[YOCTO #3867] bastille -l now reports existing configuration file paths even if it has not previously been run. Previously, it exited with an error if it detected an absence of log files indicating a previous run.
Signed-off-by: mulhern <mulh...@yoctoproject.org> --- recipes-security/bastille/bastille_3.2.1.bb | 1 + .../bastille/files/find_existing_config.patch | 58 ++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 recipes-security/bastille/files/find_existing_config.patch diff --git a/recipes-security/bastille/bastille_3.2.1.bb b/recipes-security/bastille/bastille_3.2.1.bb index 0165a4e..c8d0103 100644 --- a/recipes-security/bastille/bastille_3.2.1.bb +++ b/recipes-security/bastille/bastille_3.2.1.bb @@ -23,6 +23,7 @@ SRC_URI = "http://sourceforge.net/projects/bastille-linux/files/bastille-linux/3 file://fix_number_of_modules.patch \ file://remove_questions_text_file_references.patch \ file://simplify_B_place.patch \ + file://find_existing_config.patch \ " SRC_URI[md5sum] = "df803f7e38085aa5da79f85d0539f91b" diff --git a/recipes-security/bastille/files/find_existing_config.patch b/recipes-security/bastille/files/find_existing_config.patch new file mode 100644 index 0000000..73e346f --- /dev/null +++ b/recipes-security/bastille/files/find_existing_config.patch @@ -0,0 +1,58 @@ +Index: Bastille/bin/bastille +=================================================================== +--- Bastille.orig/bin/bastille 2013-06-20 14:58:01.065796000 -0400 ++++ Bastille/bin/bastille 2013-08-20 15:16:18.472378000 -0400 +@@ -102,8 +102,9 @@ + # defines OS specific file locations based on uname + systemFileLocations + ++ config_files=`find $config_repository -type f -name \*config 2>/dev/null` ++ + if [ -f $last_config ]; then +- config_files=`find $config_repository -type f -name \*config 2>/dev/null` + for config_cursor in `echo $config_files` + do + if /usr/bin/diff $last_config $config_cursor >/dev/null 2>&1 +@@ -112,8 +113,8 @@ + fi + done + if [ -n "$match" ]; then +- echo "The last bastille run corresponds to the following profiles:" +- echo "$match" ++ printf "The last Bastille run corresponds to the following profiles:\n" ++ printf "$match" + else + cat >&2 << EOF + NOTE: The last config file applied, +@@ -122,18 +123,28 @@ + $ERRSPACES $config_repository. + $ERRSPACES This probably means that Bastille was last run interactively and + $ERRSPACES changes were made to the config file, but they have not yet been +-$ERRSPACES applied, or that the source config file was moved. If you do have pending ++$ERRSPACES applied, or that the source config file was moved. If you do have pending + $ERRSPACES changes in a config file, you can apply them by running + $ERRSPACES 'bastille -b -f <config file>.' + EOF + + fi + else +- echo "NOTE: The system is in its pre-bastilled state.\n" ++ for config_cursor in `echo $config_files` ++ do ++ match="$match $config_cursor\n" ++ done ++ if [ -n "$match" ]; then ++ printf "The following Bastille profiles were located:\n" ++ printf "$match" ++ else ++ printf "No Bastille profiles were located.\n" ++ fi ++ printf "No log files of profiles from previous executions of Bastille have been found. It is likely that Bastille has not been run on this machine.\n" + fi +- + } + ++ + # First, make sure we're root + if [ `PATH="/usr/bin:/bin"; id -u` -ne 0 ]; then + echo "ERROR: Bastille must be run as root user" >&2 -- 1.7.10.4 _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto