1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
#!/usr/bin/make -f
export DEB_BUILD_MAINT_OPTIONS = hardening=+bindnow
export DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
export DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
export PERL_VENDORARCH := $(shell perl -MConfig -e 'print substr($$Config{vendorarch},1)' )
export PYTHON=/usr/bin/python3
export PYTHON_VERSION=3
export PYTHON_VERSIONS=python3
%:
dh $@ --with=python2,python3,apache2,systemd
override_dh_auto_configure:
cd libraries/libapparmor && sh ./autogen.sh
dh_auto_configure -D libraries/libapparmor -- --with-perl --libdir /lib/$(DEB_HOST_MULTIARCH)
override_dh_auto_build:
# Create the empty file that was meant to be created by
# r3498-r3499-ignore-net-events-that-look-like-file-events.patch.
# Quilt does not support creating new empty files.
touch libraries/libapparmor/testsuite/test_multi/testcase_network_send_receive.err
# Build perl
dh_auto_build -D libraries/libapparmor
# Build pythons
set -e && for py in $(shell pyversions -s) $(shell py3versions -s) ; do \
cp -a $(CURDIR)/libraries/libapparmor $(CURDIR)/libraries/libapparmor.$$py && \
PYTHON=/usr/bin/$$py dh_auto_configure \
-D libraries/libapparmor.$$py -- --with-python && \
PYTHON=/usr/bin/$$py dh_auto_build \
-D libraries/libapparmor.$$py; \
done
# Don't run '$(MAKE) check' because of too many perl dependencies
# and various apparmor files installed on the system
# Build pythons
cd utils && $(MAKE)
for py in $(shell pyversions -s) $(shell py3versions -s) ; do \
cp -a $(CURDIR)/utils $(CURDIR)/utils.$$py && \
(cd utils.$$py && PYTHON=/usr/bin/$$py $(MAKE)) ; \
done
ifneq (,$(filter $(DEB_HOST_ARCH_OS), kfreebsd knetbsd hurd ))
cd binutils && $(MAKE) indep
cd parser && $(MAKE) indep
else
cd binutils && $(MAKE) V=1
cd parser && $(MAKE) V=1
endif
cd profiles && $(MAKE)
override_dh_auto_test:
ifeq (,$(filter $(DEB_HOST_ARCH_OS), kfreebsd knetbsd hurd ))
dh_auto_test -Dbinutils -- V=1
dh_auto_test -Dparser -- V=1
endif
dh_auto_test -Dlibraries/libapparmor -- V=1
set -e && for py in $(shell pyversions -s) $(shell py3versions -s) ; do \
PYTHON=/usr/bin/$$py dh_auto_test \
-D libraries/libapparmor.$$py -- PYTHON=/usr/bin/$$py; \
done
override_dh_auto_clean:
