On 21.07.20 10:16, Venkata Pyla wrote:
From: Kazuhiro Hayashi <kazuhiro3.hayashi@...>
Identified security packages are added to the target image
and that will be used for IEC-62443-4-2 evaluation
Signed-off-by: Kazuhiro Hayashi <kazuhiro3.hayashi@...>
Signed-off-by: pvenkata2 <venkata.pyla@...>
Can you configure your git to add you written name here as well? It's in the email, yes, but it would be nicer to have it displayed as well.
.../images/cip-core-image-security.bb | 37 +++++++++++++++++++
1 file changed, 37 insertions(+)
create mode 100644 recipes-core/images/cip-core-image-security.bb
diff --git a/recipes-core/images/cip-core-image-security.bb b/recipes-core/images/cip-core-image-security.bb
new file mode 100644
@@ -0,0 +1,37 @@
+# A reference image which includes security packages
+# Copyright (c) Toshiba Corporation, 2020
+# Kazuhiro Hayashi <kazuhiro3.hayashi@...>
+# SPDX-License-Identifier: MIT
+DESCRIPTION = "CIP Core image including security packages"
+# Use the same customizations as cip-core-image
That comment is not needed. It just creates the risk of becoming outdated if cip-core-image decides to do something else.
+IMAGE_INSTALL += "customizations"
+# Debian packages that provide security features
+IMAGE_PREINSTALL += " \
+ openssl libssl1.1 \
+ fail2ban \
+ openssh-server openssh-sftp-server openssh-client \
+ syslog-ng-core syslog-ng-mod-journal \
+ aide aide-common \
+ libnftables0 nftables \
+ libpam-pkcs11 \
+ chrony \
+ tpm2-tools \
+ tpm2-abrmd \
+ libtss2-esys0 libtss2-udev \
+ libpam-cracklib \
+ acl \
+ libauparse0 audispd-plugins auditd \
+ uuid-runtime \
+ sudo \
Can you close https://gitlab.com/cip-project/cip-core/isar-cip-core/-/merge_requests/8
if this series obsoletes it?
BTW, a cover letter would help structuring the patches together. And please add a tag like "[isar-cip-core]" in order to clarify the series target. That is all configurable in git format-patch/send-email.
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux