[yocto] [PATCH 3/5] Bastille: change in behavior of bastille -l.
mulhern
mulhern at gmail.com
Sun Aug 25 18:17:10 PDT 2013
[YOCTO #3867]
bastille -l now reports existing configuration file paths even if it has
not previously been run. Previously, it exited with an error if it detected
an absence of log files indicating a previous run.
Signed-off-by: mulhern <mulhern at yoctoproject.org>
---
recipes-security/bastille/bastille_3.2.1.bb | 1 +
.../bastille/files/find_existing_config.patch | 58 ++++++++++++++++++++
2 files changed, 59 insertions(+)
create mode 100644 recipes-security/bastille/files/find_existing_config.patch
diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb
index 0165a4e..c8d0103 100644
--- a/recipes-security/bastille/bastille_3.2.1.bb
+++ b/recipes-security/bastille/bastille_3.2.1.bb
@@ -23,6 +23,7 @@ SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3
file://fix_number_of_modules.patch \
file://remove_questions_text_file_references.patch \
file://simplify_B_place.patch \
+ file://find_existing_config.patch \
"
SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b"
diff --git a/recipes-security/bastille/files/find_existing_config.patch b/recipes-security/bastille/files/find_existing_config.patch
new file mode 100644
index 0000000..73e346f
--- /dev/null
+++ b/recipes-security/bastille/files/find_existing_config.patch
@@ -0,0 +1,58 @@
+Index: Bastille/bin/bastille
+===================================================================
+--- Bastille.orig/bin/bastille 2013-06-20 14:58:01.065796000 -0400
++++ Bastille/bin/bastille 2013-08-20 15:16:18.472378000 -0400
+@@ -102,8 +102,9 @@
+ # defines OS specific file locations based on uname
+ systemFileLocations
+
++ config_files=`find $config_repository -type f -name \*config 2>/dev/null`
++
+ if [ -f $last_config ]; then
+- config_files=`find $config_repository -type f -name \*config 2>/dev/null`
+ for config_cursor in `echo $config_files`
+ do
+ if /usr/bin/diff $last_config $config_cursor >/dev/null 2>&1
+@@ -112,8 +113,8 @@
+ fi
+ done
+ if [ -n "$match" ]; then
+- echo "The last bastille run corresponds to the following profiles:"
+- echo "$match"
++ printf "The last Bastille run corresponds to the following profiles:\n"
++ printf "$match"
+ else
+ cat >&2 << EOF
+ NOTE: The last config file applied,
+@@ -122,18 +123,28 @@
+ $ERRSPACES $config_repository.
+ $ERRSPACES This probably means that Bastille was last run interactively and
+ $ERRSPACES changes were made to the config file, but they have not yet been
+-$ERRSPACES applied, or that the source config file was moved. If you do have pending
++$ERRSPACES applied, or that the source config file was moved. If you do have pending
+ $ERRSPACES changes in a config file, you can apply them by running
+ $ERRSPACES 'bastille -b -f <config file>.'
+ EOF
+
+ fi
+ else
+- echo "NOTE: The system is in its pre-bastilled state.\n"
++ for config_cursor in `echo $config_files`
++ do
++ match="$match $config_cursor\n"
++ done
++ if [ -n "$match" ]; then
++ printf "The following Bastille profiles were located:\n"
++ printf "$match"
++ else
++ printf "No Bastille profiles were located.\n"
++ fi
++ printf "No log files of profiles from previous executions of Bastille have been found. It is likely that Bastille has not been run on this machine.\n"
+ fi
+-
+ }
+
++
+ # First, make sure we're root
+ if [ `PATH="/usr/bin:/bin"; id -u` -ne 0 ]; then
+ echo "ERROR: Bastille must be run as root user" >&2
--
1.7.10.4
More information about the yocto
mailing list