package/apparmor: new package

The various AppArmor utilities are spread in a few sub-directories of
the apparmor source tree. For now, we build only the parser, but we'll
soon introduce support for a few other utilities, so we prepare the
package to be able to build more than just the parser, hence the
slightly convoluted build and install commands, and the use of the
APPARMOR_TOOLS and APPARMOR_MAKE_OPTS variables, which will come handy
in the following commits.

We must ensure the version matches that of libapparmor, but there is not
much we can do to enforce that, so as we do for various other packages,
we just add a comment to that effect.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
  - make it a separate package
  - split into its own patch, write a commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
This commit is contained in:
Angelo Compagnucci 2020-03-27 21:38:37 +01:00 committed by Yann E. MORIN
parent 67e576fab5
commit 007ee0765e
5 changed files with 79 additions and 0 deletions

View File

@ -2260,6 +2260,7 @@ menu "Real-Time"
endmenu
menu "Security"
source "package/apparmor/Config.in"
source "package/checkpolicy/Config.in"
source "package/ima-evm-utils/Config.in"
source "package/optee-benchmark/Config.in"

View File

@ -0,0 +1,25 @@
config BR2_PACKAGE_APPARMOR
bool "apparmor"
depends on BR2_USE_MMU # fork()
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_TOOLCHAIN_HAS_SYNC_4 # libapparmor
depends on BR2_TOOLCHAIN_HAS_THREADS # libapparmor
depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_16 # libapparmor
select BR2_PACKAGE_LIBAPPARMOR
help
AppArmor is an effective and easy-to-use Linux application
security system. AppArmor proactively protects the operating
system and applications from external or internal threats,
even zero-day attacks, by enforcing good behavior and
preventing even unknown application flaws from being
exploited.
This package builds the parser (which can load profiles).
http://wiki.apparmor.net
comment "apparmor needs a toolchain w/ headers >= 3.16, threads, C++"
depends on BR2_USE_MMU
depends on BR2_TOOLCHAIN_HAS_SYNC_4
depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_HAS_THREADS \
|| !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_16

View File

@ -0,0 +1,4 @@
# locally computed
sha256 267053234c68cdb122c5294d7c276b6e2f5fa7e75c6c2d23e3ce69f95d9a7639 apparmor-2.13.3.tar.gz
sha256 a7e0cdcbea5c14927cedfc600d46526bdcbb1eb0a4d951e2ea53c2a6de159cb4 LICENSE
sha256 dd54950fa69a3096fe907a466a454d217ccca9bca77398d5232704766d5a0040 parser/COPYING.GPL

View File

@ -0,0 +1,48 @@
################################################################################
#
# apparmor
#
################################################################################
# When updating the version here, please also update the libapparmor package
APPARMOR_VERSION_MAJOR = 2.13
APPARMOR_VERSION = $(APPARMOR_VERSION_MAJOR).3
APPARMOR_SITE = https://launchpad.net/apparmor/$(APPARMOR_VERSION_MAJOR)/$(APPARMOR_VERSION)/+download
APPARMOR_DL_SUBDIR = libapparmor
APPARMOR_LICENSE = GPL-2.0
APPARMOR_LICENSE_FILES = LICENSE parser/COPYING.GPL
APPARMOR_DEPENDENCIES = libapparmor
APPARMOR_TOOLS = parser
APPARMOR_MAKE_OPTS = USE_SYSTEM=1
define APPARMOR_BUILD_CMDS
$(foreach tool,$(APPARMOR_TOOLS),\
$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) \
$(MAKE) -C $(@D)/$(tool) $(APPARMOR_MAKE_OPTS)
)
endef
define APPARMOR_INSTALL_TARGET_CMDS
$(foreach tool,$(APPARMOR_TOOLS),\
$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) \
$(MAKE) -C $(@D)/$(tool) $(APPARMOR_MAKE_OPTS) \
DESTDIR=$(TARGET_DIR) install
)
endef
# Despite its name, apparmor.systemd is a sysv-init compatible startup script
define APPARMOR_INSTALL_INIT_SYSV
$(INSTALL) -D -m 0755 $(@D)/parser/apparmor.systemd \
$(TARGET_DIR)/etc/init.d/S00apparmor
endef
define APPARMOR_INSTALL_INIT_SYSTEMD
$(INSTALL) -D -m 0755 $(@D)/parser/apparmor.systemd \
$(TARGET_DIR)/lib/apparmor/apparmor.systemd
$(INSTALL) -D -m 0755 $(@D)/parser/apparmor.service \
$(TARGET_DIR)/usr/lib/systemd/system/apparmor.service
endef
$(eval $(generic-package))

View File

@ -4,6 +4,7 @@
#
################################################################################
# When updating the version here, please also update the apparmor package
LIBAPPARMOR_VERSION_MAJOR = 2.13
LIBAPPARMOR_VERSION = $(LIBAPPARMOR_VERSION_MAJOR).3
LIBAPPARMOR_SOURCE = apparmor-$(LIBAPPARMOR_VERSION).tar.gz