44874939f8
policycoreutils has a pretty peculiar interpretation of DESTDIR and PREFIX. PREFIX is not consistently used: some installation paths and include paths are forced to $(DESTDIR)/usr/... . In other cases, PREFIX is indeed used. PREFIX defaults to $(DESTDIR)/usr Try to be a little bit more correct by passing both DESTDIR and PREFIX, both set to $(HOST_DIR). This is not a complete fix: some things are still installed in $(HOST_DIR)/usr - but nothing we care about (just manpages, systemd services, ...). More importantly, however, it still looks for e.g. D-Bus in $(DESTDIR)/usr/include/dbus-1.0. Still, it's better than nothing. Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
138 lines
4.5 KiB
Makefile
138 lines
4.5 KiB
Makefile
################################################################################
|
|
#
|
|
# policycoreutils
|
|
#
|
|
################################################################################
|
|
|
|
POLICYCOREUTILS_VERSION = 2.6
|
|
POLICYCOREUTILS_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014
|
|
POLICYCOREUTILS_LICENSE = GPL-2.0
|
|
POLICYCOREUTILS_LICENSE_FILES = COPYING
|
|
|
|
POLICYCOREUTILS_DEPENDENCIES = libsemanage libcap-ng
|
|
|
|
ifeq ($(BR2_PACKAGE_LINUX_PAM),y)
|
|
POLICYCOREUTILS_DEPENDENCIES += linux-pam
|
|
POLICYCOREUTILS_MAKE_OPTS += NAMESPACE_PRIV=y
|
|
define POLICYCOREUTILS_INSTALL_TARGET_LINUX_PAM_CONFS
|
|
$(INSTALL) -D -m 0644 $(@D)/newrole/newrole-lspp.pamd $(TARGET_DIR)/etc/pam.d/newrole
|
|
$(INSTALL) -D -m 0644 $(@D)/run_init/run_init.pamd $(TARGET_DIR)/etc/pam.d/run_init
|
|
endef
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_AUDIT),y)
|
|
POLICYCOREUTILS_DEPENDENCIES += audit
|
|
POLICYCOREUTILS_MAKE_OPTS += AUDIT_LOG_PRIV=y
|
|
endif
|
|
|
|
# Enable LSPP_PRIV if both audit and linux pam are enabled
|
|
ifeq ($(BR2_PACKAGE_LINUX_PAM)$(BR2_PACKAGE_AUDIT),yy)
|
|
POLICYCOREUTILS_MAKE_OPTS += LSPP_PRIV=y
|
|
endif
|
|
|
|
# Undefining _FILE_OFFSET_BITS here because of a "bug" with glibc fts.h
|
|
# large file support.
|
|
# See https://bugzilla.redhat.com/show_bug.cgi?id=574992 for more information
|
|
POLICYCOREUTILS_MAKE_OPTS += \
|
|
$(TARGET_CONFIGURE_OPTS) \
|
|
CFLAGS="$(TARGET_CFLAGS) -U_FILE_OFFSET_BITS" \
|
|
CPPFLAGS="$(TARGET_CPPFLAGS) -U_FILE_OFFSET_BITS" \
|
|
ARCH="$(BR2_ARCH)"
|
|
|
|
POLICYCOREUTILS_MAKE_DIRS = \
|
|
load_policy newrole run_init \
|
|
secon semodule semodule_deps \
|
|
semodule_expand semodule_link \
|
|
semodule_package sepolgen-ifgen \
|
|
sestatus setfiles setsebool
|
|
|
|
ifeq ($(BR2_PACKAGE_POLICYCOREUTILS_RESTORECOND),y)
|
|
POLICYCOREUTILS_MAKE_DIRS += restorecond
|
|
POLICYCOREUTILS_DEPENDENCIES += libglib2
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_POLICYCOREUTILS_AUDIT2ALLOW),y)
|
|
ifeq ($(BR2_PACKAGE_PYTHON3),y)
|
|
POLICYCOREUTILS_DEPENDENCIES += python3
|
|
POLICYCOREUTILS_MAKE_OPTS += PYLIBVER="python$(PYTHON3_VERSION_MAJOR)"
|
|
else
|
|
POLICYCOREUTILS_DEPENDENCIES += python
|
|
POLICYCOREUTILS_MAKE_OPTS += PYLIBVER="python$(PYTHON_VERSION_MAJOR)"
