summaryrefslogtreecommitdiffstats
path: root/recipes-security/bastille
diff options
context:
space:
mode:
authormulhern <mulhern@yoctoproject.org>2013-08-25 17:10:22 -0400
committermulhern <mulhern@yoctoproject.org>2013-08-30 15:38:50 -0400
commit6e23502b380d845382b914ca6b3afe96c4b80c8d (patch)
tree9e9be835163c3eae7c8a4a3ecaa0227035f994d6 /recipes-security/bastille
parentabb566ce89c6138db948d5e61b25e58a90beaa1b (diff)
downloadmeta-security-6e23502b380d845382b914ca6b3afe96c4b80c8d.tar.gz
Bastille: accept and observe --os flag in multiple situations.
[YOCTO #3867] Five additional patches which cause the --os flag to be accepted and observed are added. An additional distro, Yocto, is added. The individual patches are described below. upgrade_options_processing.patch: Changes setOptions procedure so that it accepts named parameters for greater flexibility and adjusts all invocations accordingly. Uses more precise specifications in invocatiosn of Getop::Long::GetOptions. Omits code associated with a commented out flag. accept_os_flag_in_backend.patch: Accepts and observes an additional --os flag in BastilleBackEnd. allow_os_with_assess.patch: No longer print a usage message and quit if --assess or its related flags are specified along with the --os flag. edit_usage_message.patch: Edit usage message to include the specification of an --os flag with the specification of an --assess flag. organize_distro_discovery.patch: Separates inferring the distro from specifying the distro. Adds a "Yocto" distro among the other Linux distros. Causes the specified distro to override the inferred distro with a warning message when they are different. Previously if either the inferred distro or the specified distro was not among supported distros Bastille would quit with an error. Signed-off-by: mulhern <mulhern@yoctoproject.org>
Diffstat (limited to 'recipes-security/bastille')
-rw-r--r--recipes-security/bastille/bastille_3.2.1.bb5
-rw-r--r--recipes-security/bastille/files/accept_os_flag_in_backend.patch34
-rw-r--r--recipes-security/bastille/files/allow_os_with_assess.patch43
-rw-r--r--recipes-security/bastille/files/edit_usage_message.patch32
-rw-r--r--recipes-security/bastille/files/organize_distro_discovery.patch476
-rw-r--r--recipes-security/bastille/files/upgrade_options_processing.patch91
6 files changed, 681 insertions, 0 deletions
diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb
index c8d0103..8969f6b 100644
--- a/recipes-security/bastille/bastille_3.2.1.bb
+++ b/recipes-security/bastille/bastille_3.2.1.bb
@@ -24,6 +24,11 @@ SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3
24 file://remove_questions_text_file_references.patch \ 24 file://remove_questions_text_file_references.patch \
25 file://simplify_B_place.patch \ 25 file://simplify_B_place.patch \
26 file://find_existing_config.patch \ 26 file://find_existing_config.patch \
27 file://upgrade_options_processing.patch \
28 file://accept_os_flag_in_backend.patch \
29 file://allow_os_with_assess.patch \
30 file://edit_usage_message.patch \
31 file://organize_distro_discovery.patch \
27 " 32 "
28 33
29SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b" 34SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b"
diff --git a/recipes-security/bastille/files/accept_os_flag_in_backend.patch b/recipes-security/bastille/files/accept_os_flag_in_backend.patch
new file mode 100644
index 0000000..4a438e4
--- /dev/null
+++ b/recipes-security/bastille/files/accept_os_flag_in_backend.patch
@@ -0,0 +1,34 @@
1Upstream Status: Inappropriate [No upstream maintenance]
2
3Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
4
5---
6
7Index: Bastille/BastilleBackEnd
8===================================================================
