[Buildroot] [PATCH v3 3/3] setools: update to add sedta and seinfoflow
Yegor Yefremov
yegorslists at googlemail.com
Wed Mar 21 13:46:37 UTC 2018
Jared,
On Wed, Mar 21, 2018 at 2:06 PM, Jared Bents
<jared.bents at rockwellcollins.com> wrote:
> Yegor,
>
> On Wed, Mar 21, 2018 at 5:04 AM, Yegor Yefremov
> <yegorslists at googlemail.com> wrote:
>> On Tue, Mar 20, 2018 at 9:39 PM, Jared Bents
>> <jared.bents at rockwellcollins.com> wrote:
>>> Update to add sedta and seinfoflow to setools
>>>
>>> Signed-off-by: Jared Bents <jared.bents at rockwellcollins.com>
>>
>> Reviewed-by: Yegor Yefremov <yegorslists at googlemail.com>
>>
>> Just curious what BR package is really uses host-setools with Python
>> functionality. I've built refpolicy without setools'
>> host-python-networx dependency and the build was successful.
>>
>> Yegor
>>
>
> I don't think any package needs host-setools as nothing selects
> setools from what I can tell. I can also build and use refpolicy
> without host-setools but the security team on my project is using
> host-setools for analysis. I am assuming host-setools is listed as a
> host dependency for refpolicy so that if a user selects setools, the
> host package gets built for the user to use.
Thanks for clarification. I hope setools would release 4.2 soon so
that we could bump python-netowrx to the latest version.
Yegor
>>> --
>>> v2 -> v3: Update to remove target dependencies change but kept
>>> the host package dependency as it is required for
>>> host-python-networkx to be built and thus available
>>> at runtime
>>> v1 -> v2: No change
>>>
>>> ---
>>> package/setools/Config.in | 2 ++
>>> package/setools/setools.mk | 16 ++--------------
>>> 2 files changed, 4 insertions(+), 14 deletions(-)
>>>
>>> diff --git a/package/setools/Config.in b/package/setools/Config.in
>>> index ae0c45f..32a9315 100644
>>> --- a/package/setools/Config.in
>>> +++ b/package/setools/Config.in
>>> @@ -8,6 +8,7 @@ config BR2_PACKAGE_SETOOLS
>>> depends on BR2_USE_MMU
>>> select BR2_PACKAGE_PYTHON3 if !BR2_PACKAGE_PYTHON
>>> select BR2_PACKAGE_PYTHON_ENUM34 if !BR2_PACKAGE_PYTHON3
>>> + select BR2_PACKAGE_PYTHON_NETWORKX
>>> select BR2_PACKAGE_PYTHON_SETUPTOOLS
>>> select BR2_PACKAGE_LIBSELINUX
>>> help
>>> @@ -16,6 +17,7 @@ config BR2_PACKAGE_SETOOLS
>>> * apol - analyze a SELinux policy. (requires python-qt5)
>>> * sediff - semantic policy difference tool for SELinux.
>>> * sedta - Perform domain transition analyses
>>> + * seinfoflow - information flow analysis for SELinux
>>> * sesearch - Search rules (allow, type_transition, etc.)
>>>
>>> https://github.com/TresysTechnology/setools
>>> diff --git a/package/setools/setools.mk b/package/setools/setools.mk
>>> index 6748c95..1ed7e97 100644
>>> --- a/package/setools/setools.mk
>>> +++ b/package/setools/setools.mk
>>> @@ -11,7 +11,7 @@ SETOOLS_INSTALL_STAGING = YES
>>> SETOOLS_LICENSE = GPL-2.0+, LGPL-2.1+
>>> SETOOLS_LICENSE_FILES = COPYING COPYING.GPL COPYING.LGPL
>>> SETOOLS_SETUP_TYPE = setuptools
>>> -HOST_SETOOLS_DEPENDENCIES = host-libselinux host-libsepol
>>> +HOST_SETOOLS_DEPENDENCIES = host-libselinux host-libsepol host-python-networkx
>>>
>>> ifeq ($(BR2_PACKAGE_PYTHON3),y)
>>> SETOOLS_PYLIBVER = python$(PYTHON3_VERSION_MAJOR)
>>> @@ -36,14 +36,6 @@ define HOST_SETOOLS_FIX_SETUP
>>> endef
>>> HOST_SETOOLS_POST_PATCH_HOOKS += HOST_SETOOLS_FIX_SETUP
>>>
>>> -# sedta and seinfoflow depend on python-networkx. This package is not
>>> -# available in buildroot.
>>> -define SETOOLS_REMOVE_BROKEN_SCRIPTS
>>> - $(RM) $(TARGET_DIR)/usr/bin/sedta
>>> - $(RM) $(TARGET_DIR)/usr/bin/seinfoflow
>>> -endef
>>> -SETOOLS_POST_INSTALL_TARGET_HOOKS += SETOOLS_REMOVE_BROKEN_SCRIPTS
>>> -
>>> # apol requires pyqt5. However, the setools installation
>>> # process will install apol even if pyqt5 is missing.
>>> # Remove these scripts from the target it pyqt5 is not selected.
>>> @@ -55,12 +47,8 @@ endef
>>> SETOOLS_POST_INSTALL_TARGET_HOOKS += SETOOLS_REMOVE_QT_SCRIPTS
>>> endif
>>>
>>> -# sedta and seinfoflow depend on python-networkx. This package is not
>>> -# available in buildroot. pyqt5 is not a host-package, remove apol
>>> -# from the host directory as well.
>>> +# pyqt5 is not a host-package, remove apol from the host directory.
>>> define HOST_SETOOLS_REMOVE_BROKEN_SCRIPTS
>>> - $(RM) $(HOST_DIR)/bin/sedta
>>> - $(RM) $(HOST_DIR)/bin/seinfoflow
>>> $(RM) $(HOST_DIR)/bin/apol
>>> endef
>>> HOST_SETOOLS_POST_INSTALL_HOOKS += HOST_SETOOLS_REMOVE_BROKEN_SCRIPTS
>>> --
>>> 1.9.1
>>>
>>> _______________________________________________
>>> buildroot mailing list
>>> buildroot at busybox.net
>>> http://lists.busybox.net/mailman/listinfo/buildroot
More information about the buildroot
mailing list