[Buildroot] [PATCH 1/9 v5] package/libapparmor: new package
Yann E. MORIN
yann.morin.1998 at free.fr
Sun Mar 29 14:01:37 UTC 2020
From: Angelo Compagnucci <angelo at amarulasolutions.com>
The layout of the package is not amenable to building both the library
and the utilities at once, so this package will only install the
libarary.
The other apparmor-related tools however will almost all want to always
link with the static library (it's hard-coded in their Makefiles, like:
AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread), so we also
force the build of the static library.
The kernel headers 3.16 at least are required, for CAP_AUDIT_READ.
We need to force the C standard to gnu99, otherwise:
- autoconf uses wchar_t in C99 test, so considers it to be missing
on toolchains without wchar, but wchar is not otherwise needed for
libapparmor;
- c99 is not enough, otherwise the build fails with errors like:
kernel.c:503:15: error: expected declaration specifiers or ‘...’ before ‘(’ token
extern typeof((__change_hat)) __old_change_hat __attribute__((alias ("__change_hat")));
^
Signed-off-by: Angelo Compagnucci <angelo at amarulasolutions.com>
[yann.morin.1998 at free.fr: strip down the patch to only build the lib]
Signed-off-by: Yann E. MORIN <yann.morin.1998 at free.fr>
---
DEVELOPERS | 1 +
package/Config.in | 1 +
package/libapparmor/Config.in | 16 ++++++++++++++++
package/libapparmor/libapparmor.hash | 4 ++++
package/libapparmor/libapparmor.mk | 27 +++++++++++++++++++++++++++
5 files changed, 49 insertions(+)
create mode 100644 package/libapparmor/Config.in
create mode 100644 package/libapparmor/libapparmor.hash
create mode 100644 package/libapparmor/libapparmor.mk
diff --git a/DEVELOPERS b/DEVELOPERS
index f67ef86e6c..142f3b406d 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -196,6 +196,7 @@ N: Angelo Compagnucci <angelo.compagnucci at gmail.com>
F: package/corkscrew/
F: package/fail2ban/
F: package/i2c-tools/
+F: package/libapparmor/
F: package/mender/
F: package/mender-artifact/
F: package/mono/
diff --git a/package/Config.in b/package/Config.in
index 7b73198d50..ae1bc2294d 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1882,6 +1882,7 @@ endif
endmenu
menu "Security"
+ source "package/libapparmor/Config.in"
source "package/libselinux/Config.in"
source "package/libsemanage/Config.in"
source "package/libsepol/Config.in"
diff --git a/package/libapparmor/Config.in b/package/libapparmor/Config.in
new file mode 100644
index 0000000000..a444a5708b
--- /dev/null
+++ b/package/libapparmor/Config.in
@@ -0,0 +1,16 @@
+config BR2_PACKAGE_LIBAPPARMOR
+ bool "libapparmor"
+ depends on BR2_TOOLCHAIN_HAS_SYNC_4
+ depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_16
+ help
+ AppArmor is an effective and easy-to-use Linux application
+ security system. AppArmor proactively protects the operating
+ system and applications from external or internal threats,
+ even zero-day attacks, by enforcing good behavior and
+ preventing even unknown application flaws from being
+ exploited.
+
+ This package installs only the library.
+
+ http://wiki.apparmor.net
diff --git a/package/libapparmor/libapparmor.hash b/package/libapparmor/libapparmor.hash
new file mode 100644
index 0000000000..3bff2bc853
--- /dev/null
+++ b/package/libapparmor/libapparmor.hash
@@ -0,0 +1,4 @@
+# locally computed
+sha256 267053234c68cdb122c5294d7c276b6e2f5fa7e75c6c2d23e3ce69f95d9a7639 apparmor-2.13.3.tar.gz
+sha256 a7e0cdcbea5c14927cedfc600d46526bdcbb1eb0a4d951e2ea53c2a6de159cb4 LICENSE
+sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 libraries/libapparmor/COPYING.LGPL
diff --git a/package/libapparmor/libapparmor.mk b/package/libapparmor/libapparmor.mk
new file mode 100644
index 0000000000..12efd4335a
--- /dev/null
+++ b/package/libapparmor/libapparmor.mk
@@ -0,0 +1,27 @@
+################################################################################
+#
+# libapparmor
+#
+################################################################################
+
+LIBAPPARMOR_VERSION_MAJOR = 2.13
+LIBAPPARMOR_VERSION = $(LIBAPPARMOR_VERSION_MAJOR).3
+LIBAPPARMOR_SOURCE = apparmor-$(LIBAPPARMOR_VERSION).tar.gz
+LIBAPPARMOR_SITE = https://launchpad.net/apparmor/$(LIBAPPARMOR_VERSION_MAJOR)/$(LIBAPPARMOR_VERSION)/+download
+LIBAPPARMOR_LICENSE = LGPL-2.1
+LIBAPPARMOR_LICENSE_FILES = LICENSE libraries/libapparmor/COPYING.LGPL
+
+LIBAPPARMOR_DEPENDENCIES = host-bison host-flex host-pkgconf
+LIBAPPARMOR_SUBDIR = libraries/libapparmor
+LIBAPPARMOR_INSTALL_STAGING = YES
+
+# Most AppArmor tools will want to link to the static lib.
+# ac_cv_prog_cc_c99 is required for BR2_USE_WCHAR=n because the C99 test
+# provided by autoconf relies on wchar_t.
+LIBAPPARMOR_CONF_OPTS = \
+ ac_cv_prog_cc_c99=-std=gnu99 \
+ --enable-static \
+ --enable-man-pages=no \
+ --without-python
+
+$(eval $(autotools-package))
--
2.20.1
More information about the buildroot
mailing list