[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 03/28] Convert apparmor check to use LIBVIRT_CHECK_LIB



From: "Daniel P. Berrange" <berrange redhat com>

Signed-off-by: Daniel P. Berrange <berrange redhat com>
---
 configure.ac        | 70 +++--------------------------------------------------
 m4/virt-apparmor.m4 | 42 ++++++++++++++++++++++++++++++++
 2 files changed, 46 insertions(+), 66 deletions(-)
 create mode 100644 m4/virt-apparmor.m4

diff --git a/configure.ac b/configure.ac
index 79cd132..fa3bfc0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -155,6 +155,7 @@ AC_MSG_RESULT([$VERSION_SCRIPT_FLAGS])
 
 LIBVIRT_COMPILE_WARNINGS
 
+LIBVIRT_CHECK_APPARMOR
 LIBVIRT_CHECK_AUDIT
 LIBVIRT_CHECK_SANLOCK
 LIBVIRT_CHECK_SASL
@@ -1286,46 +1287,6 @@ fi
 AM_CONDITIONAL([WITH_SECDRIVER_SELINUX], [test "$with_secdriver_selinux" != "no"])
 
 
-dnl AppArmor
-AC_ARG_WITH([apparmor],
-  AC_HELP_STRING([--with-apparmor], [use AppArmor to manage security @<:@default=check@:>@]),
-  [],
-  [with_apparmor=check])
-
-APPARMOR_CFLAGS=
-APPARMOR_LIBS=
-if test "$with_apparmor" != "no"; then
-  old_cflags="$CFLAGS"
-  old_libs="$LIBS"
-  if test "$with_apparmor" = "check"; then
-    AC_CHECK_HEADER([sys/apparmor.h],[],[with_apparmor=no])
-    AC_CHECK_LIB([apparmor], [aa_change_profile],[],[with_apparmor=no])
-    AC_CHECK_LIB([apparmor], [aa_change_hat],[],[with_apparmor=no])
-    if test "$with_apparmor" != "no"; then
-      with_apparmor="yes"
-    fi
-  else
-    fail=0
-    AC_CHECK_HEADER([sys/apparmor.h],[],[fail=1])
-    AC_CHECK_LIB([apparmor], [aa_change_profile],[],[fail=1])
-    AC_CHECK_LIB([apparmor], [aa_change_hat],[],[fail=1])
-    test $fail = 1 &&
-      AC_MSG_ERROR([You must install the AppArmor development package in order to compile libvirt])
-  fi
-  CFLAGS="$old_cflags"
-  LIBS="$old_libs"
-fi
-if test "$with_apparmor" = "yes"; then
-  APPARMOR_LIBS="-lapparmor"
-  AC_DEFINE_UNQUOTED([HAVE_APPARMOR], 1, [whether AppArmor is available for security])
-  AC_DEFINE_UNQUOTED([APPARMOR_DIR], "/etc/apparmor.d", [path to apparmor directory])
-  AC_DEFINE_UNQUOTED([APPARMOR_PROFILES_PATH], "/sys/kernel/security/apparmor/profiles", [path to kernel profiles])
-fi
-AM_CONDITIONAL([HAVE_APPARMOR], [test "$with_apparmor" != "no"])
-AC_SUBST([APPARMOR_CFLAGS])
-AC_SUBST([APPARMOR_LIBS])
-
-
 AC_ARG_WITH([secdriver-apparmor],
   AC_HELP_STRING([--with-secdriver-apparmor], [use AppArmor security driver @<:@default=check@:>@]),
   [],
@@ -1339,27 +1300,8 @@ if test "$with_apparmor" != "yes" ; then
     AC_MSG_ERROR([You must install the AppArmor development package in order to compile libvirt])
   fi
 elif test "with_secdriver_apparmor" != "no" ; then
-  old_cflags="$CFLAGS"
-  old_libs="$LIBS"
-  CFLAGS="$CFLAGS $APPARMOR_CFLAGS"
-  LIBS="$CFLAGS $APPARMOR_LIBS"
-
-  fail=0
-  AC_CHECK_FUNC([change_hat], [], [fail=1])
-  AC_CHECK_FUNC([aa_change_profile], [], [fail=1])
-  CFLAGS="$old_cflags"
-  LIBS="$old_libs"
-
-  if test "$fail" = "1" ; then
-    if test "$with_secdriver_apparmor" = "check" ; then
-      with_secdriver_apparmor=no
-    else
-      AC_MSG_ERROR([You must install the AppArmor development package in order to compile libvirt])
-    fi
-  else
-    with_secdriver_apparmor=yes
-    AC_DEFINE_UNQUOTED([WITH_SECDRIVER_APPARMOR], 1, [whether AppArmor security driver is available])
-  fi
+  with_secdriver_apparmor=yes
+  AC_DEFINE_UNQUOTED([WITH_SECDRIVER_APPARMOR], 1, [whether AppArmor security driver is available])
 fi
 AM_CONDITIONAL([WITH_SECDRIVER_APPARMOR], [test "$with_secdriver_apparmor" != "no"])
 