9--- Bastille.orig/BastilleBackEnd 2013-08-21 12:40:54.000000000 -0400
10+++ Bastille/BastilleBackEnd 2013-08-21 12:43:21.895950001 -0400
11@@ -52,11 +52,13 @@
12 my $force = 0;
13 my $debug = 0;
14 my $alternate_config=undef;
15+my $os_version=undef;
16
17 if( Getopt::Long::GetOptions( "n" => \$nodisclaim,
18 "v" => \$verbose,
19 "force" => \$force,
20 "f=s" => \$alternate_config,
21+ "os=s" => \$os_version,
22 "debug" => \$debug) ) {
23 $error = 0; # no parse error
24
25@@ -66,7 +68,8 @@
26
27 &setOptions(
28 debug => $debug,
29- verbose => $verbose);
30+ verbose => $verbose,
31+ os => $os_version);
32 &ConfigureForDistro;
33
34 if ( $error ) { # GetOptions couldn't parse all of the args
diff --git a/recipes-security/bastille/files/allow_os_with_assess.patch b/recipes-security/bastille/files/allow_os_with_assess.patch
new file mode 100644
index 0000000..e112f90
--- /dev/null
+++ b/recipes-security/bastille/files/allow_os_with_assess.patch
@@ -0,0 +1,43 @@
1Upstream Status: Inappropriate [No upstream maintenance]
2
3Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
4
5---
6
7Index: Bastille/bin/bastille
8===================================================================
9--- Bastille.orig/bin/bastille 2013-08-21 08:59:06.647950000 -0400
10+++ Bastille/bin/bastille 2013-08-21 15:55:53.193631711 -0400
11@@ -195,7 +195,6 @@
12 systemFileLocations
13
14 isAssessing='no'
15-nonXArg='no'
16
17 if [ $PERL_V_MAJ -eq $MIN_V_MAJ -a $PERL_V_MIN -lt $MIN_V_MIN -o $PERL_V_MAJ -lt $MIN_V_MAJ ]; then # invalid Perl
18 printErr
19@@ -316,12 +315,10 @@
20 '--os')
21 options_left="$options_left --os"
22 optarg='yes'
23- nonXArg='yes'
24 ;;
25 '-f')
26 options_left="$options_left -f"
27 optarg='yes'
28- nonXArg='yes'
29 ;;
30 # Non-exclusive (undocumented and unsupported) options follow:
31 # There is no validity/combination checking done with these.
32@@ -345,11 +342,6 @@
33 fi
34 done
35
36-#Detect case where -f or --os attempted use with --assess
37- if [ \( x$nonXArg = xyes \) -a \( x$isAssessing = xyes \) ]; then
38- printUsage
39- exit 2
40- fi
41
42 # We have a valid version of perl! Verify that all the required
43 # modules can be found.
diff --git a/recipes-security/bastille/files/edit_usage_message.patch b/recipes-security/bastille/files/edit_usage_message.patch
new file mode 100644
index 0000000..72cdc2f
--- /dev/null
+++ b/recipes-security/bastille/files/edit_usage_message.patch
@@ -0,0 +1,32 @@
1Upstream Status: Inappropriate [No upstream maintenance]
2
3Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
4
5---
6
7Index: Bastille/bin/bastille
8===================================================================
9--- Bastille.orig/bin/bastille 2013-08-25 14:16:35.614779001 -0400
10+++ Bastille/bin/bastille 2013-08-25 14:16:38.674779000 -0400
11@@ -60,7 +60,7 @@
12 printUsage () {
13 cat >&2 << EOF
14 $ERRSPACES Usage: bastille [ -b | -c | -x ] [ --os <version>] [ -f <alternate config> ]
15-$ERRSPACES bastille [-r | -l | -h | --assess | --assessnobrowser ]
16+$ERRSPACES bastille [-r | -l | -h | --assess | --assessnobrowser ] [ --os <version> ]
17 $ERRSPACES -b : use a saved config file to apply changes
18 $ERRSPACES directly to system
19 $ERRSPACES -c : use the Curses (non-X11) GUI, not available on HP-UX
20Index: Bastille/Bastille/API.pm
21===================================================================
22--- Bastille.orig/Bastille/API.pm 2013-08-25 08:15:40.266779002 -0400
23+++ Bastille/Bastille/API.pm 2013-08-25 14:18:22.750778811 -0400
24@@ -206,7 +206,7 @@
25 #options before interactive or Bastille runs, so this check is often redundant
26 $GLOBAL_ERROR{"usage"}="\n".
27 "$spc Usage: bastille [ -b | -c | -x ] [ --os <version> ] [ -f <alternate config> ]\n".
28- "$spc bastille [ -r | --assess | --assessnobowser ]\n\n".
