net-utils: Build with selinux support.

Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
author: Xin Ouyang <Xin.Ouyang@windriver.com> 2012-06-13 18:08:50 +0800
committer: Xin Ouyang <Xin.Ouyang@windriver.com> 2012-06-13 18:08:50 +0800
commit: c911fda243f62cbbd6decee144e011e11a619aea (patch)
tree: 570a17feba4e92ce0522a9ef378195f39582a2b7
parent: 865c1820bd7dc6e643cf49007052782d42ceaf9c (diff)
download: meta-selinux-c911fda243f62cbbd6decee144e011e11a619aea.tar.gz
2 files changed, 252 insertions, 0 deletions
diff --git a/recipes-extended/net-tools/net-tools/netstat-selinux-support.patch b/recipes-extended/net-tools/net-tools/netstat-selinux-support.patch
new file mode 100644
index 0000000..2a97216
--- /dev/null
+++ b/recipes-extended/net-tools/net-tools/netstat-selinux-support.patch
@@ -0,0 +1,243 @@
+From: Xin Ouyang <Xin.Ouyang@windriver.com>
+Date: Wed, 13 Jun 2012 13:32:01 +0800
+Subject: [PATCH] net-tools: netstat add SELinux support.
+Upstream-Status: Inappropriate [configuration]
+Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
+---
+ Makefile  |    9 +++++++-
+ netstat.c |   69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
+ 2 files changed, 74 insertions(+), 4 deletions(-)
+diff --git a/Makefile b/Makefile
+index 8fcc55c..dca8fbc 100644
+--- a/Makefile
+++ b/Makefile
+@@ -116,6 +116,13 @@ NET_LIB = $(NET_LIB_PATH)/lib$(NET_LIB_NAME).a
+ CFLAGS = $(COPTS) -I. -idirafter ./include/ -I$(NET_LIB_PATH)
+ LDFLAGS        = $(LOPTS) -L$(NET_LIB_PATH)
+ 
+ifeq ($(HAVE_SELINUX),1)
+SELINUX_LDFLAGS        = -lselinux
+CFLAGS         += -DHAVE_SELINUX
+else
+SELINUX_LDFLAGS        =
+endif
+
+ SUBDIRS        = man/ $(NET_LIB_PATH)/
+ 
+ ifeq ($(origin CC), undefined)
+@@ -209,7 +216,7 @@ plipconfig: $(NET_LIB) plipconfig.o
+                $(CC) $(LDFLAGS) -o plipconfig plipconfig.o $(NLIB)
+ 
+ netstat:       $(NET_LIB) netstat.o statistics.o
+-               $(CC) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
+               $(CC) $(SELINUX_LDFLAGS) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
+ 
+ iptunnel:      $(NET_LIB) iptunnel.o
+                $(CC) $(LDFLAGS) -o iptunnel iptunnel.o $(NLIB) $(RESLIB)
+diff --git a/netstat.c b/netstat.c
+index c3a7bb1..71be41f 100644
+--- a/netstat.c
+++ b/netstat.c
+@@ -86,6 +86,12 @@
+ #include <net/if.h>
+ #include <dirent.h>
+ 
+#if HAVE_SELINUX
+#include <selinux/selinux.h>
+#else
+#define security_context_t char*
+#endif
+
+ #include "net-support.h"
+ #include "pathnames.h"
+ #include "version.h"
+@@ -97,6 +103,7 @@
+ #include "proc.h"
+ 
+ #define PROGNAME_WIDTH 20
+#define SELINUX_WIDTH 50
+ 
+ #if !defined(s6_addr32) && defined(in6a_words)
+ #define s6_addr32 in6a_words   /* libinet6                     */
+@@ -153,6 +160,7 @@ int flag_wide= 0;
+ int flag_prg = 0;
+ int flag_arg = 0;
+ int flag_ver = 0;
+int flag_selinux = 0;
+ 
+ FILE *procinfo;
+ 
+@@ -216,12 +224,17 @@ FILE *procinfo;
+ #define PROGNAME_WIDTH1(s) PROGNAME_WIDTH2(s)
+ #define PROGNAME_WIDTH2(s) #s
+ 
+#define SELINUX_WIDTHs SELINUX_WIDTH1(SELINUX_WIDTH)
+#define SELINUX_WIDTH1(s) SELINUX_WIDTH2(s)
+#define SELINUX_WIDTH2(s) #s
+
+ #define PRG_HASH_SIZE 211
+ 
+ static struct prg_node {
+     struct prg_node *next;
+     unsigned long inode;
+     char name[PROGNAME_WIDTH];
+    char scon[SELINUX_WIDTH];
