From bac1f08af5fd42d90470c8ecff40151c61f8695c Mon Sep 17 00:00:00 2001 From: Tyler Hicks Date: Mon, 10 Feb 2014 17:40:03 -0600 Subject: [PATCH 03/13 v2] Update autoconf file to build against libapparmor AppArmor support can be configured at build time with --enable-apparmor and --disable-apparmor. By default, the build time decision is automatically decided by checking if a sufficient libapparmor is available. A minimum required libapparmor is version 2.8.95. Signed-off-by: Tyler Hicks --- * Changes from v1: - Fix underquoting issues - Move from if/fi to AS_IF() - Use libapparmor's new pkg-config file + A pkg-config file will available in 2.9.0, which happens to be the same version required by dbus + This also replaces the incorrect cpp syntax - Add APPARMOR_CFLAGS to AM_CPPFLAGS in bus/Makefile.am bus/Makefile.am | 1 + configure.ac | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/bus/Makefile.am b/bus/Makefile.am index f335e30..4938ea8 100644 --- a/bus/Makefile.am +++ b/bus/Makefile.am @@ -18,6 +18,7 @@ DBUS_LAUNCHER_LIBS = \ AM_CPPFLAGS = \ -I$(top_srcdir) \ $(XML_CFLAGS) \ + $(APPARMOR_CFLAGS) \ -DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \ -DDBUS_COMPILATION \ -DDBUS_STATIC_BUILD \ diff --git a/configure.ac b/configure.ac index 13d1c87..d0bc84c 100644 --- a/configure.ac +++ b/configure.ac @@ -152,6 +152,10 @@ AC_ARG_ENABLE(xml-docs, AS_HELP_STRING([--enable-xml-docs],[build XML documentat AC_ARG_ENABLE(doxygen-docs, AS_HELP_STRING([--enable-doxygen-docs],[build DOXYGEN documentation (requires Doxygen)]),enable_doxygen_docs=$enableval,enable_doxygen_docs=auto) AC_ARG_ENABLE(abstract-sockets, AS_HELP_STRING([--enable-abstract-sockets],[use abstract socket namespace (linux only)]),enable_abstract_sockets=$enableval,enable_abstract_sockets=auto) AC_ARG_ENABLE(selinux, AS_HELP_STRING([--enable-selinux],[build with SELinux support]),enable_selinux=$enableval,enable_selinux=auto) +AC_ARG_ENABLE([apparmor], + [AS_HELP_STRING([--enable-apparmor], [build with AppArmor support])], + [enable_apparmor=$enableval], + [enable_apparmor=auto]) AC_ARG_ENABLE(libaudit,AS_HELP_STRING([--enable-libaudit],[build audit daemon support for SELinux]),enable_libaudit=$enableval,enable_libaudit=auto) AC_ARG_ENABLE(inotify, AS_HELP_STRING([--enable-inotify],[build with inotify support (linux only)]),enable_inotify=$enableval,enable_inotify=auto) AC_ARG_ENABLE(kqueue, AS_HELP_STRING([--enable-kqueue],[build with kqueue support]),enable_kqueue=$enableval,enable_kqueue=auto) @@ -1026,6 +1030,22 @@ else SELINUX_LIBS= fi +# AppArmor detection +AS_IF([test x$enable_apparmor = xno], + [have_apparmor=no], + [ + PKG_CHECK_MODULES([APPARMOR], [libapparmor >= 2.8.95], + [have_apparmor=yes], [have_apparmor=no]) + + AS_IF([test x$enable_apparmor = xauto -a x$have_apparmor = xno], + [AC_MSG_WARN([Sufficiently new AppArmor library not found])]) + AS_IF([test x$enable_apparmor != xauto -a x$have_apparmor = xno], + [AC_MSG_ERROR([AppArmor explicitly required, and AppArmor library not found])]) + ]) + +AS_IF([test x$have_apparmor = xyes], + [AC_DEFINE([HAVE_APPARMOR], [1], [AppArmor Support])]) + # inotify checks if test x$enable_inotify = xno ; then have_inotify=no; @@ -1830,6 +1850,7 @@ echo " Building checks: ${enable_checks} Building bus stats API: ${enable_stats} Building SELinux support: ${have_selinux} + Building AppArmor support: ${have_apparmor} Building inotify support: ${have_inotify} Building kqueue support: ${have_kqueue} Building systemd support: ${have_systemd} -- 1.9.0