X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=meta-app-framework%2Frecipes-security%2Fsecurity-manager%2Fsecurity-manager.inc;fp=meta-app-framework%2Frecipes-security%2Fsecurity-manager%2Fsecurity-manager.inc;h=e1d1f4011421e39635f9e05ce7b2d3d03762fba6;hb=1c3c06842ac1b9c089d0a08e91c60f44e4844fac;hp=0000000000000000000000000000000000000000;hpb=c1e048fc05542d859115990312e0753ce2dea72e;p=AGL%2Fmeta-agl.git diff --git a/meta-app-framework/recipes-security/security-manager/security-manager.inc b/meta-app-framework/recipes-security/security-manager/security-manager.inc new file mode 100644 index 000000000..e1d1f4011 --- /dev/null +++ b/meta-app-framework/recipes-security/security-manager/security-manager.inc @@ -0,0 +1,83 @@ +DESCRIPTION = "Security manager and utilities" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327;beginline=3" + +inherit cmake + +B = "${S}" + +DEPENDS = " \ + attr \ + boost \ + cynara \ + icu \ + libcap \ + smack \ + sqlite3 \ + systemd \ +" + +PACKAGECONFIG ??= "" +PACKAGECONFIG[debug] = "-DCMAKE_BUILD_TYPE=DEBUG,-DCMAKE_BUILD_TYPE=RELEASE" + +TZ_SYS_DB ?= "/var/db/security-manager" + +EXTRA_OECMAKE = " \ + -DCMAKE_VERBOSE_MAKEFILE=ON \ + -DVERSION=${PV} \ + -DSYSTEMD_INSTALL_DIR=${systemd_unitdir}/system \ + -DBIN_INSTALL_DIR=${bindir} \ + -DDB_INSTALL_DIR=${TZ_SYS_DB} \ + -DLIB_INSTALL_DIR=${libdir} \ + -DSHARE_INSTALL_PREFIX=${datadir} \ + -DINCLUDE_INSTALL_DIR=${includedir} \ +" + +inherit systemd +SYSTEMD_SERVICE_${PN} = "security-manager.service" + +inherit features_check +REQUIRED_DISTRO_FEATURES += "smack" + +# The upstream source code contains the Tizen-specific policy configuration files. +# To replace them, create a security-manager.bbappend and set the following variable to a +# space-separated list of policy file names (not URIs!), for example: +# SECURITY_MANAGER_POLICY = "privilege-group.list usertype-system.profile" +# +# Leave it empty to use the upstream Tizen policy. +SECURITY_MANAGER_POLICY ?= "" +SRC_URI_append = " ${@' '.join(['file://' + x for x in d.getVar('SECURITY_MANAGER_POLICY', True).split()])}" +python do_patch_append () { + import os + import shutil + import glob + files = d.getVar('SECURITY_MANAGER_POLICY', True).split() + if files: + s = d.getVar('S', True) + workdir = d.getVar('WORKDIR', True) + for pattern in ['*.profile', '*.list']: + for old_file in glob.glob(s + '/policy/' + pattern): + os.unlink(old_file) + for file in files: + shutil.copy(file, s + '/policy') +} + +do_install_append () { + install -d ${D}/${systemd_unitdir}/system/multi-user.target.wants + ln -s ../security-manager.service ${D}/${systemd_unitdir}/system/multi-user.target.wants/security-manager.service + install -d ${D}/${systemd_unitdir}/system/sockets.target.wants + ln -s ../security-manager.socket ${D}/${systemd_unitdir}/system/sockets.target.wants/security-manager.socket +} + +RDEPENDS_${PN} += "sqlite3 cynara" +FILES_${PN} += " \ + ${systemd_unitdir} \ + ${TZ_SYS_DB} \ + ${bindir}/.security-manager-setup \ +" + +PACKAGES =+ "${PN}-policy" +FILES_${PN}-policy = " \ + ${datadir}/${PN} \ + ${bindir}/security-manager-policy-reload \ +"