policycoreutils: add pam config for newrole/run_init

Also fix missing RDEPENDS for setools-* Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
author: Xin Ouyang <Xin.Ouyang@windriver.com> 2012-09-11 14:49:18 +0800
committer: Xin Ouyang <Xin.Ouyang@windriver.com> 2012-10-18 11:07:44 +0800
commit: cc006f789e261c3d4f9efbf7d26965438297f0ed (patch)
tree: 238a70992cfcfdefbd753c029c89a7da7925b1a4
parent: 9a9acff6c74ade48986f85b6147e930edf0267c4 (diff)
download: meta-selinux-cc006f789e261c3d4f9efbf7d26965438297f0ed.tar.gz
4 files changed, 52 insertions, 9 deletions
diff --git a/recipes-security/selinux/policycoreutils/pam.d/newrole b/recipes-security/selinux/policycoreutils/pam.d/newrole
new file mode 100644
index 0000000..1151600
--- /dev/null
+++ b/recipes-security/selinux/policycoreutils/pam.d/newrole
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth       include      common-auth
+account    include      common-auth
+password   include      common-auth
+session    include      common-auth
+session    optional     pam_xauth.so
diff --git a/recipes-security/selinux/policycoreutils/pam.d/run_init b/recipes-security/selinux/policycoreutils/pam.d/run_init
new file mode 100644
index 0000000..1151600
--- /dev/null
+++ b/recipes-security/selinux/policycoreutils/pam.d/run_init
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth       include      common-auth
+account    include      common-auth
+password   include      common-auth
+session    include      common-auth
+session    optional     pam_xauth.so
diff --git a/recipes-security/selinux/policycoreutils_2.1.10.bb b/recipes-security/selinux/policycoreutils_2.1.10.bb
index 73d4afb..f6e998d 100644
--- a/recipes-security/selinux/policycoreutils_2.1.10.bb
+++ b/recipes-security/selinux/policycoreutils_2.1.10.bb
@@ -5,7 +5,7 @@ load_policy to load policies, setfiles to label filesystems, newrole \
 to switch roles, and run_init to run /etc/init.d scripts in the proper \
 context."
 SECTION = "base"
-PR = "r4"
+PR = "r5"
 LICENSE = "GPLv2+"
 LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
@@ -14,10 +14,16 @@ include selinux_20120216.inc
 SRC_URI[md5sum] = "fefdede2815cdd2ba8b68599fef1f257"
 SRC_URI[sha256sum] = "8bbbc36b7d375edff891503932da93e37553f0dd7bdceded7ce9a45c80bec3d1"
-SRC_URI += "file://policycoreutils-fix-format-security.patch"
+SRC_URI += "file://policycoreutils-fix-format-security.patch \
+            ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
+           "
+PAM_SRC_URI = "file://pam.d/newrole \
+               file://pam.d/run_init \
+              "
 DEPENDS += "libsepol libselinux libsemanage"
-DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' == '${BPN}']}"
+DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' != '${BPN}-native']}"
 EXTRA_DEPENDS = "libcap-ng libcgroup"
 EXTRA_DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam audit', '', d)}"
@@ -36,7 +42,8 @@ RDEPENDS_${BPN} += "\
        python-textutils \
        python-ipy \
        "
-RDEPENDS_${BPN} += "setools"
+RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python"
 WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"
 ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}"
@@ -74,3 +81,12 @@ do_install_virtclass-native() {
                        SBINDIR="${D}/${base_sbindir}"
        done
 }
+do_install_append() {
+        test "${CLASSOVERRIDE}" = "class-native" && return 0
+        if [ -e ${WORKDIR}/pam.d ]; then
+                install -d ${D}${sysconfdir}/pam.d/
+                install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
+        fi
+}
diff --git a/recipes-security/selinux/policycoreutils_git.bb b/recipes-security/selinux/policycoreutils_git.bb
index 7ff4c58..2736476 100644
--- a/recipes-security/selinux/policycoreutils_git.bb
+++ b/recipes-security/selinux/policycoreutils_git.bb
@@ -5,7 +5,7 @@ load_policy to load policies, setfiles to label filesystems, newrole \
 to switch roles, and run_init to run /etc/init.d scripts in the proper \
 context."
 SECTION = "base"
-PR = "r4"
+PR = "r5"
 LICENSE = "GPLv2+"
 LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
 DEFAULT_PREFERENCE = "-1"
@@ -15,12 +15,18 @@ include selinux_git.inc
 SRCREV = "339f8079d7b9dd1e0b0138e2d096dc7c60b2092e"
 PV = "2.1.10+git${SRCPV}"
-SRC_URI += "file://policycoreutils-fix-format-security.patch"
+SRC_URI += "file://policycoreutils-fix-format-security.patch \
+            ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
+           "
-DEPENDS += "libsepol libselinux libsemanage ${EXTRA_DEPENDS}"
+PAM_SRC_URI = "file://pam.d/newrole \
+               file://pam.d/run_init \
+              "
+DEPENDS += "libsepol libselinux libsemanage"
+DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' != '${BPN}-native']}"
 EXTRA_DEPENDS = "libcap-ng libcgroup"
 EXTRA_DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam audit', '', d)}"
-EXTRA_DEPENDS_virtclass-native = ""
 RDEPENDS_${BPN} += "\
        libselinux-python \
@@ -37,7 +43,7 @@ RDEPENDS_${BPN} += "\
        python-textutils \
        python-ipy \
        "
-RDEPENDS_${BPN} += "setools"
+RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python"
 WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"
 ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}"
@@ -75,3 +81,12 @@ do_install_virtclass-native() {
                        SBINDIR="${D}/${base_sbindir}"
        done
 }
+do_install_append() {
+        test "${CLASSOVERRIDE}" = "class-native" && return 0
+        if [ -e ${WORKDIR}/pam.d ]; then
+                install -d ${D}${sysconfdir}/pam.d/
+                install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
+        fi
+}
author	Xin Ouyang <Xin.Ouyang@windriver.com>	2012-09-11 14:49:18 +0800
committer	Xin Ouyang <Xin.Ouyang@windriver.com>	2012-10-18 11:07:44 +0800
commit	cc006f789e261c3d4f9efbf7d26965438297f0ed (patch)
tree	238a70992cfcfdefbd753c029c89a7da7925b1a4
parent	9a9acff6c74ade48986f85b6147e930edf0267c4 (diff)
download	meta-selinux-cc006f789e261c3d4f9efbf7d26965438297f0ed.tar.gz

