diff --git a/meta-openeuler/classes/selinux.bbclass b/meta-openeuler/classes/selinux.bbclass new file mode 100644 index 0000000000000000000000000000000000000000..25009c891d1a211fa5c86e8005b58e468e4736cd --- /dev/null +++ b/meta-openeuler/classes/selinux.bbclass @@ -0,0 +1,12 @@ +def target_selinux(d, truevar = 'selinux', falsevar = ''): + if not bb.utils.contains("DISTRO_FEATURES", "selinux", True, False, d): + return falsevar + + pn = d.getVar("PN", True) + type = pn.replace(d.getVar("BPN", True), "") + if type in ("-native", "nativesdk-", "-cross", "-crosssdk"): + return falsevar + + return truevar + +LIBSELINUX = "${@target_selinux(d, 'libselinux')}" diff --git a/meta-openeuler/conf/local.conf.sample b/meta-openeuler/conf/local.conf.sample index 0f80e1ff0c288daedc65d8fce3828f7594022373..0c3f35558adc4620872a0199bca62b766101141c 100644 --- a/meta-openeuler/conf/local.conf.sample +++ b/meta-openeuler/conf/local.conf.sample @@ -273,7 +273,7 @@ BB_DISKMON_DIRS ??= "\ CONF_VERSION = "2" HOSTTOOLS += "python chrpath rpmbuild pkg-config flex bison bc automake autoreconf libtool \ ninja xz autopoint autoreconf aclocal libtoolize autoscan autom4te autoconf autoheader \ - autoupdate libtool libtoolize pkg-config cmake fmt gperf m4 createrepo_c dnf ldconfig" + autoupdate libtool libtoolize pkg-config cmake fmt gperf m4 createrepo_c dnf ldconfig msgfmt" HOSTTOOLS_remove += "diffstat lz4c pzstd rpcgen" SANITY_REQUIRED_UTILITIES_remove += "diffstat chrpath" CONNECTIVITY_CHECK_URIS = "" @@ -284,7 +284,7 @@ ASSUME_PROVIDED += "rpm-native dwarfsrcfiles-native depmodwrapper-cross kmod-nat pixman-native texinfo-dummy-native python3-native python3-setuptools-native gettext-native \ m4-native flex-native unifdef-native rsync-native init-system-helpers automake-native \ autoconf-native libtool-native opkg-utils-native patch-native pkgconfig-native \ - init-system-helpers update-rc.d-native initscripts run-postinsts cmake-native ninja-native" + init-system-helpers update-rc.d-native run-postinsts cmake-native ninja-native" PATCHTOOL = "patch" TCMODE = "gcc-bin" INHERIT_remove += "uninative" diff --git a/meta-openeuler/recipes-core/initscripts/initscripts_10.12.bb b/meta-openeuler/recipes-core/initscripts/initscripts_10.12.bb new file mode 100644 index 0000000000000000000000000000000000000000..2429c2cb68868612ce88a8ce9e9d6ab4cff64d0e --- /dev/null +++ b/meta-openeuler/recipes-core/initscripts/initscripts_10.12.bb @@ -0,0 +1,73 @@ +SUMMARY = "SysV init scripts" +HOMEPAGE = "https://github.com/fedora-sysv/initscripts" +DESCRIPTION = "Initscripts provide the basic system startup initialization scripts for the system. These scripts include actions such as filesystem mounting, fsck, RTC manipulation and other actions routinely performed at system startup. In addition, the scripts are also used during system shutdown to reverse the actions performed at startup." +SECTION = "base" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" +PR = "1" + +SRC_URI = "file://initscripts/initscripts-10.12.tar.gz \ + file://initscripts/backport-run-ifdown-on-all-interfaces.patch \ + file://initscripts/bugfix-initscripts-add-udev-wait-dependency-for-network.patch \ + file://initscripts/bugfix-mod-network-function-when-NM-unmanage-devices.patch \ + file://initscripts/bugfix-initscripts-set-PERSISTENT_DHCLIENT-default-to-yes.patch \ + file://initscripts/bugfix-network-need-chkconfig-on.patch \ + file://initscripts/bugfix-restart-network-warning.patch \ + file://initscripts/new-network-fork-to-start-dhcp.patch \ + file://initscripts/exec-udevadm-settle-when-network-start.patch \ + file://initscripts/remove-rename_device_lock-when-process-does-not-exis.patch \ +" +INHIBIT_DEFAULT_DEPS = "1" + +KERNEL_VERSION = "" + +DEPENDS_append = " update-rc.d-native" +PACKAGE_WRITE_DEPS_append = " ${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd-systemctl-native','',d)}" + +PACKAGES =+ "${PN}-functions ${PN}-sushell" +RDEPENDS_${PN} = "initd-functions \ + ${@bb.utils.contains('DISTRO_FEATURES','selinux','${PN}-sushell','',d)} \ + " +#Recommend pn-functions so that it will be a preferred default provider for initd-functions +RRECOMMENDS_${PN} = "${PN}-functions" +RPROVIDES_${PN}-functions = "initd-functions" +RCONFLICTS_${PN}-functions = "lsbinitscripts" + +HALTARGS ?