CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

net-snmp: control smux via PACKAGECONFIG

Browse Source 
Support for smux is always enabled by the recipe, but it can be a
security risk since it makes the snmpd daemon listen on TCP port 199.

This makes it contrallable via PACKAGECONFIG, so that it can be easily
disabled from the distro or local config. The mechanism makes it easy
to add control for other MIB modules via PACKAGECONFIG later if need
be.

For compatibility smux is added to the default PACKAGECONFIG, so there
is no change in the default build configuration.

Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Diego Santa Cruz 2021-01-20 17:22:27 +01:00 committed by Khem Raj
parent 8a29a7f9aa
commit e58e07b010
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.bb
View File

@ -40,7 +40,7 @@ CCACHE = ""
TARGET_CC_ARCH += "${LDFLAGS}"
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} des"
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} des smux"
PACKAGECONFIG[elfutils] = "--with-elf, --without-elf, elfutils"
PACKAGECONFIG[libnl] = "--with-nl, --without-nl, libnl"
@ -49,6 +49,7 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,,"
PACKAGECONFIG[perl] = "--enable-embedded-perl --with-perl-modules=yes, --disable-embedded-perl --with-perl-modules=no,\
perl,"
PACKAGECONFIG[des] = "--enable-des,--disable-des"
PACKAGECONFIG[smux] = ""
EXTRA_OECONF = "--enable-shared \
--disable-manuals \
@ -57,10 +58,11 @@ EXTRA_OECONF = "--enable-shared \
--with-persistent-directory=${localstatedir}/lib/net-snmp \
${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', '--with-endianness=little', '--with-endianness=big', d)} \
--with-openssl=${STAGING_EXECPREFIXDIR} \
--with-mib-modules='${MIB_MODULES}' \
"
# net-snmp needs to have mib-modules=smux enabled to enable quagga to support snmp
EXTRA_OECONF += "--with-mib-modules=smux"
MIB_MODULES = ""
MIB_MODULES_append = " ${@bb.utils.filter('PACKAGECONFIG', 'smux', d)}"
CACHED_CONFIGUREVARS = " \
ac_cv_header_valgrind_valgrind_h=no \