diff options
-rw-r--r-- | README | 131 | ||||
-rw-r--r-- | recipes-security/bastille/bastille_3.2.1.bb | 197 | ||||
-rw-r--r-- | recipes-security/buck-security/buck-security_0.6.bb | 12 | ||||
-rw-r--r-- | recipes-security/checksecurity/checksecurity_2.0.14.bb | 2 | ||||
-rw-r--r-- | recipes-security/nikto/nikto_2.1.5.bb | 158 | ||||
-rw-r--r-- | recipes-security/nmap/nmap_6.25.bb | 4 | ||||
-rw-r--r-- | recipes-security/pax-utils/pax-utils_0.7.bb | 20 | ||||
-rw-r--r-- | recipes-security/perl/libwhisker2-perl_2.5.bb | 6 | ||||
-rw-r--r-- | recipes-security/redhat-security/redhat-security_1.0.bb | 28 |
9 files changed, 261 insertions, 297 deletions
@@ -36,9 +36,9 @@ In this section the contents of the layer is listed, along with a short | |||
36 | help for each package. | 36 | help for each package. |
37 | 37 | ||
38 | == bastille == | 38 | == bastille == |
39 | 39 | ||
40 | Bastille is a system hardening / lockdown program which enhances the | 40 | Bastille is a system hardening / lockdown program which enhances the |
41 | security of a Unix host. It configures daemons, system settings and | 41 | security of a Unix host. It configures daemons, system settings and |
42 | firewalls to be more secure. It can shut off unneeded services | 42 | firewalls to be more secure. It can shut off unneeded services |
43 | like rcp and rlogin, and helps create "chroot jails" that help limit the | 43 | like rcp and rlogin, and helps create "chroot jails" that help limit the |
44 | vulnerability of common Internet services like Web services and DNS. | 44 | vulnerability of common Internet services like Web services and DNS. |
@@ -53,79 +53,81 @@ help for each package. | |||
53 | a config file will be created and run. After these steps, you will have a | 53 | a config file will be created and run. After these steps, you will have a |
54 | hardened system. | 54 | hardened system. |
55 | 55 | ||
56 | If you only want to run the config file, without stepping through the | 56 | If you only want to run the config file, without stepping through the |
57 | list of questions, simply write in a terminal : | 57 | list of questions, simply write in a terminal : |
58 | 58 | ||
59 | bastille -b | 59 | bastille -b |
60 | 60 | ||
61 | More information can be found in the package readme and manual. | 61 | More information can be found in the package readme and manual. |
62 | 62 | ||
63 | 63 | ||
64 | == redhat-security == | 64 | == redhat-security == |
65 | 65 | ||
66 | Sometimes you want to check different aspects of a distribution for security problems. | 66 | Sometimes you want to check different aspects of a distribution for security problems. |
67 | This can be anything from file permissions to correctness of code. This is a collection of those tools. | 67 | This can be anything from file permissions to correctness of code. This is a collection of those tools. |
68 | Depending on what information the tool has to access, it may need to be run as root. | 68 | Depending on what information the tool has to access, it may need to be run as root. |
69 | 69 | ||
70 | - rpm-chksec.sh : This will take an rpm name as input and verify each ELF file to see if its compiled with the intended flags | 70 | - rpm-chksec.sh : This will take an rpm name as input and verify each ELF file to see if its compiled with the intended flags |
71 | to most effectively use PIE and RELRO. Green is good, Orange could use work but is acceptable, and Red needs fixing. | 71 | to most effectively use PIE and RELRO. Green is good, Orange could use work but is acceptable, and Red needs fixing. |
72 | It has a mode --all that is the equivalent of using rpm -qa and feeding the packages to it. | 72 | It has a mode --all that is the equivalent of using rpm -qa and feeding the packages to it. |
73 | In this mode it will only give a summary result for the package. To find which files don't comply, | 73 | In this mode it will only give a summary result for the package. To find which files don't comply, |
74 | re-run using just the package name. | 74 | re-run using just the package name. |
75 | 75 | ||
76 | - find-nodrop-groups.sh : This will scan a whole file system to see if a program makes calls to change UID | 76 | - find-nodrop-groups.sh : This will scan a whole file system to see if a program makes calls to change UID |
77 | and GID without also calling setgroups or initgroups. | 77 | and GID without also calling setgroups or initgroups. |
78 | 78 | ||
79 | - rpm-drop-groups.sh : Same as above, but takes an rpm name instead. | 79 | - rpm-drop-groups.sh : Same as above, but takes an rpm name instead. |
80 | 80 | ||
81 | - find-chroot.sh : This script scans the whole file system looking for ELF files that calls chroot(2) that also do not include a call to chdir. | 81 | - find-chroot.sh : This script scans the whole file system looking for ELF files that calls chroot(2) that also do not include a call to chdir. |
82 | Programs that fail to do this do not have the cwd inside the chroot. This means the app can escape the protection that was intended. | 82 | Programs that fail to do this do not have the cwd inside the chroot. This means the app can escape the protection that was intended. |
83 | 83 | ||
84 | - find-chroot-py.sh : This test is like the one above except it examines python scripts for the same problem. | 84 | - find-chroot-py.sh : This test is like the one above except it examines python scripts for the same problem. |
85 | 85 | ||
86 | - find-execstack.sh : This program scans the whole file system for ELF programs that have marked the stack as being executable. | 86 | - find-execstack.sh : This program scans the whole file system for ELF programs that have marked the stack as being executable. |
87 | This means that if the program has another vulnerablity such as stack buffer overflow, | 87 | This means that if the program has another vulnerablity such as stack buffer overflow, |
88 | any code the attacker places there is executable. Any program found must be fixed. | 88 | any code the attacker places there is executable. Any program found must be fixed. |
89 | 89 | ||
90 | - find-hidden-exec.sh : This program scans the whole file system looking for excutables that are hidden. | 90 | - find-hidden-exec.sh : This program scans the whole file system looking for excutables that are hidden. |
91 | Anything found must be investigated since its highly unusual for executables to be hidden. | 91 | Anything found must be investigated since its highly unusual for executables to be hidden. |
92 | 92 | ||