29+ "$spc bastille [ -r | --assess | --assessnobowser ] [ --os <version> ]\n\n".
30 "$spc --assess : check status of system and report in browser\n".
31 "$spc --assessnobrowser : check status of system and list report locations\n".
32 "$spc -b : use a saved config file to apply changes\n".
diff --git a/recipes-security/bastille/files/organize_distro_discovery.patch b/recipes-security/bastille/files/organize_distro_discovery.patch
new file mode 100644
index 0000000..d64d1e2
--- /dev/null
+++ b/recipes-security/bastille/files/organize_distro_discovery.patch
@@ -0,0 +1,476 @@
1Upstream Status: Inappropriate [No upstream maintenance]
2
3Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
4
5---
6
7Index: Bastille/Bastille/API.pm
8===================================================================
9--- Bastille.orig/Bastille/API.pm 2013-08-22 04:32:38.269968002 -0400
10+++ Bastille/Bastille/API.pm 2013-08-22 11:29:53.137968002 -0400
11@@ -141,7 +141,7 @@
12 checkProcsForService
13
14
15- $GLOBAL_OS $GLOBAL_ACTUAL_OS $CLI
16+ $CLI
17 $GLOBAL_LOGONLY $GLOBAL_VERBOSE $GLOBAL_DEBUG $GLOBAL_AUDITONLY $GLOBAL_AUDIT_NO_BROWSER $errorFlag
18 %GLOBAL_BIN %GLOBAL_DIR %GLOBAL_FILE
19 %GLOBAL_BDIR %GLOBAL_BFILE
20@@ -198,7 +198,7 @@
21 my $err ="ERROR: ";
22 my $spc =" ";
23 my $GLOBAL_OS="None";
24-my $GLOBAL_ACTUAL_OS="None";
25+my $GLOBAL_INFERRED_OS="None";
26 my %GLOBAL_SUMS=();
27 my $CLI='';
28
29@@ -306,7 +306,7 @@
30
31 ###########################################################################
32 #
33-# GetDistro checks to see if the target is a known distribution and reports
34+# InferDistro checks to see if the target is a known distribution and reports
35 # said distribution.
36 #
37 # This is used throughout the script, but also by ConfigureForDistro.
38@@ -314,205 +314,194 @@
39 #
40 ###########################################################################
41
42-sub GetDistro() {
43+sub InferDistro() {
44
45 my ($release,$distro);
46
47- # Only read files for the distro once.
48- # if the --os option was used then
49- if ($GLOBAL_OS eq "None") {
50- if ( -e "/etc/mandrake-release" ) {
51- open(MANDRAKE_RELEASE,"/etc/mandrake-release");
52- $release=<MANDRAKE_RELEASE>;
53-
54- if ( ($release =~ /^Mandrake Linux release (\d+\.\d+\w*)/) or ($release =~ /^Linux Mandrake release (\d+\.\d+\w*)/) ) {
55- $distro="MN$1";
56- }
57- elsif ( $release =~ /^Mandrakelinux release (\d+\.\d+)\b/ ) {
58- $distro="MN$1";
59- }
60- else {
61- print STDERR "$err Couldn't determine Mandrake/Mandriva version! Setting to 10.1!\n";
62- $distro="MN10.1";
63- }
64-
65- close(MANDRAKE_RELEASE);
66- }
67- elsif ( -e "/etc/immunix-release" ) {
68- open(IMMUNIX_RELEASE,"/etc/immunix-release");
69- $release=<IMMUNIX_RELEASE>;
70- unless ($release =~ /^Immunix Linux release (\d+\.\d+\w*)/) {
71- print STDERR "$err Couldn't determine Immunix version! Setting to 6.2!\n";
72- $distro="RH6.2";
73- }
74- else {
75- $distro="RH$1";
76- }
77- close(*IMMUNIX_RELEASE);
78- }
79- elsif ( -e '/etc/fedora-release' ) {
80- open(FEDORA_RELEASE,'/etc/fedora-release');
81- $release=<FEDORA_RELEASE>;
