Dominick Grift 5cc1af92b2 libselinux: update to version 3.2
142826a3 libselinux: fix segfault in add_xattr_entry()
398d2cee libselinux: rename gettid() to something which never conflicts with the libc
8f0f0a28 selinux(8,5): Describe fcontext regular expressions
9cc6b5cf libselinux/getconlist: report failures
156dd0de libselinux: update getseuser
e2dca5df libselinux: accept const fromcon in get_context API
da4829d0 libselinux: Always close status page fd
45b15c22 selinux(8): explain that runtime disable is deprecated
3c16aaef selinux(8): mark up SELINUX values
c2a58cc5 libselinux: LABEL_BACKEND_ANDROID add option to enable
db0f2f38 libselinux: Add build option to disable X11 backend
4a142ac4 libsepol: Bump libsepol.so version
d23342a9 libselinux: convert matchpathcon to selabel_lookup()
7ef5b185 libselinux: Change userspace AVC setenforce and policy load messages to audit format.
f5d644c7 libselinux: Add additional log callback details in man page for auditing.
075f9cfe libselinux: Fix selabel_lookup() for the root dir.
a4149e0e libselinux: Add new log callback levels for enforcing and policy load notices.
a63f93d8 libselinux: initialize last_policyload in selinux_status_open()
ef902db9 libselinux: safely access shared memory in selinux_status_updated()
9e4480b9 libselinux: Remove trailing slash on selabel_file lookups.
21fb5f20 libselinux: use full argument specifiers for security_check_context in man page
e7abd802 libselinux: fix build order
05bdc031 libselinux: use kernel status page by default

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit b1fc2b5b0be61d994d6a0429fd78331c0c57639a)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-03-15 21:53:16 +00:00

156 lines
4.0 KiB
Makefile

#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=libselinux
PKG_VERSION:=3.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/3.2
PKG_HASH:=df758ef1d9d4811051dd901ea6b029ae334ffd7c671c128beb16bce1e25ac161
HOST_BUILD_DEPENDS:=libsepol/host pcre/host
PKG_LICENSE:=libselinux-1.0
PKG_LICENSE_FILES:=LICENSE
PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
LIBSELINUX_UTILS := \
avcstat \
compute_av \
compute_create \
compute_member \
compute_relabel \
getconlist \
getdefaultcon \
getenforce \
getfilecon \
getpidcon \
getsebool \
getseuser \
matchpathcon \
policyvers \
sefcontext_compile \
selabel_digest \
selabel_get_digests_all_partial_matches \
selabel_lookup \
selabel_lookup_best_match \
selabel_partial_match \
selinux_check_access \
selinux_check_securetty_context \
selinuxenabled \
selinuxexeccon \
setenforce \
setfilecon \
togglesebool \
validatetrans
LIBSELINUX_ALTS := \
getenforce \
getsebool \
matchpathcon \
selinuxenabled \
setenforce
$(eval $(foreach a,$(LIBSELINUX_ALTS),ALTS_$(a):=300:/usr/sbin/$(a):/usr/sbin/libselinux-$(a)$(newline)))
define Package/libselinux/Default
TITLE:=Runtime SELinux library
URL:=http://selinuxproject.org/page/Main_Page
endef
define Package/libselinux
$(call Package/libselinux/Default)
SECTION:=libs
CATEGORY:=Libraries
DEPENDS:=+libsepol +libpcre +USE_MUSL:musl-fts
endef
define Package/libselinux/description
libselinux is the runtime SELinux library that provides
interfaces (e.g. library functions for the SELinux kernel
APIs like getcon(), other support functions like
getseuserbyname()) to SELinux-aware applications. libselinux
may use the shared libsepol to manipulate the binary policy
if necessary (e.g. to downgrade the policy format to an
older version supported by the kernel) when loading policy.
endef
define GenUtilPkg
define Package/$(1)
$(call Package/libselinux/Default)
TITLE+= $(2) utility
SECTION:=utils
DEPENDS:=+libselinux
CATEGORY:=Utilities
SUBMENU:=libselinux tools
ALTERNATIVES:=$(ALTS_$(2))
endef
define Package/$(1)/description
libselinux version of the $(2) utility.
endef
endef
$(foreach a,$(LIBSELINUX_UTILS),$(eval $(call GenUtilPkg,libselinux-$(a),$(a))))
# Needed to link libselinux utilities, which link against
# libselinux.so, which indirectly depends on libpcre.so, installed in
# $(STAGING_DIR_HOSTPKG).
HOST_LDFLAGS += -Wl,-rpath="$(STAGING_DIR_HOSTPKG)/lib"
HOST_MAKE_FLAGS += \
PREFIX=$(STAGING_DIR_HOSTPKG) \
SHLIBDIR=$(STAGING_DIR_HOSTPKG)/lib
ifeq ($(CONFIG_USE_MUSL),y)
MAKE_FLAGS += FTS_LDLIBS=-lfts
endif
MAKE_FLAGS += \
SHLIBDIR=/usr/lib \
OS=Linux
define Build/Compile
$(call Build/Compile/Default,all)
endef
define Build/Install
$(call Build/Install/Default,install)
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libselinux.pc $(1)/usr/lib/pkgconfig/
$(SED) 's,/usr/include,$$$${prefix}/include,g' $(1)/usr/lib/pkgconfig/libselinux.pc
$(SED) 's,/usr/lib,$$$${exec_prefix}/lib,g' $(1)/usr/lib/pkgconfig/libselinux.pc
endef
define Package/libselinux/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libselinux.so.* $(1)/usr/lib/
endef
define BuildUtil
define Package/$(1)/install
$(INSTALL_DIR) $$(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/$(2) $$(1)/usr/sbin/$(if $(ALTS_$(2)),libselinux-$(2),$(2))
endef
$$(eval $$(call BuildPackage,$(1)))
endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,libselinux))
$(foreach a,$(LIBSELINUX_UTILS),$(eval $(call BuildUtil,libselinux-$(a),$(a))))