Bastille: document the current status and usability of the Bastille install.

The README file is updated to indicate the functionality of Bastille that is
actually available.

The recipe file is updated with a pointer to the README file.

An additional patch is added so that when Bastille is run in interactive mode
it will not attempt to make any changes to the system. This is better than
attempting to make the changes and making the screen flicker . The text on the
final screen has been updated appropriately.

Signed-off-by: mulhern <mulhern@yoctoproject.org>

2 files changed, 43 insertions, 0 deletions

diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb
index 1c924e7..06215a2 100644
--- a/recipes-security/bastille/bastille_3.2.1.bb
+++ b/recipes-security/bastille/bastille_3.2.1.bb
@@ -1,3 +1,5 @@
+#The functionality of Bastille that is actually available is restricted. Please
+#consult the README file for the meta-security layer for additional information.
 SUMMARY = "Linux hardening tool"
 DESCRIPTION = "Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling."
 LICENSE = "GPLv2"
@@ -29,6 +31,7 @@ SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3
            file://allow_os_with_assess.patch \
            file://edit_usage_message.patch \
            file://organize_distro_discovery.patch \
+           file://do_not_apply_config.patch \
            "
 
 SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b"
diff --git a/recipes-security/bastille/files/do_not_apply_config.patch b/recipes-security/bastille/files/do_not_apply_config.patch
new file mode 100644
index 0000000..574aa98
--- /dev/null
+++ b/recipes-security/bastille/files/do_not_apply_config.patch
@@ -0,0 +1,40 @@
+Upstream Status: Inappropriate [No upstream maintenance]
+
+Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
+
+---
+
+Index: Bastille/Bastille_Curses.pm
+===================================================================
+--- Bastille.orig/Bastille_Curses.pm    2013-08-27 16:43:39.130959000 -0400
++++ Bastille/Bastille_Curses.pm 2013-08-27 16:43:39.794959000 -0400
+@@ -83,11 +83,6 @@
+     # Output answers to the script and display
+     &outputConfig;
+ 
+-    # Run Bastille
+-
+-    &Run_Bastille_with_Config;
+-
+-
+     # Display Credits
+ 
+     open CREDITS,"/usr/share/Bastille/Credits";
+Index: Bastille/InteractiveBastille
+===================================================================
+--- Bastille.orig/InteractiveBastille   2013-08-27 16:43:39.434959000 -0400
++++ Bastille/InteractiveBastille        2013-08-27 17:18:55.758959000 -0400
+@@ -531,10 +531,10 @@
+     "       Please address bug reports and suggestions to jay\@bastille-linux.org\n" .
+     "\n";
+ 
+-    $InterfaceEndScreenDescription = "We will now implement the choices you have made here.\n\n" .
++    $InterfaceEndScreenDescription = "We will now record the choices you have made here.\n\n" .
+        "Answer NO if you want to go back and make changes!\n";
+-    $InterfaceEndScreenQuestion = "Are you finished answering the questions, i.e. may we make the changes?";
+-    $InterfaceEndScreenNoEpilogue = "Please use Back/Next buttons to move among the questions you wish to\nchange.\n\nChoose YES on this question later to implement your choices.\n";
++    $InterfaceEndScreenQuestion = "Are you finished answering the questions, i.e. may we record the answers and exit?";
++    $InterfaceEndScreenNoEpilogue = "Please use Back/Next buttons to move among the questions you wish to\nchange.\n\nChoose YES on this question later to record your choices.\n";
+     require Bastille_Curses;
+ } elsif ($GLOBAL_AUDITONLY) {
+