+ } *prg_hash[PRG_HASH_SIZE];
+ 
+ static char prg_cache_loaded = 0;
+@@ -229,9 +242,12 @@ static char prg_cache_loaded = 0;
+ #define PRG_HASHIT(x) ((x) % PRG_HASH_SIZE)
+ 
+ #define PROGNAME_BANNER "PID/Program name"
+#define SELINUX_BANNER "Security Context"
+ 
+ #define print_progname_banner() do { if (flag_prg) printf("%-" PROGNAME_WIDTHs "s"," " PROGNAME_BANNER); } while (0)
+ 
+#define print_selinux_banner() do { if (flag_selinux) printf("%-" SELINUX_WIDTHs "s"," " SELINUX_BANNER); } while (0)
+
+ #define PRG_LOCAL_ADDRESS "local_address"
+ #define PRG_INODE       "inode"
+ #define PRG_SOCKET_PFX    "socket:["
+@@ -253,7 +269,7 @@ static char prg_cache_loaded = 0;
+ /* NOT working as of glibc-2.0.7: */
+ #undef  DIRENT_HAVE_D_TYPE_WORKS
+ 
+-static void prg_cache_add(unsigned long inode, char *name)
+static void prg_cache_add(unsigned long inode, char *name, char *scon)
+ {
+     unsigned hi = PRG_HASHIT(inode);
+     struct prg_node **pnp,*pn;
+@@ -274,6 +290,14 @@ static void prg_cache_add(unsigned long inode, char *name)
+     if (strlen(name)>sizeof(pn->name)-1) 
+        name[sizeof(pn->name)-1]='\0';
+     strcpy(pn->name,name);
+
+    {
+       int len=(strlen(scon)-sizeof(pn->scon))+1;
+       if (len > 0)
+           strcpy(pn->scon,&scon[len+1]);
+       else
+           strcpy(pn->scon,scon);
+    }
+ }
+ 
+ static const char *prg_cache_get(unsigned long inode)
+@@ -286,6 +310,16 @@ static const char *prg_cache_get(unsigned long inode)
+     return("-");
+ }
+ 
+static const char *prg_cache_get_con(unsigned long inode)
+{
+    unsigned hi=PRG_HASHIT(inode);
+    struct prg_node *pn;
+
+    for (pn=prg_hash[hi];pn;pn=pn->next)
+        if (pn->inode==inode) return(pn->scon);
+    return("-");
+}
+
+ static void prg_cache_clear(void)
+ {
+     struct prg_node **pnp,*pn;
+@@ -357,6 +391,7 @@ static void prg_cache_load(void)
+     const char *cs,*cmdlp;
+     DIR *dirproc=NULL,*dirfd=NULL;
+     struct dirent *direproc,*direfd;
+    security_context_t scon=NULL;
+ 
+     if (prg_cache_loaded || !flag_prg) return;
+     prg_cache_loaded=1;
+@@ -426,7 +461,15 @@ static void prg_cache_load(void)
+            }
+ 
+            snprintf(finbuf, sizeof(finbuf), "%s/%s", direproc->d_name, cmdlp);
+-           prg_cache_add(inode, finbuf);
+#if HAVE_SELINUX
+           if (getpidcon(atoi(direproc->d_name), &scon) == -1) {
+               scon=strdup("-");
+           }
+           prg_cache_add(inode, finbuf, scon);
+           freecon(scon);
+#else
+           prg_cache_add(inode, finbuf, "-");
+#endif
+        }
+        closedir(dirfd); 
+        dirfd = NULL;
+@@ -546,6 +589,8 @@ static void finish_this_one(int uid, unsigned long inode, const char *timers)
+     }
+     if (flag_prg)
+        printf(" %-16s",prg_cache_get(inode));
+    if (flag_selinux)
+       printf("%-" SELINUX_WIDTHs "s",prg_cache_get_con(inode));
+     if (flag_opt)
+        printf(" %s", timers);
+     putchar('\n');
+@@ -1238,6 +1283,8 @@ static void unix_do_one(int nr, const char *line)
+        printf("-        ");
+     if (flag_prg)
+        printf("%-" PROGNAME_WIDTHs "s",(has & HAS_INODE?prg_cache_get(inode):"-"));
+    if (flag_selinux)
+       printf("%-" SELINUX_WIDTHs "s",(has & HAS_INODE?prg_cache_get_con(inode):"-"));
+     puts(path);
