[yocto] [meta-security][PATCH 12/14] initramfs: clean up to pull in packages.
Armin Kuster
akuster808 at gmail.com
Sun May 26 21:56:39 PDT 2019
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
.../initrdscripts/initramfs-framework-ima.bb | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
diff --git a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
index aca38b7..6057e8d 100644
--- a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
+++ b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
@@ -8,25 +8,21 @@
SUMMARY = "IMA module for the modular initramfs system"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
-RDEPENDS_${PN} += "initramfs-framework-base"
# This policy file will get installed as /etc/ima/ima-policy.
# It is located via the normal file search path, so a .bbappend
# to this recipe can just point towards one of its own files.
IMA_POLICY ?= "ima_policy_hashed"
-FILESEXTRAPATHS =. "${IMA_EVM_BASE}/data:"
-SRC_URI = " \
- file://${IMA_POLICY} \
- file://ima \
-"
+SRC_URI = " file://ima"
do_install () {
install -d ${D}/${sysconfdir}/ima
- install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima-policy
install -d ${D}/init.d
install ${WORKDIR}/ima ${D}/init.d/20-ima
}
FILES_${PN} = "/init.d ${sysconfdir}"
-RDEPENDS_${PN} = "keyutils"
+
+RDEPENDS_${PN} = "keyutils ${IMA_POLICY}"
+RDEPENDS_${PN} += "initramfs-framework-base"
--
2.17.1
More information about the yocto
mailing list