From 7817c831ef8aba187b7a824166378f6d9d6c1ab1 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Mon, 21 Sep 2020 18:12:24 +0100 Subject: [PATCH] policycoreutils: break into smaller packages Instead of vaguely describing dependencies in the package description actually split-up into individual packages, each with their dependencies expressed accurately. Signed-off-by: Daniel Golle --- package/utils/policycoreutils/Makefile | 155 ++++++++++++++++++------- 1 file changed, 110 insertions(+), 45 deletions(-) diff --git a/package/utils/policycoreutils/Makefile b/package/utils/policycoreutils/Makefile index 34c186e62e9f..3fd0e390811f 100644 --- a/package/utils/policycoreutils/Makefile +++ b/package/utils/policycoreutils/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=policycoreutils PKG_VERSION:=3.1 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/20200710 @@ -23,35 +23,47 @@ PKG_LICENSE_FILES:=COPYING include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/nls.mk +include $(INCLUDE_DIR)/host-build.mk -define Package/policycoreutils - SECTION:=utils - CATEGORY:=Utilities - DEPENDS:= +libsemanage +libcap-ng +BUSYBOX_CONFIG_PAM:libpam $(INTL_DEPENDS) - TITLE:=SELinux policy utilities - URL:=http://selinuxproject.org/page/Main_Page - ALTERNATIVES:=\ - 300:/sbin/restorecon:policycoreutils-restorecon \ - 300:/sbin/setfiles:policycoreutils-setfiles \ - 300:/usr/sbin/load_policy:policycoreutils-load_policy \ - 300:/usr/sbin/sestatus:policycoreutils-sestatus \ - 300:/usr/sbin/setsebool:policycoreutils-setsebool -endef +DIR_SBIN:= \ + restorecon \ + setfiles -define Package/policycoreutils/description - Policycoreutils is a collection of policy utilities - (originally the "core" set of utilities needed to use - SELinux, although it has grown a bit over time), which have - different dependencies. sestatus, secon, run_init, and - newrole only use libselinux. load_policy and setfiles only - use libselinux and libsepol. semodule and semanage use - libsemanage (and thus bring in dependencies on libsepol and - libselinux as well). setsebool uses libselinux to make - non-persistent boolean changes (via the kernel interface) - and uses libsemanage to make persistent boolean changes. -endef +DIR_USR_BIN:= \ + newrole \ + secon -include $(INCLUDE_DIR)/host-build.mk +DIR_USR_SBIN:= \ + load_policy \ + sestatus \ + setsebool + +LIBEXEC_UTILS := \ + pp + +SBIN_UTILS:= \ + restorecon_xattr \ + restorecon \ + setfiles + +USR_BIN_UTILS:= \ + newrole \ + secon + +USR_SBIN_UTILS:= \ + fixfiles \ + genhomedircon \ + open_init_pty \ + run_init \ + semodule \ + load_policy \ + sestatus \ + setsebool + +TARGET_LDFLAGS += $(INTL_LDFLAGS) $(if $(INTL_FULL),-lintl) + +MAKE_FLAGS += \ + PAMH=$(CONFIG_BUSYBOX_CONFIG_PAM) HOST_MAKE_FLAGS += \ PAMH=$(CONFIG_BUSYBOX_CONFIG_PAM) \ @@ -59,26 +71,79 @@ HOST_MAKE_FLAGS += \ SBINDIR=$(STAGING_DIR_HOSTPKG)/sbin \ ETCDIR=$(STAGING_DIR_HOSTPKG)/etc -MAKE_FLAGS += \ - PAMH=$(CONFIG_BUSYBOX_CONFIG_PAM) +$(eval $(foreach a,$(DIR_SBIN),ALTS_$(a):=300:/sbin/$(a):/sbin/policycoreutils-$(a)$(newline))) +$(eval $(foreach a,$(DIR_USR_BIN),ALTS_$(a):=300:/usr/bin/$(a):/usr/bin/policycoreutils-$(a)$(newline))) +$(eval $(foreach a,$(DIR_USR_SBIN),ALTS_$(a):=300:/usr/sbin/$(a):/usr/sbin/policycoreutils-$(a)$(newline))) + +DEPENDS_genhomedircon:=+libsemanage $(INTL_DEPENDS) +DEPENDS_load_policy:=+libselinux $(INTL_DEPENDS) +DEPENDS_newrole:=+libselinux +libaudit +BUSYBOX_CONFIG_PAM:libpam $(INTL_DEPENDS) +DEPENDS_open_init_pty:=$(INTL_DEPENDS) +DEPENDS_pp:=+libsepol $(INTL_DEPENDS) +DEPENDS_restorecon_xattr:=+libselinux +libsepol +libaudit $(INTL_DEPENDS) +DEPENDS_restorecon:=+libselinux +libsepol +libaudit $(INTL_DEPENDS) +DEPENDS_run_init:=+libselinux +libaudit +BUSYBOX_CONFIG_PAM:libpam $(INTL_DEPENDS) +DEPENDS_secon:=+libselinux $(INTL_DEPENDS) +DEPENDS_semanage:=+libsemanage +DEPENDS_semodule:=+libsemanage $(INTL_DEPENDS) +DEPENDS_sestatus:=+libselinux $(INTL_DEPENDS) +DEPENDS_setfiles:=+libselinux +libsepol +libaudit $(INTL_DEPENDS) +DEPENDS_setsebool:=+libsemanage $(INTL_DEPENDS) + +define Package/policycoreutils/Default + SECTION:=utils + CATEGORY:=Utilities + TITLE:=SELinux policy utility + URL:=http://selinuxproject.org/page/Main_Page +endef + +define Package/policycoreutils + $(call Package/policycoreutils/Default) + MENU:=1 + TITLE+= common files +endef + +define GenUtilPkg + define Package/$(1) + $(call Package/policycoreutils/Default) + DEPENDS+= policycoreutils $(DEPENDS_$(2)) + TITLE+= $(2) + ALTERNATIVES:=$(ALTS_$(2)) + endef + + define Package/$(1)/description +Policycoreutils is a collection of policy utilities +(originally the "core" set of utilities needed to use +SELinux, although it has grown a bit over time). + +This package provides the $(2) utility. + endef +endef + +$(foreach a,$(LIBEXEC_UTILS) $(SBIN_UTILS) $(USR_BIN_UTILS) $(USR_SBIN_UTILS),$(eval $(call GenUtilPkg,policycoreutils-$(a),$(a)))) define Package/policycoreutils/install - $(INSTALL_DIR) $(1)/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/restorecon_xattr $(1)/sbin/restorecon_xattr - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/restorecon $(1)/sbin/policycoreutils-restorecon - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/setfiles $(1)/sbin/policycoreutils-setfiles - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/fixfiles $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/genhomedircon $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/open_init_pty $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/run_init $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/semodule $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/load_policy $(1)/usr/sbin/policycoreutils-load_policy - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sestatus $(1)/usr/sbin/policycoreutils-sestatus - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/setsebool $(1)/usr/sbin/policycoreutils-setsebool - $(INSTALL_DIR) $(1)/usr/bin - $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/etc + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/sestatus.conf $(1)/etc +ifdef CONFIG_BUSYBOX_CONFIG_PAM + $(INSTALL_DIR) $(1)/etc/pam.d + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/pam.d/run_init $(1)/etc/pam.d + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/pam.d/newrole $(1)/etc/pam.d +endif +endef + +define BuildUtil + define Package/$(1)/install + $(INSTALL_DIR) $$(1)$(2) + $(INSTALL_BIN) $$(PKG_INSTALL_DIR)$(2)/$(3) $$(1)$(2) + endef + + $$(eval $$(call BuildPackage,$(1))) endef -$(eval $(call HostBuild)) $(eval $(call BuildPackage,policycoreutils)) +$(foreach a,$(SBIN_UTILS),$(eval $(call BuildUtil,policycoreutils-$(a),/sbin,$(a)))) +$(foreach a,$(USR_BIN_UTILS),$(eval $(call BuildUtil,policycoreutils-$(a),/usr/bin,$(a)))) +$(foreach a,$(USR_SBIN_UTILS),$(eval $(call BuildUtil,policycoreutils-$(a),/usr/sbin,$(a)))) +$(foreach a,$(LIBEXEC_UTILS),$(eval $(call BuildUtil,policycoreutils-$(a),/usr/libexec/selinux/hll,$(a)))) +$(eval $(call HostBuild)) -- 2.30.2