+ }
+ 
+@@ -1256,6 +1303,7 @@ static int unix_info(void)
+ 
+     printf(_("\nProto RefCnt Flags       Type       State         I-Node  "));
+     print_progname_banner();
+    print_selinux_banner();
+     printf(_(" Path\n"));      /* xxx */
+ 
+     {
+@@ -1546,6 +1594,7 @@ static void usage(void)
+     fprintf(stderr, _("        -o, --timers             display timers\n"));
+     fprintf(stderr, _("        -F, --fib                display Forwarding Information Base (default)\n"));
+     fprintf(stderr, _("        -C, --cache              display routing cache instead of FIB\n\n"));
+    fprintf(stderr, _("        -Z, --context            display SELinux security context for sockets\n\n"));
+ 
+     fprintf(stderr, _("  <Socket>={-t|--tcp} {-u|--udp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom\n"));
+     fprintf(stderr, _("  <AF>=Use '-6|-4' or '-A <af>' or '--<af>'; default: %s\n"), DFLT_AF);
+@@ -1591,6 +1640,7 @@ int main
+        {"cache", 0, 0, 'C'},
+        {"fib", 0, 0, 'F'},
+        {"groups", 0, 0, 'g'},
+       {"context", 0, 0, 'Z'},
+        {NULL, 0, 0, 0}
+     };
+ 
+@@ -1602,7 +1652,7 @@ int main
+     getroute_init();           /* Set up AF routing support */
+ 
+     afname[0] = '\0';
+-    while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuWVv?wxl64", longopts, &lop)) != EOF)
+    while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuWVv?wxlZ64", longopts, &lop)) != EOF)
+        switch (i) {
+        case -1:
+            break;
+@@ -1705,6 +1755,19 @@ int main
+            if (aftrans_opt("unix"))
+                exit(1);
+            break;
+       case 'Z':
+#if HAVE_SELINUX
+           if (is_selinux_enabled() <= 0) {
+               fprintf(stderr, _("SELinux is not enabled on this machine.\n"));
+               exit(1);
+           }
+           flag_prg++;
+           flag_selinux++;
+#else
+           fprintf(stderr, _("SELinux is not enabled for this application.\n"));
+           exit(1);
+#endif
+           break;
+        case '?':
+        case 'h':
+            usage();
+-- 
+1.7.5.4
diff --git a/recipes-extended/net-tools/net-tools_1.60-23.bbappend b/recipes-extended/net-tools/net-tools_1.60-23.bbappend
new file mode 100644
index 0000000..5d76214
--- /dev/null
+++ b/recipes-extended/net-tools/net-tools_1.60-23.bbappend
@@ -0,0 +1,9 @@
+PR .= ".1"
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+SRC_URI += "file://netstat-selinux-support.patch"
+DEPENDS += "${@base_contains('DISTRO_FEATURES', 'selinux', 'libselinux', '', d)}"
+EXTRA_OEMAKE += "${@base_contains('DISTRO_FEATURES', 'selinux', 'HAVE_SELINUX=1', 'HAVE_SELINUX=0', d)}"
author	Xin Ouyang <Xin.Ouyang@windriver.com>	2012-06-13 18:08:50 +0800
committer	Xin Ouyang <Xin.Ouyang@windriver.com>	2012-06-13 18:08:50 +0800
commit	c911fda243f62cbbd6decee144e011e11a619aea (patch)
tree	570a17feba4e92ce0522a9ef378195f39582a2b7
parent	865c1820bd7dc6e643cf49007052782d42ceaf9c (diff)
download	meta-selinux-c911fda243f62cbbd6decee144e011e11a619aea.tar.gz

diff --git a/recipes-extended/net-tools/net-tools/netstat-selinux-support.patch b/recipes-extended/net-tools/net-tools/netstat-selinux-support.patch new file mode 100644 index 0000000..2a97216 --- /dev/null +++ b/recipes-extended/net-tools/net-tools/netstat-selinux-support.patch
