a0871be6c0
* Update buildroot-patches for 2020.11-rc1 buildroot * Update buildroot to 2020.11-rc1 Signed-off-by: Stefan Agner <stefan@agner.ch> * Don't rely on sfdisk --list-free output The --list-free (-F) argument does not allow machine readable mode. And it seems that the output format changes over time (different spacing, using size postfixes instead of raw blocks). Use sfdisk json output and calculate free partition space ourselfs. This works for 2.35 and 2.36 and is more robust since we rely on output which is meant for scripts to parse. * Migrate defconfigs for Buildroot 2020.11-rc1 In particular, rename BR2_TARGET_UBOOT_BOOT_SCRIPT(_SOURCE) to BR2_PACKAGE_HOST_UBOOT_TOOLS_BOOT_SCRIPT(_SOURCE). * Rebase/remove systemd patches for systemd 246 * Drop apparmor/libapparmor from buildroot-external * hassos-persists: use /run as directory for lockfiles The U-Boot tools use /var/lock by default which is not created any more by systemd by default (it is under tmpfiles legacy.conf, which we no longer install). * Disable systemd-update-done.service The service is not suited for pure read-only systems. In particular the service needs to be able to write a file in /etc and /var. Remove the service. Note: This is a static service and cannot be removed using systemd-preset. * Disable apparmor.service for now The service loads all default profiles. Some might actually cause problems. E.g. the profile for ping seems not to match our setup for /etc/resolv.conf: [85503.634653] audit: type=1400 audit(1605286002.684:236): apparmor="DENIED" operation="open" profile="ping" name="/run/resolv.conf" pid=27585 comm="ping" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
24 lines
916 B
Plaintext
24 lines
916 B
Plaintext
config BR2_PACKAGE_PKCS11_HELPER
|
|
bool "pkcs11-helper"
|
|
depends on !BR2_STATIC_LIBS # dlfcn.h
|
|
help
|
|
pkcs11-helper is a library that simplifies the interaction
|
|
with PKCS#11 providers for end-user applications.
|
|
|
|
pkcs11-helper allows using multiple PKCS#11 providers at the
|
|
same time, enumerating available token certificates, or
|
|
selecting a certificate directly by serialized id, handling
|
|
card removal and card insert events, handling card re-insert
|
|
to a different slot, supporting session expiration and much
|
|
more all using a simple API.
|
|
|
|
pkcs11-helper is not designed to manage card content, since
|
|
object attributes are usually vendor specific, and 99% of
|
|
application need to access existing objects in order to
|
|
perform signature and decryption.
|
|
|
|
https://github.com/OpenSC/pkcs11-helper
|
|
|
|
comment "pkcs11-helper needs a toolchain w/ dynamic library"
|
|
depends on BR2_STATIC_LIBS
|