93 | - find-sh4errors.sh : This program scans the whole file system looking for shell scripts. | 93 | - find-sh4errors.sh : This program scans the whole file system looking for shell scripts. |
94 | It then does a sh -n on the script which causes bash to parse the file to see if there are any mistakes. | 94 | It then does a sh -n on the script which causes bash to parse the file to see if there are any mistakes. |
95 | 95 | ||
96 | - selinux-check-devices.sh : This script checks the /dev directory to see if there are any devices that are not correctly labeled. | 96 | - selinux-check-devices.sh : This script checks the /dev directory to see if there are any devices that are not correctly labeled. |
97 | Anything found by this test should be reported so that selinux policy can be fixed. | 97 | Anything found by this test should be reported so that selinux policy can be fixed. |
98 | This test is very hardware specific, so to be effective a lot of people with different hardware | 98 | This test is very hardware specific, so to be effective a lot of people with different hardware |
99 | should run this test each upstream kernel version release. | 99 | should run this test each upstream kernel version release. |
100 | 100 | ||
101 | - selinux-ls-unconfined.sh : This script scans the running processes and looks for anything labeled with initrc_t or inetd. | 101 | - selinux-ls-unconfined.sh : This script scans the running processes and looks for anything labeled with initrc_t or inetd. |
102 | These both mean that there are daemons that do not have policy and are therefore running unconfined. | 102 | These both mean that there are daemons that do not have policy and are therefore running unconfined. |
103 | These should be reported as SE Linux policy problems. Because it checks currently running daemons, | 103 | These should be reported as SE Linux policy problems. Because it checks currently running daemons, |
104 | the more you have running, the better the test is. | 104 | the more you have running, the better the test is. |
105 | 105 | ||
106 | - find-sh4tmp.sh : This script scans the whole filesystem to check if shell scripts are using well known tmp file names | 106 | - find-sh4tmp.sh : This script scans the whole filesystem to check if shell scripts are using well known tmp file names |
107 | instead of obscure ones created by something like mktemp. | 107 | instead of obscure ones created by something like mktemp. |
108 | 108 | ||
109 | - find-elf4tmp.sh : This script scans the whole file system for ELF files using /tmp. When it finds this, | 109 | - find-elf4tmp.sh : This script scans the whole file system for ELF files using /tmp. When it finds this, |
110 | it also looks to see if any of the known good random name generator functions is called by looking | 110 | it also looks to see if any of the known good random name generator functions is called by looking |
111 | at the symbol table. If not, it will output the string. | 111 | at the symbol table. If not, it will output the string. |
112 | 112 | ||
113 | - lib-bin-check.sh : This will check all installed library packages to see if an application is also part of the package. | 113 | - lib-bin-check.sh : This will check all installed library packages to see if an application is also part of the package. |
114 | The relationship to security is that the SHA256 hash check will fail if a 32 bit version overwrites it. | 114 | The relationship to security is that the SHA256 hash check will fail if a 32 bit version overwrites it. |
115 | Also, the less binaries on a system, the more secure it is by virtue of removing the chance for an exploitable bug. | 115 | Also, the less binaries on a system, the more secure it is by virtue of removing the chance for an exploitable bug. |
116 | |||
116 | 117 | ||
117 | |||
118 | usage : simply invoke the script name in the terminal. | 118 | usage : simply invoke the script name in the terminal. |
119 | 119 | ||
120 | 120 | ||
121 | == pax-utils == | 121 | == pax-utils == |
122 | 122 | ||
123 | ( This package can be found in oe-core ) | ||
124 | |||
123 | pax-utils is a small set of various PaX aware and related utilities for | 125 | pax-utils is a small set of various PaX aware and related utilities for |
124 | ELF binaries. | 126 | ELF binaries. |
125 | 127 | ||
126 | - scanelf : With this application you can print out information specific to the ELF structure of a binary. | 128 | - scanelf : With this application you can print out information specific to the ELF structure of a binary. |
127 | For more help please consult the man pages or the readme file. | 129 | For more help please consult the man pages or the readme file. |
128 | 130 | ||
129 | - pspax : is a user-space utility that scans the proc directory and list | 131 | - pspax : is a user-space utility that scans the proc directory and list |
130 | ELF types, as well as their respective PaX flags and filenames and | 132 | ELF types, as well as their respective PaX flags and filenames and |
131 | attributes. Depending on build options, it may additionaly display the | 133 | attributes. Depending on build options, it may additionaly display the |
@@ -142,7 +144,7 @@ help for each package. | |||
142 | 144 | ||
143 | usage : simply invoke the script name in the terminal. | 145 | usage : simply invoke the script name in the terminal. |
144 | 146 | ||
145 | 147 | ||
146 | == buck-security == | 148 | == buck-security == |
147 | 149 | ||
148 | Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux | 150 | Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of important checks and helps you to harden your Linux |
@@ -150,7 +152,7 @@ help for each package. | |||
150 | 152 | ||
151 | usage : switch to directory /usr/local/buck-security. | 153 | usage : switch to directory /usr/local/buck-security. |
152 | before running the script, you should check the activated checks in conf/buck-security.conf file. | 154 | before running the script, you should check the activated checks in conf/buck-security.conf file. |
153 | after altering the changes, save the file and simply run : | 155 | after altering the changes, save the file and simply run : |
154 | 156 | ||
155 | ./buck-security | 157 | ./buck-security |
156 | 158 | ||
@@ -158,44 +160,44 @@ help for each package. | |||
158 | 160 | ||
159 | More detailed usage can be found typing ./buck-security --help | 161 | More detailed usage can be found typing ./buck-security --help |
160 | 162 | ||
161 | 163 | ||
162 | == libseccomp == | 164 | == libseccomp == |
163 | 165 | ||
164 | The libseccomp library provides and easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism: seccomp. | 166 | The libseccomp library provides and easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism: seccomp. |
165 | The libseccomp API is designed to abstract away the underlying BPF based syscall filter language and present a more conventional | 167 | The libseccomp API is designed to abstract away the underlying BPF based syscall filter language and present a more conventional |
166 | function-call based filtering interface that should be familiar to, and easily adopted by application developers. | 168 | function-call based filtering interface that should be familiar to, and easily adopted by application developers. |
167 | 169 | ||
168 | usage : More detailed usage can be found in the man pages and README file of the package. | 170 | usage : More detailed usage can be found in the man pages and README file of the package. |
169 | 171 | ||
170 | 172 | ||
171 | 173 | ||
172 | == checksecurity == | 174 | == checksecurity == |
173 | 175 | ||
174 | checksecurity is a simple package which will scan your system for several simple security holes. | 176 | checksecurity is a simple package which will scan your system for several simple security holes. |
175 | It uses a simple collection of plugins, all of which are shell scripts which are configured by environmental variables. | 177 | It uses a simple collection of plugins, all of which are shell scripts which are configured by environmental variables. |
176 | 178 | ||
177 | !! IMPORTANT !! | 179 | !! IMPORTANT !! |
178 | 180 | ||
179 | When including this package in the image, please consider adding the following line to the end of the conf/local.conf file: | 181 | When including this package in the image, please consider adding the following line to the end of the conf/local.conf file: |
180 | 182 | ||
181 | CORE_IMAGE_EXTRA_INSTALL = "coreutils" | 183 | CORE_IMAGE_EXTRA_INSTALL = "coreutils" |
182 | 184 | ||
183 | usage : To start checksecurity simply write in the terminal : | 185 | usage : To start checksecurity simply write in the terminal : |
184 | 186 | ||
185 | checksecurity | 187 | checksecurity |
186 | 188 | ||
187 | More detailed usage can be found in the man pages and README file of the package. | 189 | More detailed usage can be found in the man pages and README file of the package. |
188 | 190 | ||
189 | 191 | ||
190 | == nikto == | 192 | == nikto == |
191 | 193 | ||
192 | Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, | 194 | Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, |
193 | including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific | 195 | including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific |
194 | problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, | 196 | problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, |
195 | HTTP server options, and will attempt to identify installed web servers and software. | 197 | HTTP server options, and will attempt to identify installed web servers and software. |
196 | 198 | ||
197 | usage : To start nikto simply write in the terminal : | 199 | usage : To start nikto simply write in the terminal : |
198 | 200 | ||
199 | nikto | 201 | nikto |
200 | 202 | ||
201 | More detailed usage can be found in the man pages and README file of the package. | 203 | More detailed usage can be found in the man pages and README file of the package. |
@@ -203,18 +205,15 @@ help for each package. | |||
203 | 205 | ||
204 | == nmap == | 206 | == nmap == |
205 | 207 | ||
206 | Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. | 208 | Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. |
207 | Many systems and network administrators also find it useful for tasks such as network inventory, | 209 | Many systems and network administrators also find it useful for tasks such as network inventory, |
208 | managing service upgrade schedules, and monitoring host or service uptime. | 210 | managing service upgrade schedules, and monitoring host or service uptime. |
209 | 211 | ||
210 | usage : To start nikto simply write in the terminal : | 212 | usage : To start nikto simply write in the terminal : |
211 | 213 | ||
212 | nmap | 214 | nmap |
213 | 215 | ||
214 | More detailed usage can be found in the man pages and README file of the package. | 216 | More detailed usage can be found in the man pages and README file of the package. |
215 | |||
216 | |||
217 | |||
218 | 217 | ||
219 | License | 218 | License |
220 | ======= | 219 | ======= |
diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb index 36c30e5..ae7fe15 100644 --- a/recipes-security/bastille/bastille_3.2.1.bb +++ b/recipes-security/bastille/bastille_3.2.1.bb | |||
@@ -18,29 +18,14 @@ SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3 | |||
18 | file://fix_version_parse.patch \ | 18 | file://fix_version_parse.patch \ |
19 | file://yocto-standard-patch.patch \ | 19 | file://yocto-standard-patch.patch \ |
20 | file://Curses-and-IOLoader-changes.patch \ | 20 | file://Curses-and-IOLoader-changes.patch \ |
21 | " | 21 | " |
22 | 22 | ||
23 | SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b" | 23 | SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b" |
24 | SRC_URI[sha256sum] = "0ea25191b1dc1c8f91e1b6f8cb5436a3aa1e57418809ef902293448efed5021a" | 24 | SRC_URI[sha256sum] = "0ea25191b1dc1c8f91e1b6f8cb5436a3aa1e57418809ef902293448efed5021a" |
25 | 25 | ||
26 | S = "${WORKDIR}/Bastille" | 26 | S = "${WORKDIR}/Bastille" |
27 | 27 | ||
28 | #CONFFILES_${PN} += "${sysconfdir}/init.d/skeleton" | ||
29 | # | ||
30 | #do_compile () { | ||
31 | # ${CC} ${WORKDIR}/skeleton_test.c -o ${WORKDIR}/skeleton-test | ||
32 | #} | ||
33 | # | ||
34 | do_install () { | 28 | do_install () { |
35 | # install -d ${D}${sysconfdir}/init.d | ||
36 | # cat ${WORKDIR}/skeleton | \ | ||
37 | # sed -e 's,/etc,${sysconfdir},g' \ | ||
38 | # -e 's,/usr/sbin,${sbindir},g' \ | ||
39 | # -e 's,/var,${localstatedir},g' \ | ||
40 | # -e 's,/usr/bin,${bindir},g' \ | ||
41 | # -e 's,/usr,${prefix},g' > ${D}${sysconfdir}/init.d/skeleton | ||
42 | # chmod a+x ${D}${sysconfdir}/init.d/skeleton | ||
43 | |||
44 | install -d ${D}${sbindir} | 29 | install -d ${D}${sbindir} |
45 | install -d ${D}${libdir}/perl/site_perl/Curses | 30 | install -d ${D}${libdir}/perl/site_perl/Curses |
46 | ln -sf perl ${D}/${libdir}/perl5 | 31 | ln -sf perl ${D}/${libdir}/perl5 |
@@ -55,106 +40,100 @@ do_install () { | |||
55 | install -d ${D}${localstatedir}/lock/subsys/bastille | 40 | install -d ${D}${localstatedir}/lock/subsys/bastille |
56 | install -d ${D}${localstatedir}/log/Bastille | 41 | install -d ${D}${localstatedir}/log/Bastille |
57 | install -d ${D}${sysconfdir}/Bastille | 42 | install -d ${D}${sysconfdir}/Bastille |
58 | 43 | install -m 0755 AutomatedBastillei ${D}${sbindir} | |
59 | install -m 0755 AutomatedBastille ${D}${sbindir} | 44 | install -m 0755 BastilleBackEnd ${D}${sbindir} |
60 | install -m 0755 BastilleBackEnd ${D}${sbindir} | 45 | install -m 0755 InteractiveBastille ${D}${sbindir} |
61 | install -m 0755 InteractiveBastille ${D}${sbindir} | 46 | install -m 0644 Modules.txt ${D}${datadir}/Bastille |
62 | # Questions.txt has been replaced by Modules.txt and Questions/ | ||
63 | #install -m 0644 Questions.txt ${D}${datadir}/Bastille | ||
64 | install -m 0644 Modules.txt ${D}${datadir}/Bastille | ||
65 | # New Weights file(s). | 47 | # New Weights file(s). |
66 | install -m 0644 Weights.txt ${D}${datadir}/Bastille | 48 | install -m 0644 Weights.txt ${D}${datadir}/Bastille |
67 | # Castle graphic | 49 | # Castle graphic |
68 | install -m 0644 bastille.jpg ${D}${datadir}/Bastille/ | 50 | install -m 0644 bastille.jpg ${D}${datadir}/Bastille/ |
69 | # Javascript file | 51 | # Javascript file |
70 | install -m 0644 wz_tooltip.js ${D}${datadir}/Bastille/ | 52 | install -m 0644 wz_tooltip.js ${D}${datadir}/Bastille/ |
71 | install -m 0644 Credits ${D}${datadir}/Bastille | 53 | install -m 0644 Credits ${D}${datadir}/Bastille |
72 | install -m 0644 FKL/configs/fkl_config_redhat.cfg ${D}${datadir}/Bastille/FKL/configs/ | 54 | install -m 0644 FKL/configs/fkl_config_redhat.cfg ${D}${datadir}/Bastille/FKL/configs/ |
55 | install -m 0755 RevertBastille ${D}${sbindir} | ||
56 | install -m 0755 bin/bastille ${D}${sbindir} | ||
57 | install -m 0644 bastille-firewall ${D}${datadir}/Bastille | ||
58 | install -m 0644 bastille-firewall-reset ${D}${datadir}/Bastille | ||
59 | install -m 0644 bastille-firewall-schedule ${D}${datadir}/Bastille | ||
60 | install -m 0644 bastille-tmpdir-defense.sh ${D}${datadir}/Bastille | ||
61 | install -m 0644 bastille-tmpdir.csh ${D}${datadir}/Bastille | ||
62 | install -m 0644 bastille-tmpdir.sh ${D}${datadir}/Bastille | ||
63 | install -m 0644 bastille-firewall.cfg ${D}${datadir}/Bastille | ||
64 | install -m 0644 bastille-ipchains ${D}${datadir}/Bastille | ||
65 | install -m 0644 bastille-netfilter ${D}${datadir}/Bastille | ||
66 | install -m 0644 bastille-firewall-early.sh ${D}${datadir}/Bastille | ||
67 | install -m 0644 bastille-firewall-pre-audit.sh ${D}${datadir}/Bastille | ||
68 | install -m 0644 complete.xbm ${D}${datadir}/Bastille | ||
69 | install -m 0644 incomplete.xbm ${D}${datadir}/Bastille | ||
70 | install -m 0644 disabled.xpm ${D}${datadir}/Bastille | ||
71 | install -m 0644 ifup-local ${D}${datadir}/Bastille | ||
72 | install -m 0644 hosts.allow ${D}${datadir}/Bastille | ||
73 | |||
74 | install -m 0644 Bastille/AccountSecurity.pm ${D}${libdir}/Bastille | ||
75 | install -m 0644 Bastille/Apache.pm ${D}${libdir}/Bastille | ||
76 | install -m 0644 Bastille/API.pm ${D}${libdir}/Bastille | ||
77 | install -m 0644 ${WORKDIR}/AccountPermission.pm ${D}${libdir}/Bastille/API | ||
78 | install -m 0644 ${WORKDIR}/FileContent.pm ${D}${libdir}/Bastille/API | ||
79 | install -m 0644 ${WORKDIR}/HPSpecific.pm ${D}${libdir}/Bastille/API | ||
80 | install -m 0644 ${WORKDIR}/ServiceAdmin.pm ${D}${libdir}/Bastille/API | ||
81 | install -m 0644 ${WORKDIR}/Miscellaneous.pm ${D}${libdir}/Bastille/API | ||
82 | install -m 0644 Bastille/BootSecurity.pm ${D}${libdir}/Bastille | ||
83 | install -m 0644 Bastille/ConfigureMiscPAM.pm ${D}${libdir}/Bastille | ||
84 | install -m 0644 Bastille/DisableUserTools.pm ${D}${libdir}/Bastille | ||
85 | install -m 0644 Bastille/DNS.pm ${D}${libdir}/Bastille | ||
86 | install -m 0644 Bastille/FilePermissions.pm ${D}${libdir}/Bastille | ||
87 | install -m 0644 Bastille/FTP.pm ${D}${libdir}/Bastille | ||
88 | install -m 0644 Bastille/Firewall.pm ${D}${libdir}/Bastille | ||
89 | install -m 0644 Bastille/OSX_API.pm ${D}${libdir}/Bastille | ||
90 | install -m 0644 Bastille/LogAPI.pm ${D}${libdir}/Bastille | ||
91 | install -m 0644 Bastille/HP_UX.pm ${D}${libdir}/Bastille | ||
92 | install -m 0644 Bastille/IOLoader.pm ${D}${libdir}/Bastille | ||
93 | install -m 0644 Bastille/Patches.pm ${D}${libdir}/Bastille | ||
94 | install -m 0644 Bastille/Logging.pm ${D}${libdir}/Bastille | ||
95 | install -m 0644 Bastille/MiscellaneousDaemons.pm ${D}${libdir}/Bastille | ||
96 | install -m 0644 Bastille/PatchDownload.pm ${D}${libdir}/Bastille | ||
97 | install -m 0644 Bastille/Printing.pm ${D}${libdir}/Bastille | ||
98 | install -m 0644 Bastille/PSAD.pm ${D}${libdir}/Bastille | ||
99 | install -m 0644 Bastille/RemoteAccess.pm ${D}${libdir}/Bastille | ||
100 | install -m 0644 Bastille/SecureInetd.pm ${D}${libdir}/Bastille | ||
101 | install -m 0644 Bastille/Sendmail.pm ${D}${libdir}/Bastille | ||
102 | install -m 0644 Bastille/TestDriver.pm ${D}${libdir}/Bastille | ||
103 | install -m 0644 Bastille/TMPDIR.pm ${D}${libdir}/Bastille | ||
104 | install -m 0644 Bastille/test_AccountSecurity.pm ${D}${libdir}/Bastille | ||
105 | install -m 0644 Bastille/test_Apache.pm ${D}${libdir}/Bastille | ||
106 | install -m 0644 Bastille/test_DNS.pm ${D}${libdir}/Bastille | ||
107 | install -m 0644 Bastille/test_FTP.pm ${D}${libdir}/Bastille | ||
108 | install -m 0644 Bastille/test_HP_UX.pm ${D}${libdir}/Bastille | ||
109 | install -m 0644 Bastille/test_MiscellaneousDaemons.pm ${D}${libdir}/Bastille | ||
110 | install -m 0644 Bastille/test_Patches.pm ${D}${libdir}/Bastille | ||
111 | install -m 0644 Bastille/test_SecureInetd.pm ${D}${libdir}/Bastille | ||
112 | install -m 0644 Bastille/test_Sendmail.pm ${D}${libdir}/Bastille | ||
113 | install -m 0644 Bastille/test_BootSecurity.pm ${D}${libdir}/Bastille | ||
114 | install -m 0644 Bastille/test_DisableUserTools.pm ${D}${libdir}/Bastille | ||
115 | install -m 0644 Bastille/test_FilePermissions.pm ${D}${libdir}/Bastille | ||
116 | install -m 0644 Bastille/test_Logging.pm ${D}${libdir}/Bastille | ||
117 | install -m 0644 Bastille/test_Printing.pm ${D}${libdir}/Bastille | ||
118 | install -m 0644 Bastille/IPFilter.pm ${D}${libdir}/Bastille | ||
119 | install -m 0644 Bastille_Curses.pm ${D}${libdir}/perl5/site_perl | ||
120 | install -m 0644 Bastille_Tk.pm ${D}${libdir}/perl5/site_perl | ||
121 | install -m 0644 Curses/Widgets.pm ${D}${libdir}/perl5/site_perl/Curses | ||
73 | 122 | ||
74 | install -m 0755 RevertBastille ${D}${sbindir} | 123 | install -m 0644 OSMap/LINUX.bastille ${D}${datadir}/Bastille/OSMap |
75 | install -m 0755 bin/bastille ${D}${sbindir} | 124 | install -m 0644 OSMap/LINUX.system ${D}${datadir}/Bastille/OSMap |
76 | install -m 0644 bastille-firewall ${D}${datadir}/Bastille | 125 | install -m 0644 OSMap/LINUX.service ${D}${datadir}/Bastille/OSMap |
77 | install -m 0644 bastille-firewall-reset ${D}${datadir}/Bastille | 126 | install -m 0644 OSMap/HP-UX.bastille ${D}${datadir}/Bastille/OSMap |
78 | install -m 0644 bastille-firewall-schedule ${D}${datadir}/Bastille | 127 | install -m 0644 OSMap/HP-UX.system ${D}${datadir}/Bastille/OSMap |
79 | install -m 0644 bastille-tmpdir-defense.sh ${D}${datadir}/Bastille | 128 | install -m 0644 OSMap/HP-UX.service ${D}${datadir}/Bastille/OSMap |
80 | install -m 0644 bastille-tmpdir.csh ${D}${datadir}/Bastille | 129 | install -m 0644 OSMap/OSX.bastille ${D}${datadir}/Bastille/OSMap |
81 | install -m 0644 bastille-tmpdir.sh ${D}${datadir}/Bastille | 130 | install -m 0644 OSMap/OSX.system ${D}${datadir}/Bastille/OSMap |
82 | install -m 0644 bastille-firewall.cfg ${D}${datadir}/Bastille | 131 | install -m 0644 ${WORKDIR}/config ${D}${sysconfdir}/Bastille/config |
83 | install -m 0644 bastille-ipchains ${D}${datadir}/Bastille | ||
84 | install -m 0644 bastille-netfilter ${D}${datadir}/Bastille | ||
85 | install -m 0644 bastille-firewall-early.sh ${D}${datadir}/Bastille | ||
86 | install -m 0644 bastille-firewall-pre-audit.sh ${D}${datadir}/Bastille | ||
87 | install -m 0644 complete.xbm ${D}${datadir}/Bastille | ||
88 | install -m 0644 incomplete.xbm ${D}${datadir}/Bastille | ||
89 | install -m 0644 disabled.xpm ${D}${datadir}/Bastille | ||
90 | install -m 0644 ifup-local ${D}${datadir}/Bastille | ||
91 | install -m 0644 hosts.allow ${D}${datadir}/Bastille | ||
92 | 132 | ||
93 | install -m 0644 Bastille/AccountSecurity.pm ${D}${libdir}/Bastille | ||
94 | install -m 0644 Bastille/Apache.pm ${D}${libdir}/Bastille | ||
95 | install -m 0644 Bastille/API.pm ${D}${libdir}/Bastille | ||
96 | install -m 0644 ${WORKDIR}/AccountPermission.pm ${D}${libdir}/Bastille/API | ||
97 | install -m 0644 ${WORKDIR}/FileContent.pm ${D}${libdir}/Bastille/API | ||
98 | install -m 0644 ${WORKDIR}/HPSpecific.pm ${D}${libdir}/Bastille/API | ||
99 | install -m 0644 ${WORKDIR}/ServiceAdmin.pm ${D}${libdir}/Bastille/API | ||
100 | install -m 0644 ${WORKDIR}/Miscellaneous.pm ${D}${libdir}/Bastille/API | ||
101 | install -m 0644 Bastille/BootSecurity.pm ${D}${libdir}/Bastille | ||
102 | install -m 0644 Bastille/ConfigureMiscPAM.pm ${D}${libdir}/Bastille | ||
103 | install -m 0644 Bastille/DisableUserTools.pm ${D}${libdir}/Bastille | ||
104 | install -m 0644 Bastille/DNS.pm ${D}${libdir}/Bastille | ||
105 | install -m 0644 Bastille/FilePermissions.pm ${D}${libdir}/Bastille | ||
106 | install -m 0644 Bastille/FTP.pm ${D}${libdir}/Bastille | ||
107 | install -m 0644 Bastille/Firewall.pm ${D}${libdir}/Bastille | ||
108 | install -m 0644 Bastille/OSX_API.pm ${D}${libdir}/Bastille | ||
109 | install -m 0644 Bastille/LogAPI.pm ${D}${libdir}/Bastille | ||
110 | install -m 0644 Bastille/HP_UX.pm ${D}${libdir}/Bastille | ||
111 | install -m 0644 Bastille/IOLoader.pm ${D}${libdir}/Bastille | ||
112 | install -m 0644 Bastille/Patches.pm ${D}${libdir}/Bastille | ||
113 | install -m 0644 Bastille/Logging.pm ${D}${libdir}/Bastille | ||
114 | install -m 0644 Bastille/MiscellaneousDaemons.pm ${D}${libdir}/Bastille | ||
115 | install -m 0644 Bastille/PatchDownload.pm ${D}${libdir}/Bastille | ||
116 | install -m 0644 Bastille/Printing.pm ${D}${libdir}/Bastille | ||
117 | install -m 0644 Bastille/PSAD.pm ${D}${libdir}/Bastille | ||
118 | install -m 0644 Bastille/RemoteAccess.pm ${D}${libdir}/Bastille | ||
119 | install -m 0644 Bastille/SecureInetd.pm ${D}${libdir}/Bastille | ||
120 | install -m 0644 Bastille/Sendmail.pm ${D}${libdir}/Bastille | ||
121 | install -m 0644 Bastille/TestDriver.pm ${D}${libdir}/Bastille | ||
122 | install -m 0644 Bastille/TMPDIR.pm ${D}${libdir}/Bastille | ||
123 | install -m 0644 Bastille/test_AccountSecurity.pm ${D}${libdir}/Bastille | ||
124 | install -m 0644 Bastille/test_Apache.pm ${D}${libdir}/Bastille | ||
125 | install -m 0644 Bastille/test_DNS.pm ${D}${libdir}/Bastille | ||
126 | install -m 0644 Bastille/test_FTP.pm ${D}${libdir}/Bastille | ||
127 | install -m 0644 Bastille/test_HP_UX.pm ${D}${libdir}/Bastille | ||
128 | install -m 0644 Bastille/test_MiscellaneousDaemons.pm ${D}${libdir}/Bastille | ||
129 | install -m 0644 Bastille/test_Patches.pm ${D}${libdir}/Bastille | ||
130 | install -m 0644 Bastille/test_SecureInetd.pm ${D}${libdir}/Bastille | ||
131 | install -m 0644 Bastille/test_Sendmail.pm ${D}${libdir}/Bastille | ||
132 | install -m 0644 Bastille/test_BootSecurity.pm ${D}${libdir}/Bastille | ||
133 | install -m 0644 Bastille/test_DisableUserTools.pm ${D}${libdir}/Bastille | ||
134 | install -m 0644 Bastille/test_FilePermissions.pm ${D}${libdir}/Bastille | ||
135 | install -m 0644 Bastille/test_Logging.pm ${D}${libdir}/Bastille | ||
136 | install -m 0644 Bastille/test_Printing.pm ${D}${libdir}/Bastille | ||
137 | install -m 0644 Bastille/IPFilter.pm ${D}${libdir}/Bastille | ||
138 | install -m 0644 Bastille_Curses.pm ${D}${libdir}/perl5/site_perl | ||
139 | install -m 0644 Bastille_Tk.pm ${D}${libdir}/perl5/site_perl | ||
140 | install -m 0644 Curses/Widgets.pm ${D}${libdir}/perl5/site_perl/Curses | ||
141 | |||
142 | |||
143 | |||
144 | install -m 0644 OSMap/LINUX.bastille ${D}${datadir}/Bastille/OSMap | ||
145 | install -m 0644 OSMap/LINUX.system ${D}${datadir}/Bastille/OSMap | ||
146 | install -m 0644 OSMap/LINUX.service ${D}${datadir}/Bastille/OSMap | ||
147 | install -m 0644 OSMap/HP-UX.bastille ${D}${datadir}/Bastille/OSMap | ||
148 | install -m 0644 OSMap/HP-UX.system ${D}${datadir}/Bastille/OSMap | ||
149 | install -m 0644 OSMap/HP-UX.service ${D}${datadir}/Bastille/OSMap | ||
150 | install -m 0644 OSMap/OSX.bastille ${D}${datadir}/Bastille/OSMap | ||
151 | install -m 0644 OSMap/OSX.system ${D}${datadir}/Bastille/OSMap | ||
152 | install -m 0644 ${WORKDIR}/config ${D}${sysconfdir}/Bastille/config | ||
153 | |||
154 | for file in `cat Modules.txt` ; do | 133 | for file in `cat Modules.txt` ; do |
155 | install -m 0644 Questions/$file.txt ${D}${datadir}/Bastille/Questions | 134 | install -m 0644 Questions/$file.txt ${D}${datadir}/Bastille/Questions |
156 | done | 135 | done |
157 | 136 | ||
158 | ln -s ${D}${sbindir}/RevertBastille ${D}${sbindir}/UndoBastille | 137 | ln -s ${D}${sbindir}/RevertBastille ${D}${sbindir}/UndoBastille |
159 | } | 138 | } |
160 | 139 | ||
diff --git a/recipes-security/buck-security/buck-security_0.6.bb b/recipes-security/buck-security/buck-security_0.6.bb index 23bf1b1..9d4f884 100644 --- a/recipes-security/buck-security/buck-security_0.6.bb +++ b/recipes-security/buck-security/buck-security_0.6.bb | |||
@@ -22,8 +22,14 @@ do_compile() { | |||
22 | } | 22 | } |
23 | 23 | ||
24 | do_install() { | 24 | do_install() { |
25 | install -d ${D}${exec_prefix}/local/${PN} | 25 | install -d ${D}${bindir}/buck |