# Clean up from a Makefile.PL rebuild.
cd libraries/libapparmor/swig/perl && if test -f Makefile.perl; then \
$(MAKE) -fMakefile.perl realclean; \
fi
# Clean up from an autogen'd build.
cd $(CURDIR)/libraries/libapparmor && \
[ ! -f Makefile ] || $(MAKE) distclean
# Clean up rest of build.
set -e && for i in binutils utils parser profiles changehat/mod_apparmor \
changehat/pam_apparmor ; do \
[ ! -f $$i/Makefile ] || $(MAKE) -C $$i clean; \
rm -f $$i/common; \
done
# Remove the python build dirs
rm -rf $(CURDIR)/libraries/libapparmor.python*
rm -rf $(CURDIR)/utils.python*
# Try to clean up from an autogen'd build
cd libraries/libapparmor && [ ! -f Makefile ] || $(MAKE) distclean
# Remove generated debhelper documentation.
rm -f $(CURDIR)/debian/debhelper/dh_apparmor.1
# Remove autoconf build cruft.
rm -f $(CURDIR)/libraries/libapparmor/test-driver
override_dh_auto_install:
# Utils
cd utils && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install
set -e && for py in $(shell pyversions -s) $(shell py3versions -s) ; do \
(cd utils.$$py && PYTHON=/usr/bin/$$py $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install) ; \
done
# Parser
ifneq (,$(filter $(DEB_HOST_ARCH_OS), kfreebsd knetbsd hurd ))
cd binutils && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install-indep
install -D -m 755 $(CURDIR)/debian/non-linux/fake_apparmor_util \
$(CURDIR)/debian/tmp/sbin/apparmor_parser
install -D -m 755 $(CURDIR)/debian/non-linux/fake_apparmor_util \
$(CURDIR)/debian/tmp/usr/bin/aa-enabled
install -D -m 755 $(CURDIR)/debian/non-linux/fake_apparmor_util \
$(CURDIR)/debian/tmp/usr/bin/aa-exec
cd parser && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install-indep
else
cd binutils && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install
cd parser && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install
endif
# Changehat via libapparmor
cd libraries/libapparmor && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install
# fixup rpath for libapparmor-perl
find $(CURDIR)/debian/tmp/$(PERL_VENDORARCH) -name '*.so' | xargs chrpath --delete
# Install python swig modules
set -e && for py in $(shell pyversions -s) $(shell py3versions -s); do \
PYTHON=/usr/bin/$$py \
$(MAKE) -C libraries/libapparmor.$$py \
DESTDIR=$(CURDIR)/debian/tmp install; \
done
# Changehat via mod_apparmor
cd changehat/mod_apparmor && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install
# Fix rpath in mod_apparmor.so
chrpath -d $(CURDIR)/debian/tmp/usr/lib/apache2/modules/mod_apparmor.so
# Changehat via libpam-apparmor
cd changehat/pam_apparmor && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
install
# Fix rpath in pam_apparmor.so
chrpath -d $(CURDIR)/debian/tmp/lib/security/pam_apparmor.so
# Profiles
# We'd like to keep site.local from being a conffile
rm ./profiles/apparmor.d/tunables/xdg-user-dirs.d/site.local
cd profiles && $(MAKE) \
DESTDIR=$(CURDIR)/debian/tmp \
EXTRAS_DEST=$(CURDIR)/debian/tmp/usr/share/doc/apparmor-profiles/extras \
install
# set all profiles in apparmor-profiles to complain mode
cd $(CURDIR)/debian/tmp && sh $(CURDIR)/debian/put-all-profiles-in-complain-mode.sh
# Build debhelper documentation.
pod2man -c Debhelper -r "$(DEB_VERSION)" $(CURDIR)/debian/debhelper/dh_apparmor $(CURDIR)/debian/debhelper/dh_apparmor.1
# Create unversioned link in /usr to the shared library
MY_DSO=$$(basename $$(readlink $(CURDIR)/debian/tmp/lib/$(DEB_HOST_MULTIARCH)/libapparmor.so)); \
ln -sf /lib/$(DEB_HOST_MULTIARCH)/$${MY_DSO} \
$(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libapparmor.so
override_dh_installinit:
dh_installinit --update-rcd-params='start 37 S .' --no-start --no-restart-on-upgrade --error-handler=true
override_dh_compress:
dh_compress -Xextras
override_dh_perl:
dh_perl -p libapparmor-perl -d
dh_perl --no-package=libapparmor-perl
override_dh_apache2:
dh_apache2 --noenable
override_dh_install:
set -e && for profile in $(shell grep ^etc/apparmor.d/ $(CURDIR)/debian/apparmor-profiles.install | \
cut -d/ -f3- | grep -v /); do \
DH_AUTOSCRIPTDIR=debian/debhelper/ perl debian/debhelper/dh_apparmor --profile-name=$$profile -papparmor-profiles; \
done
sed -i -e 's,usr/lib/perl5,$(PERL_VENDORARCH),g' \
$(CURDIR)/debian/tmp/etc/apparmor/logprof.conf \
$(CURDIR)/debian/tmp/etc/apparmor/severity.db
dh_install
VERSION_SEP=+
VERSION=$(shell dpkg-parsechangelog | grep ^Version | cut -d$(VERSION_SEP) -f1 | cut -d\ -f2)
BZR_RELEASE=$(shell dpkg-parsechangelog | grep ^Version | cut -d$(VERSION_SEP) -f2 | cut -d. -f1 | cut -d- -f1 | sed -e 's/bzr//')
ORIG_FILE=$(CURDIR)/../apparmor_$(VERSION)$(VERSION_SEP)bzr$(BZR_RELEASE).orig.tar.gz
BZR_CO_DIR=$(CURDIR)/apparmor-$(VERSION)$(VERSION_SEP)bzr$(BZR_RELEASE)
get-orig-source:
test ! -e $(ORIG_FILE)
test ! -e $(BZR_CO_DIR)
bzr checkout --lightweight -r $(BZR_RELEASE) lp:~apparmor-dev/apparmor/master $(BZR_CO_DIR)
tar czf $(ORIG_FILE) -C `dirname $(BZR_CO_DIR)` --exclude .bzr `basename $(BZR_CO_DIR)`
rm -rf $(BZR_CO_DIR)
|