diff --git a/recipes-security/selinux/policycoreutils/pam.d/newrole b/recipes-security/selinux/policycoreutils/pam.d/newrole new file mode 100644 index 0000000..1151600 --- /dev/null +++ b/recipes-security/selinux/policycoreutils/pam.d/newrole
@@ -0,0 +1,6 @@
		1	#%PAM-1.0
		2	auth include common-auth
		3	account include common-auth
		4	password include common-auth
		5	session include common-auth
		6	session optional pam_xauth.so


diff --git a/recipes-security/selinux/policycoreutils/pam.d/run_init b/recipes-security/selinux/policycoreutils/pam.d/run_init new file mode 100644 index 0000000..1151600 --- /dev/null +++ b/recipes-security/selinux/policycoreutils/pam.d/run_init
@@ -0,0 +1,6 @@
		1	#%PAM-1.0
		2	auth include common-auth
		3	account include common-auth
		4	password include common-auth
		5	session include common-auth
		6	session optional pam_xauth.so


diff --git a/recipes-security/selinux/policycoreutils_2.1.10.bb b/recipes-security/selinux/policycoreutils_2.1.10.bb index 73d4afb..f6e998d 100644 --- a/recipes-security/selinux/policycoreutils_2.1.10.bb +++ b/recipes-security/selinux/policycoreutils_2.1.10.bb
@@ -5,7 +5,7 @@ load_policy to load policies, setfiles to label filesystems, newrole \
5	to switch roles, and run_init to run /etc/init.d scripts in the proper \	5	to switch roles, and run_init to run /etc/init.d scripts in the proper \
6	context."	6	context."
7	SECTION = "base"	7	SECTION = "base"
8	PR = "r4"	8	PR = "r5"
9	LICENSE = "GPLv2+"	9	LICENSE = "GPLv2+"
10	LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"	10	LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
11		11
@@ -14,10 +14,16 @@ include selinux_20120216.inc
14	SRC_URI[md5sum] = "fefdede2815cdd2ba8b68599fef1f257"	14	SRC_URI[md5sum] = "fefdede2815cdd2ba8b68599fef1f257"
15	SRC_URI[sha256sum] = "8bbbc36b7d375edff891503932da93e37553f0dd7bdceded7ce9a45c80bec3d1"	15	SRC_URI[sha256sum] = "8bbbc36b7d375edff891503932da93e37553f0dd7bdceded7ce9a45c80bec3d1"
16		16
17	SRC_URI += "file://policycoreutils-fix-format-security.patch"	17	SRC_URI += "file://policycoreutils-fix-format-security.patch \
		18	${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
		19	"
		20
		21	PAM_SRC_URI = "file://pam.d/newrole \
		22	file://pam.d/run_init \
		23	"
18		24
19	DEPENDS += "libsepol libselinux libsemanage"	25	DEPENDS += "libsepol libselinux libsemanage"
20	DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' == '${BPN}']}"	26	DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' != '${BPN}-native']}"
21	EXTRA_DEPENDS = "libcap-ng libcgroup"	27	EXTRA_DEPENDS = "libcap-ng libcgroup"
22	EXTRA_DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam audit', '', d)}"	28	EXTRA_DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam audit', '', d)}"
23		29
@@ -36,7 +42,8 @@ RDEPENDS_${BPN} += "\
36	python-textutils \	42	python-textutils \
37	python-ipy \	43	python-ipy \
38	"	44	"
39	RDEPENDS_${BPN} += "setools"	45
		46	RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python"
40		47
41	WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"	48	WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"
42	ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}"	49	ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}"
@@ -74,3 +81,12 @@ do_install_virtclass-native() {
74	SBINDIR="${D}/${base_sbindir}"	81	SBINDIR="${D}/${base_sbindir}"
75	done	82	done
76	}	83	}
		84
		85	do_install_append() {
		86	test "${CLASSOVERRIDE}" = "class-native" && return 0
		87
		88	if [ -e ${WORKDIR}/pam.d ]; then
		89	install -d ${D}${sysconfdir}/pam.d/
		90	install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
		91	fi
		92	}


