search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
archrelease: copy trunk to extra-x86_64
[arch-packages.git] / apparmor / trunk / PKGBUILD
blob6bce7c8ca93a60d13fb2356338ea20a95fd2f7ea
1 # Maintainer: David Runge <dvzrv@archlinux.org>
2
3 pkgname=apparmor
4 pkgver=3.0.3
5 pkgrel=2
6 pkgdesc="Mandatory Access Control (MAC) using Linux Security Module (LSM)"
7 arch=(x86_64)
8 url="https://gitlab.com/apparmor/apparmor"
9 license=(GPL2 LGPL2.1)
10 depends=(audit glibc pam python)
11 makedepends=(apache libxcrypt python-setuptools ruby swig)
12 checkdepends=(dejagnu perl-locale-gettext python-notify2 python-psutil)
13 optdepends=('perl: for perl bindings'
14             'python-notify2: for aa-notify'
15             'python-psutil: for aa-notify'
16             'ruby: for ruby bindings')
17 provides=(libapparmor.so)
18 backup=('etc/apparmor/easyprof.conf'
19         'etc/apparmor/logprof.conf'
20         'etc/apparmor/notify.conf'
21         'etc/apparmor/parser.conf'
22         'etc/apparmor/severity.db')
23 source=(
24   "https://launchpad.net/${pkgname}/${pkgver%.[0-9]}/${pkgver}/+download/${pkgname}-${pkgver}.tar.gz"{,.asc}
25   "$pkgname-3.0.3-remove_distutils.patch::https://gitlab.com/apparmor/apparmor/-/commit/ab4cfb5e84a95decd06487dc4e59827ddb8ce79d.patch"
26   "$pkgname-3.0.3-python3.10.patch::https://gitlab.com/apparmor/apparmor/-/commit/6cfc6eeec22d3c9ffae413819654359b76680150.patch"
27 )
28 sha512sums=('bbf26377e60da60dab56473ee5af15aa0f3fdf2f2a61dbfcdeba12a925afda3bc6a0f6cc31e07927400425b8c3b3649833f448d8674044c7274ef06923ab48b5'
29             'SKIP'
30             'de4cae1b06fb4f56a8aade9ccb3f223a9930f7c37a865e04aef3446038c016a3880e91546d734ac7102d0df20e3edc5ec9a7909a850a936c94399c431fe5d853'
31             'ecfb29c60b0f1824817035c524f0265e1f5c977f2774f342c84fc783242acdca2835ff0ac099f852c07de5e6a42a323fd51b8c96c5d7695f46fd6cf135155fda')
32 b2sums=('aada9c32c2cde4a110cbd1d626ec00b08e29e76182185752e5c23e2ec0c2668a732ffdf1eb1660bd8bc294188ccf0da42b4282939f5969a6aed39084be00769c'
33         'SKIP'
34         '52c1d4a76f97e72765476e76277482771df18827d143d0ac04e1658e414224272a65a5dc11ac5308c30862b474c912f4642417176a44815723b49bb69ae9c356'
35         'cf545f9548c724f3b1c9c214755dda277bdd6b5b79065c32675c788ab6fc145dd798d0366a360e0f6a3a35f572c71906b0760c0a268c0ffde265e28414dc3326')
36 validpgpkeys=('3ECDCBA5FB34D254961CC53F6689E64E3D3664BB') # AppArmor Development Team (AppArmor signing key) <apparmor@lists.ubuntu.com>
37 _core_perl="/usr/bin/core_perl"
38
39 prepare() {
40   cd "${pkgname}-${pkgver}"
41
42   # replace use of distutils with setuptools
43   # https://gitlab.com/apparmor/apparmor/-/issues/202
44   patch -Np1 -i ../$pkgname-3.0.3-remove_distutils.patch
45   # ensure python3.10 compatibility:
46   #  https://gitlab.com/apparmor/apparmor/-/issues/187
47   patch -Np1 -i ../$pkgname-3.0.3-python3.10.patch
48   # remove test for help text that is broken by the above patches
49   sed '147,179d' -i utils/test/test-aa-notify.py
50
51   # fix PYTHONPATH and add LD_LIBRARY_PATH for aa-logprof based check:
52   # https://gitlab.com/apparmor/apparmor/issues/39
53   local python_version=$(python -c 'import sys; print(".".join(map(str, sys.version_info[:2])))')
54   local path="${PWD}/libraries/libapparmor/swig/python/build/lib.linux-${CARCH}-${python_version}/"
55   local libs="${PWD}/libraries/libapparmor/src/.libs"
56
57   sed -e "/PYTHONPATH/ s|utils\ |utils:$path\ LD_LIBRARY_PATH=$libs\ |" \
58       -i profiles/Makefile
59   (
60     cd libraries/libapparmor/
61     autoreconf -vfi
62   )
63 }
64
65 build() {
66   cd "${pkgname}-${pkgver}"
67
68   # export required perl executable locations
69   export MAKEFLAGS+=" POD2MAN=${_core_perl}/pod2man"
70   export MAKEFLAGS+=" POD2HTML=${_core_perl}/pod2html"
71   export MAKEFLAGS+=" PODCHECKER=${_core_perl}/podchecker"
72   export MAKEFLAGS+=" PROVE=${_core_perl}/prove"
73   (
74     cd "libraries/libapparmor/"
75     ./configure --prefix=/usr \
76                 --sbindir=/usr/bin \
77                 --with-perl \
78                 --with-python \
79                 --with-ruby
80     make
81   )
82   make -C binutils
83   make -C parser
84   make -C profiles
85   make -C utils
86   make -C changehat/pam_apparmor
87   make -C changehat/mod_apparmor
88   make -C utils/vim
89
90   # copy to test location as some tests render the resulting python bytecode
91   # unreproducible: https://gitlab.com/apparmor/apparmor/-/issues/184
92   cd ..