= "-d -f" + +do_configure() { +} + +do_install () { +# +# Create directories and install device independent scripts +# + mkdir -p ${D}/etc/sysconfig/network-scripts + install ${S}/network-scripts/* ${D}/etc/sysconfig/network-scripts/ + + mkdir -p ${D}/etc/init.d + install ${S}/etc/rc.d/init.d/* ${D}/etc/init.d/ +} + +MASKED_SCRIPTS = "" + +pkg_postinst_${PN} () { + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + if [ -n "$D" ]; then + OPTS="--root=$D" + fi + for SERVICE in ${MASKED_SCRIPTS}; do + systemctl $OPTS mask $SERVICE.service + done + fi + + # Delete any old volatile cache script, as directories may have moved + if [ -z "$D" ]; then + rm -f "/etc/volatile.cache" + fi +} + +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +CONFFILES_${PN} += "${sysconfdir}/init.d/checkroot.sh" diff --git a/meta-openeuler/recipes-core/libaio/libaio_0.3.112.bb b/meta-openeuler/recipes-core/libaio/libaio_0.3.112.bb index d0b78921f1d467fc346056f27fcb86e583e95b77..2e9a29a9be584ede65f726426311c06eadaaa844 100644 --- a/meta-openeuler/recipes-core/libaio/libaio_0.3.112.bb +++ b/meta-openeuler/recipes-core/libaio/libaio_0.3.112.bb @@ -9,7 +9,6 @@ SRC_URI = "file://libaio/libaio-${PV}.tar.gz \ file://libaio/0001-libaio-arm64-ilp32.patch \ file://libaio/0002-libaio-makefile-cflags.patch \ file://libaio/0003-libaio-fix-for-x32.patch \ - file://00_arches.patch \ " EXTRA_OEMAKE =+ "prefix=${prefix} includedir=${includedir} libdir=${libdir}" diff --git a/meta-openeuler/recipes-core/libestr/libestr_0.1.11.bb b/meta-openeuler/recipes-core/libestr/libestr_0.1.11.bb new file mode 100644 index 0000000000000000000000000000000000000000..d8c7d363c43ea6b8a769fe2217ca7184c6bf4971 --- /dev/null +++ b/meta-openeuler/recipes-core/libestr/libestr_0.1.11.bb @@ -0,0 +1,8 @@ +SUMMARY = "some essentials for string handling (and a bit more)" +HOMEPAGE = "http://libestr.adiscon.com/" +LICENSE = "LGPLv2.1" +LIC_FILES_CHKSUM = "file://COPYING;md5=9d6c993486c18262afba4ca5bcb894d0" + +UPSTREAM_CHECK_URI = "http://libestr.adiscon.com/download/" +SRC_URI = "file://${BPN}/${BP}.tar.gz" +inherit autotools diff --git a/meta-openeuler/recipes-core/libfastjson/libfastjson_0.99.9.bb b/meta-openeuler/recipes-core/libfastjson/libfastjson_0.99.9.bb new file mode 100644 index 0000000000000000000000000000000000000000..849eaf5107db2be44ca99f2c6d88712073dfcaaa --- /dev/null +++ b/meta-openeuler/recipes-core/libfastjson/libfastjson_0.99.9.bb @@ -0,0 +1,9 @@ +SUMMARY = "A fork of json-c library" +HOMEPAGE = "https://github.com/rsyslog/libfastjson" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://COPYING;md5=a958bb07122368f3e1d9b2efe07d231f" + +SRC_URI = "file://${BPN}/${BP}.tar.gz" +CFLAGS="-lm" + +inherit autotools diff --git a/meta-openeuler/recipes-core/logrotate/logrotate_3.18.1.bb b/meta-openeuler/recipes-core/logrotate/logrotate_3.18.1.bb new file mode 100644 index 0000000000000000000000000000000000000000..8258b144b6661bf118c97b6fd4e99572ba9265f2 --- /dev/null +++ b/meta-openeuler/recipes-core/logrotate/logrotate_3.18.1.bb @@ -0,0 +1,85 @@ +SUMMARY = "Rotates, compresses, removes and mails system log files" +SECTION = "console/utils" +HOMEPAGE = "https://github.com/logrotate/logrotate/" +DESCRIPTION = "The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files." +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" + +DEPENDS = "popt" + +SRC_URI = "file://${BPN}/${BP}.tar.xz" +UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases" +UPSTREAM_CHECK_REGEX = "logrotate-(?P\d+(\.\d+)+).tar" + +# These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used +CVE_CHECK_WHITELIST += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550" + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}" + +PACKAGECONFIG[acl] = ",,acl" +PACKAGECONFIG[selinux] = ",,libselinux" + +CONFFILES_${PN} += "${localstatedir}/lib/logrotate.status \ + ${sysconfdir}/logrotate.conf \ + ${sysconfdir}/logrotate.d/btmp \ + ${sysconfdir}/logrotate.d/wtmp" + +# If RPM_OPT_FLAGS is unset, it adds -g itself rather than obeying our +# optimization variables, so use it rather than EXTRA_CFLAGS. +EXTRA_OEMAKE = "\ + LFS= \ + OS_NAME='${OS_NAME}' \ + 'CC=${CC}' \ + 'RPM_OPT_FLAGS=${CFLAGS}' \ + 'EXTRA_LDFLAGS=${LDFLAGS}' \ + ${@bb.utils.contains('PACKAGECONFIG', 'acl', 'WITH_ACL=yes', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'selinux', 'WITH_SELINUX=yes', '', d)} \ +" + +# OS_NAME in the makefile defaults to `uname -s`. The behavior for +# freebsd/netbsd is questionable, so leave it as Linux, which only sets +# INSTALL=install and BASEDIR=/usr. +OS_NAME = "Linux" + +inherit autotools systemd + +SYSTEMD_SERVICE_${PN} = "\ + ${BPN}.service \ + ${BPN}.timer \ +" + +LOGROTATE_OPTIONS ?= "" + +LOGROTATE_SYSTEMD_TIMER_BASIS ?= "daily" +LOGROTATE_SYSTEMD_TIMER_ACCURACY ?= "12h" +LOGROTATE_SYSTEMD_TIMER_PERSISTENT ?