a0871be6c0
* Update buildroot-patches for 2020.11-rc1 buildroot * Update buildroot to 2020.11-rc1 Signed-off-by: Stefan Agner <stefan@agner.ch> * Don't rely on sfdisk --list-free output The --list-free (-F) argument does not allow machine readable mode. And it seems that the output format changes over time (different spacing, using size postfixes instead of raw blocks). Use sfdisk json output and calculate free partition space ourselfs. This works for 2.35 and 2.36 and is more robust since we rely on output which is meant for scripts to parse. * Migrate defconfigs for Buildroot 2020.11-rc1 In particular, rename BR2_TARGET_UBOOT_BOOT_SCRIPT(_SOURCE) to BR2_PACKAGE_HOST_UBOOT_TOOLS_BOOT_SCRIPT(_SOURCE). * Rebase/remove systemd patches for systemd 246 * Drop apparmor/libapparmor from buildroot-external * hassos-persists: use /run as directory for lockfiles The U-Boot tools use /var/lock by default which is not created any more by systemd by default (it is under tmpfiles legacy.conf, which we no longer install). * Disable systemd-update-done.service The service is not suited for pure read-only systems. In particular the service needs to be able to write a file in /etc and /var. Remove the service. Note: This is a static service and cannot be removed using systemd-preset. * Disable apparmor.service for now The service loads all default profiles. Some might actually cause problems. E.g. the profile for ping seems not to match our setup for /etc/resolv.conf: [85503.634653] audit: type=1400 audit(1605286002.684:236): apparmor="DENIED" operation="open" profile="ping" name="/run/resolv.conf" pid=27585 comm="ping" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
27 lines
871 B
Plaintext
27 lines
871 B
Plaintext
config BR2_PACKAGE_SURICATA
|
|
bool "suricata"
|
|
depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
|
|
depends on BR2_USE_MMU # fork()
|
|
depends on BR2_USE_WCHAR
|
|
depends on BR2_TOOLCHAIN_HAS_THREADS
|
|
select BR2_PACKAGE_HOST_RUSTC
|
|
select BR2_PACKAGE_JANSSON
|
|
select BR2_PACKAGE_LIBHTP
|
|
select BR2_PACKAGE_LIBPCAP
|
|
select BR2_PACKAGE_LIBYAML
|
|
select BR2_PACKAGE_PCRE
|
|
help
|
|
Suricata is a free and open source, mature, fast and robust
|
|
network threat detection engine.
|
|
|
|
The Suricata engine is capable of real time intrusion
|
|
detection (IDS), inline intrusion prevention (IPS), network
|
|
security monitoring (NSM) and offline pcap processing.
|
|
|
|
https://suricata-ids.org
|
|
|
|
comment "suricata needs a toolchain w/ wchar, threads"
|
|
depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
|
|
depends on BR2_USE_MMU
|
|
depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS
|