summaryrefslogtreecommitdiffstats
path: root/meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch')
-rw-r--r--meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch237
1 files changed, 0 insertions, 237 deletions
diff --git a/meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch b/meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch
deleted file mode 100644
index e954c7f21..000000000
--- a/meta-security/recipes-security/cynara/cynara/0005-Allow-to-tune-sockets.patch
+++ /dev/null
@@ -1,237 +0,0 @@
-From ebde8e9fdba7bc1c8152f7e45c551030a36ece82 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
-Date: Thu, 25 Jan 2018 13:47:37 +0100
-Subject: [PATCH] Allow to tune sockets
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Allow to change the directory of sockets
-through a true integration of SOCKET_DIR
-
-Allow to override the socket's group of
- - /run/cynara/cynara-agent.socket
- - /run/cynara/cynara-monitor-get.socket
-
-through the newly defined variable CYNARA_ADMIN_SOCKET_GROUP
-
-Change-Id: I7d58854c328e948e3d6d7fa3fc00569fd08f8aef
-Signed-off-by: José Bollo <jose.bollo@iot.bzh>
-
----
- systemd/CMakeLists.txt | 19 +++++++++++++++----
- systemd/cynara-admin.socket | 14 --------------
- systemd/cynara-admin.socket.in | 14 ++++++++++++++
- systemd/cynara-agent.socket | 15 ---------------
- systemd/cynara-agent.socket.in | 15 +++++++++++++++
- systemd/cynara-monitor-get.socket | 15 ---------------
- systemd/cynara-monitor-get.socket.in | 15 +++++++++++++++
- systemd/cynara.socket | 14 --------------
- systemd/cynara.socket.in | 14 ++++++++++++++
- 9 files changed, 73 insertions(+), 62 deletions(-)
- delete mode 100644 systemd/cynara-admin.socket
- create mode 100644 systemd/cynara-admin.socket.in
- delete mode 100644 systemd/cynara-agent.socket
- create mode 100644 systemd/cynara-agent.socket.in
- delete mode 100644 systemd/cynara-monitor-get.socket
- create mode 100644 systemd/cynara-monitor-get.socket.in
- delete mode 100644 systemd/cynara.socket
- create mode 100644 systemd/cynara.socket.in
-
-diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt
-index 20accf0..1b75c12 100644
---- a/systemd/CMakeLists.txt
-+++ b/systemd/CMakeLists.txt
-@@ -16,13 +16,24 @@
- # @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
- #
-
-+SET(CYNARA_ADMIN_SOCKET_GROUP
-+ "security_fw"
-+ CACHE STRING
-+ "Group to apply on administrative sockets")
-+
-+
-+CONFIGURE_FILE(cynara.socket.in cynara.socket @ONLY)
-+CONFIGURE_FILE(cynara-admin.socket.in cynara-admin.socket @ONLY)
-+CONFIGURE_FILE(cynara-agent.socket.in cynara-agent.socket @ONLY)
-+CONFIGURE_FILE(cynara-monitor-get.socket.in cynara-monitor-get.socket @ONLY)
-+
- INSTALL(FILES
- ${CMAKE_SOURCE_DIR}/systemd/cynara.service
- ${CMAKE_SOURCE_DIR}/systemd/cynara.target
-- ${CMAKE_SOURCE_DIR}/systemd/cynara.socket
-- ${CMAKE_SOURCE_DIR}/systemd/cynara-admin.socket
-- ${CMAKE_SOURCE_DIR}/systemd/cynara-agent.socket
-- ${CMAKE_SOURCE_DIR}/systemd/cynara-monitor-get.socket
-+ ${CMAKE_BINARY_DIR}/systemd/cynara.socket
-+ ${CMAKE_BINARY_DIR}/systemd/cynara-admin.socket
-+ ${CMAKE_BINARY_DIR}/systemd/cynara-agent.socket
-+ ${CMAKE_BINARY_DIR}/systemd/cynara-monitor-get.socket
- DESTINATION
- ${SYSTEMD_UNIT_DIR}
- )
-diff --git a/systemd/cynara-admin.socket b/systemd/cynara-admin.socket
-deleted file mode 100644
-index ed38386..0000000
---- a/systemd/cynara-admin.socket
-+++ /dev/null
-@@ -1,14 +0,0 @@
