paxctl: Remove recipe

Remove the paxctl recipe since it has seemingly been broken for a while without anyone noticing, and there likely have been no actual users since grsecurity stopped doing public releases in 2017. Signed-off-by: Scott Murray <scott.murray@konsulko.com>
author: Scott Murray <scott.murray@konsulko.com> 2025-09-26 15:26:41 -0400
committer: Marta Rybczynska <marta.rybczynska@ygreky.com> 2025-10-08 17:34:14 +0200
commit: fa4057267c920f211cdcd49f0a0d060d4e8a8b84 (patch)
tree: b26090954a49c9a5587e018060eb5f30958704ac
parent: 3c1131721210d78060236069d8d9c477b02094af (diff)
download: meta-security-fa4057267c920f211cdcd49f0a0d060d4e8a8b84.tar.gz
5 files changed, 0 insertions, 95 deletions
diff --git a/conf/distro/include/maintainers-meta-security.inc b/conf/distro/include/maintainers-meta-security.inc
index 903bb9b..6f13ea9 100644
--- a/conf/distro/include/maintainers-meta-security.inc
+++ b/conf/distro/include/maintainers-meta-security.inc
@@ -44,7 +44,6 @@ RECIPE_MAINTAINER:pn-libseccomp = "Scott Murray <scott.murray@konsulko.com>"
 RECIPE_MAINTAINER:pn-libwhisker2-perl = "Scott Murray <scott.murray@konsulko.com>"
 RECIPE_MAINTAINER:pn-ncrack = "Scott Murray <scott.murray@konsulko.com>"
 RECIPE_MAINTAINER:pn-nikto = "Scott Murray <scott.murray@konsulko.com>"
-RECIPE_MAINTAINER:pn-paxctl = "Scott Murray <scott.murray@konsulko.com>"
 RECIPE_MAINTAINER:pn-python3-fail2ban = "Scott Murray <scott.murray@konsulko.com>"
 RECIPE_MAINTAINER:pn-python3-scapy = "Scott Murray <scott.murray@konsulko.com>"
 RECIPE_MAINTAINER:pn-python-fail2ban = "Scott Murray <scott.murray@konsulko.com>"
diff --git a/docs/overview.txt b/docs/overview.txt
index ed3135a..eb87279 100644
--- a/docs/overview.txt
+++ b/docs/overview.txt
@@ -103,33 +103,6 @@ help for each package.
                usage : simply invoke the script name in the terminal.
-        == pax-utils ==
-                ( This package can be found in oe-core )
-        pax-utils is a small set of various PaX aware and related utilities for
-        ELF binaries.
-        - scanelf : With this application you can print out information specific to the ELF structure of a binary.
-                    For more help please consult the man pages or the readme file.
-        - pspax : is a user-space utility that scans the proc directory and list
-                  ELF types, as well as their respective PaX flags and filenames and
-                  attributes. Depending on build options, it may additionaly display the
-                  process running set of capabilities.
-        - scanmacho : is a user-space utility to quickly scan given
-                      Mach-Os, directories, or common system paths for different information. This
-                      may include Mach-O types, their install_names, etc.
-        - dumpelf : is a user-space utility to dump all of the internal
-                    ELF structures into the equivalent C structures for fun debugging and/or
-                    reference purposes.
-                usage : simply invoke the script name in the terminal.
        == buck-security ==
        Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux
diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb
index 3f5b0a5..7fb7b62 100644
--- a/recipes-core/packagegroup/packagegroup-core-security.bb
+++ b/recipes-core/packagegroup/packagegroup-core-security.bb
@@ -42,7 +42,6 @@ RDEPENDS:packagegroup-security-utils = "\
    sshguard \
    ${@bb.utils.contains("DISTRO_FEATURES", "seccomp ", "libseccomp", "",d)} \
    ${@bb.utils.contains("DISTRO_FEATURES", "pam", "google-authenticator-libpam", "",d)} \
-    ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \
    "
 have_krill =  "${@bb.utils.contains("DISTRO_FEATURES", "pam", "krill", "",d)}"
diff --git a/recipes-security/paxctl/paxctl/0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch b/recipes-security/paxctl/paxctl/0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch
deleted file mode 100644
index 451cb7f..0000000
--- a/recipes-security/paxctl/paxctl/0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 824c5d7b96aeef1b4e182f657ac002bed6e14cd5 Mon Sep 17 00:00:00 2001
-From: Lei Maohui <leimaohui@fujitsu.com>
-Date: Thu, 31 Aug 2023 08:20:56 +0000
-Subject: [PATCH] To fix package error if DESTDIR is set to /usr.
