Break policycoreutils out into separate packages for the various utilities.

The driver beind this is to allow images to be built with the minimal tools necessary to load a policy. Breaking all of the stuff that's dependent on python out from the core utils allows us to make much smaller images. Signed-off-by: Philip Tricca <flihp@twobit.us> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Philip Tricca <flihp@twobit.us> 2013-10-09 12:32:44 +0000
committer: Joe MacDonald <joe@deserted.net> 2013-10-15 14:31:15 -0400
commit: 2da0c93c650feb5b81375b9a9a319cade3c1c99e (patch)
tree: db54d152b3f5392012913e6f9c89dc47c158b617
parent: 392a44eeb60ae97d6976c9f9e91e03f695395a8b (diff)
download: meta-selinux-2da0c93c650feb5b81375b9a9a319cade3c1c99e.tar.gz
1 files changed, 178 insertions, 10 deletions
diff --git a/recipes-security/selinux/policycoreutils.inc b/recipes-security/selinux/policycoreutils.inc
index dfd65e3..f8187e4 100644
--- a/recipes-security/selinux/policycoreutils.inc
+++ b/recipes-security/selinux/policycoreutils.inc
@@ -13,7 +13,7 @@ SRC_URI += "${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}
 PAM_SRC_URI = "file://pam.d/newrole \
               file://pam.d/run_init \
-              "
+"
 DEPENDS += "libsepol libselinux libsemanage"
 EXTRA_DEPENDS = "libcap-ng libcgroup setools"
@@ -26,7 +26,7 @@ RDEPENDS_${BPN} += "\
        libselinux-python \
        libsemanage-python \
        sepolgen \
-        "
+"
 RDEPENDS_${BPN} += "\
        python \
        python-unixadmin \
@@ -36,8 +36,93 @@ RDEPENDS_${BPN} += "\
        python-syslog \
        python-textutils \
        python-ipy \
-        "
+"
+RDEPENDS_${BPN}-audit2allow = "\
+        python-textutils \
+        libselinux-python \
+        sepolgen \
+"
+RDEPENDS_${BPN}-chcat = "\
+        python-codecs \
+        python-shell \
+        python-stringold \
+        python-unixadmin \
+        ${BPN}-python \
+        libselinux-python \
+"
+RDEPENDS_${BPN}-fixfiles += "\
+        ${BPN}-setfiles \
+"
+RDEPENDS_${BPN}-genhomedircon += "\
+        ${BPN}-genhomedircon \
+        ${BPN}-semodule \
+"
+RDEPENDS_${BPN}-loadpolicy += "\
+        libselinux \
+        libsepol \
+"
+RDEPENDS_${BPN}-newrole += "\
+        libcap-ng \
+        libselinux \
+"
+RDEPENDS_${BPN}-python += "\
+        python-codecs \
+        python-io \
+        python-ipy \
+        python-re \
+        python-stringold \
+        python-syslog \
+        python-unixadmin \
+        libselinux-python \
+        libsemanage-python \
+"
+RDEPENDS_${BPN}-runinit += "libselinux"
+RDEPENDS_${BPN}-sandbox += "\
+        python-math \
+        python-shell \
+        python-subprocess \
+        python-textutils \
+        python-unixadmin \
+        libselinux-python \
+        ${BPN}-python \
+"
+RDEPENDS_${BPN}-secon += "libselinux"
+RDEPENDS_${BPN}-semanage = "\
+        python-core \
+        python-ipy \
+        ${BPN}-python \
+        libselinux-python \
+"
+RDEPENDS_${BPN}-semodule += "\
+        libsepol \
+        libselinux \
+        libsemanage \
+"
+# static link to libsepol
+DEPENDS_${BPN}-semodule-deps += "libsepol"
+RDEPENDS_${BPN}-semodule-expand += "libsepol libselinux"
+RDEPENDS_${BPN}-semodule-link += "libsepol libselinux"
+RDEPENDS_${BPN}-semodule-package += "libsepol libselinux"
+RDEPENDS_${BPN}-sepolicy += "\
+        python-argparse \
+        python-codecs \
+        python-core \
+        python-syslog \
+        ${BPN}-python \
+"
+# static link to libsepol
+DEPENDS_${BPN}-sepolgen-ifgen += "libsepol"
+RDEPENDS_${BPN}-sepolgen-ifgen += "libselinux-python"
+RDEPENDS_${BPN}-sestatus += "libselinux"
+RDEPENDS_${BPN}-setfiles += "\
+        libselinux \
+        libsepol \
+"
+RDEPENDS_${BPN}-setsebool += "\
+        libsepol \