26 | cp -r ${S}/* ${D}${exec_prefix}/local/${PN} | 26 | cp -r ${S}/* ${D}${bindir}/buck |
27 | cp -r ${S}/buck-security ${D}${bindir} | ||
28 | sed -i 's:use lib "checks":use lib "${bindir}/buck/checks":g' ${D}${bindir}/buck-security | ||
29 | sed -i 's:use lib "checks/lib":use lib "${bindir}/buck/checks/lib":g' ${D}${bindir}/buck-security | ||
30 | sed -i 's:use lib "lib":use lib "${bindir}/buck/lib":g' ${D}${bindir}/buck-security | ||
31 | sed -i 's:conf/buck-security.conf:${bindir}/buck/conf/buck-security.conf:g' ${D}${bindir}/buck-security | ||
32 | |||
27 | } | 33 | } |
28 | 34 | ||
29 | FILES_${PN} = "${exec_prefix}/*" | 35 | FILES_${PN} = "${bindir}/*" |
diff --git a/recipes-security/checksecurity/checksecurity_2.0.14.bb b/recipes-security/checksecurity/checksecurity_2.0.14.bb index 72d6c64..fc7aedb 100644 --- a/recipes-security/checksecurity/checksecurity_2.0.14.bb +++ b/recipes-security/checksecurity/checksecurity_2.0.14.bb | |||
@@ -11,7 +11,7 @@ SRC_URI = "http://ftp.de.debian.org/debian/pool/main/c/checksecurity/checksecuri | |||
11 | SRC_URI[md5sum] = "ad6cfe0cd66ebdd16dd5d4ee5fa8fa17" | 11 | SRC_URI[md5sum] = "ad6cfe0cd66ebdd16dd5d4ee5fa8fa17" |
12 | SRC_URI[sha256sum] = "a2bc2355358d6daf3cb72485d564e82cb541e8516f23b50522c816853ecd13c2" | 12 | SRC_URI[sha256sum] = "a2bc2355358d6daf3cb72485d564e82cb541e8516f23b50522c816853ecd13c2" |
13 | 13 | ||
14 | do_compile() { | 14 | do_compile() { |
15 | } | 15 | } |
16 | 16 | ||
17 | do_install() { | 17 | do_install() { |
diff --git a/recipes-security/nikto/nikto_2.1.5.bb b/recipes-security/nikto/nikto_2.1.5.bb index 3ca31ca..4609717 100644 --- a/recipes-security/nikto/nikto_2.1.5.bb +++ b/recipes-security/nikto/nikto_2.1.5.bb | |||
@@ -13,89 +13,89 @@ SRC_URI[md5sum] = "efcc98a918becb77471ee9a5df0a7b1e" | |||
13 | SRC_URI[sha256sum] = "0e672a6a46bf2abde419a0e8ea846696d7f32e99ad18a6b405736ee6af07509f" | 13 | SRC_URI[sha256sum] = "0e672a6a46bf2abde419a0e8ea846696d7f32e99ad18a6b405736ee6af07509f" |
14 | 14 | ||
15 | do_install() { | 15 | do_install() { |
16 | install -d ${D}${bindir} | 16 | install -d ${D}${bindir} |
17 | install -d ${D}${datadir} | 17 | install -d ${D}${datadir} |
18 | install -d ${D}${datadir}/man/man1 | 18 | install -d ${D}${datadir}/man/man1 |
19 | install -d ${D}${datadir}/doc/nikto | 19 | install -d ${D}${datadir}/doc/nikto |
20 | install -d ${D}${sysconfdir}/nikto | 20 | install -d ${D}${sysconfdir}/nikto |
21 | install -d ${D}${sysconfdir}/nikto/databases | 21 | install -d ${D}${sysconfdir}/nikto/databases |
22 | install -d ${D}${sysconfdir}/nikto/plugins | 22 | install -d ${D}${sysconfdir}/nikto/plugins |
23 | install -d ${D}${sysconfdir}/nikto/templates | 23 | install -d ${D}${sysconfdir}/nikto/templates |
24 | 24 | ||
25 | install -m 0644 databases/db_404_strings ${D}${sysconfdir}/nikto/databases | 25 | install -m 0644 databases/db_404_strings ${D}${sysconfdir}/nikto/databases |
26 | install -m 0644 databases/db_content_search ${D}${sysconfdir}/nikto/databases | 26 | install -m 0644 databases/db_content_search ${D}${sysconfdir}/nikto/databases |
27 | install -m 0644 databases/db_dictionary ${D}${sysconfdir}/nikto/databases | 27 | install -m 0644 databases/db_dictionary ${D}${sysconfdir}/nikto/databases |
28 | install -m 0644 databases/db_embedded ${D}${sysconfdir}/nikto/databases | 28 | install -m 0644 databases/db_embedded ${D}${sysconfdir}/nikto/databases |
29 | install -m 0644 databases/db_favicon ${D}${sysconfdir}/nikto/databases | 29 | install -m 0644 databases/db_favicon ${D}${sysconfdir}/nikto/databases |
30 | install -m 0644 databases/db_headers ${D}${sysconfdir}/nikto/databases | 30 | install -m 0644 databases/db_headers ${D}${sysconfdir}/nikto/databases |
31 | install -m 0644 databases/db_httpoptions ${D}${sysconfdir}/nikto/databases | 31 | install -m 0644 databases/db_httpoptions ${D}${sysconfdir}/nikto/databases |
32 | install -m 0644 databases/db_multiple_index ${D}${sysconfdir}/nikto/databases | 32 | install -m 0644 databases/db_multiple_index ${D}${sysconfdir}/nikto/databases |
33 | install -m 0644 databases/db_outdated ${D}${sysconfdir}/nikto/databases | 33 | install -m 0644 databases/db_outdated ${D}${sysconfdir}/nikto/databases |
34 | install -m 0644 databases/db_parked_strings ${D}${sysconfdir}/nikto/databases | 34 | install -m 0644 databases/db_parked_strings ${D}${sysconfdir}/nikto/databases |
35 | install -m 0644 databases/db_realms ${D}${sysconfdir}/nikto/databases | 35 | install -m 0644 databases/db_realms ${D}${sysconfdir}/nikto/databases |
36 | install -m 0644 databases/db_server_msgs ${D}${sysconfdir}/nikto/databases | 36 | install -m 0644 databases/db_server_msgs ${D}${sysconfdir}/nikto/databases |
37 | install -m 0644 databases/db_subdomains ${D}${sysconfdir}/nikto/databases | 37 | install -m 0644 databases/db_subdomains ${D}${sysconfdir}/nikto/databases |
38 | install -m 0644 databases/db_tests ${D}${sysconfdir}/nikto/databases | 38 | install -m 0644 databases/db_tests ${D}${sysconfdir}/nikto/databases |
39 | install -m 0644 databases/db_variables ${D}${sysconfdir}/nikto/databases | 39 | install -m 0644 databases/db_variables ${D}${sysconfdir}/nikto/databases |
40 | 40 | ||
41 | install -m 0644 plugins/JSON-PP.pm ${D}${sysconfdir}/nikto/plugins | 41 | install -m 0644 plugins/JSON-PP.pm ${D}${sysconfdir}/nikto/plugins |
42 | install -m 0644 plugins/LW2.pm ${D}${sysconfdir}/nikto/plugins | 42 | install -m 0644 plugins/LW2.pm ${D}${sysconfdir}/nikto/plugins |
43 | install -m 0644 plugins/nikto_apache_expect_xss.plugin ${D}${sysconfdir}/nikto/plugins | 43 | install -m 0644 plugins/nikto_apache_expect_xss.plugin ${D}${sysconfdir}/nikto/plugins |
44 | install -m 0644 plugins/nikto_apacheusers.plugin ${D}${sysconfdir}/nikto/plugins | 44 | install -m 0644 plugins/nikto_apacheusers.plugin ${D}${sysconfdir}/nikto/plugins |
45 | install -m 0644 plugins/nikto_auth.plugin ${D}${sysconfdir}/nikto/plugins | 45 | install -m 0644 plugins/nikto_auth.plugin ${D}${sysconfdir}/nikto/plugins |
46 | install -m 0644 plugins/nikto_cgi.plugin ${D}${sysconfdir}/nikto/plugins | 46 | install -m 0644 plugins/nikto_cgi.plugin ${D}${sysconfdir}/nikto/plugins |
47 | install -m 0644 plugins/nikto_clientaccesspolicy.plugin ${D}${sysconfdir}/nikto/plugins | 47 | install -m 0644 plugins/nikto_clientaccesspolicy.plugin ${D}${sysconfdir}/nikto/plugins |
48 | install -m 0644 plugins/nikto_content_search.plugin ${D}${sysconfdir}/nikto/plugins | 48 | install -m 0644 plugins/nikto_content_search.plugin ${D}${sysconfdir}/nikto/plugins |
49 | install -m 0644 plugins/nikto_cookies.plugin ${D}${sysconfdir}/nikto/plugins | 49 | install -m 0644 plugins/nikto_cookies.plugin ${D}${sysconfdir}/nikto/plugins |
