "
+SRC_URI[sha256sum] = "707dad2938923202697f636c2b4e0be80f192242039a2af3fc7ac35d03f78551"
+inherit autotools-brokensep bash-completion pkgconfig systemd github-releases
+DEPENDS = "glib-2.0-native libcap-ng libqb libxml2-native libxslt-native protobuf protobuf-native xmlto-native"
+UPSTREAM_CHECK_REGEX = "releases/tag/usbguard-(?P<pver>\d+(\.\d+)+)"
+EXTRA_OECONF += "\
+    --with-bundled-catch \
+    --with-bundled-pegtl \
+"
+LDFLAGS:append:riscv32 = " -latomic"
+PACKAGECONFIG ?= "\
+    openssl \
+    ${@bb.utils.filter('DISTRO_FEATURES', 'polkit', d)} \
+    ${@bb.utils.filter('DISTRO_FEATURES', 'seccomp', d)} \
+    ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
+"
+# USBGuard has made polkit mandatory to configure with-dbus
+PACKAGECONFIG[dbus] = "--with-dbus,--without-dbus,dbus-glib polkit"
+PACKAGECONFIG[libgcrypt] = "--with-crypto-library=gcrypt,,libgcrypt,,,libsodium openssl"
+PACKAGECONFIG[libsodium] = "--with-crypto-library=sodium,,libsodium,,,libgcrypt openssl"
+PACKAGECONFIG[openssl] = "--with-crypto-library=openssl,,openssl,,,libgcrypt libsodium"
+PACKAGECONFIG[polkit] = "--with-polkit,--without-polkit,polkit"
+PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp,libseccomp"
+PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd"
+SYSTEMD_PACKAGES = "${PN}"
+SYSTEMD_SERVICE:${PN} = "usbguard.service ${@bb.utils.contains('PACKAGECONFIG', 'dbus', 'usbguard-dbus.service', '', d)}"
+FILES:${PN} += "\
+    ${systemd_unitdir}/system/usbguard.service \
+    ${systemd_unitdir}/system/usbguard-dbus.service \
+    ${datadir}/polkit-1 \
+    ${datadir}/dbus-1 \
+    ${nonarch_libdir}/tmpfiles.d \
+"
+do_install:append() {
+# Create /var/log/usbguard in runtime.
+    if [ "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" ]; then
+        install -d ${D}${nonarch_libdir}/tmpfiles.d
+        echo "d ${localstatedir}/log/${BPN} 0755 root root -" > ${D}${nonarch_libdir}/tmpfiles.d/${BPN}.conf
+    fi
+    if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then
+        install -d ${D}${sysconfdir}/default/volatiles
+        echo "d root root 0755 ${localstatedir}/log/${BPN} none" > ${D}${sysconfdir}/default/volatiles/99_${BPN}
+    fi
+    rm -rf ${D}${localstatedir}/log
+}

diff --git a/meta-oe/recipes-security/usbguard/usbguard_1.1.3.bb b/meta-oe/recipes-security/usbguard/usbguard_1.1.3.bb new file mode 100644 index 0000000000..558f4347b6 --- /dev/null +++ b/meta-oe/recipes-security/usbguard/usbguard_1.1.3.bb
@@ -0,0 +1,73 @@
	1	# Copyright (c) 2021 Koninklijke Philips N.V.
	2	#
	3	# SPDX-License-Identifier: MIT
	4	#
	5	SUMMARY = "USBGuard daemon for blacklisting and whitelisting of USB devices"
	6	DESCRIPTION = "The USBGuard software framework helps to protect your computer against \
	7	rogue USB devices (a.k.a. Bad USB) by implementing basic whitelisting and blacklisting \
	8	capabilities based on device attributes. This recipe takes OpenSSL as crypto-backend for \
	9	computing device hashes (Supported values are sodium, gcrypt, openssl)."
	10	HOMEPAGE = "https://usbguard.github.io/"
	11	LICENSE = "GPL-2.0-only"
	12	LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263"
	13
	14	SRC_URI = "https://github.com/USBGuard/usbguard/releases/download/${BPN}-${PV}/${BPN}-${PV}.tar.gz \
	15	file://0001-Add-and-use-pkgconfig-instead-of-libgcrypt-config.patch \
	16	file://0001-Adapt-for-protobuf-30.0-API-changes.patch \
	17	"
	18
	19	SRC_URI[sha256sum] = "707dad2938923202697f636c2b4e0be80f192242039a2af3fc7ac35d03f78551"
	20
	21	inherit autotools-brokensep bash-completion pkgconfig systemd github-releases
	22
	23	DEPENDS = "glib-2.0-native libcap-ng libqb libxml2-native libxslt-native protobuf protobuf-native xmlto-native"
	24
	25	UPSTREAM_CHECK_REGEX = "releases/tag/usbguard-(?P<pver>\d+(\.\d+)+)"
	26
	27	EXTRA_OECONF += "\
	28	--with-bundled-catch \
	29	--with-bundled-pegtl \
	30	"
	31
	32	LDFLAGS:append:riscv32 = " -latomic"
	33
	34	PACKAGECONFIG ?= "\
	35	openssl \
	36	${@bb.utils.filter('DISTRO_FEATURES', 'polkit', d)} \
	37	${@bb.utils.filter('DISTRO_FEATURES', 'seccomp', d)} \
	38	${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
	39	"
	40
	41	# USBGuard has made polkit mandatory to configure with-dbus
	42	PACKAGECONFIG[dbus] = "--with-dbus,--without-dbus,dbus-glib polkit"
	43	PACKAGECONFIG[libgcrypt] = "--with-crypto-library=gcrypt,,libgcrypt,,,libsodium openssl"
	44	PACKAGECONFIG[libsodium] = "--with-crypto-library=sodium,,libsodium,,,libgcrypt openssl"
	45	PACKAGECONFIG[openssl] = "--with-crypto-library=openssl,,openssl,,,libgcrypt libsodium"
	46	PACKAGECONFIG[polkit] = "--with-polkit,--without-polkit,polkit"
	47	PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp,libseccomp"
	48	PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd"
	49
	50	SYSTEMD_PACKAGES = "${PN}"
	51
	52	SYSTEMD_SERVICE:${PN} = "usbguard.service ${@bb.utils.contains('PACKAGECONFIG', 'dbus', 'usbguard-dbus.service', '', d)}"
	53
	54	FILES:${PN} += "\
	55	${systemd_unitdir}/system/usbguard.service \
	56	${systemd_unitdir}/system/usbguard-dbus.service \
	57	${datadir}/polkit-1 \
	58	${datadir}/dbus-1 \
	59	${nonarch_libdir}/tmpfiles.d \
	60	"
	61
	62	do_install:append() {
	63	# Create /var/log/usbguard in runtime.
	64	if [ "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" ]; then
	65	install -d ${D}${nonarch_libdir}/tmpfiles.d
	66	echo "d ${localstatedir}/log/${BPN} 0755 root root -" > ${D}${nonarch_libdir}/tmpfiles.d/${BPN}.conf
	67	fi
	68	if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then
	69	install -d ${D}${sysconfdir}/default/volatiles
	70	echo "d root root 0755 ${localstatedir}/log/${BPN} none" > ${D}${sysconfdir}/default/volatiles/99_${BPN}
	71	fi
	72	rm -rf ${D}${localstatedir}/log
	73	}