aboutsummaryrefslogtreecommitdiffstats
path: root/meta-security/recipes-security/security-manager/security-manager.inc
blob: e1d1f4011421e39635f9e05ce7b2d3d03762fba6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
DESCRIPTION = "Security manager and utilities"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327;beginline=3"

inherit cmake

B = "${S}"

DEPENDS = " \
   attr \
   boost \
   cynara \
   icu \
   libcap \
   smack \
   sqlite3 \
   systemd \
"

PACKAGECONFIG ??= ""
PACKAGECONFIG[debug] = "-DCMAKE_BUILD_TYPE=DEBUG,-DCMAKE_BUILD_TYPE=RELEASE"

TZ_SYS_DB ?= "/var/db/security-manager"

EXTRA_OECMAKE = " \
   -DCMAKE_VERBOSE_MAKEFILE=ON \
   -DVERSION=${PV} \
   -DSYSTEMD_INSTALL_DIR=${systemd_unitdir}/system \
   -DBIN_INSTALL_DIR=${bindir} \
   -DDB_INSTALL_DIR=${TZ_SYS_DB} \
   -DLIB_INSTALL_DIR=${libdir} \
   -DSHARE_INSTALL_PREFIX=${datadir} \
   -DINCLUDE_INSTALL_DIR=${includedir} \
"

inherit systemd
SYSTEMD_SERVICE_${PN} = "security-manager.service"

inherit features_check
REQUIRED_DISTRO_FEATURES += "smack"

# The upstream source code contains the Tizen-specific policy configuration files.
# To replace them, create a security-manager.bbappend and set the following variable to a
# space-separated list of policy file names (not URIs!), for example:
# SECURITY_MANAGER_POLICY = "privilege-group.list usertype-system.profile"
#
# Leave it empty to use the upstream Tizen policy.
SECURITY_MANAGER_POLICY ?= ""
SRC_URI_append = " ${@' '.join(['file://' + x for x in d.getVar('SECURITY_MANAGER_POLICY', True).split()])}"
python do_patch_append () {
    import os
    import shutil
    import glob
    files = d.getVar('SECURITY_MANAGER_POLICY', True).split()
    if files:
        s = d.getVar('S', True)
        workdir = d.getVar('WORKDIR', True)
        for pattern in ['*.profile', '*.list']:
            for old_file in glob.glob(s + '/policy/' + pattern):
                os.unlink(old_file)
        for file in files:
            shutil.copy(file, s + '/policy')
}

do_install_append () {
   install -d ${D}/${systemd_unitdir}/system/multi-user.target.wants
   ln -s ../security-manager.service ${D}/${systemd_unitdir}/system/multi-user.target.wants/security-manager.service
   install -d ${D}/${systemd_unitdir}/system/sockets.target.wants
   ln -s ../security-manager.socket ${D}/${systemd_unitdir}/system/sockets.target.wants/security-manager.socket
}

RDEPENDS_${PN} += "sqlite3 cynara"
FILES_${PN} += " \
   ${systemd_unitdir} \
   ${TZ_SYS_DB} \
   ${bindir}/.security-manager-setup \
"

PACKAGES =+ "${PN}-policy"
FILES_${PN}-policy = " \
   ${datadir}/${PN} \
   ${bindir}/security-manager-policy-reload \
"