82- close FEDORA_RELEASE;
83- if ($release =~ /^Fedora Core release (\d+\.?\d*)/) {
84- $distro = "RHFC$1";
85- }
86- elsif ($release =~ /^Fedora release (\d+\.?\d*)/) {
87- $distro = "RHFC$1";
88- }
89- else {
90- print STDERR "$err Could not determine Fedora version! Setting to Fedora Core 8\n";
91- $distro='RHFC8';
92- }
93+ if ( -e "/etc/mandrake-release" ) {
94+ open(MANDRAKE_RELEASE,"/etc/mandrake-release");
95+ $release=<MANDRAKE_RELEASE>;
96+
97+ if ( ($release =~ /^Mandrake Linux release (\d+\.\d+\w*)/) or ($release =~ /^Linux Mandrake release (\d+\.\d+\w*)/) ) {
98+ $distro="MN$1";
99+ }
100+ elsif ( $release =~ /^Mandrakelinux release (\d+\.\d+)\b/ ) {
101+ $distro="MN$1";
102+ }
103+ else {
104+ print STDERR "$err Could not infer Mandrake/Mandriva version! Setting to 10.1!\n";
105+ $distro="MN10.1";
106+ }
107+
108+ close(MANDRAKE_RELEASE);
109+ }
110+ elsif ( -e "/etc/immunix-release" ) {
111+ open(IMMUNIX_RELEASE,"/etc/immunix-release");
112+ $release=<IMMUNIX_RELEASE>;
113+ unless ($release =~ /^Immunix Linux release (\d+\.\d+\w*)/) {
114+ print STDERR "$err Could not infer Immunix version! Setting to 6.2!\n";
115+ $distro="RH6.2";
116+ }
117+ else {
118+ $distro="RH$1";
119 }
120- elsif ( -e "/etc/redhat-release" ) {
121- open(*REDHAT_RELEASE,"/etc/redhat-release");
122- $release=<REDHAT_RELEASE>;
123- if ($release =~ /^Red Hat Linux release (\d+\.?\d*\w*)/) {
124- $distro="RH$1";
125- }
126- elsif ($release =~ /^Red Hat Linux .+ release (\d+)\.?\d*([AEW]S)/) {
127- $distro="RHEL$1$2";
128- }
129- elsif ($release =~ /^Red Hat Enterprise Linux ([AEW]S) release (\d+)/) {
130- $distro="RHEL$2$1";
131+ close(*IMMUNIX_RELEASE);
132+ }
133+ elsif ( -e '/etc/fedora-release' ) {
134+ open(FEDORA_RELEASE,'/etc/fedora-release');
135+ $release=<FEDORA_RELEASE>;
136+ close FEDORA_RELEASE;
137+ if ($release =~ /^Fedora Core release (\d+\.?\d*)/) {
138+ $distro = "RHFC$1";
139+ }
140+ elsif ($release =~ /^Fedora release (\d+\.?\d*)/) {
141+ $distro = "RHFC$1";
142+ }
143+ else {
144+ print STDERR "$err Could not infer Fedora version! Setting to Fedora Core 8\n";
145+ $distro='RHFC8';
146+ }
147+ }
148+ elsif ( -e "/etc/redhat-release" ) {
149+ open(*REDHAT_RELEASE,"/etc/redhat-release");
150+ $release=<REDHAT_RELEASE>;
151+ if ($release =~ /^Red Hat Linux release (\d+\.?\d*\w*)/) {
152+ $distro="RH$1";
153+ }
154+ elsif ($release =~ /^Red Hat Linux .+ release (\d+)\.?\d*([AEW]S)/) {
155+ $distro="RHEL$1$2";
156+ }
157+ elsif ($release =~ /^Red Hat Enterprise Linux ([AEW]S) release (\d+)/) {
158+ $distro="RHEL$2$1";
159+ }
160+ elsif ($release =~ /^CentOS release (\d+\.\d+)/) {
161+ my $version = $1;
162+ if ($version =~ /^4\./) {
163+ $distro='RHEL4AS';
164 }
165- elsif ($release =~ /^CentOS release (\d+\.\d+)/) {
166- my $version = $1;
167- if ($version =~ /^4\./) {
168- $distro='RHEL4AS';
169- }
170- elsif ($version =~ /^3\./) {
171- $distro='RHEL3AS';
172- }
173- else {
174- print STDERR "$err Could not determine CentOS version! Setting to Red Hat Enterprise 4 AS.\n";
175- $distro='RHEL4AS';
176- }
177- }
178- else {
179- # JJB/HP - Should this be B_log?