+        libselinux \
+        libsemanage \
+"
 RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python"
 WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"
@@ -45,14 +130,97 @@ ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}
 inherit pythonnative
-PACKAGES =+ "${PN}-python ${PN}-sandbox system-config-selinux"
+PACKAGES =+ "\
-FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/seobject.py* \
+        ${PN}-audit2allow \
+        ${PN}-chcat \
+        ${PN}-fixfiles \
+        ${PN}-genhomedircon \
+        ${PN}-loadpolicy \
+        ${PN}-newrole \
+        ${PN}-python \
+        ${PN}-runinit \
+        ${PN}-sandbox \
+        ${PN}-secon \
+        ${PN}-semanage \
+        ${PN}-semodule \
+        ${PN}-semodule-deps \
+        ${PN}-semodule-expand \
+        ${PN}-semodule-link \
+        ${PN}-semodule-package \
+        ${PN}-sepolgen-ifgen \
+        ${PN}-sepolicy \
+        ${PN}-sestatus \
+        ${PN}-setfiles \
+        ${PN}-setsebool \
+        system-config-selinux \
+"
+FILES_${PN}-audit2allow = "\
+        ${bindir}/audit2allow \
+        ${bindir}/audit2why \
+"
+FILES_${PN}-chcat = "\
+        ${bindir}/chcat \
+"
+FILES_${PN}-fixfiles += "${base_sbindir}/fixfiles"
+FILES_${PN}-genhomedircon += "${sbindir}/genhomedircon"
+FILES_${PN}-loadpolicy += "\
+        ${base_sbindir}/load_policy \
+        ${sbindir}/load_policy \
+"
+FILES_${PN}-newrole += "\
+        ${bindir}/newrole \
+        ${@base_contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/newrole', '', d)} \
+"
+FILES_${PN}-python = "\
+        ${libdir}/python${PYTHON_BASEVERSION}/site-packages/seobject.py* \
        ${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy*.egg-info \
-        ${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/*"
+        ${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/* \
+"
+FILES_${PN}-runinit += "\
+        ${sbindir}/run_init \
+        ${sbindir}/open_init_pty \
+        ${@base_contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/run_init', '', d)} \
+"
 FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/.debug/*"
-FILES_${PN}-sandbox = "${datadir}/sandbox/*"
+FILES_${PN}-sandbox += "\
-FILES_${PN}-sandbox += "${bindir}/sandbox"
+        ${datadir}/sandbox/* \
-FILES_${PN}-sandbox += "${sbindir}/seunshare"
+        ${bindir}/sandbox \
+        ${sbindir}/seunshare \
+        ${sysconfdir}/sysconfig/sandbox \
+"
+FILES_${PN}-secon += "${bindir}/secon"
+FILES_${PN}-semanage = "\
+        ${sbindir}/semanage \
+        ${sysconfdir}/bash_completion.d/semanage-bash-completion.sh \
+"
+FILES_${PN}-semodule += "${sbindir}/semodule"
+FILES_${PN}-semodule-deps += "${bindir}/semodule_deps"
+FILES_${PN}-semodule-expand += "${bindir}/semodule_expand"
+FILES_${PN}-semodule-link += "${bindir}/semodule_link"
+FILES_${PN}-semodule-package += "\
+        ${bindir}/semodule_package \
+        ${bindir}/semodule_unpackage \
+"
+FILES_${PN}-sepolicy += "\
+        ${bindir}/sepolicy \
+        ${sysconfdir}/bash_completion.d/sepolicy-bash-completion.sh \
+"
+FILES_${PN}-sepolgen-ifgen += "\
+        ${bindir}/sepolgen-ifgen \
+        ${bindir}/sepolgen-ifgen-attr-helper \
+"
+FILES_${PN}-sestatus += "\
+        ${sbindir}/sestatus \
+        ${sysconfdir}/sestatus.conf \
+"
+FILES_${PN}-setfiles += "\
+        ${base_sbindir}/restorecon \
+        ${base_sbindir}/setfiles \
+"
+FILES_${PN}-setsebool += "\
+        ${sbindir}/setsebool \
+        ${sysconfdir}/bash_completion.d/setsebool-bash-completion.sh \
+"
 FILES_system-config-selinux = " \
    ${bindir}/sepolgen \
    ${datadir}/system-config-selinux/* \
author	Philip Tricca <flihp@twobit.us>	2013-10-09 12:32:44 +0000
committer	Joe MacDonald <joe@deserted.net>	2013-10-15 14:31:15 -0400