|
|
endif
|
|
|
|
POLICYCOREUTILS_DEPENDENCIES += sepolgen checkpolicy
|
|
POLICYCOREUTILS_MAKE_DIRS += audit2allow
|
|
endif
|
|
|
|
# We need to pass DESTDIR at build time because it's used by
|
|
# policycoreutils build system to find headers and libraries.
|
|
define POLICYCOREUTILS_BUILD_CMDS
|
|
$(foreach d,$(POLICYCOREUTILS_MAKE_DIRS),
|
|
$(MAKE) -C $(@D)/$(d) $(POLICYCOREUTILS_MAKE_OPTS) \
|
|
DESTDIR=$(STAGING_DIR) all
|
|
)
|
|
endef
|
|
|
|
define POLICYCOREUTILS_INSTALL_TARGET_CMDS
|
|
$(foreach d,$(POLICYCOREUTILS_MAKE_DIRS),
|
|
$(MAKE) -C $(@D)/$(d) $(POLICYCOREUTILS_MAKE_OPTS) \
|
|
DESTDIR=$(TARGET_DIR) install
|
|
)
|
|
endef
|
|
|
|
HOST_POLICYCOREUTILS_DEPENDENCIES = \
|
|
host-libsemanage host-dbus-glib \
|
|
host-sepolgen host-setools
|
|
|
|
# Undefining _FILE_OFFSET_BITS here because of a "bug" with glibc fts.h
|
|
# large file support.
|
|
# See https://bugzilla.redhat.com/show_bug.cgi?id=574992 for more information
|
|
# We need to pass DESTDIR at build time because it's used by
|
|
# policycoreutils build system to find headers and libraries.
|
|
# We also need to pass PREFIX because it defaults to $(DESTDIR)/usr
|
|
HOST_POLICYCOREUTILS_MAKE_OPTS = \
|
|
$(HOST_CONFIGURE_OPTS) \
|
|
CFLAGS="$(HOST_CFLAGS) -U_FILE_OFFSET_BITS" \
|
|
CPPFLAGS="$(HOST_CPPFLAGS) -U_FILE_OFFSET_BITS" \
|
|
PYTHON="$(HOST_DIR)/bin/python" \
|
|
PYTHON_INSTALL_ARGS="$(HOST_PKG_PYTHON_DISTUTILS_INSTALL_OPTS)" \
|
|
ARCH="$(HOSTARCH)" \
|
|
DESTDIR=$(HOST_DIR) \
|
|
PREFIX=$(HOST_DIR)
|
|
|
|
ifeq ($(BR2_PACKAGE_PYTHON3),y)
|
|
HOST_POLICYCOREUTILS_DEPENDENCIES += host-python3
|
|
HOST_POLICYCOREUTILS_MAKE_OPTS += \
|
|
PYLIBVER="python$(PYTHON3_VERSION_MAJOR)"
|
|
else
|
|
HOST_POLICYCOREUTILS_DEPENDENCIES += host-python
|
|
HOST_POLICYCOREUTILS_MAKE_OPTS += \
|
|
PYLIBVER="python$(PYTHON_VERSION_MAJOR)"
|
|
endif
|
|
|
|
# Note: We are only building the programs required by the refpolicy build
|
|
HOST_POLICYCOREUTILS_MAKE_DIRS = \
|
|
load_policy semodule semodule_deps \
|
|
semodule_expand semodule_link \
|
|
semodule_package setfiles restorecond \
|
|
audit2allow scripts semanage sepolicy
|
|
|
|
define HOST_POLICYCOREUTILS_BUILD_CMDS
|
|
$(foreach d,$(HOST_POLICYCOREUTILS_MAKE_DIRS),
|
|
$(MAKE) -C $(@D)/$(d) $(HOST_POLICYCOREUTILS_MAKE_OPTS) all
|
|
)
|
|
endef
|
|
|
|
define HOST_POLICYCOREUTILS_INSTALL_CMDS
|
|
$(foreach d,$(HOST_POLICYCOREUTILS_MAKE_DIRS),
|
|
$(MAKE) -C $(@D)/$(d) $(HOST_POLICYCOREUTILS_MAKE_OPTS) install
|
|
)
|
|
# Fix python paths
|
|
$(SED) 's%/usr/bin/%$(HOST_DIR)/bin/%g' $(HOST_DIR)/bin/audit2allow
|
|
$(SED) 's%/usr/bin/%$(HOST_DIR)/bin/%g' $(HOST_DIR)/bin/sepolgen-ifgen
|
|
$(SED) 's%/usr/bin/%$(HOST_DIR)/bin/%g' $(HOST_DIR)/bin/sepolicy
|
|
endef
|
|
|
|
$(eval $(generic-package))
|
|
$(eval $(host-generic-package))
|