Message ID | 1378429464-12546-10-git-send-email-rjbarnet@rockwellcollins.com |
---|---|
State | Changes Requested |
Headers | show |
Dear Ryan Barnett, On Thu, 5 Sep 2013 20:04:23 -0500, Ryan Barnett wrote: > +# SELinux support relies on audit support so enable both > +# of them if libselinux has been selected. > +ifeq ($(BR2_PACKAGE_LIBSELINUX),y) > +DBUS_CONF_OPT += --enable-selinux --enable-libaudit > +DBUS_DEPENDENCIES += libselinux audit This doesn't look good: it's not because libselinux is enabled in the configuration that audit is also enabled. So your options are: * Only enable SELinux support in DBus when both libselinux and audit are enabled: ifeq ($(BR2_PACKAGE_LIBSELINUX)$(BR2_PACKAGE_AUDIT),y) DBUS_CONF_OPT += --enable-selinux --enable-libaudit DBUS_DEPENDENCIES += libselinux audit else ... This is the easiest, but it kind of "diverges" from the other packages, where enabling the 'libselinux' package was sufficient to get SELinux support. * Ensure audit is selected when libselinux is available. This could be done by adding the following line to dbus/Config.in: select BR2_PACKAGE_AUDIT if BR2_PACKAGE_LIBSELINUX if you add this, then you can keep your dbus.mk change as it is, since having BR2_PACKAGE_LIBSELINUX enabled guarantees us that BR2_PACKAGE_AUDIT is also enabled. Best regards, Thomas
diff --git a/package/dbus/dbus.mk b/package/dbus/dbus.mk index d50f630..228b98e 100644 --- a/package/dbus/dbus.mk +++ b/package/dbus/dbus.mk @@ -21,7 +21,6 @@ DBUS_CONF_OPT = --with-dbus-user=dbus \ --disable-tests \ --disable-asserts \ --enable-abstract-sockets \ - --disable-selinux \ --disable-xml-docs \ --disable-doxygen-docs \ --disable-static \ @@ -54,6 +53,15 @@ ifeq ($(BR2_PACKAGE_SYSTEMD),y) DBUS_CONF_OPT += --with-systemdsystemunitdir=/lib/systemd/system endif +# SELinux support relies on audit support so enable both +# of them if libselinux has been selected. +ifeq ($(BR2_PACKAGE_LIBSELINUX),y) +DBUS_CONF_OPT += --enable-selinux --enable-libaudit +DBUS_DEPENDENCIES += libselinux audit +else +DBUS_CONF_OPT += --disable-selinux --disable-libaudit +endif + # fix rebuild (dbus makefile errors out if /var/lib/dbus is a symlink) define DBUS_REMOVE_VAR_LIB_DBUS rm -rf $(TARGET_DIR)/var/lib/dbus
Signed-off-by: Ryan Barnett <rjbarnet@rockwellcollins.com> --- package/dbus/dbus.mk | 10 +++++++++- 1 files changed, 9 insertions(+), 1 deletions(-)