--[Socket]
--ListenStream=/run/cynara/cynara-admin.socket
--SocketMode=0600
--SmackLabelIPIn=@
--SmackLabelIPOut=@
--
--Service=cynara.service
--
--[Unit]
--Wants=cynara.target
--Before=cynara.target
--
--[Install]
--WantedBy=sockets.target
-diff --git a/systemd/cynara-admin.socket.in b/systemd/cynara-admin.socket.in
-new file mode 100644
-index 0000000..2364c3e
---- /dev/null
-+++ b/systemd/cynara-admin.socket.in
-@@ -0,0 +1,14 @@
-+[Socket]
-+ListenStream=@SOCKET_DIR@/cynara-admin.socket
-+SocketMode=0600
-+SmackLabelIPIn=@
-+SmackLabelIPOut=@
-+
-+Service=cynara.service
-+
-+[Unit]
-+Wants=cynara.target
-+Before=cynara.target
-+
-+[Install]
-+WantedBy=sockets.target
-diff --git a/systemd/cynara-agent.socket b/systemd/cynara-agent.socket
-deleted file mode 100644
-index 5a677e0..0000000
---- a/systemd/cynara-agent.socket
-+++ /dev/null
-@@ -1,15 +0,0 @@
--[Socket]
--ListenStream=/run/cynara/cynara-agent.socket
--SocketGroup=security_fw
--SocketMode=0060
--SmackLabelIPIn=*
--SmackLabelIPOut=@
--
--Service=cynara.service
--
--[Unit]
--Wants=cynara.target
--Before=cynara.target
--
--[Install]
--WantedBy=sockets.target
-diff --git a/systemd/cynara-agent.socket.in b/systemd/cynara-agent.socket.in
-new file mode 100644
-index 0000000..4f86c9d
---- /dev/null
-+++ b/systemd/cynara-agent.socket.in
-@@ -0,0 +1,15 @@
-+[Socket]
-+ListenStream=@SOCKET_DIR@/cynara-agent.socket
-+SocketGroup=@CYNARA_ADMIN_SOCKET_GROUP@
-+SocketMode=0060
-+SmackLabelIPIn=*
-+SmackLabelIPOut=@
-+
-+Service=cynara.service
-+
-+[Unit]
-+Wants=cynara.target
-+Before=cynara.target
-+
-+[Install]
-+WantedBy=sockets.target
-diff --git a/systemd/cynara-monitor-get.socket b/systemd/cynara-monitor-get.socket
-deleted file mode 100644
-index a50feeb..0000000
---- a/systemd/cynara-monitor-get.socket
-+++ /dev/null
-@@ -1,15 +0,0 @@
--[Socket]
--ListenStream=/run/cynara/cynara-monitor-get.socket
--SocketGroup=security_fw
--SocketMode=0060
--SmackLabelIPIn=@
--SmackLabelIPOut=@
--
--Service=cynara.service
--
--[Unit]
--Wants=cynara.target
--Before=cynara.target
--
--[Install]
--WantedBy=sockets.target
-diff --git a/systemd/cynara-monitor-get.socket.in b/systemd/cynara-monitor-get.socket.in
-new file mode 100644
-index 0000000..b88dbf7
---- /dev/null
-+++ b/systemd/cynara-monitor-get.socket.in
-@@ -0,0 +1,15 @@
-+[Socket]
-+ListenStream=@SOCKET_DIR@/cynara-monitor-get.socket
-+SocketGroup=@CYNARA_ADMIN_SOCKET_GROUP@
-+SocketMode=0060
-+SmackLabelIPIn=@
-+SmackLabelIPOut=@
-+
-+Service=cynara.service
-+
-+[Unit]
-+Wants=cynara.target
-+Before=cynara.target
-+
-+[Install]
-+WantedBy=sockets.target
-diff --git a/systemd/cynara.socket b/systemd/cynara.socket
-deleted file mode 100644
-index fad2745..0000000
---- a/systemd/cynara.socket
-+++ /dev/null
-@@ -1,14 +0,0 @@
--[Socket]
--ListenStream=/run/cynara/cynara.socket
--SocketMode=0666
--SmackLabelIPIn=*
--SmackLabelIPOut=@
--
--Service=cynara.service
--
--[Unit]
--Wants=cynara.target
--Before=cynara.target
--
--[Install]
--WantedBy=sockets.target
-diff --git a/systemd/cynara.socket.in b/systemd/cynara.socket.in
-new file mode 100644
-index 0000000..ba76549
---- /dev/null
-+++ b/systemd/cynara.socket.in
-@@ -0,0 +1,14 @@
-+[Socket]
-+ListenStream=@SOCKET_DIR@/cynara.socket
-+SocketMode=0666
-+SmackLabelIPIn=*
-+SmackLabelIPOut=@
-+
-+Service=cynara.service
-+
-+[Unit]
-+Wants=cynara.target
-+Before=cynara.target
-+
-+[Install]
-+WantedBy=sockets.target