180- print STDERR "$err Couldn't determine Red Hat version! Setting to 9!\n";
181- $distro="RH9";
182- }
183- close(REDHAT_RELEASE);
184-
185- }
186- elsif ( -e "/etc/debian_version" ) {
187- $stable="3.1"; #Change this when Debian stable changes
188- open(*DEBIAN_RELEASE,"/etc/debian_version");
189- $release=<DEBIAN_RELEASE>;
190- unless ($release =~ /^(\d+\.\d+\w*)/) {
191- print STDERR "$err System is not running a stable Debian GNU/Linux version. Setting to $stable.\n";
192- $distro="DB$stable";
193+ elsif ($version =~ /^3\./) {
194+ $distro='RHEL3AS';
195 }
196 else {
197- $distro="DB$1";
198- }
199- close(DEBIAN_RELEASE);
200- }
201- elsif ( -e "/etc/SuSE-release" ) {
202- open(*SUSE_RELEASE,"/etc/SuSE-release");
203- $release=<SUSE_RELEASE>;
204- if ($release =~ /^SuSE Linux (\d+\.\d+\w*)/i) {
205- $distro="SE$1";
206- }
207- elsif ($release =~ /^SUSE LINUX Enterprise Server (\d+\.?\d?\w*)/i) {
208- $distro="SESLES$1";
209- }
210- elsif ($release =~ /^SUSE Linux Enterprise Server (\d+\.?\d?\w*)/i) {
211- $distro="SESLES$1";
212- }
213- elsif ($release =~ /^openSuSE (\d+\.\d+\w*)/i) {
214- $distro="SE$1";
215+ print STDERR "$err Could not infer CentOS version! Setting to Red Hat Enterprise 4 AS.\n";
216+ $distro='RHEL4AS';
217 }
218- else {
219- print STDERR "$err Couldn't determine SuSE version! Setting to 10.3!\n";
220- $distro="SE10.3";
221- }
222- close(SUSE_RELEASE);
223- }
224- elsif ( -e "/etc/turbolinux-release") {
225- open(*TURBOLINUX_RELEASE,"/etc/turbolinux-release");
226- $release=<TURBOLINUX_RELEASE>;
227- unless ($release =~ /^Turbolinux Workstation (\d+\.\d+\w*)/) {
228- print STDERR "$err Couldn't determine TurboLinux version! Setting to 7.0!\n";
229- $distro="TB7.0";
230- }
231- else {
232- $distro="TB$1";
233- }
234- close(TURBOLINUX_RELEASE);
235+ }
236+ else {
237+ # JJB/HP - Should this be B_log?
238+ print STDERR "$err Could not infer Red Hat version! Setting to 9!\n";
239+ $distro="RH9";
240+ }
241+ close(REDHAT_RELEASE);
242+
243+ }
244+ elsif ( -e "/etc/debian_version" ) {
245+ $stable="3.1"; #Change this when Debian stable changes
246+ open(*DEBIAN_RELEASE,"/etc/debian_version");
247+ $release=<DEBIAN_RELEASE>;
248+ unless ($release =~ /^(\d+\.\d+\w*)/) {
249+ print STDERR "$err System is not running a stable Debian GNU/Linux version. Setting to $stable.\n";
250+ $distro="DB$stable";
251+ }
252+ else {
253+ $distro="DB$1";
254+ }
255+ close(DEBIAN_RELEASE);
256+ }
257+ elsif ( -e "/etc/SuSE-release" ) {
258+ open(*SUSE_RELEASE,"/etc/SuSE-release");
259+ $release=<SUSE_RELEASE>;
260+ if ($release =~ /^SuSE Linux (\d+\.\d+\w*)/i) {
261+ $distro="SE$1";
262+ }
263+ elsif ($release =~ /^SUSE LINUX Enterprise Server (\d+\.?\d?\w*)/i) {
264+ $distro="SESLES$1";
265+ }
266+ elsif ($release =~ /^SUSE Linux Enterprise Server (\d+\.?\d?\w*)/i) {
267+ $distro="SESLES$1";
268+ }
269+ elsif ($release =~ /^openSuSE (\d+\.\d+\w*)/i) {
270+ $distro="SE$1";
271+ }
272+ else {
273+ print STDERR "$err Could not infer SuSE version! Setting to 10.3!\n";
274+ $distro="SE10.3";
275 }
276+ close(SUSE_RELEASE);
277+ }
278+ elsif ( -e "/etc/turbolinux-release") {
279+ open(*TURBOLINUX_RELEASE,"/etc/turbolinux-release");
280+ $release=<TURBOLINUX_RELEASE>;
281+ unless ($release =~ /^Turbolinux Workstation (\d+\.\d+\w*)/) {
282+ print STDERR "$err Could not infer TurboLinux version! Setting to 7.0!\n";
283+ $distro="TB7.0";
284+ }
285 else {
286- # We're either on Mac OS X, HP-UX or an unsupported O/S.
