Commit f0fd3917 authored by Eric Le Bihan's avatar Eric Le Bihan Committed by Thomas Petazzoni
Browse files

systemd: add SMACK support option. 



A new configuration option is available in systemd menu, to enable
support for SMACK.

For this feature to properly work, systemd requires attr (build
dependency, also used for other features) and smack (runtime dependency).

Signed-off-by: default avatarEric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: default avatarThomas Petazzoni <thomas.petazzoni@free-electrons.com>
parent ed118264

package/systemd/Config.in

+14 −0
Original line number Diff line number Diff line
@@ -118,4 +118,18 @@ config BR2_PACKAGE_SYSTEMD_COMPAT 


	  This option enables the installation of compatibility *.pc files.



config BR2_PACKAGE_SYSTEMD_SMACK_SUPPORT

	bool "enable SMACK support"

	select BR2_PACKAGE_ATTR

	select BR2_PACKAGE_SMACK

	help

	  Enable support for SMACK, the Simple Mandatory Access Control

	  Kernel, a minimal approach to Access Control implemented as a kernel

	  LSM.



	  This feature requires a kernel >= 3.8.



	  When this feature is enabled, Systemd mounts smackfs and manages

	  security labels for sockets.



endif

package/systemd/systemd.mk

+13 −0
Original line number Diff line number Diff line
@@ -63,6 +63,13 @@ else 
SYSTEMD_CONF_OPT += --disable-acl

endif



ifeq ($(BR2_PACKAGE_ATTR),y)

SYSTEMD_CONF_OPT += --enable-attr

SYSTEMD_DEPENDENCIES += attr

else

SYSTEMD_CONF_OPT += --disable-attr

endif



ifeq ($(BR2_PACKAGE_LIBGLIB2),y)

SYSTEMD_CONF_OPT += --enable-gudev

SYSTEMD_DEPENDENCIES += libglib2
@@ -105,6 +112,12 @@ else 
SYSTEMD_CONF_OPT += --disable-timesyncd

endif



ifeq ($(BR2_PACKAGE_SYSTEMD_SMACK_SUPPORT),y)

SYSTEMD_CONF_OPT += --enable-smack

else

SYSTEMD_CONF_OPT += --disable-smack

endif



# mq_getattr needs -lrt

SYSTEMD_MAKE_OPT += LIBS=-lrt

SYSTEMD_MAKE_OPT += LDFLAGS+=-ldl