@@ -0,0 +1,243 @@
	1	From: Xin Ouyang <Xin.Ouyang@windriver.com>
	2	Date: Wed, 13 Jun 2012 13:32:01 +0800
	3	Subject: [PATCH] net-tools: netstat add SELinux support.
	4
	5	Upstream-Status: Inappropriate [configuration]
	6
	7	Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
	8	---
	9	Makefile \| 9 +++++++-
	10	netstat.c \| 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
	11	2 files changed, 74 insertions(+), 4 deletions(-)
	12
	13	diff --git a/Makefile b/Makefile
	14	index 8fcc55c..dca8fbc 100644
	15	--- a/Makefile
	16	+++ b/Makefile
	17	@@ -116,6 +116,13 @@ NET_LIB = $(NET_LIB_PATH)/lib$(NET_LIB_NAME).a
	18	CFLAGS = $(COPTS) -I. -idirafter ./include/ -I$(NET_LIB_PATH)
	19	LDFLAGS = $(LOPTS) -L$(NET_LIB_PATH)
	20
	21	+ifeq ($(HAVE_SELINUX),1)
	22	+SELINUX_LDFLAGS = -lselinux
	23	+CFLAGS += -DHAVE_SELINUX
	24	+else
	25	+SELINUX_LDFLAGS =
	26	+endif
	27	+
	28	SUBDIRS = man/ $(NET_LIB_PATH)/
	29
	30	ifeq ($(origin CC), undefined)
	31	@@ -209,7 +216,7 @@ plipconfig: $(NET_LIB) plipconfig.o
	32	$(CC) $(LDFLAGS) -o plipconfig plipconfig.o $(NLIB)
	33
	34	netstat: $(NET_LIB) netstat.o statistics.o
	35	- $(CC) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
	36	+ $(CC) $(SELINUX_LDFLAGS) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
	37
	38	iptunnel: $(NET_LIB) iptunnel.o
	39	$(CC) $(LDFLAGS) -o iptunnel iptunnel.o $(NLIB) $(RESLIB)
	40	diff --git a/netstat.c b/netstat.c
	41	index c3a7bb1..71be41f 100644
	42	--- a/netstat.c
	43	+++ b/netstat.c
	44	@@ -86,6 +86,12 @@
	45	#include <net/if.h>
	46	#include <dirent.h>
	47
	48	+#if HAVE_SELINUX
	49	+#include <selinux/selinux.h>
	50	+#else
	51	+#define security_context_t char*
	52	+#endif
	53	+
	54	#include "net-support.h"
	55	#include "pathnames.h"
	56	#include "version.h"
	57	@@ -97,6 +103,7 @@
	58	#include "proc.h"
	59
	60	#define PROGNAME_WIDTH 20
	61	+#define SELINUX_WIDTH 50
	62
	63	#if !defined(s6_addr32) && defined(in6a_words)
	64	#define s6_addr32 in6a_words /* libinet6 */
	65	@@ -153,6 +160,7 @@ int flag_wide= 0;
	66	int flag_prg = 0;
	67	int flag_arg = 0;
	68	int flag_ver = 0;
	69	+int flag_selinux = 0;
	70
	71	FILE *procinfo;
	72
	73	@@ -216,12 +224,17 @@ FILE *procinfo;
	74	#define PROGNAME_WIDTH1(s) PROGNAME_WIDTH2(s)
	75	#define PROGNAME_WIDTH2(s) #s
	76
	77	+#define SELINUX_WIDTHs SELINUX_WIDTH1(SELINUX_WIDTH)
	78	+#define SELINUX_WIDTH1(s) SELINUX_WIDTH2(s)
	79	+#define SELINUX_WIDTH2(s) #s
	80	+
	81	#define PRG_HASH_SIZE 211
	82
	83	static struct prg_node {
	84	struct prg_node *next;
	85	unsigned long inode;
	86	char name[PROGNAME_WIDTH];
	87	+ char scon[SELINUX_WIDTH];
	88	} *prg_hash[PRG_HASH_SIZE];
	89
	90	static char prg_cache_loaded = 0;
	91	@@ -229,9 +242,12 @@ static char prg_cache_loaded = 0;
	92	#define PRG_HASHIT(x) ((x) % PRG_HASH_SIZE)
	93
