[yocto] [meta-security][PATCH 2/2] apparmor: make bash dependency optional
Alexander Kanavin
alex.kanavin at gmail.com
Thu Oct 10 04:22:37 PDT 2019
Bash is only needed by one not particularly important script,
so not requiring bash is a useful option for builds that
cannot have gpl3 components.
Signed-off-by: Alexander Kanavin <alex.kanavin at gmail.com>
---
recipes-mac/AppArmor/apparmor_2.13.3.bb | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/recipes-mac/AppArmor/apparmor_2.13.3.bb b/recipes-mac/AppArmor/apparmor_2.13.3.bb
index 990d870..6183064 100644
--- a/recipes-mac/AppArmor/apparmor_2.13.3.bb
+++ b/recipes-mac/AppArmor/apparmor_2.13.3.bb
@@ -32,11 +32,12 @@ PARALLEL_MAKE = ""
inherit pkgconfig autotools-brokensep update-rc.d python3native perlnative ptest cpan manpages systemd
-PACKAGECONFIG ??= "python perl"
+PACKAGECONFIG ??= "python perl aa-decode"
PACKAGECONFIG[manpages] = "--enable-man-pages, --disable-man-pages"
PACKAGECONFIG[python] = "--with-python, --without-python, python3 swig-native"
PACKAGECONFIG[perl] = "--with-perl, --without-perl, perl perl-native swig-native"
PACKAGECONFIG[apache2] = ",,apache2,"
+PACKAGECONFIG[aa-decode] = ",,,bash"
PAMLIB="${@bb.utils.contains('DISTRO_FEATURES', 'pam', '1', '0', d)}"
HTTPD="${@bb.utils.contains('PACKAGECONFIG', 'apache2', '1', '0', d)}"
@@ -97,6 +98,10 @@ do_install () {
rm -f ${D}${sbindir}/aa-notify
fi
+ if ! ${@bb.utils.contains('PACKAGECONFIG','aa-decode','true','false', d)}; then
+ rm -f ${D}${sbindir}/aa-decode
+ fi
+
if test -z "${HTTPD}" ; then
oe_runmake -C ${B}/changehat/mod_apparmor DESTDIR="${D}" install
fi
@@ -161,7 +166,6 @@ PACKAGES += "mod-${PN}"
FILES_${PN} += "/lib/apparmor/ ${sysconfdir}/apparmor ${PYTHON_SITEPACKAGES_DIR}"
FILES_mod-${PN} = "${libdir}/apache2/modules/*"
-RDEPENDS_${PN} += "bash"
RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG','python','python3-core python3-modules','', d)}"
RDEPENDS_${PN}_remove += "${@bb.utils.contains('PACKAGECONFIG','perl','','perl', d)}"
RDEPENDS_${PN}-ptest += "perl coreutils dbus-lib bash"
--
2.17.1
More information about the yocto
mailing list