From patchwork Tue Jul 14 20:20:23 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Clayton Shotwell X-Patchwork-Id: 495238 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ozlabs.org (Postfix) with ESMTP id 8757214090B for ; Wed, 15 Jul 2015 06:21:23 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 39651A43CC; Tue, 14 Jul 2015 20:21:21 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BKWGz6rBlWXC; Tue, 14 Jul 2015 20:21:18 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id B6A61A434E; Tue, 14 Jul 2015 20:20:56 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 6EFF51CE612 for ; Tue, 14 Jul 2015 20:20:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 6BCD292065 for ; Tue, 14 Jul 2015 20:20:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QhkHOvUP37lR for ; Tue, 14 Jul 2015 20:20:53 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from ch3vs02.rockwellcollins.com (ch3vs02.rockwellcollins.com [205.175.226.29]) by whitealder.osuosl.org (Postfix) with ESMTPS id A8DC892045 for ; Tue, 14 Jul 2015 20:20:53 +0000 (UTC) Received: from ofwch3n02.rockwellcollins.com (HELO crulimr02.rockwellcollins.com) ([205.175.226.14]) by ch3vs02.rockwellcollins.com with ESMTP; 14 Jul 2015 15:20:53 -0500 X-Received: from thehammer.rockwellcollins.com (unknown [192.168.141.197]) by crulimr02.rockwellcollins.com (Postfix) with ESMTP id 0151160186; Tue, 14 Jul 2015 15:20:52 -0500 (CDT) From: Clayton Shotwell To: buildroot@buildroot.org Date: Tue, 14 Jul 2015 15:20:23 -0500 Message-Id: <1436905227-26937-12-git-send-email-clayton.shotwell@rockwellcollins.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1436905227-26937-1-git-send-email-clayton.shotwell@rockwellcollins.com> References: <1436905227-26937-1-git-send-email-clayton.shotwell@rockwellcollins.com> Cc: Clayton Shotwell Subject: [Buildroot] [PATCH v9 11/15] util-linux: selinux, audit, and pam support X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Matt Weber Signed-off-by: Matthew Weber Signed-off-by: Clayton Shotwell Reviewed-by: Samuel Martin --- Changes v8 -> v9: - No changes Changes v7 -> v8: - No changes Changes v6 -> v7: - No changes Changes v5 -> v6: - No changes Changes v4 -> v5: - New patch - Added pam file tweaks for selinux support (Clayton S.) --- package/util-linux/util-linux.mk | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/package/util-linux/util-linux.mk b/package/util-linux/util-linux.mk index a44a45e..5ce3af5 100644 --- a/package/util-linux/util-linux.mk +++ b/package/util-linux/util-linux.mk @@ -53,6 +53,20 @@ ifeq ($(BR2_PACKAGE_LIBCAP_NG),y) UTIL_LINUX_DEPENDENCIES += libcap-ng endif +ifeq ($(BR2_PACKAGE_LIBSELINUX),y) +UTIL_LINUX_DEPENDENCIES += libselinux +UTIL_LINUX_CONF_OPTS += --with-selinux +else +UTIL_LINUX_CONF_OPTS += --without-selinux +endif + +ifeq ($(BR2_PACKAGE_AUDIT),y) +UTIL_LINUX_DEPENDENCIES += audit +UTIL_LINUX_CONF_OPTS += --with-audit +else +UTIL_LINUX_CONF_OPTS += --without-audit +endif + # Used by cramfs utils UTIL_LINUX_DEPENDENCIES += $(if $(BR2_PACKAGE_ZLIB),zlib) @@ -140,9 +154,22 @@ define UTIL_LINUX_INSTALL_PAMFILES $(INSTALL) -m 0644 package/util-linux/su.pam \ $(TARGET_DIR)/etc/pam.d/su-l endef + +# Add the required hooks to the pam files if SELinux is enabled +ifeq ($(BR2_PACKAGE_LIBSELINUX),y) +define UTIL_LINUX_FIXUP_PAMFILES + for file in login su su-l ; do \ + $(SED) '/selinux/d' $(TARGET_DIR)/etc/pam.d/$${file}; \ + $(SED) '0,/session/s/session/session required pam_selinux.so close\nsession/' $(TARGET_DIR)/etc/pam.d/$${file}; \ + echo "session required pam_selinux.so open" >> $(TARGET_DIR)/etc/pam.d/$${file}; \ + done +endef +endif + endif UTIL_LINUX_POST_INSTALL_TARGET_HOOKS += UTIL_LINUX_INSTALL_PAMFILES +UTIL_LINUX_POST_INSTALL_TARGET_HOOKS += UTIL_LINUX_FIXUP_PAMFILES # Install agetty->getty symlink to avoid breakage when there's no busybox ifeq ($(BR2_PACKAGE_UTIL_LINUX_AGETTY),y)