= "true" + +do_install(){ + oe_runmake install DESTDIR=${D} PREFIX=${D} MANDIR=${mandir} + mkdir -p ${D}${sysconfdir}/logrotate.d + mkdir -p ${D}${localstatedir}/lib + install -p -m 644 ${S}/examples/logrotate.conf ${D}${sysconfdir}/logrotate.conf + install -p -m 644 ${S}/examples/btmp ${D}${sysconfdir}/logrotate.d/btmp + install -p -m 644 ${S}/examples/wtmp ${D}${sysconfdir}/logrotate.d/wtmp + touch ${D}${localstatedir}/lib/logrotate.status + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${S}/examples/logrotate.service ${D}${systemd_system_unitdir}/logrotate.service + install -m 0644 ${S}/examples/logrotate.timer ${D}${systemd_system_unitdir}/logrotate.timer + [ -z "${LOGROTATE_OPTIONS}" ] || + sed -ri \ + -e 's|(ExecStart=.*/logrotate.*)$|\1 ${LOGROTATE_OPTIONS}|g' \ + ${D}${systemd_system_unitdir}/logrotate.service + sed -ri \ + -e 's|(OnCalendar=).*$|\1${LOGROTATE_SYSTEMD_TIMER_BASIS}|g' \ + -e 's|(AccuracySec=).*$|\1${LOGROTATE_SYSTEMD_TIMER_ACCURACY}|g' \ + -e 's|(Persistent=).*$|\1${LOGROTATE_SYSTEMD_TIMER_PERSISTENT}|g' \ + ${D}${systemd_system_unitdir}/logrotate.timer + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + mkdir -p ${D}${sysconfdir}/cron.daily + install -p -m 0755 ${S}/examples/logrotate.cron ${D}${sysconfdir}/cron.daily/logrotate + fi +} diff --git a/meta-openeuler/recipes-core/rsyslog/rsyslog/initscript b/meta-openeuler/recipes-core/rsyslog/rsyslog/initscript new file mode 100644 index 0000000000000000000000000000000000000000..96e9d74ca4e25856f8781475788cbbfe1b01eefb --- /dev/null +++ b/meta-openeuler/recipes-core/rsyslog/rsyslog/initscript @@ -0,0 +1,119 @@ +#! /bin/sh +# +# This is an init script for openembedded +# Copy it to /etc/init.d/rsyslog and type +# > update-rc.d rsyslog defaults 5 +# + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +NAME=rsyslog +RSYSLOGD=rsyslogd +RSYSLOGD_BIN=/usr/sbin/rsyslogd +RSYSLOGD_OPTIONS="" +RSYSLOGD_PIDFILE=/var/run/rsyslogd.pid +SCRIPTNAME=/etc/init.d/$NAME +# Exit if the package is not installed +[ -x "$RSYSLOGD_BIN" ] || exit 0 +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME +# +# Function that starts the daemon/service +# +do_start() +{ + DAEMON=$1 + DAEMON_ARGS=$2 + PIDFILE=$3 + # Return + # 0 if daemon has been started + # 1 if daemon could not be started + # if daemon had already been started, start-stop-daemon will return 1 + # so add -o/--oknodo(if nothing is done, exit 0) + start-stop-daemon -S --quiet --pidfile $PIDFILE --exec $DAEMON \ + --oknodo -- $DAEMON_ARGS || return 1 +} +# +# Function that stops the daemon/service +# +do_stop() +{ + NAME=$1 + PIDFILE=$2 + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + # QUIT/TERM/INT should work here, but they don't ????? + start-stop-daemon -K --quiet --signal KILL --pidfile $PIDFILE --name $NAME + RETVAL="$?" + rm -f $PIDFILE + return "$RETVAL" +} +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + NAME=$1 + PIDFILE=$2 + start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +do_status() { + NAME=$1 + PIDFILE=$2 + # -t: test only but not stop + start-stop-daemon -K -t --quiet --pidfile $PIDFILE --name $NAME + # exit with status 0 if process is found + if [ "$?" = "0" ]; then + return 0 + else + return 1 + fi +} + +case "$1" in + start) + echo -n "starting $RSYSLOGD ... " + do_start "$RSYSLOGD_BIN" "$RSYSLOGD_OPTIONS" "$RSYSLOGD_PIDFILE" + case "$?" in + 0) echo "done" ;; + 1) echo "failed" ;; + esac + ;; + stop) + echo -n "stopping $RSYSLOGD ... " + do_stop "$RSYSLOGD" "$RSYSLOGD_PIDFILE" + case "$?" in + 0|1) echo "done" ;; + 2) echo "failed" ;; + esac + ;; + reload|force-reload) + echo -n "reloading $RSYSLOGD ... " + do_reload "$RSYSLOGD" "$RSYSLOGD_PIDFILE" + echo "done" + ;; + restart) + $0 stop + $0 start + ;; + status) + echo -n "status $RSYSLOGD ... " + do_status "$RSYSLOGD" "$RSYSLOGD_PIDFILE" + if [ "$?" = "0" ]; then + echo "running" + exit 0 + else + echo "stopped" + exit 1 + fi + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2 + exit 3 + ;; +esac +exit 0 + diff --git a/meta-openeuler/recipes-core/rsyslog/rsyslog/rsyslog.conf b/meta-openeuler/recipes-core/rsyslog/rsyslog/rsyslog.conf new file mode 100644 index 0000000000000000000000000000000000000000..3db32f0c1cf1a14a9f5ba0a91998360ff47840fc --- /dev/null +++ b/meta-openeuler/recipes-core/rsyslog/rsyslog/rsyslog.conf @@ -0,0 +1,85 @@ +# rsyslog configuration file + +# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html +# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html + +#### MODULES #### + +$ModLoad imuxsock # provides support for local system logging (e.g. via logger command) +$ModLoad imklog # reads kernel messages (the same are read from journald) +$ModLoad immark # provides --MARK-- message capability + +# Provides UDP syslog reception +#$ModLoad imudp +#$UDPServerRun 514 + +# Provides TCP syslog reception +#$ModLoad imtcp +#$InputTCPServerRun 514 + + +#### GLOBAL DIRECTIVES #### +$FileGroup root +$FileOwner root +$FileCreateMode 0640 + +# Where to place auxiliary files +$WorkDirectory /var/lib/rsyslog + +# Use default timestamp format +$ActionFileDefaultTemplate RSYSLOG_FileFormat + +# File syncing capability is disabled by default. This feature is usually not required, +# not useful and an extreme performance hit +#$ActionFileEnableSync on + +# Include all config files in /etc/rsyslog.d/ +$IncludeConfig /etc/rsyslog.d/*.conf + + +#### RULES #### + +# Log all kernel messages to the console. +# Logging much else clutters up the screen. +#kern.