commit	2da0c93c650feb5b81375b9a9a319cade3c1c99e (patch)
tree	db54d152b3f5392012913e6f9c89dc47c158b617
parent	392a44eeb60ae97d6976c9f9e91e03f695395a8b (diff)
download	meta-selinux-2da0c93c650feb5b81375b9a9a319cade3c1c99e.tar.gz

diff --git a/recipes-security/selinux/policycoreutils.inc b/recipes-security/selinux/policycoreutils.inc index dfd65e3..f8187e4 100644 --- a/recipes-security/selinux/policycoreutils.inc +++ b/recipes-security/selinux/policycoreutils.inc
@@ -13,7 +13,7 @@ SRC_URI += "${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}
13		13
14	PAM_SRC_URI = "file://pam.d/newrole \	14	PAM_SRC_URI = "file://pam.d/newrole \
15	file://pam.d/run_init \	15	file://pam.d/run_init \
16	"	16	"
17		17
18	DEPENDS += "libsepol libselinux libsemanage"	18	DEPENDS += "libsepol libselinux libsemanage"
19	EXTRA_DEPENDS = "libcap-ng libcgroup setools"	19	EXTRA_DEPENDS = "libcap-ng libcgroup setools"
@@ -26,7 +26,7 @@ RDEPENDS_${BPN} += "\
26	libselinux-python \	26	libselinux-python \
27	libsemanage-python \	27	libsemanage-python \
28	sepolgen \	28	sepolgen \
29	"	29	"
30	RDEPENDS_${BPN} += "\	30	RDEPENDS_${BPN} += "\
31	python \	31	python \
32	python-unixadmin \	32	python-unixadmin \
@@ -36,8 +36,93 @@ RDEPENDS_${BPN} += "\
36	python-syslog \	36	python-syslog \
37	python-textutils \	37	python-textutils \
38	python-ipy \	38	python-ipy \
39	"	39	"
40		40	RDEPENDS_${BPN}-audit2allow = "\
		41	python-textutils \
		42	libselinux-python \
		43	sepolgen \
		44	"
		45	RDEPENDS_${BPN}-chcat = "\
		46	python-codecs \
		47	python-shell \
		48	python-stringold \
		49	python-unixadmin \
		50	${BPN}-python \
		51	libselinux-python \
		52	"
		53	RDEPENDS_${BPN}-fixfiles += "\
		54	${BPN}-setfiles \
		55	"
		56	RDEPENDS_${BPN}-genhomedircon += "\
		57	${BPN}-genhomedircon \
		58	${BPN}-semodule \
		59	"
		60	RDEPENDS_${BPN}-loadpolicy += "\
		61	libselinux \
		62	libsepol \
		63	"
		64	RDEPENDS_${BPN}-newrole += "\
		65	libcap-ng \
		66	libselinux \
		67	"
		68	RDEPENDS_${BPN}-python += "\
		69	python-codecs \
		70	python-io \
		71	python-ipy \
		72	python-re \
		73	python-stringold \
		74	python-syslog \
		75	python-unixadmin \
		76	libselinux-python \
		77	libsemanage-python \
		78	"
		79	RDEPENDS_${BPN}-runinit += "libselinux"
		80	RDEPENDS_${BPN}-sandbox += "\
		81	python-math \
		82	python-shell \
		83	python-subprocess \
		84	python-textutils \
		85	python-unixadmin \
		86	libselinux-python \
		87	${BPN}-python \
		88	"
		89	RDEPENDS_${BPN}-secon += "libselinux"
		90	RDEPENDS_${BPN}-semanage = "\
		91	python-core \
		92	python-ipy \
		93	${BPN}-python \
		94	libselinux-python \
		95	"
		96	RDEPENDS_${BPN}-semodule += "\
		97	libsepol \
		98	libselinux \
		99	libsemanage \
		100	"
		101	# static link to libsepol
		102	DEPENDS_${BPN}-semodule-deps += "libsepol"
		103	RDEPENDS_${BPN}-semodule-expand += "libsepol libselinux"
		104	RDEPENDS_${BPN}-semodule-link += "libsepol libselinux"
		105	RDEPENDS_${BPN}-semodule-package += "libsepol libselinux"
		106	RDEPENDS_${BPN}-sepolicy += "\
		107	python-argparse \
		108	python-codecs \
		109	python-core \
		110	python-syslog \
		111	${BPN}-python \
		112	"
		113	# static link to libsepol
		114	DEPENDS_${BPN}-sepolgen-ifgen += "libsepol"
		115	RDEPENDS_${BPN}-sepolgen-ifgen += "libselinux-python"
		116	RDEPENDS_${BPN}-sestatus += "libselinux"
		117	RDEPENDS_${BPN}-setfiles += "\
		118	libselinux \
		119	libsepol \
		120	"
		121	RDEPENDS_${BPN}-setsebool += "\
		122	libsepol \
		123	libselinux \
		124	libsemanage \
		125	"
41	RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python"	126	RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python"
42		127
43	WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"	128	WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}"
