meta-security/recipes-core/dbus/dbus-cynara_1.8.18.bb

   1 require dbus-oe-core.inc
   2 FILESEXTRAPATHS_prepend := "${COREBASE}/meta/recipes-core/dbus/dbus:${THISDIR}/dbus-cynara:"
   3 S = "${WORKDIR}/dbus-${PV}"
   4 libexecdir = "${libdir}/dbus"
   5
   6 SRC_URI[md5sum] = "83e607e9ccb1c921d5b6bbea2376a36c"
   7 SRC_URI[sha256sum] = "36f2eb9c777a3c71562573da36a147e900a642afcd44d2b0470d992a4898c4f2"
   8
   9 # From https://review.tizen.org/gerrit/#/admin/projects/platform/upstream/dbus
  10 # revision 6c9997fb1cdff4281166e8c2fb8276018b1025dd
  11 # aka https://review.tizen.org/git/?p=platform%2Fupstream%2Fdbus.git;a=shortlog;h=refs%2Fheads%2Fsandbox%2Fjacekbe%2Fupgrade
  12 # as announced in https://bugs.tizen.org/jira/browse/TC-2520 "D-Bus: local denial of service attack"
  13 SRC_URI += " \
  14 file://0001-Fix-memleak-in-GetConnectionCredentials-handler.patch \
  15 file://0002-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch \
  16 file://0003-Add-LSM-agnostic-support-for-LinuxSecurityLabel-cred.patch \
  17 file://0004-Integration-of-Cynara-asynchronous-security-checks.patch \
  18 file://0005-Disable-message-dispatching-when-send-rule-result-is.patch \
  19 file://0006-Handle-unavailability-of-policy-results-for-broadcas.patch \
  20 file://0007-Add-own-rule-result-unavailability-handling.patch \
  21 "
  22
  23 # Provides a legacy API which shouldn't be used in new code. It is
  24 # still needed at the moment because cynara helper methods call it
  25 # (creds-dbus-inner.cpp, creds-gdbus.cpp).
  26 SRC_URI += "file://0008-Add-GetConnectionSmackContext-D-Bus-daemon-method.patch"
  27
  28 # Depends on special Cynara rules which get installed in the
  29 # security-manager-policy package. From patch set 5 in:
  30 # https://review.tizen.org/gerrit/#/c/31310/
  31 SRC_URI += "file://Perform-Cynara-runtime-policy-checks-by-default.patch"
  32
  33 DEPENDS += "cynara smack"
  34 EXTRA_OECONF += "--enable-cynara"
  35
  36 inherit distro_features_check
  37 REQUIRED_DISTRO_FEATURES += "smack"
  38
  39 # Only the main package gets created here, everything else remains in the
  40 # normal dbus recipe.
  41 do_install_append () {
  42     for i in ${@' '.join([d.getVar('D', True) + x for x in (' '.join([d.getVar('FILES_${PN}-' + p, True) or '' for p in ['lib', 'dev', 'staticdev', 'doc', 'locale', 'ptest']])).split()])}; do
  43         rm -rf $i
  44     done
  45
  46     # Try to remove empty directories, starting with the
  47     # longest path (= deepest directory) first.
  48     # Find needs a valid current directory. Somehow the directory
  49     # we get called in is gone by the time that we get invoked.
  50     ( cd ${D}
  51       for i in `find . -type d | sort -r`; do
  52         rmdir $i || true
  53       done
  54     )
  55 }
  56
  57 # Avoid warning about dbus and dbus-cynara providing dbus-x11.
  58 RPROVIDES_${PN}_remove = "${OLDPKGNAME}"