* /dev/console + +# Log anything (except mail) of level info or higher. +# Don't log private authentication messages! +*.info;mail.none /var/log/messages + +# The authpriv file has restricted access. +authpriv.* /var/log/secure + +# Log all the mail messages in one place. +mail.* -/var/log/maillog + + +# Log cron stuff +cron.* /var/log/cron + +# Everybody gets emergency messages +*.emerg :omusrmsg:* + +# Save news errors of level crit and higher in a special file. +uucp,news.crit /var/log/spooler + +# Save boot messages also to boot.log +local7.* /var/log/boot.log + + +# ### begin forwarding rule ### +# The statement between the begin ... end define a SINGLE forwarding +# rule. They belong together, do NOT split them. If you create multiple +# forwarding rules, duplicate the whole block! +# Remote Logging (we use TCP for reliable delivery) +# +# An on-disk queue is created for this action. If the remote host is +# down, messages are spooled to disk and sent when it is up again. +#$ActionQueueFileName fwdRule1 # unique name prefix for spool files +#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) +#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown +#$ActionQueueType LinkedList # run asynchronously +#$ActionResumeRetryCount -1 # infinite retries if host is down +# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional +#*.* @@remote-host:514 +# ### end of the forwarding rule ### diff --git a/meta-openeuler/recipes-core/rsyslog/rsyslog/rsyslog.logrotate b/meta-openeuler/recipes-core/rsyslog/rsyslog/rsyslog.logrotate new file mode 100644 index 0000000000000000000000000000000000000000..962794577d75516f553240012520b0a0d3d2ea10 --- /dev/null +++ b/meta-openeuler/recipes-core/rsyslog/rsyslog/rsyslog.logrotate @@ -0,0 +1,40 @@ +# /etc/logrotate.d/rsyslog - Ported from Debian + +/var/log/syslog +{ + rotate 7 + daily + missingok + notifempty + delaycompress + compress + postrotate + @BINDIR@/pkill -HUP rsyslogd 2> /dev/null || true + endscript +} + +/var/log/mail.info +/var/log/mail.warn +/var/log/mail.err +/var/log/mail.log +/var/log/daemon.log +/var/log/kern.log +/var/log/auth.log +/var/log/user.log +/var/log/lpr.log +/var/log/cron.log +/var/log/debug +/var/log/messages +{ + rotate 4 + weekly + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + @BINDIR@/pkill -HUP rsyslogd 2> /dev/null || true + endscript +} + diff --git a/meta-openeuler/recipes-core/rsyslog/rsyslog_8.2110.0.bb b/meta-openeuler/recipes-core/rsyslog/rsyslog_8.2110.0.bb new file mode 100644 index 0000000000000000000000000000000000000000..ab0cf6e3821e347301df82fa17a301a3e05aacd8 --- /dev/null +++ b/meta-openeuler/recipes-core/rsyslog/rsyslog_8.2110.0.bb @@ -0,0 +1,108 @@ +SUMMARY = "Rsyslog is an enhanced multi-threaded syslogd" +DESCRIPTION = "\ + Rsyslog is an enhanced syslogd supporting, among others, MySQL,\ + PostgreSQL, failover log destinations, syslog/tcp, fine grain\ + output format control, high precision timestamps, queued operations\ + and the ability to filter on any message part. It is quite\ + compatible to stock sysklogd and can be used as a drop-in replacement.\ + Its advanced features make it suitable for enterprise-class,\ + encryption protected syslog relay chains while at the same time being\ + very easy to setup for the novice user." + +DEPENDS = "zlib libestr libfastjson bison-native" +HOMEPAGE = "http://www.rsyslog.com/" +LICENSE = "GPLv3 & LGPLv3 & Apache-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=51d9635e646fb75e1b74c074f788e973" + +SRC_URI = "file://${BPN}/${BP}.tar.gz \ + file://${BPN}/rsyslog-8.24.0-ensure-parent-dir-exists-when-writting-log-file.patch \ + file://${BPN}/bugfix-rsyslog-7.4.7-imjournal-add-monotonic-timestamp.patch \ + file://${BPN}/bugfix-rsyslog-7.4.7-add-configuration-to-avoid-memory-leak.patch \ + file://${BPN}/rsyslog-8.24.0-set-permission-of-syslogd-dot-pid-to-0644.patch \ + file://${BPN}/rsyslog-8.37.0-initialize-variables-and-check-return-value.patch \ + file://initscript \ + file://rsyslog.conf \ + file://rsyslog.logrotate \ +" +UPSTREAM_CHECK_URI = "https://github.com/rsyslog/rsyslog/releases" +UPSTREAM_CHECK_REGEX = "(?P\d+(\.