	94	#define PROGNAME_BANNER "PID/Program name"
	95	+#define SELINUX_BANNER "Security Context"
	96
	97	#define print_progname_banner() do { if (flag_prg) printf("%-" PROGNAME_WIDTHs "s"," " PROGNAME_BANNER); } while (0)
	98
	99	+#define print_selinux_banner() do { if (flag_selinux) printf("%-" SELINUX_WIDTHs "s"," " SELINUX_BANNER); } while (0)
	100	+
	101	#define PRG_LOCAL_ADDRESS "local_address"
	102	#define PRG_INODE "inode"
	103	#define PRG_SOCKET_PFX "socket:["
	104	@@ -253,7 +269,7 @@ static char prg_cache_loaded = 0;
	105	/* NOT working as of glibc-2.0.7: */
	106	#undef DIRENT_HAVE_D_TYPE_WORKS
	107
	108	-static void prg_cache_add(unsigned long inode, char *name)
	109	+static void prg_cache_add(unsigned long inode, char name, char scon)
	110	{
	111	unsigned hi = PRG_HASHIT(inode);
	112	struct prg_node *pnp,pn;
	113	@@ -274,6 +290,14 @@ static void prg_cache_add(unsigned long inode, char *name)
	114	if (strlen(name)>sizeof(pn->name)-1)
	115	name[sizeof(pn->name)-1]='\0';
	116	strcpy(pn->name,name);
	117	+
	118	+ {
	119	+ int len=(strlen(scon)-sizeof(pn->scon))+1;
	120	+ if (len > 0)
	121	+ strcpy(pn->scon,&scon[len+1]);
	122	+ else
	123	+ strcpy(pn->scon,scon);
	124	+ }
	125	}
	126
	127	static const char *prg_cache_get(unsigned long inode)
	128	@@ -286,6 +310,16 @@ static const char *prg_cache_get(unsigned long inode)
	129	return("-");
	130	}
	131
	132	+static const char *prg_cache_get_con(unsigned long inode)
	133	+{
	134	+ unsigned hi=PRG_HASHIT(inode);
	135	+ struct prg_node *pn;
	136	+
	137	+ for (pn=prg_hash[hi];pn;pn=pn->next)
	138	+ if (pn->inode==inode) return(pn->scon);
	139	+ return("-");
	140	+}
	141	+
	142	static void prg_cache_clear(void)
	143	{
	144	struct prg_node *pnp,pn;
	145	@@ -357,6 +391,7 @@ static void prg_cache_load(void)
	146	const char cs,cmdlp;
	147	DIR dirproc=NULL,dirfd=NULL;
	148	struct dirent direproc,direfd;
	149	+ security_context_t scon=NULL;
	150
	151	if (prg_cache_loaded \|\| !flag_prg) return;
	152	prg_cache_loaded=1;
	153	@@ -426,7 +461,15 @@ static void prg_cache_load(void)
	154	}
	155
	156	snprintf(finbuf, sizeof(finbuf), "%s/%s", direproc->d_name, cmdlp);
	157	- prg_cache_add(inode, finbuf);
	158	+#if HAVE_SELINUX
	159	+ if (getpidcon(atoi(direproc->d_name), &scon) == -1) {
	160	+ scon=strdup("-");
	161	+ }
	162	+ prg_cache_add(inode, finbuf, scon);
	163	+ freecon(scon);
	164	+#else
	165	+ prg_cache_add(inode, finbuf, "-");
	166	+#endif
	167	}
	168	closedir(dirfd);
	169	dirfd = NULL;
	170	@@ -546,6 +589,8 @@ static void finish_this_one(int uid, unsigned long inode, const char *timers)
	171	}
	172	if (flag_prg)
	173	printf(" %-16s",prg_cache_get(inode));
	174	+ if (flag_selinux)
	175	+ printf("%-" SELINUX_WIDTHs "s",prg_cache_get_con(inode));
	176	if (flag_opt)
	177	printf(" %s", timers);
	178	putchar('\n');
