Refer https://src.fedoraproject.org/rpms/openssh/c/13fa787ecc35d6c9eea9e64c1f42f49e2ee978ce (See __spec_install_post in openssh.spec for detail)
Signed-off-by: Hongxu Jia <hongxu....@windriver.com> --- recipes-connectivity/openssh/openssh_fips.inc | 34 +++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/recipes-connectivity/openssh/openssh_fips.inc b/recipes-connectivity/openssh/openssh_fips.inc index 99a3482..8f21264 100644 --- a/recipes-connectivity/openssh/openssh_fips.inc +++ b/recipes-connectivity/openssh/openssh_fips.inc @@ -6,3 +6,37 @@ DEPENDS += " \ SRC_URI += " \ file://0001-openssh-8.0p1-fips.patch \ " + +do_install_append() { + install -d ${D}${libdir}/fipscheck +} + +inherit qemu + +pkg_postinst_append_${PN}-ssh () { + if [ -n "$D" ]; then + if ${@bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'true','false', d)}; then + ${@qemu_run_binary(d, '$D', '${bindir}/fipshmac')} \ + -d $D${libdir}/fipscheck $D${bindir}/ssh.${BPN} + else + $INTERCEPT_DIR/postinst_intercept delay_to_first_boot ${PKG} mlprefix=${MLPREFIX} + fi + else + ${bindir}/fipshmac -d ${libdir}/fipscheck ${bindir}/ssh.${BPN} + fi +} + +pkg_postinst_append_${PN}-sshd () { + if [ -n "$D" ]; then + if ${@bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'true','false', d)}; then + ${@qemu_run_binary(d, '$D', '${bindir}/fipshmac')} \ + -d $D${libdir}/fipscheck $D${sbindir}/sshd + else + $INTERCEPT_DIR/postinst_intercept delay_to_first_boot ${PKG} mlprefix=${MLPREFIX} + fi + else + ${bindir}/fipshmac -d ${libdir}/fipscheck ${sbindir}/sshd + fi +} + +FILES_${PN} += "${libdir}/fipscheck" -- 2.7.4 -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto