From 0272f7ff020d5878c0f52b5c8a1b17d1b6a3a37a Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sat, 26 Feb 2022 06:45:11 -0800 Subject: apparmor: update to 3.0.4 drop to patches no longer needed use setuptools Signed-off-by: Armin Kuster --- recipes-mac/AppArmor/apparmor_3.0.1.bb | 175 --------------------- recipes-mac/AppArmor/apparmor_3.0.4.bb | 173 ++++++++++++++++++++ ...iles-Update-make-check-to-select-tools-ba.patch | 91 ----------- recipes-mac/AppArmor/files/py3_10_fixup.patch | 35 ----- 4 files changed, 173 insertions(+), 301 deletions(-) delete mode 100644 recipes-mac/AppArmor/apparmor_3.0.1.bb create mode 100644 recipes-mac/AppArmor/apparmor_3.0.4.bb delete mode 100644 recipes-mac/AppArmor/files/0001-Revert-profiles-Update-make-check-to-select-tools-ba.patch delete mode 100644 recipes-mac/AppArmor/files/py3_10_fixup.patch diff --git a/recipes-mac/AppArmor/apparmor_3.0.1.bb b/recipes-mac/AppArmor/apparmor_3.0.1.bb deleted file mode 100644 index 818be15..0000000 --- a/recipes-mac/AppArmor/apparmor_3.0.1.bb +++ /dev/null @@ -1,175 +0,0 @@ -SUMMARY = "AppArmor another MAC control system" -DESCRIPTION = "user-space parser utility for AppArmor \ - This provides the system initialization scripts needed to use the \ - AppArmor Mandatory Access Control system, including the AppArmor Parser \ - which is required to convert AppArmor text profiles into machine-readable \ - policies that are loaded into the kernel for use with the AppArmor Linux \ - Security Module." -HOMEAPAGE = "http://apparmor.net/" -SECTION = "admin" - -LICENSE = "GPLv2 & GPLv2+ & BSD-3-Clause & LGPLv2.1+" -LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=fd57a4b0bc782d7b80fd431f10bbf9d0" - -DEPENDS = "bison-native apr gettext-native coreutils-native swig-native" - -SRC_URI = " \ - git://gitlab.com/apparmor/apparmor.git;protocol=https;branch=apparmor-3.0 \ - file://run-ptest \ - file://crosscompile_perl_bindings.patch \ - file://0001-Makefile.am-suppress-perllocal.pod.patch \ - file://0001-Revert-profiles-Update-make-check-to-select-tools-ba.patch \ - file://0001-Makefile-fix-hardcoded-installation-directories.patch \ - file://0001-rc.apparmor.debian-add-missing-functions.patch \ - file://py3_10_fixup.patch \ - " - -SRCREV = "b23de501807b8b5793e9654da8688b5fd3281154" -S = "${WORKDIR}/git" - -PARALLEL_MAKE = "" - -COMPATIBLE_MACHINE:mips64 = "(!.*mips64).*" - -inherit pkgconfig autotools-brokensep update-rc.d python3native python3targetconfig perlnative cpan systemd features_check bash-completion - -REQUIRED_DISTRO_FEATURES = "apparmor" - -PACKAGECONFIG ?= "python perl aa-decode" -PACKAGECONFIG[manpages] = "--enable-man-pages, --disable-man-pages" -PACKAGECONFIG[python] = "--with-python, --without-python, python3 , python3-core python3-modules" -PACKAGECONFIG[perl] = "--with-perl, --without-perl, " -PACKAGECONFIG[apache2] = ",,apache2," -PACKAGECONFIG[aa-decode] = ",,,bash" - -python() { - if 'apache2' in d.getVar('PACKAGECONFIG').split() and \ - 'webserver' not in d.getVar('BBFILE_COLLECTIONS').split(): - raise bb.parse.SkipRecipe('Requires meta-webserver to be present.') -} - -DISABLE_STATIC = "" - -do_configure() { - cd ${S}/libraries/libapparmor - aclocal - autoconf --force - libtoolize --automake -c --force - automake -ac - ./configure ${CONFIGUREOPTS} ${EXTRA_OECONF} -} - -do_compile () { - sed -i "s@sed -ie 's///g' Makefile.perl@@" ${S}/libraries/libapparmor/swig/perl/Makefile - oe_runmake -C ${B}/libraries/libapparmor - oe_runmake -C ${B}/binutils - oe_runmake -C ${B}/utils - oe_runmake -C ${B}/parser - oe_runmake -C ${B}/profiles - - if ${@bb.utils.contains('PACKAGECONFIG','apache2','true','false', d)}; then - oe_runmake -C ${B}/changehat/mod_apparmor - fi - - if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then - oe_runmake -C ${B}/changehat/pam_apparmor - fi -} - -do_install () { - oe_runmake -C ${B}/libraries/libapparmor DESTDIR="${D}" install - oe_runmake -C ${B}/binutils DESTDIR="${D}" install - oe_runmake -C ${B}/utils DESTDIR="${D}" install - oe_runmake -C ${B}/parser DESTDIR="${D}" install - oe_runmake -C ${B}/profiles DESTDIR="${D}" install - - if ! ${@bb.utils.contains('PACKAGECONFIG','aa-decode','true','false', d)}; then - rm -f ${D}${sbindir}/aa-decode - fi - - if ${@bb.utils.contains('PACKAGECONFIG','apache2','true','false', d)}; then - oe_runmake -C ${B}/changehat/mod_apparmor DESTDIR="${D}" install - fi - - if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then - oe_runmake -C ${B}/changehat/pam_apparmor DESTDIR="${D}" install - fi - - if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then - install -d ${D}${sysconfdir}/init.d - install -m 755 ${B}/parser/rc.apparmor.debian ${D}${sysconfdir}/init.d/apparmor - fi - - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - oe_runmake -C ${B}/parser DESTDIR="${D}" install-systemd - fi -} - -#Building ptest on arm fails. -do_compile_ptest:aarch64 () { - : -} - -do_compile_ptest:arm () { - : -} - -do_compile_ptest () { - sed -i -e 's/cpp \-dM/${HOST_PREFIX}gcc \-dM/' ${B}/tests/regression/apparmor/Makefile - oe_runmake -C ${B}/tests/regression/apparmor USE_SYSTEM=0 - oe_runmake -C ${B}/libraries/libapparmor -} - -do_install_ptest () { - t=${D}/${PTEST_PATH}/testsuite - install -d ${t} - install -d ${t}/tests/regression/apparmor - cp -rf ${B}/tests/regression/apparmor ${t}/tests/regression - - cp ${B}/parser/apparmor_parser ${t}/parser - cp ${B}/parser/frob_slack_rc ${t}/parser - - install -d ${t}/libraries/libapparmor - cp -rf ${B}/libraries/libapparmor ${t}/libraries - - install -d ${t}/common - cp -rf ${B}/common ${t} - - install -d ${t}/binutils - cp -rf ${B}/binutils ${t} -} - -#Building ptest on arm fails. -do_install_ptest:aarch64 () { - : -} - -do_install_ptest:arm() { - : -} - -INITSCRIPT_PACKAGES = "${PN}" -INITSCRIPT_NAME = "apparmor" -INITSCRIPT_PARAMS = "start 16 2 3 4 5 . stop 35 0 1 6 ." - -SYSTEMD_PACKAGES = "${PN}" -SYSTEMD_SERVICE:${PN} = "apparmor.service" -SYSTEMD_AUTO_ENABLE ?= "enable" - -PACKAGES += "mod-${PN}" - -FILES:${PN} += "${nonarch_base_libdir}/apparmor/ ${base_libdir}/security/ ${sysconfdir}/apparmor ${nonarch_libdir}/${PYTHON_DIR}/site-packages" -FILES:mod-${PN} = "${libdir}/apache2/modules/*" -FILES:${PN}-dbg += "${base_libdir}/security/.debug" - -DEPENDS:append:libc-musl = " fts " -RDEPENDS:${PN}:libc-musl += "musl-utils" -RDEPENDS:${PN}:libc-glibc += "glibc-utils" - -# Add coreutils and findutils only if sysvinit scripts are in use -RDEPENDS:${PN} += "${@["coreutils findutils", ""][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'systemd')]} ${@bb.utils.contains('PACKAGECONFIG','python','python3-core python3-modules','', d)}" -RDEPENDS:${PN}:remove = "${@bb.utils.contains('PACKAGECONFIG','perl','','perl', d)}" -RDEPENDS:${PN}-ptest += "perl coreutils dbus-lib bash" - -INSANE_SKIP:${PN} = "ldflags" -PRIVATE_LIBS:${PN}-ptest = "libapparmor.so*" diff --git a/recipes-mac/AppArmor/apparmor_3.0.4.bb b/recipes-mac/AppArmor/apparmor_3.0.4.bb new file mode 100644 index 0000000..8ad3c76 --- /dev/null +++ b/recipes-mac/AppArmor/apparmor_3.0.4.bb @@ -0,0 +1,173 @@ +SUMMARY = "AppArmor another MAC control system" +DESCRIPTION = "user-space parser utility for AppArmor \ + This provides the system initialization scripts needed to use the \ + AppArmor Mandatory Access Control system, including the AppArmor Parser \ + which is required to convert AppArmor text profiles into machine-readable \ + policies that are loaded into the kernel for use with the AppArmor Linux \ + Security Module." +HOMEAPAGE = "http://apparmor.net/" +SECTION = "admin" + +LICENSE = "GPLv2 & GPLv2+ & BSD-3-Clause & LGPLv2.1+" +LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=fd57a4b0bc782d7b80fd431f10bbf9d0" + +DEPENDS = "bison-native apr gettext-native coreutils-native swig-native" + +SRC_URI = " \ + git://gitlab.com/apparmor/apparmor.git;protocol=https;branch=apparmor-3.0 \ + file://run-ptest \ + file://crosscompile_perl_bindings.patch \ + file://0001-Makefile.am-suppress-perllocal.pod.patch \ + file://0001-Makefile-fix-hardcoded-installation-directories.patch \ + file://0001-rc.apparmor.debian-add-missing-functions.patch \ + " + +SRCREV = "9799fbde997820bb12a49e292356f7a6ce12e972" +S = "${WORKDIR}/git" + +PARALLEL_MAKE = "" + +COMPATIBLE_MACHINE:mips64 = "(!.*mips64).*" + +inherit pkgconfig autotools-brokensep update-rc.d python3native python3targetconfig perlnative cpan systemd features_check bash-completion setuptools3 + +REQUIRED_DISTRO_FEATURES = "apparmor" + +PACKAGECONFIG ?= "python perl aa-decode" +PACKAGECONFIG[manpages] = "--enable-man-pages, --disable-man-pages" +PACKAGECONFIG[python] = "--with-python, --without-python, python3 , python3-core python3-modules" +PACKAGECONFIG[perl] = "--with-perl, --without-perl, " +PACKAGECONFIG[apache2] = ",,apache2," +PACKAGECONFIG[aa-decode] = ",,,bash" + +python() { + if 'apache2' in d.getVar('PACKAGECONFIG').split() and \ + 'webserver' not in d.getVar('BBFILE_COLLECTIONS').split(): + raise bb.parse.SkipRecipe('Requires meta-webserver to be present.') +} + +DISABLE_STATIC = "" + +do_configure() { + cd ${S}/libraries/libapparmor + aclocal + autoconf --force + libtoolize --automake -c --force + automake -ac + ./configure ${CONFIGUREOPTS} ${EXTRA_OECONF} +} + +do_compile () { + sed -i "s@sed -ie 's///g' Makefile.perl@@" ${S}/libraries/libapparmor/swig/perl/Makefile + oe_runmake -C ${B}/libraries/libapparmor + oe_runmake -C ${B}/binutils + oe_runmake -C ${B}/utils + oe_runmake -C ${B}/parser + oe_runmake -C ${B}/profiles + + if ${@bb.utils.contains('PACKAGECONFIG','apache2','true','false', d)}; then + oe_runmake -C ${B}/changehat/mod_apparmor + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then + oe_runmake -C ${B}/changehat/pam_apparmor + fi +} + +do_install () { + oe_runmake -C ${B}/libraries/libapparmor DESTDIR="${D}" install + oe_runmake -C ${B}/binutils DESTDIR="${D}" install + oe_runmake -C ${B}/utils DESTDIR="${D}" install + oe_runmake -C ${B}/parser DESTDIR="${D}" install + oe_runmake -C ${B}/profiles DESTDIR="${D}" install + + if ! ${@bb.utils.contains('PACKAGECONFIG','aa-decode','true','false', d)}; then + rm -f ${D}${sbindir}/aa-decode + fi + + if ${@bb.utils.contains('PACKAGECONFIG','apache2','true','false', d)}; then + oe_runmake -C ${B}/changehat/mod_apparmor DESTDIR="${D}" install + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then + oe_runmake -C ${B}/changehat/pam_apparmor DESTDIR="${D}" install + fi + + if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then + install -d ${D}${sysconfdir}/init.d + install -m 755 ${B}/parser/rc.apparmor.debian ${D}${sysconfdir}/init.d/apparmor + fi + + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + oe_runmake -C ${B}/parser DESTDIR="${D}" install-systemd + fi +} + +#Building ptest on arm fails. +do_compile_ptest:aarch64 () { + : +} + +do_compile_ptest:arm () { + : +} + +do_compile_ptest () { + sed -i -e 's/cpp \-dM/${HOST_PREFIX}gcc \-dM/' ${B}/tests/regression/apparmor/Makefile + oe_runmake -C ${B}/tests/regression/apparmor USE_SYSTEM=0 + oe_runmake -C ${B}/libraries/libapparmor +} + +do_install_ptest () { + t=${D}/${PTEST_PATH}/testsuite + install -d ${t} + install -d ${t}/tests/regression/apparmor + cp -rf ${B}/tests/regression/apparmor ${t}/tests/regression + + cp ${B}/parser/apparmor_parser ${t}/parser + cp ${B}/parser/frob_slack_rc ${t}/parser + + install -d ${t}/libraries/libapparmor + cp -rf ${B}/libraries/libapparmor ${t}/libraries + + install -d ${t}/common + cp -rf ${B}/common ${t} + + install -d ${t}/binutils + cp -rf ${B}/binutils ${t} +} + +#Building ptest on arm fails. +do_install_ptest:aarch64 () { + : +} + +do_install_ptest:arm() { + : +} + +INITSCRIPT_PACKAGES = "${PN}" +INITSCRIPT_NAME = "apparmor" +INITSCRIPT_PARAMS = "start 16 2 3 4 5 . stop 35 0 1 6 ." + +SYSTEMD_PACKAGES = "${PN}" +SYSTEMD_SERVICE:${PN} = "apparmor.service" +SYSTEMD_AUTO_ENABLE ?= "enable" + +PACKAGES += "mod-${PN}" + +FILES:${PN} += "${nonarch_base_libdir}/apparmor/ ${base_libdir}/security/ ${sysconfdir}/apparmor ${nonarch_libdir}/${PYTHON_DIR}/site-packages" +FILES:mod-${PN} = "${libdir}/apache2/modules/*" +FILES:${PN}-dbg += "${base_libdir}/security/.debug" + +DEPENDS:append:libc-musl = " fts " +RDEPENDS:${PN}:libc-musl += "musl-utils" +RDEPENDS:${PN}:libc-glibc += "glibc-utils" + +# Add coreutils and findutils only if sysvinit scripts are in use +RDEPENDS:${PN} += "${@["coreutils findutils", ""][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'systemd')]} ${@bb.utils.contains('PACKAGECONFIG','python','python3-core python3-modules','', d)}" +RDEPENDS:${PN}:remove = "${@bb.utils.contains('PACKAGECONFIG','perl','','perl', d)}" +RDEPENDS:${PN}-ptest += "perl coreutils dbus-lib bash" + +INSANE_SKIP:${PN} = "ldflags" +PRIVATE_LIBS:${PN}-ptest = "libapparmor.so*" diff --git a/recipes-mac/AppArmor/files/0001-Revert-profiles-Update-make-check-to-select-tools-ba.patch b/recipes-mac/AppArmor/files/0001-Revert-profiles-Update-make-check-to-select-tools-ba.patch deleted file mode 100644 index e7abd60..0000000 --- a/recipes-mac/AppArmor/files/0001-Revert-profiles-Update-make-check-to-select-tools-ba.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 5ed21abbef4d4c2983e70bd2868fb817150e883e Mon Sep 17 00:00:00 2001 -From: Armin Kuster -Date: Sat, 3 Oct 2020 11:26:46 -0700 -Subject: [PATCH] Revert "profiles: Update 'make check' to select tools based - on USE_SYSTEM" - -This reverts commit 6016f931ebf7b61e1358f19453ef262d9d184a4e. - -Upstream-Status: Inappropriate [OE specific] -These changes cause during packaging with perms changing. - -Signed-off-by: Armin Kuster - ---- - profiles/Makefile | 50 ++++++++++------------------------------------- - 1 file changed, 10 insertions(+), 40 deletions(-) - -diff --git a/profiles/Makefile b/profiles/Makefile -index ba47fc16..5384cb05 100644 ---- a/profiles/Makefile -+++ b/profiles/Makefile -@@ -35,49 +35,9 @@ EXTRAS_SOURCE=./apparmor/profiles/extras/ - SUBDIRS=$(shell find ${PROFILES_SOURCE} -type d -print) - TOPLEVEL_PROFILES=$(filter-out ${SUBDIRS}, $(wildcard ${PROFILES_SOURCE}/*)) - --ifdef USE_SYSTEM -- PYTHONPATH= -- PARSER?=apparmor_parser -- LOGPROF?