From 784929a0301b5a60c86cd05649f8698be3ff3e78 Mon Sep 17 00:00:00 2001 From: Grzegorz Kowalski Date: Mon, 11 Mar 2024 19:08:10 +0100 Subject: [PATCH] move hidepid to separate package --- recipes-core/images/helium-image-default.bb | 5 +++++ recipes-core/initscripts/initscripts_%.bbappend | 9 --------- .../hidepid/hidepid}/hidepid.sh | 0 recipes-hardening/hidepid/hidepid_1.0.bb | 12 ++++++++++++ 4 files changed, 17 insertions(+), 9 deletions(-) delete mode 100644 recipes-core/initscripts/initscripts_%.bbappend rename {recipes-core/initscripts/initscripts => recipes-hardening/hidepid/hidepid}/hidepid.sh (100%) create mode 100644 recipes-hardening/hidepid/hidepid_1.0.bb diff --git a/recipes-core/images/helium-image-default.bb b/recipes-core/images/helium-image-default.bb index 8842d3c..e9da741 100644 --- a/recipes-core/images/helium-image-default.bb +++ b/recipes-core/images/helium-image-default.bb @@ -29,6 +29,11 @@ OS_TOOLS = " \ nano \ " +# system hardening +HARDENING = " \ + hidepid \ +" + # helium base packages HELIUM_BASE = " \ " diff --git a/recipes-core/initscripts/initscripts_%.bbappend b/recipes-core/initscripts/initscripts_%.bbappend deleted file mode 100644 index 2782ec8..0000000 --- a/recipes-core/initscripts/initscripts_%.bbappend +++ /dev/null @@ -1,9 +0,0 @@ -FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" - -SRC_URI = "file://hidepid.sh" -S = "${WORKDIR}" - -do_install:append () { - install -m 0755 ${WORKDIR}/hidepid.sh ${D}${sysconfdir}/init.d - update-rc.d -r ${D} hidepid.sh start 10 S . -} diff --git a/recipes-core/initscripts/initscripts/hidepid.sh b/recipes-hardening/hidepid/hidepid/hidepid.sh similarity index 100% rename from recipes-core/initscripts/initscripts/hidepid.sh rename to recipes-hardening/hidepid/hidepid/hidepid.sh diff --git a/recipes-hardening/hidepid/hidepid_1.0.bb b/recipes-hardening/hidepid/hidepid_1.0.bb new file mode 100644 index 0000000..41b4c7e --- /dev/null +++ b/recipes-hardening/hidepid/hidepid_1.0.bb @@ -0,0 +1,12 @@ +SUMMARY = "hidepid - hide other users' processes from /proc" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +SRC_URI = "file://hidepid.sh" + +DEPENDS = "update-rc.d-native" + +do_install() { + install -D -m 0755 ${WORKDIR}/hidepid.sh ${D}${sysconfdir}/init.d/hidepid.sh + update-rc.d -r ${D} hidepid.sh start 10 S . +}