\d+)+)" + +inherit autotools pkgconfig + +#not enable --enable-libsystemd configuration options +EXTRA_OECONF += "--disable-generate-man-pages ap_cv_atomic_builtins=yes --enable-libsystemd=no" +EXTRA_OECONF_remove_mipsarch = "ap_cv_atomic_builtins=yes" +EXTRA_OECONF_remove_powerpc = "ap_cv_atomic_builtins=yes" +EXTRA_OECONF_remove_riscv32 = "ap_cv_atomic_builtins=yes" +CFLAGS += " -I${RECIPE_SYSROOT}/usr/include/libfastjson/ " +# first line is default yes in configure +PACKAGECONFIG ??= " \ + rsyslogd rsyslogrt klog inet regexp uuid \ + fmhttp imdiag imfile \ + ${@bb.utils.filter('DISTRO_FEATURES', 'snmp', d)} \ +" +RSYSLOG_IMAGE_NAME = "${MACHINE_ARCH}${RTOS_KERNEL_TAG}" +PACKAGECONFIG_remove += "${@bb.utils.contains('RSYSLOG_IMAGE_NAME', 'arm32a15eb-5.10', 'fmhttp', '', d)}" +PACKAGECONFIG_remove += "${@bb.utils.contains('RSYSLOG_IMAGE_NAME', 'arm32a9eb-5.10', 'fmhttp', '', d)}" +PACKAGECONFIG_remove += "${@bb.utils.contains('RSYSLOG_IMAGE_NAME', 'arm32a9eb-tiny-5.10', 'fmhttp', '', d)}" +PACKAGECONFIG_remove += "${@bb.utils.contains('RSYSLOG_IMAGE_NAME', 'arm64eb-5.10', 'fmhttp', '', d)}" +PACKAGECONFIG_remove += "${@bb.utils.contains('RSYSLOG_IMAGE_NAME', 'arm64el-5.10', 'fmhttp', '', d)}" +PACKAGECONFIG_remove += "${@bb.utils.contains('RSYSLOG_IMAGE_NAME', 'arm32a7el-preempt-5.10', 'fmhttp', '', d)}" + +# add imfile module to support file monitor function +PACKAGECONFIG_append_arm64el = "${@bb.utils.contains('RTOS_TAG', '-preempt', 'imfile', '', d)}" + +# default yes in configure +PACKAGECONFIG[relp] = "--enable-relp,--disable-relp,librelp," +PACKAGECONFIG[rsyslogd] = "--enable-rsyslogd,--disable-rsyslogd,," +PACKAGECONFIG[rsyslogrt] = "--enable-rsyslogrt,--disable-rsyslogrt,," +PACKAGECONFIG[fmhttp] = "--enable-fmhttp,--disable-fmhttp,curl," +PACKAGECONFIG[inet] = "--enable-inet,--disable-inet,," +PACKAGECONFIG[klog] = "--enable-klog,--disable-klog,," +PACKAGECONFIG[regexp] = "--enable-regexp,--disable-regexp,," +PACKAGECONFIG[uuid] = "--enable-uuid,--disable-uuid,util-linux," +PACKAGECONFIG[libgcrypt] = "--enable-libgcrypt,--disable-libgcrypt,libgcrypt," +PACKAGECONFIG[testbench] = "--enable-testbench --enable-omstdout,--disable-testbench --disable-omstdout,," + +# default no in configure +PACKAGECONFIG[debug] = "--enable-debug,--disable-debug,," +PACKAGECONFIG[imdiag] = "--enable-imdiag,--disable-imdiag,," +PACKAGECONFIG[imfile] = "--enable-imfile,--disable-imfile,," +PACKAGECONFIG[snmp] = "--enable-snmp,--disable-snmp,net-snmp," +PACKAGECONFIG[gnutls] = "--enable-gnutls,--disable-gnutls,gnutls," +PACKAGECONFIG[imjournal] = "--enable-imjournal,--disable-imjournal," +PACKAGECONFIG[mmjsonparse] = "--enable-mmjsonparse,--disable-mmjsonparse," +PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5," +PACKAGECONFIG[postgresql] = "--enable-pgsql,--disable-pgsql,postgresql," +PACKAGECONFIG[libdbi] = "--enable-libdbi,--disable-libdbi,libdbi," +PACKAGECONFIG[mail] = "--enable-mail,--disable-mail,," +PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind,valgrind," +do_install_append() { + install -d "${D}${sysconfdir}/init.d" + install -d "${D}${sysconfdir}/logrotate.d" + install -d "${D}/var/lib/rsyslog" + install -m 750 ${WORKDIR}/initscript ${D}${sysconfdir}/init.d/syslog + install -m 644 ${WORKDIR}/rsyslog.conf ${D}${sysconfdir}/rsyslog.conf + install -m 644 ${WORKDIR}/rsyslog.logrotate ${D}${sysconfdir}/logrotate.d/logrotate.rsyslog + sed -i -e "s#@BINDIR@#${bindir}#g" ${D}${sysconfdir}/logrotate.d/logrotate.rsyslog + + if ${@bb.utils.contains('PACKAGECONFIG', 'imjournal', 'true', 'false', d)}; then + install -d 0755 ${D}${sysconfdir}/rsyslog.d + echo '$ModLoad imjournal' >> ${D}${sysconfdir}/rsyslog.d/imjournal.conf + fi + if ${@bb.utils.contains('PACKAGECONFIG', 'mmjsonparse', 'true', 'false', d)}; then + install -d 0755 ${D}${sysconfdir}/rsyslog.d + echo '$ModLoad mmjsonparse' >> ${D}${sysconfdir}/rsyslog.d/mmjsonparse.conf + fi +} + +FILES_${PN} += "${bindir}" + +INITSCRIPT_NAME = "syslog" +INITSCRIPT_PARAMS = "defaults" + +CONFFILES_${PN} = "${sysconfdir}/rsyslog.conf" + +RCONFLICTS_${PN} = "busybox-syslog sysklogd syslog-ng" + +RDEPENDS_${PN} += "logrotate" diff --git a/meta-openeuler/recipes-core/selinux/libselinux.inc b/meta-openeuler/recipes-core/selinux/libselinux.inc new file mode 100644 index 0000000000000000000000000000000000000000..189bd7e8d3ead9be03eec7b52059606742585fcc --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/libselinux.inc @@ -0,0 +1,22 @@ +SUMMARY = "SELinux library and simple utilities" +DESCRIPTION = "libselinux provides an API for SELinux applications to get and set \ +process and file security contexts and to obtain security policy \ +decisions. Required for any applications that use the SELinux API." +SECTION = "base" +LICENSE = "PD" + +inherit lib_package + +DEPENDS += "libsepol libpcre" + +def get_policyconfigarch(d): + import re + target = d.getVar('TARGET_ARCH', True) + p = re.compile('i.86') + target = p.sub('i386',target) + return "ARCH=%s" % (target) +EXTRA_OEMAKE += "${@get_policyconfigarch(d)}" + +EXTRA_OEMAKE += "LDFLAGS='${LDFLAGS} -lpcre ' CFLAGS=' ${CFLAGS} -DNO_ANDROID_BACKEND'" + +BBCLASSEXTEND = "native" diff --git a/meta-openeuler/recipes-core/selinux/libselinux_3.3.bb b/meta-openeuler/recipes-core/selinux/libselinux_3.3.bb new file mode 100644 index 0000000000000000000000000000000000000000..49fd3cd2da8f60d09f47998d2ea6977edaf38ea1 --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/libselinux_3.3.bb @@ -0,0 +1,8 @@ +require selinux_common.inc +require ${BPN}.inc + +LIC_FILES_CHKSUM = "file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0" + +SRC_URI = "file://libselinux/libselinux-${PV}.tar.gz \ + file://libselinux/do-malloc-trim-after-load-policy.patch \ +" diff --git a/meta-openeuler/recipes-core/selinux/libsemanage.inc b/meta-openeuler/recipes-core/selinux/libsemanage.inc new file mode 100644 index 0000000000000000000000000000000000000000..76ea9986596a0aac4bd1fbb482439575b59d78a0 --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/libsemanage.inc @@ -0,0 +1,25 @@ +SUMMARY = "SELinux binary policy manipulation library" +DESCRIPTION = "libsemanage provides an API for the manipulation of SELinux binary policies. \ +It is used by checkpolicy (the policy compiler) and similar tools, as well \ +as by programs like load_policy that need to perform specific transformations \ +on binary policies such as customizing policy boolean settings." +SECTION = "base" +LICENSE = "LGPLv2.1+" + +inherit lib_package + +DEPENDS += "libsepol libselinux bzip2 bison-native" +DEPENDS_append_class-target += "audit" + +EXTRA_OEMAKE_class-native += "DISABLE_AUDIT=y" + +do_install() { + oe_runmake install \ + DESTDIR="${D}" \ + PREFIX="${prefix}" \ + INCLUDEDIR="${includedir}" \ + LIBDIR="${libdir}" \ + SHLIBDIR="${libdir}" +} + +BBCLASSEXTEND = "native" diff --git a/meta-openeuler/recipes-core/selinux/libsemanage_3.3.bb b/meta-openeuler/recipes-core/selinux/libsemanage_3.3.bb new file mode 100644 index 0000000000000000000000000000000000000000..6d3fd53b5e3beb39607bb253c5a15602bc76966b --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/libsemanage_3.3.bb @@ -0,0 +1,8 @@ +require selinux_common.inc +require ${BPN}.inc + +LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" + +SRC_URI = "file://libsemanage/libsemanage-${PV}.tar.gz \ + file://libsemanage/fix-test-failure-with-secilc.patch \ +" diff --git a/meta-openeuler/recipes-core/selinux/libsepol.inc b/meta-openeuler/recipes-core/selinux/libsepol.inc new file mode 100644 index 0000000000000000000000000000000000000000..9601fae15b4c62c190eddaafb4e8fcb0c1aec79d --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/libsepol.inc @@ -0,0 +1,16 @@ +SUMMARY = "SELinux binary policy manipulation library" +DESCRIPTION = "libsepol provides an API for the manipulation of SELinux binary policies. \ +It is used by checkpolicy (the policy compiler) and similar tools, as well \ +as by programs like load_policy that need to perform specific transformations \ +on binary policies such as customizing policy boolean settings." +SECTION = "base" +LICENSE = "LGPLv2+" + +inherit lib_package + +# Change RANLIB for cross compiling, use host-tools $(AR) rather than +# local ranlib. +EXTRA_OEMAKE += "RANLIB='$(AR) s'" + +BBCLASSEXTEND = "native" +DEPENDS += "" diff --git a/meta-openeuler/recipes-core/selinux/libsepol_3.3.bb b/meta-openeuler/recipes-core/selinux/libsepol_3.3.bb new file mode 100644 index 0000000000000000000000000000000000000000..21c06a53148848ffcc25859f7bd44e1ebf144b24 --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/libsepol_3.3.bb @@ -0,0 +1,6 @@ +require selinux_common.inc +require ${BPN}.inc +LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" + +SRC_URI += "file://libsepol/${BP}.tar.gz" +CFLAGS += "${@bb.utils.contains('RTOS_KASAN', 'kasan', '-fcommon', '', d)}" diff --git a/meta-openeuler/recipes-core/selinux/policycoreutils.inc b/meta-openeuler/recipes-core/selinux/policycoreutils.inc new file mode 100644 index 0000000000000000000000000000000000000000..29e91b5ea788fee4246577a96fa4a854f9cf8aa4 --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/policycoreutils.inc @@ -0,0 +1,168 @@ +SUMMARY = "SELinux policy core utilities" +DESCRIPTION = "policycoreutils contains the policy core utilities that are required \ +for basic operation of a SELinux system. These utilities include \ +load_policy to load policies, setfiles to label filesystems, newrole \ +to switch roles, and run_init to run /etc/init.d scripts in the proper \ +context." +SECTION = "base" +LICENSE = "GPLv2+" + +DEPENDS += "libsepol libselinux libsemanage libcap gettext-native" +EXTRA_DEPENDS = "libcap-ng" +DEPENDS += "${@['', '${EXTRA_DEPENDS}']['${PN}' != '${BPN}-native']}" + +inherit selinux +DEPENDS += "${@target_selinux(d, 'audit')}" + +RDEPENDS_${BPN}-fixfiles += "\ + ${BPN}-setfiles \ +" +RDEPENDS_${BPN}-genhomedircon += "\ + ${BPN}-semodule \ +" +RDEPENDS_${BPN}-loadpolicy += "\ + libselinux \ + libsepol \ +" +RDEPENDS_${BPN}-newrole += "\ + libcap-ng \ + libselinux \ +" +RDEPENDS_${BPN}-runinit += "libselinux" +RDEPENDS_${BPN}-secon += "libselinux" +RDEPENDS_${BPN}-semodule += "\ + libsepol \ + libselinux \ + libsemanage \ +" +RDEPENDS_${BPN}-sestatus += "libselinux" +RDEPENDS_${BPN}-setfiles += "\ + libselinux \ + libsepol \ +" +RDEPENDS_${BPN}-setsebool += "\ + libsepol \ + libselinux \ + libsemanage \ +" + +PACKAGES =+ "\ + ${PN}-fixfiles \ + ${PN}-genhomedircon \ + ${PN}-hll \ + ${PN}-loadpolicy \ + ${PN}-newrole \ + ${PN}-runinit \ + ${PN}-secon \ + ${PN}-semodule \ + ${PN}-sestatus \ + ${PN}-setfiles \ +" +FILES_${PN}-fixfiles += "${base_sbindir}/fixfiles" +FILES_${PN}-genhomedircon += "${base_sbindir}/genhomedircon" +FILES_${PN}-loadpolicy += "\ + ${base_sbindir}/load_policy \ +" +FILES_${PN}-newrole += "\ + ${bindir}/newrole \ + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/newrole', '', d)} \ +" +FILES_${PN}-runinit += "\ + ${base_sbindir}/run_init \ + ${base_sbindir}/open_init_pty \ + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/run_init', '', d)} \ +" +FILES_${PN}-dbg += "${prefix}/libexec/selinux/hll/.debug" +FILES_${PN}-secon += "${bindir}/secon" +FILES_${PN}-semodule += "${base_sbindir}/semodule" +FILES_${PN}-hll += "${prefix}/libexec/selinux/hll/*" +FILES_${PN}-sestatus += "\ + ${base_sbindir}/sestatus \ + ${sysconfdir}/sestatus.conf \ +" +FILES_${PN}-setfiles += "\ + ${base_sbindir}/restorecon \ + ${base_sbindir}/restorecon_xattr \ + ${base_sbindir}/setfiles \ +" +FILES_${PN}-setsebool += "\ + ${base_sbindir}/setsebool \ + ${datadir}/bash-completion/completions/setsebool \ +" + +export STAGING_INCDIR +export STAGING_LIBDIR + +AUDITH="`ls ${STAGING_INCDIR}/libaudit.h >/dev/null 2>&1 && echo /usr/include/libaudit.h `" +EXTRA_OEMAKE += "${@target_selinux(d, 'AUDITH=${AUDITH}', 'AUDITH= ')} INOTIFYH=n" +EXTRA_OEMAKE += "PREFIX=${D}" +EXTRA_OEMAKE += "INITDIR=${D}/etc/init.d" + +BBCLASSEXTEND = "native" + +PCU_NATIVE_CMDS = "setfiles semodule hll" + +do_compile_virtclass-native() { + for PCU_CMD in ${PCU_NATIVE_CMDS} ; do + oe_runmake -C $PCU_CMD \ + INCLUDEDIR='${STAGING_INCDIR}' \ + LIBDIR='${STAGING_LIBDIR}' + done +} + +do_compile_class-native() { + for PCU_CMD in ${PCU_NATIVE_CMDS} ; do + oe_runmake -C $PCU_CMD \ + INCLUDEDIR='${STAGING_INCDIR}' \ + LIBDIR='${STAGING_LIBDIR}' + done +} + +do_compile_prepend() { + export PYTHON=${PYTHON} + export PYLIBVER='python${PYTHON_BASEVERSION}' + export PYTHON_CPPFLAGS="-I${STAGING_INCDIR_NATIVE}/${PYLIBVER}" + export PYTHON_LDFLAGS="${STAGING_INCDIR_NATIVE}/lib${PYLIBVER}.so" + export PYTHON_SITE_PKG="${libdir}/${PYLIBVER}/site-packages" +} + +do_install_prepend() { + export PYTHON=${PYTHON} + export SBINDIR="${base_sbindir}" + export SEMODULE_PATH="${base_sbindir}" SYSTEMDDIR=${systemd_unitdir} +} + +do_install_virtclass-native() { + for PCU_CMD in ${PCU_NATIVE_CMDS} ; do + oe_runmake -C $PCU_CMD install \ + DESTDIR="${D}" \ + PREFIX="${prefix}" \ + SBINDIR="${base_sbindir}" + done +} + +do_install_class-native() { + for PCU_CMD in ${PCU_NATIVE_CMDS} ; do + oe_runmake -C $PCU_CMD install \ + DESTDIR="${D}" \ + PREFIX="${prefix}" \ + SBINDIR="${base_sbindir}" + done +} + +do_install_append_class-target() { + if [ -e ${WORKDIR}/pam.d ]; then + install -d ${D}${sysconfdir}/pam.d/ + install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ + fi + + # /var/lib/selinux is involved by seobject.py: + # + dirname = "/var/lib/selinux" + # and it's required for running command: + # $ semanage permissive [OPTS] + install -d ${D}${localstatedir}/lib/selinux + rm -rf ${D}/lib/ + rm -r ${D}/usr/share/bash-completion + rm -rf ${D}/usr/lib64/ + rm -rf ${D}/usr/lib/ +} diff --git a/meta-openeuler/recipes-core/selinux/policycoreutils_3.3.bb