-Upstream-Status: Inappropriate
-Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
---
- Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/Makefile b/Makefile
-index 0d7bc0c..46fd664 100644
--- a/Makefile
-+++ b/Makefile
-@@ -19,7 +19,7 @@ $(PROG).o: $(PROG).c $(PROG).h $(PROG)-elf.c
- install: $(PROG)
- #      $(MKDIR) $(DESTDIR)/sbin $(DESTDIR)$(MANDIR)
-       $(INSTALL) -D --owner 0 --group 0 --mode a=rx $(PROG) $(DESTDIR)/sbin/$(PROG)
-+       $(INSTALL) -D --owner 0 --group 0 --mode a=rx $(PROG) $(DESTDIR)/usr/sbin/$(PROG)
-        $(INSTALL) -D --owner 0 --group 0 --mode a=r $(PROG).1 $(DESTDIR)/$(MANDIR)/$(PROG).1
- clean:
--
-2.34.1
diff --git a/recipes-security/paxctl/paxctl_0.9.bb b/recipes-security/paxctl/paxctl_0.9.bb
deleted file mode 100644
index 3d2f2a3..0000000
--- a/recipes-security/paxctl/paxctl_0.9.bb
+++ /dev/null
@@ -1,40 +0,0 @@
-DESCRIPTION = "paxctl  is  a tool that allows PaX flags to be modified on a \
-               per-binary basis. PaX is part of common  security-enhancing  \
-               kernel  patches  and secure distributions, such as \
-               GrSecurity or Adamantix and Hardened Gen-too, respectively."
-HOMEPAGE = "https://pax.grsecurity.net/"               
-LICENSE = "GPL-2.0-only"
-LIC_FILES_CHKSUM = "file://paxctl.c;beginline=1;endline=5;md5=0ddd065c61020dda79729e6bedaed2c7 \
-                    file://paxctl-elf.c;beginline=1;endline=5;md5=99f453ce7f6d1687ee808982e2924813 \
-                   "
-SRC_URI = "http://pax.grsecurity.net/${BP}.tar.gz \
-           file://0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch \
-"
-SRC_URI[md5sum] = "9bea59b1987dc4e16c2d22d745374e64"
-SRC_URI[sha256sum] = "a330ddd812688169802a3ba29e5e3b19956376b8f6f73b8d7e9586eb04423c2e"
-EXTRA_OEMAKE = "CC='${CC}' DESTDIR='${D}'"
-do_install() {
-        oe_runmake install
-}
-# The install target in the Makefile will fail for paxctl-native with error:
-#   install -D --owner 0 --group 0 --mode a=rx paxctl .../sbin/paxctl
-#   install: cannot change ownership of '.../sbin/paxctl': \
-#   Operation not permitted
-# Drop '--owner 0 --group 0' to fix the issue.
-do_install:class-native() {
-        local PROG=paxctl
-        install -d ${D}${base_sbindir}
-        install -d ${D}${mandir}/man1
-        install --mode a=rx $PROG ${D}${base_sbindir}/$PROG
-        install --mode a=r $PROG.1 ${D}${mandir}/man1/$PROG.1
-}
-# Avoid QA Issue: No GNU_HASH in the elf binary
-INSANE_SKIP:${PN} = "ldflags" 
-BBCLASSEXTEND = "native"
author	Scott Murray <scott.murray@konsulko.com>	2025-09-26 15:26:41 -0400
committer	Marta Rybczynska <marta.rybczynska@ygreky.com>	2025-10-08 17:34:14 +0200
commit	fa4057267c920f211cdcd49f0a0d060d4e8a8b84 (patch)
tree	b26090954a49c9a5587e018060eb5f30958704ac
parent	3c1131721210d78060236069d8d9c477b02094af (diff)
download	meta-security-fa4057267c920f211cdcd49f0a0d060d4e8a8b84.tar.gz

diff --git a/conf/distro/include/maintainers-meta-security.inc b/conf/distro/include/maintainers-meta-security.inc index 903bb9b..6f13ea9 100644 --- a/conf/distro/include/maintainers-meta-security.inc +++ b/conf/distro/include/maintainers-meta-security.inc
@@ -44,7 +44,6 @@ RECIPE_MAINTAINER:pn-libseccomp = "Scott Murray <scott.murray@konsulko.com>"
44	RECIPE_MAINTAINER:pn-libwhisker2-perl = "Scott Murray <scott.murray@konsulko.com>"	44	RECIPE_MAINTAINER:pn-libwhisker2-perl = "Scott Murray <scott.murray@konsulko.com>"
45	RECIPE_MAINTAINER:pn-ncrack = "Scott Murray <scott.murray@konsulko.com>"	45	RECIPE_MAINTAINER:pn-ncrack = "Scott Murray <scott.murray@konsulko.com>"
46	RECIPE_MAINTAINER:pn-nikto = "Scott Murray <scott.murray@konsulko.com>"	46	RECIPE_MAINTAINER:pn-nikto = "Scott Murray <scott.murray@konsulko.com>"
47	RECIPE_MAINTAINER:pn-paxctl = "Scott Murray <scott.murray@konsulko.com>"
48	RECIPE_MAINTAINER:pn-python3-fail2ban = "Scott Murray <scott.murray@konsulko.com>"	47	RECIPE_MAINTAINER:pn-python3-fail2ban = "Scott Murray <scott.murray@konsulko.com>"
49	RECIPE_MAINTAINER:pn-python3-scapy = "Scott Murray <scott.murray@konsulko.com>"	48	RECIPE_MAINTAINER:pn-python3-scapy = "Scott Murray <scott.murray@konsulko.com>"
50	RECIPE_MAINTAINER:pn-python-fail2ban = "Scott Murray <scott.murray@konsulko.com>"	49	RECIPE_MAINTAINER:pn-python-fail2ban = "Scott Murray <scott.murray@konsulko.com>"


diff --git a/docs/overview.txt b/docs/overview.txt index ed3135a..eb87279 100644 --- a/docs/overview.txt +++ b/docs/overview.txt
@@ -103,33 +103,6 @@ help for each package.
103	usage : simply invoke the script name in the terminal.	103	usage : simply invoke the script name in the terminal.
104		104
105		105
106	== pax-utils ==
107
108	( This package can be found in oe-core )
109
110	pax-utils is a small set of various PaX aware and related utilities for
111	ELF binaries.
112
113	- scanelf : With this application you can print out information specific to the ELF structure of a binary.
114	For more help please consult the man pages or the readme file.
115
116	- pspax : is a user-space utility that scans the proc directory and list
117	ELF types, as well as their respective PaX flags and filenames and
118	attributes. Depending on build options, it may additionaly display the
119	process running set of capabilities.
120
121	- scanmacho : is a user-space utility to quickly scan given
122	Mach-Os, directories, or common system paths for different information. This
123	may include Mach-O types, their install_names, etc.
124
125	- dumpelf : is a user-space utility to dump all of the internal
126	ELF structures into the equivalent C structures for fun debugging and/or
127	reference purposes.
128
129
130	usage : simply invoke the script name in the terminal.
131
132
133	== buck-security ==	106	== buck-security ==
134		107
135	Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux	108	Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux


diff --git a/recipes-core/packagegroup/packagegroup-core-security.bb b/recipes-core/packagegroup/packagegroup-core-security.bb index 3f5b0a5..7fb7b62 100644 --- a/recipes-core/packagegroup/packagegroup-core-security.bb +++ b/recipes-core/packagegroup/packagegroup-core-security.bb
@@ -42,7 +42,6 @@ RDEPENDS:packagegroup-security-utils = "\
42	sshguard \	42	sshguard \
43	${@bb.utils.contains("DISTRO_FEATURES", "seccomp ", "libseccomp", "",d)} \	43	${@bb.utils.contains("DISTRO_FEATURES", "seccomp ", "libseccomp", "",d)} \
44	${@bb.utils.contains("DISTRO_FEATURES", "pam", "google-authenticator-libpam", "",d)} \	44	${@bb.utils.contains("DISTRO_FEATURES", "pam", "google-authenticator-libpam", "",d)} \
45	${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \
46	"	45	"
47		46
48	have_krill = "${@bb.utils.contains("DISTRO_FEATURES", "pam", "krill", "",d)}"	47	have_krill = "${@bb.utils.contains("DISTRO_FEATURES", "pam", "krill", "",d)}"


diff --git a/recipes-security/paxctl/paxctl/0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch b/recipes-security/paxctl/paxctl/0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch deleted file mode 100644 index 451cb7f..0000000 --- a/recipes-security/paxctl/paxctl/0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch +++ /dev/null
