procd: add SELinux support

This commit adds a patch to procd to support loading the SELinux
policy early at boot time, and adjusts the procd package to use this
SELinux support when libselinux is enabled.

The procd patch has been submitted separately [1]: obviously the
intent is to have it merged in the procd Git repository rather than
have it in OpenWrt itself.

[1] http://lists.infradead.org/pipermail/openwrt-devel/2019-November/025791.html

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[rebase, add commit message]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
[split commit into openwrt.git and procd.git]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This commit is contained in:
Thomas Petazzoni 2020-07-18 07:52:13 -05:00 committed by Daniel Golle
parent 42abe56f1b
commit 12178be465

View File

@ -12,9 +12,9 @@ PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/procd.git
PKG_SOURCE_DATE:=2020-08-06
PKG_SOURCE_VERSION:=ab55357dfe5bd0edac0b9556a83e69814df791b1
PKG_MIRROR_HASH:=38c882e105811bcd10b5ce55f91a16a647ed2ad436aec01cd03fda588b7bfca9
PKG_SOURCE_DATE:=2020-08-10
PKG_SOURCE_VERSION:=fad899769e1411cc273785461f073a0f7931b9a0
PKG_MIRROR_HASH:=f56b621f78f821f7070d85f63448f684af7e2fe0c85233a8d054683cc34f6d06
CMAKE_INSTALL:=1
PKG_LICENSE:=GPL-2.0
@ -44,7 +44,7 @@ TARGET_LDFLAGS += -flto
define Package/procd
SECTION:=base
CATEGORY:=Base system
DEPENDS:=+ubusd +ubus +libjson-script +ubox +USE_GLIBC:librt +libubox +libubus +libblobmsg-json +libjson-c
DEPENDS:=+ubusd +ubus +libjson-script +ubox +USE_GLIBC:librt +libubox +libubus +libblobmsg-json +libjson-c +PACKAGE_libselinux:libselinux
TITLE:=OpenWrt system process manager
USERID:=:dialout=20 :audio=29
endef
@ -108,7 +108,8 @@ ifdef CONFIG_PACKAGE_procd-ujail
endif
SECCOMP=$(if $(CONFIG_PACKAGE_procd-seccomp),1,0)
CMAKE_OPTIONS += -DSECCOMP_SUPPORT=$(SECCOMP) -DUTRACE_SUPPORT=$(SECCOMP)
SELINUX=$(if $(CONFIG_PACKAGE_libselinux),1,0)
CMAKE_OPTIONS += -DSECCOMP_SUPPORT=$(SECCOMP) -DUTRACE_SUPPORT=$(SECCOMP) -DSELINUX=$(SELINUX)
define Package/procd/install
$(INSTALL_DIR) $(1)/sbin $(1)/etc $(1)/lib/functions