287- if ( -x '/usr/bin/uname') {
288+ $distro="TB$1";
289+ }
290+ close(TURBOLINUX_RELEASE);
291+ }
292+ else {
293+ # We're either on Mac OS X, HP-UX or an unsupported O/S.
294+ if ( -x '/usr/bin/uname') {
295 # uname is in /usr/bin on Mac OS X and HP-UX
296- $release=`/usr/bin/uname -sr`;
297- }
298- else {
299- print STDERR "$err Could not determine operating system version!\n";
300- $distro="unknown"
301- }
302-
303- # Figure out what kind of system we're on.
304- if ($release ne "") {
305- if ($release =~ /^Darwin\s+(\d+)\.(\d+)/) {
306- if ($1 == 6 ) {
307- $distro = "OSX10.2";
308- }
309- elsif ($1 == 7) {
310- $distro = "OSX10.3";
311- }
312- elsif ($1 == 8) {
313- $distro = "OSX10.3";
314- }
315- else {
316- $distro = "unknown";
317- }
318+ $release=`/usr/bin/uname -sr`;
319+ }
320+ else {
321+ print STDERR "$err Could not infer operating system version from filesystem context. Setting inferred distro to 'unknown'.\n";
322+ $distro="unknown";
323+ }
324+
325+ # Figure out what kind of system we're on.
326+ if ($release ne "") {
327+ if ($release =~ /^Darwin\s+(\d+)\.(\d+)/) {
328+ if ($1 == 6 ) {
329+ $distro = "OSX10.2";
330 }
331- elsif ( $release =~ /(^HP-UX)\s*B\.(\d+\.\d+)/ ) {
332- $distro="$1$2";
333+ elsif ($1 == 7) {
334+ $distro = "OSX10.3";
335 }
336+ elsif ($1 == 8) {
337+ $distro = "OSX10.3";
338+ }
339 else {
340- print STDERR "$err Could not determine operating system version!\n";
341- $distro="unknown";
342+ print STDERR "$err Could not infer operating system version from filesystem context. Setting inferred distro to 'unknown'.\n";
343+ $distro = "unknown";
344 }
345 }
346+ elsif ( $release =~ /(^HP-UX)\s*B\.(\d+\.\d+)/ ) {
347+ $distro="$1$2";
348+ }
349+ else {
350+ print STDERR "$err Could not infer operating system version from filesystem context. Setting inferred distro to 'unknown'.\n";
351+ $distro="unknown";
352+ }
353 }
354-
355- $GLOBAL_OS=$distro;
356- } elsif (not (defined $GLOBAL_OS)) {
357- print "ERROR: GLOBAL OS Scoping Issue\n";
358- } else {
359- $distro = $GLOBAL_OS;
360 }
361-
362 return $distro;
363 }
364
365 ###################################################################################
366-# &getActualDistro; #
367+# &getInferredDistro; #
368 # #
369 # This subroutine returns the actual os version in which is running on. This #
370 # os version is independent of the --os switch feed to bastille. #
371 # #
372 ###################################################################################
373-sub getActualDistro {
374- # set local variable to $GLOBAL_OS
375+sub getInferredDistro {
376+ if ($GLOBAL_INFERRED_OS eq "None") {
377+ $GLOBAL_INFERRED_OS = &InferDistro;
378+ }
379+ return $GLOBAL_INFERRED_OS;
380+}
381
382- if ($GLOBAL_ACTUAL_OS eq "None") {
383- my $os = $GLOBAL_OS;
384- # undef GLOBAL_OS so that the GetDistro routine will return
385- # the actualDistro, it might otherwise return the distro set
386- # by the --os switch.