@@ -2887,6 +2829,7 @@ fi
 AC_MSG_NOTICE([])
 AC_MSG_NOTICE([Libraries])
 AC_MSG_NOTICE([])
+LIBVIRT_RESULT_APPARMOR
 LIBVIRT_RESULT_AUDIT
 LIBVIRT_RESULT_SANLOCK
 LIBVIRT_RESULT_SASL
@@ -2929,11 +2872,6 @@ fi
 else
 AC_MSG_NOTICE([  polkit: no])
 fi
-if test "$with_apparmor" = "yes" ; then
-AC_MSG_NOTICE([apparmor: $APPARMOR_CFLAGS $APPARMOR_LIBS])
-else
-AC_MSG_NOTICE([apparmor: no])
-fi
 if test "$with_numactl" = "yes" ; then
 AC_MSG_NOTICE([ numactl: $NUMACTL_CFLAGS $NUMACTL_LIBS])
 else
diff --git a/m4/virt-apparmor.m4 b/m4/virt-apparmor.m4
new file mode 100644
index 0000000..7a10c0b
--- /dev/null
+++ b/m4/virt-apparmor.m4
@@ -0,0 +1,42 @@
+dnl The libapparmor.so library
+dnl
+dnl Copyright (C) 2012-2013 Red Hat, Inc.
+dnl
+dnl This library is free software; you can redistribute it and/or
+dnl modify it under the terms of the GNU Lesser General Public
+dnl License as published by the Free Software Foundation; either
+dnl version 2.1 of the License, or (at your option) any later version.
+dnl
+dnl This library is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+dnl Lesser General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU Lesser General Public
+dnl License along with this library.  If not, see
+dnl <http://www.gnu.org/licenses/>.
+dnl
+
+AC_DEFUN([LIBVIRT_CHECK_APPARMOR],[
+  LIBVIRT_CHECK_LIB([APPARMOR], [apparmor],
+                    [aa_change_profile], [sys/apparmor.h])
+
+  AC_ARG_WITH([apparmor_mount],
+    AC_HELP_STRING([--with-apparmor-mount],
+                   [set Apparmor mount point @<:@default=check@:>@]),
+    [],
+    [with_apparmor_mount=check])
+
+  if test "$with_apparmor" = "yes"; then
+    AC_DEFINE_UNQUOTED([APPARMOR_DIR],
+                       "/etc/apparmor.d",
+                       [path to apparmor directory])
+    AC_DEFINE_UNQUOTED([APPARMOR_PROFILES_PATH],
+                       "/sys/kernel/security/apparmor/profiles",
+                       [path to kernel profiles])
+  fi
+])
+
+AC_DEFUN([LIBVIRT_RESULT_APPARMOR],[
+  LIBVIRT_RESULT_LIB([APPARMOR])
+])
-- 
1.7.11.7


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]