93   cp -av "${pkgname}-${pkgver}" "${pkgname}-${pkgver}-test"
94 }
95
96 check() {
97   cd "$pkgname-$pkgver-test"
98   echo "INFO: Running check: libraries/libapparmor"
99   make -C libraries/libapparmor check
100   echo "INFO: Running check binutils"
101   make -C binutils check
102   echo "INFO: Running check parser"
103   make -C parser check
104   # NOTE: the profiles checks are notoriously broken, so run each separately
105   echo "INFO: Running check-abstractions.d profiles"
106   make -C profiles check-abstractions.d
107 #  # many hardcoded paths are not accounted for:
108 #  # https://gitlab.com/apparmor/apparmor/-/issues/137
109 #  echo "INFO: Running check-logprof profiles"
110 #  make -C profiles check-logprof
111   echo "INFO: Running check-parser profiles"
112   make -C profiles check-parser
113   echo "INFO: Running check utils"
114   # we do not care about linting when running tests
115   # https://gitlab.com/apparmor/apparmor/-/issues/121
116   make PYFLAKES='/usr/bin/true' -C utils check
117 }
118
119 package() {
120   depends+=('libcrypt.so')
121   cd "$pkgname-$pkgver"
122   make -C libraries/libapparmor DESTDIR="${pkgdir}" install
123   make -C changehat/pam_apparmor DESTDIR="${pkgdir}/usr" install
124   make -C changehat/mod_apparmor DESTDIR="${pkgdir}" install
125   make -C binutils DESTDIR="${pkgdir}" \
126                    SBINDIR="${pkgdir}/usr/bin" \
127                    USR_SBINDIR="${pkgdir}/usr/bin" \
128                    install
129   make -C parser -j1 DESTDIR="${pkgdir}" \
130                      SBINDIR="${pkgdir}/usr/bin" \
131                      USR_SBINDIR="${pkgdir}/usr/bin" \
132                      APPARMOR_BIN_PREFIX="${pkgdir}/usr/lib/apparmor" \
133                      install install-systemd
134   make -C profiles DESTDIR="${pkgdir}" install
135   make -C utils DESTDIR="${pkgdir}" \
136                 SBINDIR="${pkgdir}/usr/bin" \
137                 USR_SBINDIR="${pkgdir}/usr/bin" \
138                 BINDIR="${pkgdir}/usr/bin" \
139                 VIM_INSTALL_PATH="${pkgdir}/usr/share/vim/vimfiles/syntax" \
140                 install
141
142   # set file mode to allow the perl library to be stripped:
143   # https://gitlab.com/apparmor/apparmor/issues/34
144   find "${pkgdir}/usr/lib/perl5/" \
145     -type f -iname "*.so" \
146     -exec chmod 755 {} \;
147
148   # removing empty core_perl directory:
149   # https://gitlab.com/apparmor/apparmor/issues/40
150   rm -rv "${pkgdir}"/usr/lib/perl5/*/core_perl
151   # move ruby bindings to vendor_ruby:
152   # https://gitlab.com/apparmor/apparmor/issues/35
153   mv -v "${pkgdir}/usr/lib/ruby/site_ruby/" \
154     "${pkgdir}/usr/lib/ruby/vendor_ruby/"
155   # adding files below /etc/apparmor.d to backup array
156   cd "${pkgdir}"
157   # trick extract_function_variable() in makepkg into not detecting the
158   # backup array modification and adding remaining configuration files
159   [[ /usr/bin/true ]] && backup=( ${backup[@]} $(find "etc/${pkgname}.d/" -type f | LC_ALL=C sort) )
160 }
archlinux package build