diff options
Diffstat (limited to 'meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch')
-rw-r--r-- | meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch | 237 |
1 files changed, 0 insertions, 237 deletions
diff --git a/meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch b/meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch deleted file mode 100644 index e954c7f21..000000000 --- a/meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch +++ /dev/null @@ -1,237 +0,0 @@ -From ebde8e9fdba7bc1c8152f7e45c551030a36ece82 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> -Date: Thu, 25 Jan 2018 13:47:37 +0100 -Subject: [PATCH] Allow to tune sockets -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Allow to change the directory of sockets -through a true integration of SOCKET_DIR - -Allow to override the socket's group of - - /run/cynara/cynara-agent.socket - - /run/cynara/cynara-monitor-get.socket - -through the newly defined variable CYNARA_ADMIN_SOCKET_GROUP - -Change-Id: I7d58854c328e948e3d6d7fa3fc00569fd08f8aef -Signed-off-by: José Bollo <jose.bollo@iot.bzh> - ---- - systemd/CMakeLists.txt | 19 +++++++++++++++---- - systemd/cynara-admin.socket | 14 -------------- - systemd/cynara-admin.socket.in | 14 ++++++++++++++ - systemd/cynara-agent.socket | 15 --------------- - systemd/cynara-agent.socket.in | 15 +++++++++++++++ - systemd/cynara-monitor-get.socket | 15 --------------- - systemd/cynara-monitor-get.socket.in | 15 +++++++++++++++ - systemd/cynara.socket | 14 -------------- - systemd/cynara.socket.in | 14 ++++++++++++++ - 9 files changed, 73 insertions(+), 62 deletions(-) - delete mode 100644 systemd/cynara-admin.socket - create mode 100644 systemd/cynara-admin.socket.in - delete mode 100644 systemd/cynara-agent.socket - create mode 100644 systemd/cynara-agent.socket.in - delete mode 100644 systemd/cynara-monitor-get.socket - create mode 100644 systemd/cynara-monitor-get.socket.in - delete mode 100644 systemd/cynara.socket - create mode 100644 systemd/cynara.socket.in - -diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt -index 20accf0..1b75c12 100644 ---- a/systemd/CMakeLists.txt -+++ b/systemd/CMakeLists.txt -@@ -16,13 +16,24 @@ - # @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com> - # - -+SET(CYNARA_ADMIN_SOCKET_GROUP -+ "security_fw" -+ CACHE STRING -+ "Group to apply on administrative sockets") -+ -+ -+CONFIGURE_FILE(cynara.socket.in cynara.socket @ONLY) -+CONFIGURE_FILE(cynara-admin.socket.in cynara-admin.socket @ONLY) -+CONFIGURE_FILE(cynara-agent.socket.in cynara-agent.socket @ONLY) -+CONFIGURE_FILE(cynara-monitor-get.socket.in cynara-monitor-get.socket @ONLY) -+ - INSTALL(FILES - ${CMAKE_SOURCE_DIR}/systemd/cynara.service - ${CMAKE_SOURCE_DIR}/systemd/cynara.target -- ${CMAKE_SOURCE_DIR}/systemd/cynara.socket -- ${CMAKE_SOURCE_DIR}/systemd/cynara-admin.socket -- ${CMAKE_SOURCE_DIR}/systemd/cynara-agent.socket -- ${CMAKE_SOURCE_DIR}/systemd/cynara-monitor-get.socket -+ ${CMAKE_BINARY_DIR}/systemd/cynara.socket -+ ${CMAKE_BINARY_DIR}/systemd/cynara-admin.socket -+ ${CMAKE_BINARY_DIR}/systemd/cynara-agent.socket -+ ${CMAKE_BINARY_DIR}/systemd/cynara-monitor-get.socket - DESTINATION - ${SYSTEMD_UNIT_DIR} - ) -diff --git a/systemd/cynara-admin.socket b/systemd/cynara-admin.socket -deleted file mode 100644 -index ed38386..0000000 ---- a/systemd/cynara-admin.socket -+++ /dev/null -@@ -1,14 +0,0 @@ --[Socket] --ListenStream=/run/cynara/cynara-admin.socket --SocketMode=0600 --SmackLabelIPIn=@ --SmackLabelIPOut=@ -- --Service=cynara.service -- --[Unit] --Wants=cynara.target --Before=cynara.target -- --[Install] --WantedBy=sockets.target -diff --git a/systemd/cynara-admin.socket.in b/systemd/cynara-admin.socket.in -new file mode 100644 -index 0000000..2364c3e ---- /dev/null -+++ b/systemd/cynara-admin.socket.in -@@ -0,0 +1,14 @@ -+[Socket] -+ListenStream=@SOCKET_DIR@/cynara-admin.socket -+SocketMode=0600 -+SmackLabelIPIn=@ -+SmackLabelIPOut=@ -+ -+Service=cynara.service -+ -+[Unit] -+Wants=cynara.target -+Before=cynara.target -+ -+[Install] -+WantedBy=sockets.target -diff --git a/systemd/cynara-agent.socket b/systemd/cynara-agent.socket -deleted file mode 100644 -index 5a677e0..0000000 ---- a/systemd/cynara-agent.socket -+++ /dev/null -@@ -1,15 +0,0 @@ --[Socket] --ListenStream=/run/cynara/cynara-agent.socket --SocketGroup=security_fw --SocketMode=0060 --SmackLabelIPIn=* --SmackLabelIPOut=@ -- --Service=cynara.service -- --[Unit] --Wants=cynara.target --Before=cynara.target -- --[Install] --WantedBy=sockets.target -diff --git a/systemd/cynara-agent.socket.in b/systemd/cynara-agent.socket.in -new file mode 100644 -index 0000000..4f86c9d ---- /dev/null -+++ b/systemd/cynara-agent.socket.in -@@ -0,0 +1,15 @@ -+[Socket] -+ListenStream=@SOCKET_DIR@/cynara-agent.socket -+SocketGroup=@CYNARA_ADMIN_SOCKET_GROUP@ -+SocketMode=0060 -+SmackLabelIPIn=* -+SmackLabelIPOut=@ -+ -+Service=cynara.service -+ -+[Unit] -+Wants=cynara.target -+Before=cynara.target -+ -+[Install] -+WantedBy=sockets.target -diff --git a/systemd/cynara-monitor-get.socket b/systemd/cynara-monitor-get.socket -deleted file mode 100644 -index a50feeb..0000000 ---- a/systemd/cynara-monitor-get.socket -+++ /dev/null -@@ -1,15 +0,0 @@ --[Socket] --ListenStream=/run/cynara/cynara-monitor-get.socket --SocketGroup=security_fw --SocketMode=0060 --SmackLabelIPIn=@ --SmackLabelIPOut=@ -- --Service=cynara.service -- --[Unit] --Wants=cynara.target --Before=cynara.target -- --[Install] --WantedBy=sockets.target -diff --git a/systemd/cynara-monitor-get.socket.in b/systemd/cynara-monitor-get.socket.in -new file mode 100644 -index 0000000..b88dbf7 ---- /dev/null -+++ b/systemd/cynara-monitor-get.socket.in -@@ -0,0 +1,15 @@ -+[Socket] -+ListenStream=@SOCKET_DIR@/cynara-monitor-get.socket -+SocketGroup=@CYNARA_ADMIN_SOCKET_GROUP@ -+SocketMode=0060 -+SmackLabelIPIn=@ -+SmackLabelIPOut=@ -+ -+Service=cynara.service -+ -+[Unit] -+Wants=cynara.target -+Before=cynara.target -+ -+[Install] -+WantedBy=sockets.target -diff --git a/systemd/cynara.socket b/systemd/cynara.socket -deleted file mode 100644 -index fad2745..0000000 ---- a/systemd/cynara.socket -+++ /dev/null -@@ -1,14 +0,0 @@ --[Socket] --ListenStream=/run/cynara/cynara.socket --SocketMode=0666 --SmackLabelIPIn=* --SmackLabelIPOut=@ -- --Service=cynara.service -- --[Unit] --Wants=cynara.target --Before=cynara.target -- --[Install] --WantedBy=sockets.target -diff --git a/systemd/cynara.socket.in b/systemd/cynara.socket.in -new file mode 100644 -index 0000000..ba76549 ---- /dev/null -+++ b/systemd/cynara.socket.in -@@ -0,0 +1,14 @@ -+[Socket] -+ListenStream=@SOCKET_DIR@/cynara.socket -+SocketMode=0666 -+SmackLabelIPIn=* -+SmackLabelIPOut=@ -+ -+Service=cynara.service -+ -+[Unit] -+Wants=cynara.target -+Before=cynara.target -+ -+[Install] -+WantedBy=sockets.target |