1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=libselinux
PKG_VERSION:=3.1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/20200710
PKG_HASH:=ea5dcbb4d859e3f999c26a13c630da2f16dff9462e3cc8cb7b458ac157d112e7
HOST_BUILD_DEPENDS:=libsepol/host pcre/host
PKG_LICENSE:=libselinux-1.0
PKG_LICENSE_FILES:=LICENSE
PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
LIBSELINUX_UTILS := \
avcstat \
compute_av \
compute_create \
compute_member \
compute_relabel \
getconlist \
getdefaultcon \
getenforce \
getfilecon \
getpidcon \
getsebool \
getseuser \
matchpathcon \
policyvers \
sefcontext_compile \
selabel_digest \
selabel_get_digests_all_partial_matches \
selabel_lookup \
selabel_lookup_best_match \
selabel_partial_match \
selinux_check_access \
selinux_check_securetty_context \
selinuxenabled \
selinuxexeccon \
setenforce \
setfilecon \
togglesebool \
validatetrans
LIBSELINUX_ALTS := \
getenforce \
getsebool \
matchpathcon \
selinuxenabled \
setenforce
$(eval $(foreach a,$(LIBSELINUX_ALTS),ALTS_$(a):=300:/usr/sbin/$(a):/usr/sbin/libselinux-$(a)$(newline)))
define Package/libselinux/Default
TITLE:=Runtime SELinux library
URL:=http://selinuxproject.org/page/Main_Page
endef
define Package/libselinux
$(call Package/libselinux/Default)
SECTION:=libs
CATEGORY:=Libraries
DEPENDS:=+libsepol +libpcre +musl-fts
endef
define Package/libselinux/description
libselinux is the runtime SELinux library that provides
interfaces (e.g. library functions for the SELinux kernel
APIs like getcon(), other support functions like
getseuserbyname()) to SELinux-aware applications. libselinux
may use the shared libsepol to manipulate the binary policy
if necessary (e.g. to downgrade the policy format to an
older version supported by the kernel) when loading policy.
endef
define GenUtilPkg
define Package/$(1)
$(call Package/libselinux/Default)
TITLE+= $(2) utility
SECTION:=utils
DEPENDS:=+libselinux
CATEGORY:=Utilities
SUBMENU:=libselinux tools
ALTERNATIVES:=$(ALTS_$(2))
endef
define Package/$(1)/description
libselinux version of the $(2) utility.
endef
endef
$(foreach a,$(LIBSELINUX_UTILS),$(eval $(call GenUtilPkg,libselinux-$(a),$(a))))
# Needed to link libselinux utilities, which link against
# libselinux.so, which indirectly depends on libpcre.so, installed in
# $(STAGING_DIR_HOSTPKG).
HOST_LDFLAGS += -Wl,-rpath="$(STAGING_DIR_HOSTPKG)/lib"
HOST_MAKE_FLAGS += \
PREFIX=$(STAGING_DIR_HOSTPKG) \
SHLIBDIR=$(STAGING_DIR_HOSTPKG)/lib
MAKE_FLAGS += \
FTS_LDLIBS=-lfts \
SHLIBDIR=/usr/lib \
OS=Linux
define Build/Compile
$(call Build/Compile/Default,all)
endef
define Build/Install
$(call Build/Install/Default,install)
endef
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libselinux.pc $(1)/usr/lib/pkgconfig/
$(SED) 's,/usr/include,$$$${prefix}/include,g' $(1)/usr/lib/pkgconfig/libselinux.pc
$(SED) 's,/usr/lib,$$$${exec_prefix}/lib,g' $(1)/usr/lib/pkgconfig/libselinux.pc
endef
define Package/libselinux/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libselinux.so.* $(1)/usr/lib/
endef
define BuildUtil
define Package/$(1)/install
$(INSTALL_DIR) $$(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/$(2) $$(1)/usr/sbin/$(if $(ALTS_$(2)),libselinux-$(2),$(2))
endef
$$(eval $$(call BuildPackage,$(1)))
endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,libselinux))
$(foreach a,$(LIBSELINUX_UTILS),$(eval $(call BuildUtil,libselinux-$(a),$(a))))
|