b/meta-openeuler/recipes-core/selinux/policycoreutils_3.3.bb new file mode 100644 index 0000000000000000000000000000000000000000..d29390c52e28bbd7481ba04e835fded36f6280cc --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/policycoreutils_3.3.bb @@ -0,0 +1,9 @@ +require selinux_common.inc +require ${BPN}.inc + +LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833" + +SRC_URI = "file://policycoreutils/${BP}.tar.gz \ + file://policycoreutils/fix-fixfiles-N-date-function.patch;patchdir=.. \ + file://policycoreutils/fix-fixfiles-N-date-function-two.patch;patchdir=.. \ +" diff --git a/meta-openeuler/recipes-core/selinux/selinux_common.inc b/meta-openeuler/recipes-core/selinux/selinux_common.inc new file mode 100644 index 0000000000000000000000000000000000000000..a94b9ab6b9287647ffc7a4a4ed7e4db16e5f38f6 --- /dev/null +++ b/meta-openeuler/recipes-core/selinux/selinux_common.inc @@ -0,0 +1,30 @@ +HOMEPAGE = "https://github.com/SELinuxProject" + +# EXTRA_OEMAKE is typically: -e MAKEFLAGS= +# "MAKEFLAGS= " causes problems as ENV variables will not pass to subdirs, so +# we redefine EXTRA_OEMAKE here +EXTRA_OEMAKE = "-e" + +# Releases are now from the base of the full tree, necessitating our skipping +# through an extra level of directories. +S = "${WORKDIR}/${BPN}-${PV}" + +SELINUX_NAME = "selinux" + +COMPONENT = "selinux" + +do_compile() { + oe_runmake all \ + LIBDIR="${libdir}" +} + +do_install() { + oe_runmake install \ + DESTDIR="${D}" \ + PREFIX="${prefix}" \ + INCLUDEDIR="${includedir}" \ + LIBDIR="${libdir}" \ + SHLIBDIR="${base_libdir}" \ + INITDIR="/etc/init.d" + rm -rf ${D}${libdir}/golang +} diff --git a/meta-openeuler/recipes-core/util-linux/util-linux.inc b/meta-openeuler/recipes-core/util-linux/util-linux.inc index fcefde67c942c2c5ce0725b8ec33f5a79cd48d8c..13ea7e18b7d80d9b5df1a74393787df69cdcba10 100644 --- a/meta-openeuler/recipes-core/util-linux/util-linux.inc +++ b/meta-openeuler/recipes-core/util-linux/util-linux.inc @@ -28,16 +28,8 @@ LIC_FILES_CHKSUM = "file://README.licensing;md5=0fd5c050c6187d2bf0a4492b7f4e33da FILESEXTRAPATHS_prepend := "${THISDIR}/util-linux:" MAJOR_VERSION = "${@'.'.join(d.getVar('PV').split('.')[0:2])}" SRC_URI = "file://util-linux/util-linux-${PV}.tar.xz \ - file://util-linux/2.36-login-lastlog-create.patch \ - file://util-linux/Add-check-to-resolve-uname26-version-test-failed.patch \ - file://util-linux/backport-CVE-2021-37600.patch \ - file://util-linux/backport-libblkid-improve-debug-for-proc-partitions.patch \ - file://util-linux/backport-libblkid-use-sys-to-read-all-block-devices.patch \ - file://util-linux/backport-libfdisk-make-fdisk_partname-more-robust.patch \ - file://util-linux/backport-libmount-fix-tab-parser-for-badly-terminated-lines.patch \ - file://util-linux/Do-not-excute-Utmp-testcases.patch \ file://runuser.pamd \ file://runuser-l.pamd \ " -SRC_URI[sha256sum] = "09fac242172cd8ec27f0739d8d192402c69417617091d8c6e974841568f37eed" +SRC_URI[sha256sum] = "6a0764c1aae7fb607ef8a6dd2c0f6c47d5e5fd27aa08820abaad9ec14e28e9d9 " diff --git a/meta-openeuler/recipes-core/util-linux/util-linux_2.36.1.bb b/meta-openeuler/recipes-core/util-linux/util-linux_2.37.2.bb similarity index 96% rename from meta-openeuler/recipes-core/util-linux/util-linux_2.36.1.bb rename to meta-openeuler/recipes-core/util-linux/util-linux_2.37.2.bb index b4e986138eddf668b77291f422a1da1f0e29ec0c..8642fb6ac55533b16d04a2848e68e9cc5a70f40c 100644 --- a/meta-openeuler/recipes-core/util-linux/util-linux_2.36.1.bb +++ b/meta-openeuler/recipes-core/util-linux/util-linux_2.37.2.bb @@ -49,9 +49,8 @@ python util_linux_binpackages () { # we must execute before update-alternatives PACKAGE_PREPROCESS_FUNCS PACKAGE_PREPROCESS_FUNCS =+ "util_linux_binpackages " -# skip libuuid as it will be packaged by the util-linux-libuuid recipe python util_linux_libpackages() { - do_split_packages(d, root=d.getVar('UTIL_LINUX_LIBDIR'), file_regex=r'^lib(?!uuid)(.*)\.so\..*$', + do_split_packages(d, root=d.getVar('UTIL_LINUX_LIBDIR'), file_regex=r'^lib(.*)\.so\..*$', output_pattern='${PN}-lib%s', description='${PN} lib%s', extra_depends='', prepend=True, allow_links=True) @@ -198,12 +197,6 @@ do_install_append_class-native () { rm -f ${D}${base_bindir}/kill } -# dm-verity support introduces a circular build dependency, so util-linux-libuuid is split out for target builds -# Need to build libuuid for uuidgen, but then delete it and let the other recipe ship it -do_install_append () { - rm -rf ${D}${includedir}/uuid ${D}${libdir}/pkgconfig/uuid.pc ${D}${libdir}/libuuid* ${D}${base_libdir}/libuuid* -} - ALTERNATIVE_PRIORITY = "80" ALTERNATIVE_LINK_NAME[blkid] = "${base_sbindir}/blkid"