Bastille: change in behavior of bastille -l.

[YOCTO #3867] bastille -l now reports existing configuration file paths even if it has not previously been run. Previously, it exited with an error if it detected an absence of log files indicating a previous run. Signed-off-by: mulhern <mulhern@yoctoproject.org>
author: mulhern <mulhern@yoctoproject.org> 2013-08-25 16:27:44 -0400
committer: mulhern <mulhern@yoctoproject.org> 2013-08-30 15:32:32 -0400
commit: abb566ce89c6138db948d5e61b25e58a90beaa1b (patch)
tree: fabda9c53f5fd4eb576d99d580097aa4352c8216 /recipes-security/bastille
parent: 7672e9a8a2502ebb851d5a170cb37e1a70578188 (diff)
download: meta-security-abb566ce89c6138db948d5e61b25e58a90beaa1b.tar.gz
2 files changed, 65 insertions, 0 deletions
diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb
index 0165a4e..c8d0103 100644
--- a/recipes-security/bastille/bastille_3.2.1.bb
+++ b/recipes-security/bastille/bastille_3.2.1.bb
@@ -23,6 +23,7 @@ SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3
           file://fix_number_of_modules.patch \
           file://remove_questions_text_file_references.patch \
           file://simplify_B_place.patch \
+           file://find_existing_config.patch \
           "
 SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b"
diff --git a/recipes-security/bastille/files/find_existing_config.patch b/recipes-security/bastille/files/find_existing_config.patch
new file mode 100644
index 0000000..c075875
--- /dev/null
+++ b/recipes-security/bastille/files/find_existing_config.patch
@@ -0,0 +1,64 @@
+Upstream Status: Inappropriate [No upstream maintenance]
+Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
+---
+Index: Bastille/bin/bastille
+===================================================================
+--- Bastille.orig/bin/bastille  2013-06-20 14:58:01.065796000 -0400
+++ Bastille/bin/bastille       2013-08-20 15:16:18.472378000 -0400
+@@ -102,8 +102,9 @@
+     # defines OS specific file locations based on uname
+     systemFileLocations
+ 
+    config_files=`find $config_repository -type f -name \*config 2>/dev/null`
+
+     if [ -f $last_config ]; then
+-        config_files=`find $config_repository -type f -name \*config 2>/dev/null`
+        for config_cursor in `echo $config_files`
+          do
+          if /usr/bin/diff $last_config $config_cursor >/dev/null 2>&1
+@@ -112,8 +113,8 @@
+          fi
+        done
+        if [ -n "$match" ]; then
+-           echo "The last bastille run corresponds to the following profiles:"
+-           echo "$match"
+           printf "The last Bastille run corresponds to the following profiles:\n"
+           printf "$match"
+        else
+             cat >&2 << EOF
+ NOTE:    The last config file applied,
+@@ -122,18 +123,28 @@
+ $ERRSPACES $config_repository.
+ $ERRSPACES This probably means that Bastille was last run interactively and
+ $ERRSPACES changes were made to the config file, but they have not yet been
+-$ERRSPACES applied, or that the source config file was moved.  If you do have pending 
+$ERRSPACES applied, or that the source config file was moved.  If you do have pending
+ $ERRSPACES changes in a config file, you can apply them by running
+ $ERRSPACES 'bastille -b -f <config file>.'
+ EOF
+ 
+        fi
+     else
+-       echo "NOTE:    The system is in its pre-bastilled state.\n"
+       for config_cursor in `echo $config_files`
+         do
+         match="$match   $config_cursor\n"
+       done
+        if [ -n "$match" ]; then
+            printf "The following Bastille profiles were located:\n"
+            printf "$match"
+        else
+            printf "No Bastille profiles were located.\n"
+        fi
+        printf "No log files of profiles from previous executions of Bastille have been found. It is likely that Bastille has not been run on this machine.\n"
+     fi
+-
+ }
+ 
+
+ # First, make sure we're root
+ if [ `PATH="/usr/bin:/bin"; id -u` -ne 0 ]; then
+     echo "ERROR:   Bastille must be run as root user" >&2
author	mulhern <mulhern@yoctoproject.org>	2013-08-25 16:27:44 -0400
committer	mulhern <mulhern@yoctoproject.org>	2013-08-30 15:32:32 -0400
commit	abb566ce89c6138db948d5e61b25e58a90beaa1b (patch)
tree	fabda9c53f5fd4eb576d99d580097aa4352c8216 /recipes-security/bastille
parent	7672e9a8a2502ebb851d5a170cb37e1a70578188 (diff)
download	meta-security-abb566ce89c6138db948d5e61b25e58a90beaa1b.tar.gz

diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb index 0165a4e..c8d0103 100644 --- a/recipes-security/bastille/bastille_3.2.1.bb +++ b/recipes-security/bastille/bastille_3.2.1.bb
@@ -23,6 +23,7 @@ SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3
23	file://fix_number_of_modules.patch \	23	file://fix_number_of_modules.patch \
24	file://remove_questions_text_file_references.patch \	24	file://remove_questions_text_file_references.patch \
25	file://simplify_B_place.patch \	25	file://simplify_B_place.patch \
		26	file://find_existing_config.patch \
26	"	27	"
27		28
28	SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b"	29	SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b"


diff --git a/recipes-security/bastille/files/find_existing_config.patch b/recipes-security/bastille/files/find_existing_config.patch new file mode 100644 index 0000000..c075875 --- /dev/null +++ b/recipes-security/bastille/files/find_existing_config.patch
@@ -0,0 +1,64 @@
		1	Upstream Status: Inappropriate [No upstream maintenance]
		2
		3	Signed-off-by: Anne Mulhern <mulhern@yoctoproject.org>
		4
		5	---
		6
		7	Index: Bastille/bin/bastille
		8	===================================================================
		9	--- Bastille.orig/bin/bastille 2013-06-20 14:58:01.065796000 -0400
		10	+++ Bastille/bin/bastille 2013-08-20 15:16:18.472378000 -0400
		11	@@ -102,8 +102,9 @@
		12	# defines OS specific file locations based on uname
		13	systemFileLocations
		14
		15	+ config_files=`find $config_repository -type f -name \*config 2>/dev/null`
		16	+
		17	if [ -f $last_config ]; then
		18	- config_files=`find $config_repository -type f -name \*config 2>/dev/null`
		19	for config_cursor in `echo $config_files`
		20	do
		21	if /usr/bin/diff $last_config $config_cursor >/dev/null 2>&1
		22	@@ -112,8 +113,8 @@
		23	fi
		24	done
		25	if [ -n "$match" ]; then
		26	- echo "The last bastille run corresponds to the following profiles:"
		27	- echo "$match"
		28	+ printf "The last Bastille run corresponds to the following profiles:\n"
		29	+ printf "$match"
		30	else
		31	cat >&2 << EOF
		32	NOTE: The last config file applied,
		33	@@ -122,18 +123,28 @@
		34	$ERRSPACES $config_repository.
		35	$ERRSPACES This probably means that Bastille was last run interactively and
		36	$ERRSPACES changes were made to the config file, but they have not yet been
		37	-$ERRSPACES applied, or that the source config file was moved. If you do have pending
		38	+$ERRSPACES applied, or that the source config file was moved. If you do have pending
		39	$ERRSPACES changes in a config file, you can apply them by running
		40	$ERRSPACES 'bastille -b -f <config file>.'
		41	EOF
		42
		43	fi
		44	else
		45	- echo "NOTE: The system is in its pre-bastilled state.\n"
		46	+ for config_cursor in `echo $config_files`
		47	+ do
		48	+ match="$match $config_cursor\n"
		49	+ done
		50	+ if [ -n "$match" ]; then
		51	+ printf "The following Bastille profiles were located:\n"
		52	+ printf "$match"
		53	+ else
		54	+ printf "No Bastille profiles were located.\n"
		55	+ fi
		56	+ printf "No log files of profiles from previous executions of Bastille have been found. It is likely that Bastille has not been run on this machine.\n"
		57	fi
		58	-
		59	}
		60
		61	+
		62	# First, make sure we're root
		63	if [ `PATH="/usr/bin:/bin"; id -u` -ne 0 ]; then
		64	echo "ERROR: Bastille must be run as root user" >&2