	179	@@ -1238,6 +1283,8 @@ static void unix_do_one(int nr, const char *line)
	180	printf("- ");
	181	if (flag_prg)
	182	printf("%-" PROGNAME_WIDTHs "s",(has & HAS_INODE?prg_cache_get(inode):"-"));
	183	+ if (flag_selinux)
	184	+ printf("%-" SELINUX_WIDTHs "s",(has & HAS_INODE?prg_cache_get_con(inode):"-"));
	185	puts(path);
	186	}
	187
	188	@@ -1256,6 +1303,7 @@ static int unix_info(void)
	189
	190	printf(_("\nProto RefCnt Flags Type State I-Node "));
	191	print_progname_banner();
	192	+ print_selinux_banner();
	193	printf(_(" Path\n")); /* xxx */
	194
	195	{
	196	@@ -1546,6 +1594,7 @@ static void usage(void)
	197	fprintf(stderr, _(" -o, --timers display timers\n"));
	198	fprintf(stderr, _(" -F, --fib display Forwarding Information Base (default)\n"));
	199	fprintf(stderr, _(" -C, --cache display routing cache instead of FIB\n\n"));
	200	+ fprintf(stderr, _(" -Z, --context display SELinux security context for sockets\n\n"));
	201
	202	fprintf(stderr, _(" <Socket>={-t\|--tcp} {-u\|--udp} {-w\|--raw} {-x\|--unix} --ax25 --ipx --netrom\n"));
	203	fprintf(stderr, _(" <AF>=Use '-6\|-4' or '-A <af>' or '--<af>'; default: %s\n"), DFLT_AF);
	204	@@ -1591,6 +1640,7 @@ int main
	205	{"cache", 0, 0, 'C'},
	206	{"fib", 0, 0, 'F'},
	207	{"groups", 0, 0, 'g'},
	208	+ {"context", 0, 0, 'Z'},
	209	{NULL, 0, 0, 0}
	210	};
	211
	212	@@ -1602,7 +1652,7 @@ int main
	213	getroute_init(); /* Set up AF routing support */
	214
	215	afname[0] = '\0';
	216	- while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuWVv?wxl64", longopts, &lop)) != EOF)
	217	+ while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuWVv?wxlZ64", longopts, &lop)) != EOF)
	218	switch (i) {
	219	case -1:
	220	break;
	221	@@ -1705,6 +1755,19 @@ int main
	222	if (aftrans_opt("unix"))
	223	exit(1);
	224	break;
	225	+ case 'Z':
	226	+#if HAVE_SELINUX
	227	+ if (is_selinux_enabled() <= 0) {
	228	+ fprintf(stderr, _("SELinux is not enabled on this machine.\n"));
	229	+ exit(1);
	230	+ }
	231	+ flag_prg++;
	232	+ flag_selinux++;
	233	+#else
	234	+ fprintf(stderr, _("SELinux is not enabled for this application.\n"));
	235	+ exit(1);
	236	+#endif
	237	+ break;
	238	case '?':
	239	case 'h':
	240	usage();
	241	--
	242	1.7.5.4
	243


diff --git a/recipes-extended/net-tools/net-tools_1.60-23.bbappend b/recipes-extended/net-tools/net-tools_1.60-23.bbappend new file mode 100644 index 0000000..5d76214 --- /dev/null +++ b/recipes-extended/net-tools/net-tools_1.60-23.bbappend
@@ -0,0 +1,9 @@
	1	PR .= ".1"
	2
	3	FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
	4
	5	SRC_URI += "file://netstat-selinux-support.patch"
	6
	7	DEPENDS += "${@base_contains('DISTRO_FEATURES', 'selinux', 'libselinux', '', d)}"
	8
	9	EXTRA_OEMAKE += "${@base_contains('DISTRO_FEATURES', 'selinux', 'HAVE_SELINUX=1', 'HAVE_SELINUX=0', d)}"