387- $GLOBAL_OS = "None";
388- $GLOBAL_ACTUAL_OS = &GetDistro;
389- # reset the GLOBAL_OS variable
390- $GLOBAL_OS = $os;
391+sub GetDistro {
392+ if ($GLOBAL_OS eq "None") {
393+ return &getInferredDistro;
394 }
395- return $GLOBAL_ACTUAL_OS;
396+ return $GLOBAL_OS;
397 }
398+
399 # These are helper routines which used to be included inside GetDistro
400 sub is_OS_supported($) {
401 my $os=$_[0];
402@@ -556,7 +545,8 @@
403 "SE7.2","SE7.3", "SE8.0","SE8.1","SE9.0","SE9.1",
404 "SE9.2","SE9.3","SE10.0","SE10.1","SE10.2","SE10.3",
405 "SESLES8","SESLES9","SESLES10",
406- "TB7.0"
407+ "TB7.0",
408+ "Yocto"
409 ],
410
411 "HP-UX" => [
412@@ -882,23 +872,19 @@
413 ###########################################################################
414 sub ConfigureForDistro {
415
416- my $retval=1;
417-
418- # checking to see if the os version given is in fact supported
419 my $distro = &GetDistro;
420
421- # checking to see if the actual os version is in fact supported
422- my $actualDistro = &getActualDistro;
423+ my $inferredDistro = &getInferredDistro;
424+
425+ if (! ($inferredDistro eq $distro) ) {
426+ print STDERR "WARNING: Inferred distro $inferredDistro is not the same as specified distro $distro. Using specified distro.\n";
427+ }
428+
429 $ENV{'LOCALE'}=''; # So that test cases checking for english results work ok.
430- if ((! &is_OS_supported($distro)) or (! &is_OS_supported($actualDistro)) ) {
431- # if either is not supported then print out a list of supported versions
432- if (! &is_OS_supported($distro)) {
433- print STDERR "$err '$distro' is not a supported operating system.\n";
434- }
435- else {
436- print STDERR "$err Bastille is unable to operate correctly on this\n";
437- print STDERR "$spc $distro operating system.\n";
438- }
439+
440+ if (! &is_OS_supported($distro)) {
441+ print STDERR "$err '$distro' is not a supported operating system.\n";
442+
443 my %supportedOSHash = &getSupportedOSHash;
444 print STDERR "$spc Valid operating system versions are as follows:\n";
445
446@@ -930,7 +916,7 @@
447 # intend via setting the Perl umask
448 umask(077);
449
450- &getFileAndServiceInfo($distro,$actualDistro);
451+ &getFileAndServiceInfo($distro,$distro);
452
453 # &dumpFileInfo; # great for debuging file location issues
454 # &dumpServiceInfo; # great for debuging service information issues
455@@ -942,7 +928,7 @@
456 "$spc You must use Bastille\'s -n flag (for example:\n" .
457 "$spc bastille -f -n) or \'touch $nodisclaim_file \'\n";
458
459- return $retval;
460+ return 1;
461 }
462
463
464Index: Bastille/Bastille/LogAPI.pm
465===================================================================
466--- Bastille.orig/Bastille/LogAPI.pm 2013-08-22 04:32:38.269968002 -0400
467+++ Bastille/Bastille/LogAPI.pm 2013-08-22 04:32:47.509968002 -0400
468@@ -111,7 +111,7 @@
469 # do this here to prevent bootstrapping problem, where we need to
470 # write an error that the errorlog location isn't defined.