=aa-logprof --else -- # PYTHON_DIST_BUILD_PATH based on libapparmor/swig/python/test/Makefile.am -- PYTHON_DIST_BUILD_PATH = ../libraries/libapparmor/swig/python/build/$$($(PYTHON) -c "import distutils.util; import platform; print(\"lib.%s-%s\" %(distutils.util.get_platform(), platform.python_version()[:3]))") -- LIBAPPARMOR_PATH=../libraries/libapparmor/src/.libs/ -- LD_LIBRARY_PATH=$(LIBAPPARMOR_PATH):$(PYTHON_DIST_BUILD_PATH) -- PYTHONPATH=../utils/:$(PYTHON_DIST_BUILD_PATH) -- PARSER?=../parser/apparmor_parser -- # use ../utils logprof -- LOGPROF?=LD_LIBRARY_PATH=$(LD_LIBRARY_PATH) PYTHONPATH=$(PYTHONPATH) $(PYTHON) ../utils/aa-logprof --endif -- - # $(PWD) is wrong when using "make -C profiles" - explicitely set it here to get the right value - PWD=$(shell pwd) - --.PHONY: test-dependencies --test-dependencies: __parser __libapparmor -- -- --.PHONY: __parser __libapparmor --__parser: --ifndef USE_SYSTEM -- @if [ ! -f $(PARSER) ]; then \ -- echo "error: $(PARSER) is missing. Pick one of these possible solutions:" 1>&2; \ -- echo " 1) Test using the in-tree parser by building it first and then trying again. See the top-level README for help." 1>&2; \ -- echo " 2) Test using the system parser by adding USE_SYSTEM=1 to your make command." 1>&2; \ -- exit 1; \ -- fi --endif -- --__libapparmor: --ifndef USE_SYSTEM -- @if [ ! -f $(LIBAPPARMOR_PATH)libapparmor.so ]; then \ -- echo "error: $(LIBAPPARMOR_PATH)libapparmor.so is missing. Pick one of these possible solutions:" 1>&2; \ -- echo " 1) Build against the in-tree libapparmor by building it first and then trying again. See the top-level README for help." 1>&2; \ -- echo " 2) Build against the system libapparmor by adding USE_SYSTEM=1 to your make command." 1>&2; \ -- exit 1; \ -- fi --endif -- - local: - for profile in ${TOPLEVEL_PROFILES}; do \ - fn=$$(basename $$profile); \ -@@ -109,6 +69,16 @@ else - Q= - endif - -+ifndef PARSER -+# use system parser -+PARSER=../parser/apparmor_parser -+endif -+ -+ifndef LOGPROF -+# use ../utils logprof -+LOGPROF=PYTHONPATH=../utils $(PYTHON) ../utils/aa-logprof -+endif -+ - .PHONY: docs - # docs: should we have some here? - docs: --- -2.17.1 - diff --git a/recipes-mac/AppArmor/files/py3_10_fixup.patch b/recipes-mac/AppArmor/files/py3_10_fixup.patch deleted file mode 100644 index 05f8460..0000000 --- a/recipes-mac/AppArmor/files/py3_10_fixup.patch +++ /dev/null @@ -1,35 +0,0 @@ -m4/ax_python_devel.m4: do not check for distutils - -With py 3.10 this prints a deprecation warning which is -taken as an error. Upstream should rework the code to not -use distuils. - -Upstream-Status: Inappropriate [needs a proper fix upstream] -Signed-off-by: Armin Kuster - -Index: git/libraries/libapparmor/m4/ac_python_devel.m4 -=================================================================== ---- git.orig/libraries/libapparmor/m4/ac_python_devel.m4 -+++ git/libraries/libapparmor/m4/ac_python_devel.m4 -@@ -66,21 +66,6 @@ variable to configure. See ``configure - - fi - - # -- # Check if you have distutils, else fail -- # -- AC_MSG_CHECKING([for the distutils Python package]) -- ac_distutils_result=`$PYTHON -c "import distutils" 2>&1` -- if test -z "$ac_distutils_result"; then -- AC_MSG_RESULT([yes]) -- else -- AC_MSG_RESULT([no]) -- AC_MSG_ERROR([cannot import Python module "distutils". --Please check your Python installation. The error was: --$ac_distutils_result]) -- PYTHON_VERSION="" -- fi -- -- # - # Check for Python include path - # - AC_MSG_CHECKING([for Python include path]) -- cgit v1.2.3-54-g00ecf