50 | install -m 0644 plugins/nikto_core.plugin ${D}${sysconfdir}/nikto/plugins | 50 | install -m 0644 plugins/nikto_core.plugin ${D}${sysconfdir}/nikto/plugins |
51 | install -m 0644 plugins/nikto_dictionary_attack.plugin ${D}${sysconfdir}/nikto/plugins | 51 | install -m 0644 plugins/nikto_dictionary_attack.plugin ${D}${sysconfdir}/nikto/plugins |
52 | install -m 0644 plugins/nikto_embedded.plugin ${D}${sysconfdir}/nikto/plugins | 52 | install -m 0644 plugins/nikto_embedded.plugin ${D}${sysconfdir}/nikto/plugins |
53 | install -m 0644 plugins/nikto_favicon.plugin ${D}${sysconfdir}/nikto/plugins | 53 | install -m 0644 plugins/nikto_favicon.plugin ${D}${sysconfdir}/nikto/plugins |
54 | install -m 0644 plugins/nikto_fileops.plugin ${D}${sysconfdir}/nikto/plugins | 54 | install -m 0644 plugins/nikto_fileops.plugin ${D}${sysconfdir}/nikto/plugins |
55 | install -m 0644 plugins/nikto_headers.plugin ${D}${sysconfdir}/nikto/plugins | 55 | install -m 0644 plugins/nikto_headers.plugin ${D}${sysconfdir}/nikto/plugins |
56 | install -m 0644 plugins/nikto_httpoptions.plugin ${D}${sysconfdir}/nikto/plugins | 56 | install -m 0644 plugins/nikto_httpoptions.plugin ${D}${sysconfdir}/nikto/plugins |
57 | install -m 0644 plugins/nikto_msgs.plugin ${D}${sysconfdir}/nikto/plugins | 57 | install -m 0644 plugins/nikto_msgs.plugin ${D}${sysconfdir}/nikto/plugins |
58 | install -m 0644 plugins/nikto_multiple_index.plugin ${D}${sysconfdir}/nikto/plugins | 58 | install -m 0644 plugins/nikto_multiple_index.plugin ${D}${sysconfdir}/nikto/plugins |
59 | install -m 0644 plugins/nikto_outdated.plugin ${D}${sysconfdir}/nikto/plugins | 59 | install -m 0644 plugins/nikto_outdated.plugin ${D}${sysconfdir}/nikto/plugins |
60 | install -m 0644 plugins/nikto_parked.plugin ${D}${sysconfdir}/nikto/plugins | 60 | install -m 0644 plugins/nikto_parked.plugin ${D}${sysconfdir}/nikto/plugins |
61 | install -m 0644 plugins/nikto_paths.plugin ${D}${sysconfdir}/nikto/plugins | 61 | install -m 0644 plugins/nikto_paths.plugin ${D}${sysconfdir}/nikto/plugins |
62 | install -m 0644 plugins/nikto_put_del_test.plugin ${D}${sysconfdir}/nikto/plugins | 62 | install -m 0644 plugins/nikto_put_del_test.plugin ${D}${sysconfdir}/nikto/plugins |
63 | install -m 0644 plugins/nikto_report_csv.plugin ${D}${sysconfdir}/nikto/plugins | 63 | install -m 0644 plugins/nikto_report_csv.plugin ${D}${sysconfdir}/nikto/plugins |
64 | install -m 0644 plugins/nikto_report_html.plugin ${D}${sysconfdir}/nikto/plugins | 64 | install -m 0644 plugins/nikto_report_html.plugin ${D}${sysconfdir}/nikto/plugins |
65 | install -m 0644 plugins/nikto_report_msf.plugin ${D}${sysconfdir}/nikto/plugins | 65 | install -m 0644 plugins/nikto_report_msf.plugin ${D}${sysconfdir}/nikto/plugins |
66 | install -m 0644 plugins/nikto_report_nbe.plugin ${D}${sysconfdir}/nikto/plugins | 66 | install -m 0644 plugins/nikto_report_nbe.plugin ${D}${sysconfdir}/nikto/plugins |
67 | install -m 0644 plugins/nikto_report_text.plugin ${D}${sysconfdir}/nikto/plugins | 67 | install -m 0644 plugins/nikto_report_text.plugin ${D}${sysconfdir}/nikto/plugins |
68 | install -m 0644 plugins/nikto_report_xml.plugin ${D}${sysconfdir}/nikto/plugins | 68 | install -m 0644 plugins/nikto_report_xml.plugin ${D}${sysconfdir}/nikto/plugins |
69 | install -m 0644 plugins/nikto_robots.plugin ${D}${sysconfdir}/nikto/plugins | 69 | install -m 0644 plugins/nikto_robots.plugin ${D}${sysconfdir}/nikto/plugins |
70 | install -m 0644 plugins/nikto_siebel.plugin ${D}${sysconfdir}/nikto/plugins | 70 | install -m 0644 plugins/nikto_siebel.plugin ${D}${sysconfdir}/nikto/plugins |
71 | install -m 0644 plugins/nikto_ssl.plugin ${D}${sysconfdir}/nikto/plugins | 71 | install -m 0644 plugins/nikto_ssl.plugin ${D}${sysconfdir}/nikto/plugins |
72 | install -m 0644 plugins/nikto_subdomain.plugin ${D}${sysconfdir}/nikto/plugins | 72 | install -m 0644 plugins/nikto_subdomain.plugin ${D}${sysconfdir}/nikto/plugins |
73 | install -m 0644 plugins/nikto_tests.plugin ${D}${sysconfdir}/nikto/plugins | 73 | install -m 0644 plugins/nikto_tests.plugin ${D}${sysconfdir}/nikto/plugins |
74 | 74 | ||
75 | install -m 0644 templates/htm_close.tmpl ${D}${sysconfdir}/nikto/templates | 75 | install -m 0644 templates/htm_close.tmpl ${D}${sysconfdir}/nikto/templates |
76 | install -m 0644 templates/htm_end.tmpl ${D}${sysconfdir}/nikto/templates | 76 | install -m 0644 templates/htm_end.tmpl ${D}${sysconfdir}/nikto/templates |
77 | install -m 0644 templates/htm_host_head.tmpl ${D}${sysconfdir}/nikto/templates | 77 | install -m 0644 templates/htm_host_head.tmpl ${D}${sysconfdir}/nikto/templates |
78 | install -m 0644 templates/htm_host_im.tmpl ${D}${sysconfdir}/nikto/templates | 78 | install -m 0644 templates/htm_host_im.tmpl ${D}${sysconfdir}/nikto/templates |
79 | install -m 0644 templates/htm_host_item.tmpl ${D}${sysconfdir}/nikto/templates | 79 | install -m 0644 templates/htm_host_item.tmpl ${D}${sysconfdir}/nikto/templates |
80 | install -m 0644 templates/htm_start.tmpl ${D}${sysconfdir}/nikto/templates | 80 | install -m 0644 templates/htm_start.tmpl ${D}${sysconfdir}/nikto/templates |
81 | install -m 0644 templates/htm_stop.tmpl ${D}${sysconfdir}/nikto/templates | 81 | install -m 0644 templates/htm_stop.tmpl ${D}${sysconfdir}/nikto/templates |
82 | install -m 0644 templates/htm_start.tmpl ${D}${sysconfdir}/nikto/templates | 82 | install -m 0644 templates/htm_start.tmpl ${D}${sysconfdir}/nikto/templates |
83 | install -m 0644 templates/htm_summary.tmpl ${D}${sysconfdir}/nikto/templates | 83 | install -m 0644 templates/htm_summary.tmpl ${D}${sysconfdir}/nikto/templates |
84 | install -m 0644 templates/xml_end.tmpl ${D}${sysconfdir}/nikto/templates | 84 | install -m 0644 templates/xml_end.tmpl ${D}${sysconfdir}/nikto/templates |
85 | install -m 0644 templates/xml_host_head.tmpl ${D}${sysconfdir}/nikto/templates | 85 | install -m 0644 templates/xml_host_head.tmpl ${D}${sysconfdir}/nikto/templates |
86 | install -m 0644 templates/xml_host_im.tmpl ${D}${sysconfdir}/nikto/templates | 86 | install -m 0644 templates/xml_host_im.tmpl ${D}${sysconfdir}/nikto/templates |
87 | install -m 0644 templates/xml_host_item.tmpl ${D}${sysconfdir}/nikto/templates | 87 | install -m 0644 templates/xml_host_item.tmpl ${D}${sysconfdir}/nikto/templates |
88 | install -m 0644 templates/xml_start.tmpl ${D}${sysconfdir}/nikto/templates | 88 | install -m 0644 templates/xml_start.tmpl ${D}${sysconfdir}/nikto/templates |
89 | install -m 0644 templates/xml_summary.tmpl ${D}${sysconfdir}/nikto/templates | 89 | install -m 0644 templates/xml_summary.tmpl ${D}${sysconfdir}/nikto/templates |
