diff options
Diffstat (limited to 'recipes-security/selinux/policycoreutils_3.6.bb')
-rw-r--r-- | recipes-security/selinux/policycoreutils_3.6.bb | 179 |
1 files changed, 179 insertions, 0 deletions
diff --git a/recipes-security/selinux/policycoreutils_3.6.bb b/recipes-security/selinux/policycoreutils_3.6.bb new file mode 100644 index 0000000..c106ee7 --- /dev/null +++ b/recipes-security/selinux/policycoreutils_3.6.bb | |||
@@ -0,0 +1,179 @@ | |||
1 | SUMMARY = "SELinux policy core utilities" | ||
2 | DESCRIPTION = "policycoreutils contains the policy core utilities that are required \ | ||
3 | for basic operation of a SELinux system. These utilities include \ | ||
4 | load_policy to load policies, setfiles to label filesystems, newrole \ | ||
5 | to switch roles, and run_init to run /etc/init.d scripts in the proper \ | ||
6 | context." | ||
7 | SECTION = "base" | ||
8 | LICENSE = "GPL-2.0-or-later" | ||
9 | LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=393a5ca445f6965873eca0259a17f833" | ||
10 | |||
11 | require selinux_common.inc | ||
12 | |||
13 | SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ | ||
14 | file://policycoreutils-fixfiles-de-bashify.patch \ | ||
15 | " | ||
16 | |||
17 | PAM_SRC_URI = "file://pam.d/newrole \ | ||
18 | file://pam.d/run_init \ | ||
19 | " | ||
20 | |||
21 | DEPENDS = "libsepol libselinux libsemanage gettext-native" | ||
22 | DEPENDS:append:class-target = " libcap-ng" | ||
23 | |||
24 | S = "${WORKDIR}/git/policycoreutils" | ||
25 | |||
26 | inherit selinux python3native | ||
27 | |||
28 | RDEPENDS:${PN}-fixfiles = "\ | ||
29 | ${PN}-setfiles \ | ||
30 | grep \ | ||
31 | findutils \ | ||
32 | " | ||
33 | RDEPENDS:${PN}-genhomedircon = "\ | ||
34 | ${PN}-semodule \ | ||
35 | " | ||
36 | RDEPENDS:${PN}-loadpolicy = "\ | ||
37 | libselinux \ | ||
38 | libsepol \ | ||
39 | " | ||
40 | RDEPENDS:${PN}-newrole = "\ | ||
41 | libcap-ng \ | ||
42 | libselinux \ | ||
43 | " | ||
44 | RDEPENDS:${PN}-runinit = "libselinux" | ||
45 | RDEPENDS:${PN}-secon = "libselinux" | ||
46 | RDEPENDS:${PN}-semodule = "\ | ||
47 | libsepol \ | ||
48 | libselinux \ | ||
49 | libsemanage \ | ||
50 | " | ||
51 | RDEPENDS:${PN}-sestatus = "libselinux" | ||
52 | RDEPENDS:${PN}-setfiles = "\ | ||
53 | libselinux \ | ||
54 | libsepol \ | ||
55 | " | ||
56 | RDEPENDS:${PN}-setsebool = "\ | ||
57 | libsepol \ | ||
58 | libselinux \ | ||
59 | libsemanage \ | ||
60 | " | ||
61 | RDEPENDS:${PN}:class-target = "selinux-python" | ||
62 | |||
63 | PACKAGES =+ "\ | ||
64 | ${PN}-fixfiles \ | ||
65 | ${PN}-genhomedircon \ | ||
66 | ${PN}-hll \ | ||
67 | ${PN}-loadpolicy \ | ||
68 | ${PN}-newrole \ | ||
69 | ${PN}-runinit \ | ||
70 | ${PN}-secon \ | ||
71 | ${PN}-semodule \ | ||
72 | ${PN}-sestatus \ | ||
73 | ${PN}-setfiles \ | ||
74 | ${PN}-setsebool \ | ||
75 | " | ||
76 | FILES:${PN}-fixfiles = "${base_sbindir}/fixfiles" | ||
77 | FILES:${PN}-genhomedircon = "${base_sbindir}/genhomedircon" | ||
78 | FILES:${PN}-loadpolicy = "\ | ||
79 | ${base_sbindir}/load_policy \ | ||
80 | " | ||
81 | FILES:${PN}-newrole = "\ | ||
82 | ${bindir}/newrole \ | ||
83 | ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/newrole', '', d)} \ | ||
84 | " | ||
85 | FILES:${PN}-runinit = "\ | ||
86 | ${base_sbindir}/run_init \ | ||
87 | ${base_sbindir}/open_init_pty \ | ||
