openscap: move to main meta-security layer

Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Armin Kuster <akuster808@gmail.com> 2023-06-13 11:15:31 -0400
committer: Armin Kuster <akuster808@gmail.com> 2023-06-20 11:07:20 -0400
commit: 4bfd29a330a7dce83d5babc27b087b08c7928748 (patch)
tree: b4ba8d0afca4e277195c6e73ef91c2f4c81d46ca /recipes-compliance/openscap
parent: 666a0c6ccfcfc116aed905a12525256e6385d11c (diff)
download: meta-security-4bfd29a330a7dce83d5babc27b087b08c7928748.tar.gz
1 files changed, 67 insertions, 0 deletions
diff --git a/recipes-compliance/openscap/openscap_1.3.7.bb b/recipes-compliance/openscap/openscap_1.3.7.bb
new file mode 100644
index 0000000..a422f9c
--- /dev/null
+++ b/recipes-compliance/openscap/openscap_1.3.7.bb
@@ -0,0 +1,67 @@
+# Copyright (C) 2017  - 2023 Armin Kuster  <akuster808@gmail.com>
+# Released under the MIT license (see COPYING.MIT for the terms)
+SUMARRY = "NIST Certified SCAP 1.2 toolkit"
+HOME_URL = "https://www.open-scap.org/tools/openscap-base/"
+LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
+LICENSE = "LGPL-2.1-only"
+DEPENDS = "dbus acl bzip2 pkgconfig gconf procps curl libxml2 libxslt libcap swig libpcre  xmlsec1"
+DEPENDS:class-native = "pkgconfig-native swig-native curl-native libxml2-native libxslt-native libcap-native libpcre-native xmlsec1-native"
+SRCREV = "55efbfda0f617e05862ab6ed4862e10dbee52b03"
+SRC_URI = "git://github.com/OpenSCAP/openscap.git;branch=maint-1.3;protocol=https"
+S = "${WORKDIR}/git"
+inherit cmake pkgconfig python3native python3targetconfig perlnative systemd
+PACKAGECONFIG ?= "python3 rpm perl gcrypt ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)}"
+PACKAGECONFIG[python3] = "-DENABLE_PYTHON3=ON, ,python3, python3"
+PACKAGECONFIG[perl] = "-DENABLE_PERL=ON, ,perl, perl"
+PACKAGECONFIG[rpm] = "-DENABLE_OSCAP_UTIL_AS_RPM=ON, ,rpm, rpm"
+PACKAGECONFIG[gcrypt] = "-DWITH_CRYPTO=gcrypt, ,libgcrypt"
+PACKAGECONFIG[nss3] = "-DWITH_CRYPTO=nss3, ,nss"
+PACKAGECONFIG[selinux] = ", ,libselinux"
+EXTRA_OECMAKE += "-DENABLE_PROBES_LINUX=ON -DENABLE_PROBES_UNIX=ON \
+                  -DENABLE_PROBES_SOLARIS=OFF -DENABLE_PROBES_INDEPENDENT=ON \
+                  -DENABLE_OSCAP_UTIL=ON -DENABLE_OSCAP_UTIL_SSH=ON \
+                  -DENABLE_OSCAP_UTIL_DOCKER=OFF -DENABLE_OSCAP_UTIL_CHROOT=OFF \
+                  -DENABLE_OSCAP_UTIL_PODMAN=OFF -DENABLE_OSCAP_UTIL_VM=OFF \
+                  -DENABLE_PROBES_WINDOWS=OFF -DENABLE_VALGRIND=OFF \
+                  -DENABLE_SCE=ON -DENABLE_MITRE=OFF -DENABLE_TESTS=OFF \
+                  -DCMAKE_SKIP_INSTALL_RPATH=ON -DCMAKE_SKIP_RPATH=ON \
+                 "
+STAGING_OSCAP_DIR = "${TMPDIR}/work-shared/${MACHINE}/oscap-source"
+STAGING_OSCAP_BUILDDIR = "${TMPDIR}/work-shared/openscap/oscap-build-artifacts"
+do_configure:append:class-native () {
+    sed -i 's:OSCAP_DEFAULT_CPE_PATH.*$:OSCAP_DEFAULT_CPE_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/cpe":' ${B}/config.h
+    sed -i 's:OSCAP_DEFAULT_SCHEMA_PATH.*$:OSCAP_DEFAULT_SCHEMA_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/schemas":' ${B}/config.h
+    sed -i 's:OSCAP_DEFAULT_XSLT_PATH.*$:OSCAP_DEFAULT_XSLT_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/xsl":' ${B}/config.h
+}
+do_install:append () {
+    if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+        install -D -m 0644 ${B}/oscap-remediate.service ${D}${systemd_system_unitdir}/oscap-remediate.service
+    fi
+}
+do_install:class-native[cleandirs] += " ${STAGING_OSCAP_BUILDDIR}"
+do_install:append:class-native () {
+    oscapdir=${STAGING_OSCAP_BUILDDIR}/${datadir_native}
+    install -d $oscapdir
+    cp -a ${D}/${STAGING_DATADIR_NATIVE}/openscap $oscapdir
+}
+SYSTEMD_PACKAGES = "${PN}"
+SYSTEMD_SERVICE:${PN} = "oscap-remediate.service"
+FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR}"