471 my $logdir="/var/log/Bastille";
472- if(&getActualDistro =~ "^HP-UX"){
473+ if(&getInferredDistro =~ "^HP-UX"){
474 $logdir = "/var/opt/sec_mgmt/bastille/log/";
475 }
476
diff --git a/recipes-security/bastille/files/upgrade_options_processing.patch b/recipes-security/bastille/files/upgrade_options_processing.patch
new file mode 100644
index 0000000..4093867
--- /dev/null
+++ b/recipes-security/bastille/files/upgrade_options_processing.patch
@@ -0,0 +1,91 @@
1Upstream Status: Inappropriate [No upstream maintenance]
2
3Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
4
5---
6
7Index: Bastille/Bastille/API.pm
8===================================================================
9--- Bastille.orig/Bastille/API.pm 2013-08-21 11:41:09.235950000 -0400
10+++ Bastille/Bastille/API.pm 2013-08-21 11:41:16.183950000 -0400
11@@ -271,9 +271,15 @@
12 # setOptions takes six arguments, $GLOBAL_DEBUG, $GLOBAL_LOGONLY,
13 # $GLOBAL_VERBOSE, $GLOBAL_AUDITONLY, $GLOBAL_AUDIT_NO_BROWSER, and GLOBAL_OS;
14 ###########################################################################
15-sub setOptions($$$$$$) {
16- ($GLOBAL_DEBUG,$GLOBAL_LOGONLY,$GLOBAL_VERBOSE,$GLOBAL_AUDITONLY,
17- $GLOBAL_AUDIT_NO_BROWSER,$GLOBAL_OS) = @_;
18+sub setOptions {
19+ my %opts = @_;
20+
21+ $GLOBAL_DEBUG = $opts{debug};
22+ $GLOBAL_LOGONLY = $opts{logonly};
23+ $GLOBAL_VERBOSE = $opts{verbose};
24+ $GLOBAL_AUDITONLY = $opts{auditonly};
25+ $GLOBAL_AUDIT_NO_BROWSER = $opts{audit_no_browser};
26+ $GLOBAL_OS = $opts{os};
27 if ($GLOBAL_AUDIT_NO_BROWSER) {
28 $GLOBAL_AUDITONLY = 1;
29 }
30Index: Bastille/BastilleBackEnd
31===================================================================
32--- Bastille.orig/BastilleBackEnd 2013-08-21 11:41:09.235950000 -0400
33+++ Bastille/BastilleBackEnd 2013-08-21 12:40:54.055950001 -0400
34@@ -50,15 +50,13 @@
35 my $nodisclaim = 0;
36 my $verbose = 0;
37 my $force = 0;
38-my $log_only = 0;
39 my $debug = 0;
40 my $alternate_config=undef;
41
42 if( Getopt::Long::GetOptions( "n" => \$nodisclaim,
43 "v" => \$verbose,
44 "force" => \$force,
45-# "log" => \$log_only, # broken
46- "f:s" => \$alternate_config,
47+ "f=s" => \$alternate_config,
48 "debug" => \$debug) ) {
49 $error = 0; # no parse error
50
51@@ -66,7 +64,9 @@
52 $error = 1; # parse error
53 }
54
55-&setOptions($debug,$log_only,$verbose);
56+&setOptions(
57+ debug => $debug,
58+ verbose => $verbose);
59 &ConfigureForDistro;
60
61 if ( $error ) { # GetOptions couldn't parse all of the args
62Index: Bastille/InteractiveBastille
63===================================================================
64--- Bastille.orig/InteractiveBastille 2013-08-21 11:41:09.235950000 -0400
65+++ Bastille/InteractiveBastille 2013-08-21 12:40:30.531950001 -0400
66@@ -234,8 +234,8 @@
67 "a" => \$audit,
68 "force" => \$force,
69 "log" => \$log_only,
70- "os:s" => \$os_version,
71- "f:s" => \$alternate_config,
72+ "os=s" => \$os_version,
73+ "f=s" => \$alternate_config,
74 "debug" => \$debug) ) {
75 $error = 0; # no parse error
76 } else {
77@@ -293,7 +293,13 @@
78 $UseRequiresRules = 'N';
79 }
80
81-&setOptions($debug,$log_only,$verbose,$audit,$auditnobrowser,$os_version);
82+&setOptions(
83+ debug => $debug,
84+ logonly => $log_only,
85+ verbose => $verbose,
86+ auditonly => $audit,
87+ audit_no_browser => $auditnobrowser,
88+ os => $os_version);
89 &ConfigureForDistro;
90
91 # ensuring mutually exclusive options are exclusive
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-21 13:14:10 +0000