diff --git a/recipes-security/selinux/policycoreutils_git.bb b/recipes-security/selinux/policycoreutils_git.bb index 7ff4c58..2736476 100644 --- a/recipes-security/selinux/policycoreutils_git.bb +++ b/recipes-security/selinux/policycoreutils_git.bb
@@ -5,7 +5,7 @@ load_policy to load policies, setfiles to label filesystems, newrole \
5	to switch roles, and run_init to run /etc/init.d scripts in the proper \	5	to switch roles, and run_init to run /etc/init.d scripts in the proper \
6	context."	6	context."
7	SECTION = "base"	7	SECTION = "base"
8	PR = "r4"	8	PR = "r5"
9	LICENSE = "GPLv2+"	9	LICENSE = "GPLv2+"
10	LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"	10	LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
11	DEFAULT_PREFERENCE = "-1"	11	DEFAULT_PREFERENCE = "-1"
@@ -15,12 +15,18 @@ include selinux_git.inc
15	SRCREV = "339f8079d7b9dd1e0b0138e2d096dc7c60b2092e"	15	SRCREV = "339f8079d7b9dd1e0b0138e2d096dc7c60b2092e"
16	PV = "2.1.10+git${SRCPV}"	16	PV = "2.1.10+git${SRCPV}"
17		17
18	SRC_URI += "file://policycoreutils-fix-format-security.patch"	18	SRC_URI += "file://policycoreutils-fix-format-security.patch \
		19	${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
		20	"
19		21
20	DEPENDS += "libsepol libselinux libsemanage ${EXTRA_DEPENDS}"	22	PAM_SRC_URI = "file://pam.d/newrole \
		23	file://pam.d/run_init \
		24	"
		25
		26	DEPENDS += "libsepol libselinux libsemanage"
		27	DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' != '${BPN}-native']}"
21	EXTRA_DEPENDS = "libcap-ng libcgroup"	28	EXTRA_DEPENDS = "libcap-ng libcgroup"
22	EXTRA_DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam audit', '', d)}"	29	EXTRA_DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam audit', '', d)}"
23	EXTRA_DEPENDS_virtclass-native = ""
24		30
25	RDEPENDS_${BPN} += "\	31	RDEPENDS_${BPN} += "\
26	libselinux-python \	32	libselinux-python \
@@ -37,7 +43,7 @@ RDEPENDS_${BPN} += "\
37	python-textutils \	43	python-textutils \
38	python-ipy \	44	python-ipy \
39	"	45	"
40	RDEPENDS_${BPN} += "setools"	46	RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python"
41		47
42	WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"	48	WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"
43	ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}"	49	ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}"
@@ -75,3 +81,12 @@ do_install_virtclass-native() {
75	SBINDIR="${D}/${base_sbindir}"	81	SBINDIR="${D}/${base_sbindir}"
76	done	82	done
77	}	83	}
		84
		85	do_install_append() {
		86	test "${CLASSOVERRIDE}" = "class-native" && return 0
		87
		88	if [ -e ${WORKDIR}/pam.d ]; then
		89	install -d ${D}${sysconfdir}/pam.d/
		90	install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
		91	fi
		92	}