SUMMARY = "SELinux policy core utilities" DESCRIPTION = "policycoreutils contains the policy core utilities that are required \ for basic operation of a SELinux system. These utilities include \ load_policy to load policies, setfiles to label filesystems, newrole \ to switch roles, and run_init to run /etc/init.d scripts in the proper \ context." SECTION = "base" LICENSE = "GPLv2+" SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}" PAM_SRC_URI = "file://pam.d/newrole \ file://pam.d/run_init \ " DEPENDS += "libsepol libselinux libsemanage" EXTRA_DEPENDS = "libcap-ng libcgroup setools" DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' != '${BPN}-native']}" inherit selinux DEPENDS += "${@target_selinux(d, 'libpam audit')}" RDEPENDS_${BPN}-audit2allow = "\ python-textutils \ libselinux-python \ sepolgen \ " RDEPENDS_${BPN}-chcat = "\ python-codecs \ python-shell \ python-stringold \ python-unixadmin \ ${BPN}-python \ libselinux-python \ " RDEPENDS_${BPN}-fixfiles += "\ ${BPN}-setfiles \ " RDEPENDS_${BPN}-genhomedircon += "\ ${BPN}-genhomedircon \ ${BPN}-semodule \ " RDEPENDS_${BPN}-loadpolicy += "\ libselinux \ libsepol \ " RDEPENDS_${BPN}-newrole += "\ libcap-ng \ libselinux \ " RDEPENDS_${BPN}-python += "\ python-codecs \ python-io \ python-ipy \ python-re \ python-stringold \ python-syslog \ python-unixadmin \ libselinux-python \ libsemanage-python \ " RDEPENDS_${BPN}-runinit += "libselinux" RDEPENDS_${BPN}-sandbox += "\ python-math \ python-shell \ python-subprocess \ python-textutils \ python-unixadmin \ libselinux-python \ ${BPN}-python \ " RDEPENDS_${BPN}-secon += "libselinux" RDEPENDS_${BPN}-semanage = "\ python-core \ python-ipy \ python-compression \ python-xml \ ${BPN}-python \ libselinux-python \ " RDEPENDS_${BPN}-semodule += "\ libsepol \ libselinux \ libsemanage \ " # static link to libsepol DEPENDS_${BPN}-semodule-deps += "libsepol" RDEPENDS_${BPN}-semodule-expand += "libsepol libselinux" RDEPENDS_${BPN}-semodule-link += "libsepol libselinux" RDEPENDS_${BPN}-semodule-package += "libsepol libselinux" RDEPENDS_${BPN}-sepolicy += "\ python-argparse \ python-codecs \ python-core \ python-syslog \ ${BPN}-python \ " # static link to libsepol DEPENDS_${BPN}-sepolgen-ifgen += "libsepol" RDEPENDS_${BPN}-sepolgen-ifgen += "libselinux-python" RDEPENDS_${BPN}-sestatus += "libselinux" RDEPENDS_${BPN}-setfiles += "\ libselinux \ libsepol \ " RDEPENDS_${BPN}-setsebool += "\ libsepol \ libselinux \ libsemanage \ " RDEPENDS_${BPN} += "setools setools-libs ${BPN}-python" WARN_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${WARN_QA}', d)}" ERROR_QA := "${@oe_filter_out('unsafe-references-in-scripts', '${ERROR_QA}', d)}" inherit pythonnative PACKAGES =+ "\ ${PN}-audit2allow \ ${PN}-chcat \ ${PN}-fixfiles \ ${PN}-genhomedircon \ ${PN}-loadpolicy \ ${PN}-newrole \ ${PN}-python \ ${PN}-runinit \ ${PN}-sandbox \ ${PN}-secon \ ${PN}-semanage \ ${PN}-semodule \ ${PN}-semodule-deps \ ${PN}-semodule-expand \ ${PN}-semodule-link \ ${PN}-semodule-package \ ${PN}-sepolgen-ifgen \ ${PN}-sepolicy \ ${PN}-sestatus \ ${PN}-setfiles \ ${PN}-setsebool \ system-config-selinux \ " FILES_${PN}-audit2allow = "\ ${bindir}/audit2allow \ ${bindir}/audit2why \ " FILES_${PN}-chcat = "\ ${bindir}/chcat \ " FILES_${PN}-fixfiles += "${base_sbindir}/fixfiles" FILES_${PN}-genhomedircon += "${sbindir}/genhomedircon" FILES_${PN}-loadpolicy += "\ ${base_sbindir}/load_policy \ ${sbindir}/load_policy \ " FILES_${PN}-newrole += "\ ${bindir}/newrole \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/newrole', '', d)} \ " FILES_${PN}-python = "\ ${libdir}/python${PYTHON_BASEVERSION}/site-packages/seobject.py* \ ${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy*.egg-info \ ${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/* \ " FILES_${PN}-runinit += "\ ${sbindir}/run_init \ ${sbindir}/open_init_pty \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/run_init', '', d)} \ " FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/sepolicy/.debug/*" FILES_${PN}-sandbox += "\ ${datadir}/sandbox/* \ ${bindir}/sandbox \ ${sbindir}/seunshare \ ${sysconfdir}/sysconfig/sandbox \ " FILES_${PN}-secon += "${bindir}/secon" FILES_${PN}-semanage = "\ ${sbindir}/semanage \ ${datadir}/bash-completion/completions/semanage \ " FILES_${PN}-semodule += "${sbindir}/semodule" FILES_${PN}-semodule-deps += "${bindir}/semodule_deps" FILES_${PN}-semodule-expand += "${bindir}/semodule_expand" FILES_${PN}-semodule-link += "${bindir}/semodule_link" FILES_${PN}-semodule-package += "\ ${bindir}/semodule_package \ ${bindir}/semodule_unpackage \ " FILES_${PN}-sepolicy += "\ ${bindir}/sepolicy \ ${datadir}/bash-completion/completions/sepolicy \ ${datadir}/dbus-1/system-services/org.selinux.service \ ${datadir}/polkit-1/actions/org.selinux.policy \ " FILES_${PN}-sepolgen-ifgen += "\ ${bindir}/sepolgen-ifgen \ ${bindir}/sepolgen-ifgen-attr-helper \ " FILES_${PN}-sestatus += "\ ${sbindir}/sestatus \ ${sysconfdir}/sestatus.conf \ " FILES_${PN}-setfiles += "\ ${base_sbindir}/restorecon \ ${base_sbindir}/setfiles \ " FILES_${PN}-setsebool += "\ ${sbindir}/setsebool \ ${datadir}/bash-completion/completions/setsebool \ " FILES_system-config-selinux = " \ ${bindir}/sepolgen \ ${datadir}/system-config-selinux/* \ ${datadir}/icons/hicolor/ \ ${datadir}/polkit-1/actions/org.selinux.config.policy \ " export STAGING_INCDIR export STAGING_LIBDIR export BUILD_SYS export HOST_SYS AUDITH="`ls ${STAGING_INCDIR}/libaudit.h >/dev/null 2>&1 && echo /usr/include/libaudit.h `" PAMH="`ls ${STAGING_INCDIR}/security/pam_appl.h >/dev/null 2>&1 && echo /usr/include/security/pam_appl.h `" EXTRA_OEMAKE += "${@target_selinux(d, 'PAMH=${PAMH} AUDITH=${AUDITH}', 'PAMH= AUDITH= ')} INOTIFYH=n" EXTRA_OEMAKE += "PREFIX=${D}" EXTRA_OEMAKE += "INITDIR=${D}/etc/init.d" BBCLASSEXTEND = "native" PCU_NATIVE_CMDS = "setfiles semodule_package semodule semodule_link semodule_expand semodule_deps" do_compile_virtclass-native() { for PCU_CMD in ${PCU_NATIVE_CMDS} ; do oe_runmake -C $PCU_CMD \ INCLUDEDIR='${STAGING_INCDIR}' \ LIBDIR='${STAGING_LIBDIR}' done } do_compile_prepend() { export PYTHON=python export PYLIBVER='python${PYTHON_BASEVERSION}' export PYTHON_CPPFLAGS="-I${STAGING_INCDIR}/${PYLIBVER}" export PYTHON_LDFLAGS="${STAGING_LIBDIR}/lib${PYLIBVER}.so" export PYTHON_SITE_PKG="${libdir}/${PYLIBVER}/site-packages" } do_install_prepend() { export PYTHON=python export SEMODULE_PATH=${sbindir} } do_install_virtclass-native() { for PCU_CMD in ${PCU_NATIVE_CMDS} ; do oe_runmake -C $PCU_CMD install \ DESTDIR="${D}" \ PREFIX="${D}/${prefix}" \ SBINDIR="${D}/${base_sbindir}" done } do_install_append_class-target() { if [ -e ${WORKDIR}/pam.d ]; then install -d ${D}${sysconfdir}/pam.d/ install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ fi }