88 | ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/run_init', '', d)} \ | ||
89 | " | ||
90 | FILES:${PN}-dbg += "${prefix}/libexec/selinux/hll/.debug" | ||
91 | FILES:${PN}-secon = "${bindir}/secon" | ||
92 | FILES:${PN}-semodule = "${base_sbindir}/semodule" | ||
93 | FILES:${PN}-hll = "${prefix}/libexec/selinux/hll/*" | ||
94 | FILES:${PN}-sestatus = "\ | ||
95 | ${base_sbindir}/sestatus \ | ||
96 | ${sysconfdir}/sestatus.conf \ | ||
97 | " | ||
98 | FILES:${PN}-setfiles = "\ | ||
99 | ${base_sbindir}/restorecon \ | ||
100 | ${base_sbindir}/restorecon_xattr \ | ||
101 | ${base_sbindir}/setfiles \ | ||
102 | " | ||
103 | FILES:${PN}-setsebool = "\ | ||
104 | ${base_sbindir}/setsebool \ | ||
105 | ${datadir}/bash-completion/completions/setsebool \ | ||
106 | " | ||
107 | |||
108 | export STAGING_INCDIR | ||
109 | export STAGING_LIBDIR | ||
110 | export BUILD_SYS | ||
111 | export HOST_SYS | ||
112 | |||
113 | PACKAGECONFIG:class-target ?= "\ | ||
114 | ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)} \ | ||
115 | audit \ | ||
116 | " | ||
117 | PACKAGECONFIG:class-native ?= "" | ||
118 | |||
119 | PACKAGECONFIG[libpam] = ",,libpam," | ||
120 | PACKAGECONFIG[audit] = ",,audit," | ||
121 | |||
122 | EXTRA_OEMAKE = "\ | ||
123 | ${@bb.utils.contains('PACKAGECONFIG', 'libpam', 'PAMH=y', 'PAMH=', d)} \ | ||
124 | ${@bb.utils.contains('PACKAGECONFIG', 'audit', 'AUDITH=y', 'AUDITH=', d)} \ | ||
125 | INOTIFYH=n \ | ||
126 | PREFIX=${prefix} \ | ||
127 | SBINDIR=${base_sbindir} \ | ||
128 | " | ||
129 | |||
130 | BBCLASSEXTEND = "native" | ||
131 | |||
132 | PCU_NATIVE_CMDS = "setfiles semodule hll" | ||
133 | |||
134 | do_compile:prepend() { | ||
135 | export PYTHON=python3 | ||
136 | export PYLIBVER='python${PYTHON_BASEVERSION}' | ||
137 | export PYTHON_CPPFLAGS="-I${STAGING_INCDIR}/${PYLIBVER}" | ||
138 | export PYTHON_LDFLAGS="${STAGING_LIBDIR}/lib${PYLIBVER}.so" | ||
139 | export PYTHON_SITE_PKG="${PYTHON_SITEPACKAGES_DIR}" | ||
140 | } | ||
141 | |||
142 | do_compile:class-native() { | ||
143 | for PCU_CMD in ${PCU_NATIVE_CMDS} ; do | ||
144 | oe_runmake -C $PCU_CMD \ | ||
145 | INCLUDEDIR='${STAGING_INCDIR}' \ | ||
146 | LIBDIR='${STAGING_LIBDIR}' | ||
147 | done | ||
148 | } | ||
149 | |||
150 | sysroot_stage_dirs:append:class-native() { | ||
151 | cp -R $from/${prefix}/libexec $to/${prefix}/libexec | ||
152 | } | ||
153 | |||
154 | do_install:prepend() { | ||
155 | export PYTHON=python3 | ||
156 | export SBINDIR="${D}/${base_sbindir}" | ||
157 | } | ||
158 | |||
159 | do_install:class-native() { | ||
160 | for PCU_CMD in ${PCU_NATIVE_CMDS} ; do | ||
161 | oe_runmake -C $PCU_CMD install \ | ||
162 | DESTDIR="${D}" \ | ||
163 | PREFIX="${prefix}" \ | ||
164 | SBINDIR="${base_sbindir}" | ||
165 | done | ||
166 | } | ||
167 | |||
168 | do_install:append:class-target() { | ||
169 | if [ -e ${WORKDIR}/pam.d ]; then | ||
170 | install -d ${D}${sysconfdir}/pam.d/ | ||
171 | install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ | ||
172 | fi | ||
173 | |||
174 | # /var/lib/selinux is involved by seobject.py: | ||
175 | # + dirname = "/var/lib/selinux" | ||
176 | # and it's required for running command: | ||
177 | # $ semanage permissive [OPTS] | ||
178 | install -d ${D}${localstatedir}/lib/selinux | ||
179 | } | ||