90 | 90 | ||
91 | install -m 0644 nikto.conf ${D}${sysconfdir} | 91 | install -m 0644 nikto.conf ${D}${sysconfdir} |
92 | 92 | ||
93 | install -m 0755 nikto.pl ${D}${bindir}/nikto | 93 | install -m 0755 nikto.pl ${D}${bindir}/nikto |
94 | install -m 0644 replay.pl ${D}${bindir} | 94 | install -m 0644 replay.pl ${D}${bindir} |
95 | install -m 0644 docs/nikto.1 ${D}${datadir}/man/man1 | 95 | install -m 0644 docs/nikto.1 ${D}${datadir}/man/man1 |
96 | 96 | ||
97 | install -m 0644 docs/CHANGES.txt ${D}${datadir}/doc/nikto | 97 | install -m 0644 docs/CHANGES.txt ${D}${datadir}/doc/nikto |
98 | install -m 0644 docs/LICENSE.txt ${D}${datadir}/doc/nikto | 98 | install -m 0644 docs/LICENSE.txt ${D}${datadir}/doc/nikto |
99 | install -m 0644 docs/nikto.dtd ${D}${datadir}/doc/nikto | 99 | install -m 0644 docs/nikto.dtd ${D}${datadir}/doc/nikto |
100 | install -m 0644 docs/nikto_manual.html ${D}${datadir}/doc/nikto | 100 | install -m 0644 docs/nikto_manual.html ${D}${datadir}/doc/nikto |
101 | } | 101 | } |
diff --git a/recipes-security/nmap/nmap_6.25.bb b/recipes-security/nmap/nmap_6.25.bb index cb5f7d3..aff5c63 100644 --- a/recipes-security/nmap/nmap_6.25.bb +++ b/recipes-security/nmap/nmap_6.25.bb | |||
@@ -3,7 +3,7 @@ DESCRIPTION = "Nmap ("Network Mapper") is a free and open source (license) utili | |||
3 | SECTION = "security" | 3 | SECTION = "security" |
4 | LICENSE = "GPL-2.0" | 4 | LICENSE = "GPL-2.0" |
5 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" | 5 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" |
6 | FILES_${PN} += "${target_datadir}/ncat" | 6 | FILES_${PN} += "${target_datadir}/ncat" |
7 | 7 | ||
8 | SRC_URI = "http://nmap.org/dist/${PN}-${PV}.tar.bz2 \ | 8 | SRC_URI = "http://nmap.org/dist/${PN}-${PV}.tar.bz2 \ |
9 | file://lua.patch" | 9 | file://lua.patch" |
@@ -15,7 +15,7 @@ inherit autotools | |||
15 | 15 | ||
16 | DEPENDS = "libpcap" | 16 | DEPENDS = "libpcap" |
17 | 17 | ||
18 | EXTRA_OECONF = "--without-liblua --without-zenmap" | 18 | EXTRA_OECONF = "--without-liblua --without-zenmap --without-subversion --with-pcap=linux" |
19 | 19 | ||
20 | do_configure() { | 20 | do_configure() { |
21 | autoconf | 21 | autoconf |
diff --git a/recipes-security/pax-utils/pax-utils_0.7.bb b/recipes-security/pax-utils/pax-utils_0.7.bb deleted file mode 100644 index 63cf0ea..0000000 --- a/recipes-security/pax-utils/pax-utils_0.7.bb +++ /dev/null | |||
@@ -1,20 +0,0 @@ | |||
1 | SUMMARY = "Security-focused ELF files checking tool" | ||
2 | DESCRIPTION = "This is a small set of various PaX aware and related \ | ||
3 | utilities for ELF binaries. It can check ELF binary files and running \ | ||
4 | processes for issues that might be relevant when using ELF binaries \ | ||
5 | along with PaX, such as non-PIC code or executable stack and heap." | ||
6 | HOMEPAGE = "http://www.gentoo.org/proj/en/hardened/pax-utils.xml" | ||
7 | LICENSE = "GPLv2+" | ||
8 | LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a" | ||
9 | |||
10 | SRC_URI = "http://gentoo.osuosl.org/distfiles/pax-utils-${PV}.tar.xz" | ||
11 | |||
12 | SRC_URI[md5sum] = "8ae7743ad11500f7604f2e817221d877" | ||
13 | SRC_URI[sha256sum] = "1ac4cee9a9ca97a723505eb29a25e50adeccffba3f0f0ef4f035cf082caf3b84" | ||
14 | PR = "r0" | ||
15 | |||
16 | do_install() { | ||
17 | oe_runmake PREFIX=${D}${prefix} DESTDIR=${D} install | ||
18 | } | ||
19 | |||
20 | BBCLASSEXTEND = "native" | ||
diff --git a/recipes-security/perl/libwhisker2-perl_2.5.bb b/recipes-security/perl/libwhisker2-perl_2.5.bb index 477f995..a98bde0 100644 --- a/recipes-security/perl/libwhisker2-perl_2.5.bb +++ b/recipes-security/perl/libwhisker2-perl_2.5.bb | |||
@@ -18,7 +18,7 @@ S = "${WORKDIR}/libwhisker2-2.5" | |||
18 | inherit cpan-base perlnative | 18 | inherit cpan-base perlnative |
19 | 19 | ||
20 | do_install() { | 20 | do_install() { |
21 | install -d 755 ${D}${PERLLIBDIRS}/vendor_perl/${PERLVERSION} | 21 | install -d 755 ${D}${PERLLIBDIRS}/vendor_perl/${PERLVERSION} |
22 | install -d 755 ${D}${datadir}/perl/${PERLVERSION} | 22 | install -d 755 ${D}${datadir}/perl/${PERLVERSION} |
23 | oe_runmake install DESTDIR=${D} INSTALLDIR=${PERLLIBDIRS}/vendor_perl/${PERLVERSION} MANDIR=${datadir}/perl/${PERLVERSION} | 23 | oe_runmake install DESTDIR=${D} INSTALLDIR=${PERLLIBDIRS}/vendor_perl/${PERLVERSION} MANDIR=${datadir}/perl/${PERLVERSION} |
24 | } | 24 | } |
diff --git a/recipes-security/redhat-security/redhat-security_1.0.bb b/recipes-security/redhat-security/redhat-security_1.0.bb index 442688b..52d07d1 100644 --- a/recipes-security/redhat-security/redhat-security_1.0.bb +++ b/recipes-security/redhat-security/redhat-security_1.0.bb | |||
@@ -22,18 +22,18 @@ SRC_URI = "file://find-chroot-py.sh \ | |||
22 | S = "${WORKDIR}" | 22 | S = "${WORKDIR}" |
23 | 23 | ||
24 | do_install() { | 24 | do_install() { |
25 | install -d ${D}${bindir} | 25 | install -d ${D}${bindir} |
26 | install -m 0755 ${WORKDIR}/find-chroot-py.sh ${D}${bindir} | 26 | install -m 0755 ${WORKDIR}/find-chroot-py.sh ${D}${bindir} |
27 | install -m 0755 ${WORKDIR}/find-chroot.sh ${D}${bindir} | 27 | install -m 0755 ${WORKDIR}/find-chroot.sh ${D}${bindir} |
28 | install -m 0755 ${WORKDIR}/find-elf4tmp.sh ${D}${bindir} | 28 | install -m 0755 ${WORKDIR}/find-elf4tmp.sh ${D}${bindir} |
29 | install -m 0755 ${WORKDIR}/find-execstack.sh ${D}${bindir} | 29 | install -m 0755 ${WORKDIR}/find-execstack.sh ${D}${bindir} |
30 | install -m 0755 ${WORKDIR}/find-hidden-exec.sh ${D}${bindir} | 30 | install -m 0755 ${WORKDIR}/find-hidden-exec.sh ${D}${bindir} |
31 | install -m 0755 ${WORKDIR}/find-nodrop-groups.sh ${D}${bindir} | 31 | install -m 0755 ${WORKDIR}/find-nodrop-groups.sh ${D}${bindir} |
32 | install -m 0755 ${WORKDIR}/find-sh4errors.sh ${D}${bindir} | 32 | install -m 0755 ${WORKDIR}/find-sh4errors.sh ${D}${bindir} |
33 | install -m 0755 ${WORKDIR}/find-sh4tmp.sh ${D}${bindir} | 33 | install -m 0755 ${WORKDIR}/find-sh4tmp.sh ${D}${bindir} |
34 | install -m 0755 ${WORKDIR}/lib-bin-check.sh ${D}${bindir} | 34 | install -m 0755 ${WORKDIR}/lib-bin-check.sh ${D}${bindir} |
35 | install -m 0755 ${WORKDIR}/rpm-chksec.sh ${D}${bindir} | 35 | install -m 0755 ${WORKDIR}/rpm-chksec.sh ${D}${bindir} |
36 | install -m 0755 ${WORKDIR}/rpm-drop-groups.sh ${D}${bindir} | 36 | install -m 0755 ${WORKDIR}/rpm-drop-groups.sh ${D}${bindir} |
37 | install -m 0755 ${WORKDIR}/selinux-check-devices.sh ${D}${bindir} | 37 | install -m 0755 ${WORKDIR}/selinux-check-devices.sh ${D}${bindir} |
38 | install -m 0755 ${WORKDIR}/selinux-ls-unconfined.sh ${D}${bindir} | 38 | install -m 0755 ${WORKDIR}/selinux-ls-unconfined.sh ${D}${bindir} |
39 | } | 39 | } |