aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils
diff options
context:
space:
mode:
authorPaul Spooren <mail@aparcar.org>2020-08-19 11:40:27 -1000
committerDaniel Golle <daniel@makrotopia.org>2020-08-23 23:37:08 +0100
commit2e06f8ae24ec47cd1db9703ce6474bbd9304ef99 (patch)
tree8d8efbfd1eb84b42fc3c9782c72b0f07bfa12c13 /package/utils
parentb2f19d3ef707c60c46a75a1fe2c38365474a5921 (diff)
downloadupstream-2e06f8ae24ec47cd1db9703ce6474bbd9304ef99.tar.gz
upstream-2e06f8ae24ec47cd1db9703ce6474bbd9304ef99.tar.bz2
upstream-2e06f8ae24ec47cd1db9703ce6474bbd9304ef99.zip
busybox: add selinux variant
This commit adds a `selinux` variant which comes with with a number of SELinux applets and also SELinux label support. Signed-off-by: Paul Spooren <mail@aparcar.org>
Diffstat (limited to 'package/utils')
-rw-r--r--package/utils/busybox/Config.in2
-rw-r--r--package/utils/busybox/Makefile33
-rw-r--r--package/utils/busybox/selinux.config15
3 files changed, 45 insertions, 5 deletions
diff --git a/package/utils/busybox/Config.in b/package/utils/busybox/Config.in
index 4d87e18278..dcd027e7ee 100644
--- a/package/utils/busybox/Config.in
+++ b/package/utils/busybox/Config.in
@@ -1,4 +1,4 @@
-if PACKAGE_busybox
+if PACKAGE_busybox || PACKAGE_busybox-selinux
config BUSYBOX_CUSTOM
bool "Customize busybox options"
diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile
index baf375eb13..4d098ac4a8 100644
--- a/package/utils/busybox/Makefile
+++ b/package/utils/busybox/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright (C) 2006-2016 OpenWrt.org
+# Copyright (C) 2006-2020 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=busybox
PKG_VERSION:=1.31.1
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_FLAGS:=essential
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
@@ -39,14 +39,27 @@ BUSYBOX_IF_ENABLED=$(if $(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_$(1)),$(2))
# All files provided by busybox will serve as fallback alternatives by opkg.
# There should be no need to enumerate ALTERNATIVES entries here
-define Package/busybox
+define Package/busybox/Default
SECTION:=base
CATEGORY:=Base system
MAINTAINER:=Felix Fietkau <nbd@nbd.name>
TITLE:=Core utilities for embedded Linux
URL:=http://busybox.net/
DEPENDS:=+BUSYBOX_CONFIG_PAM:libpam +BUSYBOX_CONFIG_NTPD:jsonfilter
- MENU:=1
+endef
+
+define Package/busybox
+ $(call Package/busybox/Default)
+ CONFLICTS:=busybox-selinux
+ VARIANT:=default
+endef
+
+define Package/busybox-selinux
+ $(call Package/busybox/Default)
+ TITLE += with SELinux support
+ DEPENDS += +libselinux
+ VARIANT:=selinux
+ PROVIDES:=busybox
endef
define Package/busybox/description
@@ -62,6 +75,8 @@ ifdef CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG
define Package/busybox/conffiles
/etc/syslog.conf
endef
+
+Package/busybox-selinux/conffiiles = $(Package/busybox/conffiles)
endif
# don't create a version string containing the actual timestamp
@@ -77,6 +92,10 @@ ifeq ($(CONFIG_USE_GLIBC),y)
LDLIBS += $(call BUSYBOX_IF_ENABLED,NSLOOKUP_OPENWRT,resolv)
endif
+ifeq ($(BUILD_VARIANT),selinux)
+ LDLIBS += selinux sepol
+endif
+
TARGET_CFLAGS += -flto
TARGET_LDFLAGS += -flto=jobserver -fuse-linker-plugin
@@ -97,6 +116,9 @@ define Build/Configure
ifeq ($(DEVICE_TYPE),nas)
echo "CONFIG_HDPARM=y" >> $(PKG_BUILD_DIR)/.config
endif
+ifeq ($(BUILD_VARIANT),selinux)
+ cat $(TOPDIR)/$(SOURCE)/selinux.config >> $(PKG_BUILD_DIR)/.config
+endif
grep 'CONFIG_BUSYBOX_$(BUSYBOX_SYM)' $(TOPDIR)/.config | sed -e "s,\\(# \)\\?CONFIG_BUSYBOX_$(BUSYBOX_SYM)_\\(.*\\),\\1CONFIG_\\2,g" >> $(PKG_BUILD_DIR)/.config
yes 'n' | $(MAKE) -C $(PKG_BUILD_DIR) $(MAKE_FLAGS) oldconfig
endef
@@ -125,4 +147,7 @@ endif
-rm -rf $(1)/lib64
endef
+Package/busybox-selinux/install = $(Package/busybox/install)
+
$(eval $(call BuildPackage,busybox))
+$(eval $(call BuildPackage,busybox-selinux))
diff --git a/package/utils/busybox/selinux.config b/package/utils/busybox/selinux.config
new file mode 100644
index 0000000000..ef20155814
--- /dev/null
+++ b/package/utils/busybox/selinux.config
@@ -0,0 +1,15 @@
+CONFIG_SELINUX=y
+CONFIG_FEATURE_TAR_SELINUX=y
+CONFIG_CHCON=y
+CONFIG_GETENFORCE=y
+CONFIG_GETSEBOOL=y
+CONFIG_LOAD_POLICY=y
+CONFIG_MATCHPATHCON=y
+CONFIG_RUNCON=y
+CONFIG_SELINUXENABLED=y
+CONFIG_SESTATUS=y
+CONFIG_SETFILES=y
+CONFIG_FEATURE_SETFILES_CHECK_OPTION=y
+CONFIG_RESTORECON=y
+CONFIG_SETSEBOOL=y
+CONFIG_SETENFORCE=y