From 80f4d503fc5bb2564b72b72daedebf74612c30f3 Mon Sep 17 00:00:00 2001 From: Stephane Desneux Date: Wed, 1 Jun 2016 17:52:10 +0000 Subject: add meta-app-framework to meta-agl meta-app-framework is a layer containing the AGL App Framework recipes 4 new layers are added for application framework: * meta-intel-iot-security/meta-security-smack * meta-intel-iot-security/meta-security-framework * meta-agl/meta-agl-security * meta-agl/meta-app-framework In the templates files, the following changes were done: * activation of Smack and Cynara * modify the tar command to be used to support Smack extended attributes Change-Id: If369221ca7614fe0072f2a0f99a5051ef2af831d Signed-off-by: Stephane Desneux --- meta-agl/conf/distro/poky-agl.conf | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'meta-agl/conf') diff --git a/meta-agl/conf/distro/poky-agl.conf b/meta-agl/conf/distro/poky-agl.conf index 6d6f120fe..e1dac683d 100644 --- a/meta-agl/conf/distro/poky-agl.conf +++ b/meta-agl/conf/distro/poky-agl.conf @@ -137,6 +137,20 @@ BB_DANGLINGAPPENDS_WARNONLY = "1" # enforce security-related compiler flags by default require conf/distro/include/security_flags.inc + # required overrides, upstreamed but not merged yet: # http://lists.openembedded.org/pipermail/openembedded-devel/2016-June/107727.html SECURITY_CFLAGS_pn-llvm3.3 = "${SECURITY_NO_PIE_CFLAGS}" + +# enable security features (smack, cynara) - required by Application Framework +OVERRIDES .= ":smack" +DISTRO_FEATURES_append = " smack dbus-cynara" + +# use tar-native to support SMACK extended attributes independently of host config +IMAGE_CMD_TAR = "tar --xattrs-include='*'" +IMAGE_DEPENDS_tar_append = " tar-replacement-native" +EXTRANATIVEPATH += "tar-native" + +# security: enable ssh server in place of dropbear to support PAM on user sessions +IMAGE_FEATURES += "ssh-server-openssh" + -- cgit 1.2.3-korg