+RDEPENDS:${PN} += "libxml2 python3-core libgcc bash"
+BBCLASSEXTEND = "native"
author	Armin Kuster <akuster808@gmail.com>	2023-06-13 11:15:31 -0400
committer	Armin Kuster <akuster808@gmail.com>	2023-06-20 11:07:20 -0400
commit	4bfd29a330a7dce83d5babc27b087b08c7928748 (patch)
tree	b4ba8d0afca4e277195c6e73ef91c2f4c81d46ca /recipes-compliance/openscap
parent	666a0c6ccfcfc116aed905a12525256e6385d11c (diff)
download	meta-security-4bfd29a330a7dce83d5babc27b087b08c7928748.tar.gz

diff --git a/recipes-compliance/openscap/openscap_1.3.7.bb b/recipes-compliance/openscap/openscap_1.3.7.bb new file mode 100644 index 0000000..a422f9c --- /dev/null +++ b/recipes-compliance/openscap/openscap_1.3.7.bb
@@ -0,0 +1,67 @@
	1	# Copyright (C) 2017 - 2023 Armin Kuster <akuster808@gmail.com>
	2	# Released under the MIT license (see COPYING.MIT for the terms)
	3
	4	SUMARRY = "NIST Certified SCAP 1.2 toolkit"
	5	HOME_URL = "https://www.open-scap.org/tools/openscap-base/"
	6	LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
	7	LICENSE = "LGPL-2.1-only"
	8
	9	DEPENDS = "dbus acl bzip2 pkgconfig gconf procps curl libxml2 libxslt libcap swig libpcre xmlsec1"
	10	DEPENDS:class-native = "pkgconfig-native swig-native curl-native libxml2-native libxslt-native libcap-native libpcre-native xmlsec1-native"
	11
	12
	13	SRCREV = "55efbfda0f617e05862ab6ed4862e10dbee52b03"
	14	SRC_URI = "git://github.com/OpenSCAP/openscap.git;branch=maint-1.3;protocol=https"
	15
	16	S = "${WORKDIR}/git"
	17
	18	inherit cmake pkgconfig python3native python3targetconfig perlnative systemd
	19
	20	PACKAGECONFIG ?= "python3 rpm perl gcrypt ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)}"
	21	PACKAGECONFIG[python3] = "-DENABLE_PYTHON3=ON, ,python3, python3"
	22	PACKAGECONFIG[perl] = "-DENABLE_PERL=ON, ,perl, perl"
	23	PACKAGECONFIG[rpm] = "-DENABLE_OSCAP_UTIL_AS_RPM=ON, ,rpm, rpm"
	24	PACKAGECONFIG[gcrypt] = "-DWITH_CRYPTO=gcrypt, ,libgcrypt"
	25	PACKAGECONFIG[nss3] = "-DWITH_CRYPTO=nss3, ,nss"
	26	PACKAGECONFIG[selinux] = ", ,libselinux"
	27
	28	EXTRA_OECMAKE += "-DENABLE_PROBES_LINUX=ON -DENABLE_PROBES_UNIX=ON \
	29	-DENABLE_PROBES_SOLARIS=OFF -DENABLE_PROBES_INDEPENDENT=ON \
	30	-DENABLE_OSCAP_UTIL=ON -DENABLE_OSCAP_UTIL_SSH=ON \
	31	-DENABLE_OSCAP_UTIL_DOCKER=OFF -DENABLE_OSCAP_UTIL_CHROOT=OFF \
	32	-DENABLE_OSCAP_UTIL_PODMAN=OFF -DENABLE_OSCAP_UTIL_VM=OFF \
	33	-DENABLE_PROBES_WINDOWS=OFF -DENABLE_VALGRIND=OFF \
	34	-DENABLE_SCE=ON -DENABLE_MITRE=OFF -DENABLE_TESTS=OFF \
	35	-DCMAKE_SKIP_INSTALL_RPATH=ON -DCMAKE_SKIP_RPATH=ON \
	36	"
	37
	38	STAGING_OSCAP_DIR = "${TMPDIR}/work-shared/${MACHINE}/oscap-source"
	39	STAGING_OSCAP_BUILDDIR = "${TMPDIR}/work-shared/openscap/oscap-build-artifacts"
	40
	41	do_configure:append:class-native () {
	42	sed -i 's:OSCAP_DEFAULT_CPE_PATH.*$:OSCAP_DEFAULT_CPE_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/cpe":' ${B}/config.h
	43	sed -i 's:OSCAP_DEFAULT_SCHEMA_PATH.*$:OSCAP_DEFAULT_SCHEMA_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/schemas":' ${B}/config.h
	44	sed -i 's:OSCAP_DEFAULT_XSLT_PATH.*$:OSCAP_DEFAULT_XSLT_PATH "${STAGING_OSCAP_BUILDDIR}${datadir_native}/openscap/xsl":' ${B}/config.h
	45	}
	46
	47	do_install:append () {
	48	if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
	49	install -D -m 0644 ${B}/oscap-remediate.service ${D}${systemd_system_unitdir}/oscap-remediate.service
	50	fi
	51	}
	52
	53	do_install:class-native[cleandirs] += " ${STAGING_OSCAP_BUILDDIR}"
	54	do_install:append:class-native () {
	55	oscapdir=${STAGING_OSCAP_BUILDDIR}/${datadir_native}
	56	install -d $oscapdir
	57	cp -a ${D}/${STAGING_DATADIR_NATIVE}/openscap $oscapdir
	58	}
	59
	60
	61	SYSTEMD_PACKAGES = "${PN}"
	62	SYSTEMD_SERVICE:${PN} = "oscap-remediate.service"
	63
	64	FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR}"
	65
	66	RDEPENDS:${PN} += "libxml2 python3-core libgcc bash"
	67	BBCLASSEXTEND = "native"