@@ -45,14 +130,97 @@ ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}
45		130
46	inherit pythonnative	131	inherit pythonnative
47		132
48	PACKAGES =+ "${PN}-python ${PN}-sandbox system-config-selinux"	133	PACKAGES =+ "\
49	FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/seobject.py* \	134	${PN}-audit2allow \
		135	${PN}-chcat \
		136	${PN}-fixfiles \
		137	${PN}-genhomedircon \
		138	${PN}-loadpolicy \
		139	${PN}-newrole \
		140	${PN}-python \
		141	${PN}-runinit \
		142	${PN}-sandbox \
		143	${PN}-secon \
		144	${PN}-semanage \
		145	${PN}-semodule \
		146	${PN}-semodule-deps \
		147	${PN}-semodule-expand \
		148	${PN}-semodule-link \
		149	${PN}-semodule-package \
		150	${PN}-sepolgen-ifgen \
		151	${PN}-sepolicy \
		152	${PN}-sestatus \
		153	${PN}-setfiles \
		154	${PN}-setsebool \
		155	system-config-selinux \
		156	"
		157	FILES_${PN}-audit2allow = "\
		158	${bindir}/audit2allow \
		159	${bindir}/audit2why \
		160	"
		161	FILES_${PN}-chcat = "\
		162	${bindir}/chcat \
		163	"
		164	FILES_${PN}-fixfiles += "${base_sbindir}/fixfiles"
		165	FILES_${PN}-genhomedircon += "${sbindir}/genhomedircon"
		166	FILES_${PN}-loadpolicy += "\
		167	${base_sbindir}/load_policy \
		168	${sbindir}/load_policy \
		169	"
		170	FILES_${PN}-newrole += "\
		171	${bindir}/newrole \
		172	${@base_contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/newrole', '', d)} \
		173	"
		174	FILES_${PN}-python = "\
		175	${libdir}/python${PYTHON_BASEVERSION}/site-packages/seobject.py* \
50	${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy*.egg-info \	176	${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy*.egg-info \
51	${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/*"	177	${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/* \
		178	"
		179	FILES_${PN}-runinit += "\
		180	${sbindir}/run_init \
		181	${sbindir}/open_init_pty \
		182	${@base_contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/run_init', '', d)} \
		183	"
52	FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/.debug/*"	184	FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/.debug/*"
53	FILES_${PN}-sandbox = "${datadir}/sandbox/*"	185	FILES_${PN}-sandbox += "\
54	FILES_${PN}-sandbox += "${bindir}/sandbox"	186	${datadir}/sandbox/* \
55	FILES_${PN}-sandbox += "${sbindir}/seunshare"	187	${bindir}/sandbox \
		188	${sbindir}/seunshare \
		189	${sysconfdir}/sysconfig/sandbox \
		190	"
		191	FILES_${PN}-secon += "${bindir}/secon"
		192	FILES_${PN}-semanage = "\
		193	${sbindir}/semanage \
		194	${sysconfdir}/bash_completion.d/semanage-bash-completion.sh \
		195	"
		196	FILES_${PN}-semodule += "${sbindir}/semodule"
		197	FILES_${PN}-semodule-deps += "${bindir}/semodule_deps"
		198	FILES_${PN}-semodule-expand += "${bindir}/semodule_expand"
		199	FILES_${PN}-semodule-link += "${bindir}/semodule_link"
		200	FILES_${PN}-semodule-package += "\
		201	${bindir}/semodule_package \
		202	${bindir}/semodule_unpackage \
		203	"
		204	FILES_${PN}-sepolicy += "\
		205	${bindir}/sepolicy \
		206	${sysconfdir}/bash_completion.d/sepolicy-bash-completion.sh \
		207	"
		208	FILES_${PN}-sepolgen-ifgen += "\
		209	${bindir}/sepolgen-ifgen \
		210	${bindir}/sepolgen-ifgen-attr-helper \
		211	"
		212	FILES_${PN}-sestatus += "\
		213	${sbindir}/sestatus \
		214	${sysconfdir}/sestatus.conf \
		215	"
		216	FILES_${PN}-setfiles += "\
		217	${base_sbindir}/restorecon \
		218	${base_sbindir}/setfiles \
		219	"
		220	FILES_${PN}-setsebool += "\
		221	${sbindir}/setsebool \
		222	${sysconfdir}/bash_completion.d/setsebool-bash-completion.sh \
		223	"
56	FILES_system-config-selinux = " \	224	FILES_system-config-selinux = " \
57	${bindir}/sepolgen \	225	${bindir}/sepolgen \
58	${datadir}/system-config-selinux/* \	226	${datadir}/system-config-selinux/* \