#-------------------------------------------------------------------------
# smack patches for handling bluetooth
-SRC_URI_append_smack = "\
+SRC_URI_append_with-lsm-smack = "\
file://0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch \
"
#-------------------------------------------------------------------------
# smack patches for handling bluetooth
-SRC_URI_append_smack = "\
+SRC_URI_append_with-lsm-smack = "\
file://0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch \
"
KERNEL_CONFIG_FRAGMENTS_append_virtualmachine = " ${WORKDIR}/vbox-vmware-sata.cfg"
# Enable support for smack
-KERNEL_CONFIG_FRAGMENTS_append_smack = "\
+KERNEL_CONFIG_FRAGMENTS_append_with-lsm-smack = "\
${WORKDIR}/audit.cfg \
${WORKDIR}/smack.cfg \
${WORKDIR}/smack-default-lsm.cfg \
# enable security features (smack, cynara) - required by Application Framework
-OVERRIDES .= ":smack"
+OVERRIDES .= ":with-lsm-smack"
DISTRO_FEATURES_append = " smack dbus-cynara xattr"
# use tar-native to support SMACK extended attributes independently of host config
DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip json-c"
RDEPENDS_${PN}_class-target += "af-binder-tools"
-PACKAGE_WRITE_DEPS_append_smack = " smack-userspace-native libcap-native"
+PACKAGE_WRITE_DEPS_append_with-lsm-smack = " smack-userspace-native libcap-native"
EXTRA_OECMAKE_class-native = "\
-DUSE_LIBZIP=1 \
FILES_${PN} += "\
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service', '', d)} \
"
-RDEPENDS_${PN}_append_smack = " smack-userspace bash"
-DEPENDS_append_smack = " smack-userspace-native"
+RDEPENDS_${PN}_append_with-lsm-smack = " smack-userspace bash"
+DEPENDS_append_with-lsm-smack = " smack-userspace-native"
# short hacks here
SRC_URI += "\
chown ${afm_name}:${afm_name} $D${afm_datadir}/icons
}
-pkg_postinst_${PN}_append_smack() {
+pkg_postinst_${PN}_append_with-lsm-smack() {
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
chsmack -a 'System::Shared' -t $D${systemd_units_root}/system
chsmack -a 'System::Shared' -t $D${systemd_units_root}/system/afm-user-session@.target.wants
-RDEPENDS_${PN}_append_smack = " smack-userspace"
-PACKAGE_WRITE_DEPS_append_smack = " smack-userspace-native"
+RDEPENDS_${PN}_append_with-lsm-smack = " smack-userspace"
+PACKAGE_WRITE_DEPS_append_with-lsm-smack = " smack-userspace-native"
do_install_append() {
install -d ${D}/${sysconfdir}/skel/app-data
ln -s ../../var/local ${D}/usr/local
}
-do_install_append_smack () {
+do_install_append_with-lsm-smack () {
install -d ${D}/${sysconfdir}/smack/accesses.d
cat > ${D}/${sysconfdir}/smack/accesses.d/default-access-domains-no-user <<EOF
System User::App-Shared rwxat
chmod 0644 ${D}/${sysconfdir}/smack/accesses.d/default-access-domains-no-user
}
-pkg_postinst_${PN}_append_smack() {
+pkg_postinst_${PN}_append_with-lsm-smack() {
chsmack -r -a 'User::Home' -t -D $D/${sysconfdir}/skel
chsmack -a 'User::App-Shared' -D $D/${sysconfdir}/skel/app-data
cp -rTf --preserve=all $D/${sysconfdir}/skel $D/${ROOT_HOME}
FILESEXTRAPATHS_prepend := "${THISDIR}/security-manager:"
-PACKAGE_WRITE_DEPS_append_smack = " smack-userspace-native"
+PACKAGE_WRITE_DEPS_append_with-lsm-smack = " smack-userspace-native"
SRC_URI += " file://0001-Adapt-rules-to-AGL.patch \
file://init-security-manager-db.service \
FILESEXTRAPATHS_prepend := "${THISDIR}/linux:"
-SRC_URI_append_smack = " file://audit.cfg"
+SRC_URI_append_with-lsm-smack = " file://audit.cfg"
#-------------------------------------------------------------------------
# smack patches for handling bluetooth
-SRC_URI_append_smack = "\
+SRC_URI_append_with-lsm-smack = "\
file://0002-smack-fix-cache-of-access-labels.patch \
file://0003-Smack-ignore-null-signal-in-smack_task_kill.patch \
file://0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch \
BBLAYERS =+ " \
- ${METADIR}/meta-intel-iot-security/meta-security-smack \
- ${METADIR}/meta-intel-iot-security/meta-security-framework \
+ ${METADIR}/meta-security \
+ ${METADIR}/meta-openembedded/meta-perl \
+ ${METADIR}/meta-agl/meta-security \
${METADIR}/meta-agl/meta-app-framework \
"