@@ -1,26 +0,0 @@
1	From 824c5d7b96aeef1b4e182f657ac002bed6e14cd5 Mon Sep 17 00:00:00 2001
2	From: Lei Maohui <leimaohui@fujitsu.com>
3	Date: Thu, 31 Aug 2023 08:20:56 +0000
4	Subject: [PATCH] To fix package error if DESTDIR is set to /usr.
5
6	Upstream-Status: Inappropriate
7	Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
8	---
9	Makefile \| 2 +-
10	1 file changed, 1 insertion(+), 1 deletion(-)
11
12	diff --git a/Makefile b/Makefile
13	index 0d7bc0c..46fd664 100644
14	--- a/Makefile
15	+++ b/Makefile
16	@@ -19,7 +19,7 @@ $(PROG).o: $(PROG).c $(PROG).h $(PROG)-elf.c
17
18	install: $(PROG)
19	# $(MKDIR) $(DESTDIR)/sbin $(DESTDIR)$(MANDIR)
20	- $(INSTALL) -D --owner 0 --group 0 --mode a=rx $(PROG) $(DESTDIR)/sbin/$(PROG)
21	+ $(INSTALL) -D --owner 0 --group 0 --mode a=rx $(PROG) $(DESTDIR)/usr/sbin/$(PROG)
22	$(INSTALL) -D --owner 0 --group 0 --mode a=r $(PROG).1 $(DESTDIR)/$(MANDIR)/$(PROG).1
23
24	clean:
25	--
26	2.34.1


diff --git a/recipes-security/paxctl/paxctl_0.9.bb b/recipes-security/paxctl/paxctl_0.9.bb deleted file mode 100644 index 3d2f2a3..0000000 --- a/recipes-security/paxctl/paxctl_0.9.bb +++ /dev/null
@@ -1,40 +0,0 @@
1	DESCRIPTION = "paxctl is a tool that allows PaX flags to be modified on a \
2	per-binary basis. PaX is part of common security-enhancing \
3	kernel patches and secure distributions, such as \
4	GrSecurity or Adamantix and Hardened Gen-too, respectively."
5	HOMEPAGE = "https://pax.grsecurity.net/"
6	LICENSE = "GPL-2.0-only"
7	LIC_FILES_CHKSUM = "file://paxctl.c;beginline=1;endline=5;md5=0ddd065c61020dda79729e6bedaed2c7 \
8	file://paxctl-elf.c;beginline=1;endline=5;md5=99f453ce7f6d1687ee808982e2924813 \
9	"
10
11	SRC_URI = "http://pax.grsecurity.net/${BP}.tar.gz \
12	file://0001-To-fix-package-error-if-DESTDIR-is-set-to-usr.patch \
13	"
14
15	SRC_URI[md5sum] = "9bea59b1987dc4e16c2d22d745374e64"
16	SRC_URI[sha256sum] = "a330ddd812688169802a3ba29e5e3b19956376b8f6f73b8d7e9586eb04423c2e"
17
18	EXTRA_OEMAKE = "CC='${CC}' DESTDIR='${D}'"
19
20	do_install() {
21	oe_runmake install
22	}
23
24	# The install target in the Makefile will fail for paxctl-native with error:
25	# install -D --owner 0 --group 0 --mode a=rx paxctl .../sbin/paxctl
26	# install: cannot change ownership of '.../sbin/paxctl': \
27	# Operation not permitted
28	# Drop '--owner 0 --group 0' to fix the issue.
29	do_install:class-native() {
30	local PROG=paxctl
31	install -d ${D}${base_sbindir}
32	install -d ${D}${mandir}/man1
33	install --mode a=rx $PROG ${D}${base_sbindir}/$PROG
34	install --mode a=r $PROG.1 ${D}${mandir}/man1/$PROG.1
35	}
36
37	# Avoid QA Issue: No GNU_HASH in the elf binary
38	INSANE_SKIP:${PN} = "ldflags"
39
40	BBCLASSEXTEND = "native"