From 12178be465df6821a5a7ff469aa10dac2ac332c6 Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Sat, 18 Jul 2020 07:52:13 -0500 Subject: [PATCH] procd: add SELinux support This commit adds a patch to procd to support loading the SELinux policy early at boot time, and adjusts the procd package to use this SELinux support when libselinux is enabled. The procd patch has been submitted separately [1]: obviously the intent is to have it merged in the procd Git repository rather than have it in OpenWrt itself. [1] http://lists.infradead.org/pipermail/openwrt-devel/2019-November/025791.html Signed-off-by: Thomas Petazzoni [rebase, add commit message] Signed-off-by: W. Michael Petullo [split commit into openwrt.git and procd.git] Signed-off-by: Daniel Golle --- package/system/procd/Makefile | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/package/system/procd/Makefile b/package/system/procd/Makefile index ba4af81a1a..17a871b15c 100644 --- a/package/system/procd/Makefile +++ b/package/system/procd/Makefile @@ -12,9 +12,9 @@ PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/procd.git -PKG_SOURCE_DATE:=2020-08-06 -PKG_SOURCE_VERSION:=ab55357dfe5bd0edac0b9556a83e69814df791b1 -PKG_MIRROR_HASH:=38c882e105811bcd10b5ce55f91a16a647ed2ad436aec01cd03fda588b7bfca9 +PKG_SOURCE_DATE:=2020-08-10 +PKG_SOURCE_VERSION:=fad899769e1411cc273785461f073a0f7931b9a0 +PKG_MIRROR_HASH:=f56b621f78f821f7070d85f63448f684af7e2fe0c85233a8d054683cc34f6d06 CMAKE_INSTALL:=1 PKG_LICENSE:=GPL-2.0 @@ -44,7 +44,7 @@ TARGET_LDFLAGS += -flto define Package/procd SECTION:=base CATEGORY:=Base system - DEPENDS:=+ubusd +ubus +libjson-script +ubox +USE_GLIBC:librt +libubox +libubus +libblobmsg-json +libjson-c + DEPENDS:=+ubusd +ubus +libjson-script +ubox +USE_GLIBC:librt +libubox +libubus +libblobmsg-json +libjson-c +PACKAGE_libselinux:libselinux TITLE:=OpenWrt system process manager USERID:=:dialout=20 :audio=29 endef @@ -108,7 +108,8 @@ ifdef CONFIG_PACKAGE_procd-ujail endif SECCOMP=$(if $(CONFIG_PACKAGE_procd-seccomp),1,0) -CMAKE_OPTIONS += -DSECCOMP_SUPPORT=$(SECCOMP) -DUTRACE_SUPPORT=$(SECCOMP) +SELINUX=$(if $(CONFIG_PACKAGE_libselinux),1,0) +CMAKE_OPTIONS += -DSECCOMP_SUPPORT=$(SECCOMP) -DUTRACE_SUPPORT=$(SECCOMP) -DSELINUX=$(SELINUX) define Package/procd/install $(INSTALL_DIR) $(1)/sbin $(1)/etc $(1)/lib/functions