Configure Debian package with AA and SELinux options

Configure Debian package with AA and SELinux options if they are enabled.
2026-05-15 14:16:14 -06:00 · 2020-05-13 13:07:07 +03:00 · 2020-05-13 13:07:07 +03:00 · 87e7b31399
commit 87e7b31399
parent f59639d94c
6 changed files with 32 additions and 64 deletions
--- a/.gitignore
+++ b/.gitignore
@ -19,6 +19,7 @@ firejail-users.5
 firejail.1
 firemon.1
 firecfg.1
+mkdeb.sh
 src/firejail/firejail
 src/firemon/firemon
 src/firecfg/firecfg
--- a/Makefile.in
+++ b/Makefile.in
@ -183,7 +183,7 @@ uninstall:
 	rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
 	@echo "If you want to install a different version of firejail, you might also need to run 'rm -fr $(DESTDIR)/$(sysconfdir)/firejail', see #2038."

-DISTFILES = "src etc m4 platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkdeb-apparmor.sh COPYING README RELNOTES"
+DISTFILES = "src etc m4 platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh.in COPYING README RELNOTES"
 DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot"

 dist:
@ -202,10 +202,10 @@ dist:
 asc:; ./mkasc.sh $(VERSION)

 deb: dist
-	./mkdeb.sh $(NAME) $(VERSION)
+	./mkdeb.sh

 deb-apparmor: dist
-	./mkdeb-apparmor.sh $(NAME) $(VERSION)
+	./mkdeb.sh -apparmor

 test-compile: dist
 	cd test/compile; ./compile.sh $(NAME)-$(VERSION)
--- a/8
+++ b/8
@ -4186,6 +4186,8 @@ if test "$prefix" = /usr; then
 	test "$sysconfdir" = '${prefix}/etc' && sysconfdir="/etc"
 fi

+ac_config_files="$ac_config_files mkdeb.sh"
+
 ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile"

 cat >confcache <<\_ACEOF
@ -4895,6 +4897,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 for ac_config_target in $ac_config_targets
 do
  case $ac_config_target in
+    "mkdeb.sh") CONFIG_FILES="$CONFIG_FILES mkdeb.sh" ;;
    "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
    "src/common.mk") CONFIG_FILES="$CONFIG_FILES src/common.mk" ;;
    "src/lib/Makefile") CONFIG_FILES="$CONFIG_FILES src/lib/Makefile" ;;
@ -5333,6 +5336,11 @@ which seems to be undefined.  Please make sure it is defined" >&2;}

  esac

+
+  case $ac_file$ac_mode in
+    "mkdeb.sh":F) chmod +x mkdeb.sh ;;
+
+  esac
 done # for ac_tag


--- a/configure.ac
+++ b/configure.ac
@ -204,6 +204,7 @@ if test "$prefix" = /usr; then
 	test "$sysconfdir" = '${prefix}/etc' && sysconfdir="/etc"
 fi

+AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh])
 AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \
 src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \
 src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \
--- a/mkdeb.sh
+++ b/mkdeb.sh
@ -1,56 +0,0 @@
-#!/bin/sh
-# This file is part of Firejail project
-# Copyright (C) 2014-2020 Firejail Authors
-# License GPL v2
-
-# based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/
-# a code archive should already be available
-
-set -e
-
-TOP=`pwd`
-CODE_ARCHIVE="$1-$2.tar.xz"
-CODE_DIR="$1-$2"
-INSTALL_DIR="${INSTALL_DIR}${CODE_DIR}/debian"
-DEBIAN_CTRL_DIR="${DEBIAN_CTRL_DIR}${CODE_DIR}/debian/DEBIAN"
-
-echo "*****************************************"
-echo "code archive: $CODE_ARCHIVE"
-echo "code directory: $CODE_DIR"
-echo "install directory: $INSTALL_DIR"
-echo "debian control directory: $DEBIAN_CTRL_DIR"
-echo "*****************************************"
-
-tar -xJvf $CODE_ARCHIVE
-#mkdir -p $INSTALL_DIR
-cd $CODE_DIR
-./configure --prefix=/usr
-make -j2
-mkdir debian
-DESTDIR=debian make install-strip
-
-cd ..
-echo "*****************************************"
-SIZE=`du -s $INSTALL_DIR`
-echo "install size $SIZE"
-echo "*****************************************"
-
-mv $INSTALL_DIR/usr/share/doc/firejail/RELNOTES $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
-gzip -9 -n $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
-rm $INSTALL_DIR/usr/share/doc/firejail/COPYING
-install -m644 platform/debian/copyright $INSTALL_DIR/usr/share/doc/firejail/.
-mkdir -p $DEBIAN_CTRL_DIR
-sed "s/FIREJAILVER/$2/g"  platform/debian/control.$(dpkg-architecture -qDEB_HOST_ARCH) > $DEBIAN_CTRL_DIR/control
-
-mkdir -p $INSTALL_DIR/usr/share/lintian/overrides/
-install -m644 platform/debian/firejail.lintian-overrides $INSTALL_DIR/usr/share/lintian/overrides/firejail
-
-find $INSTALL_DIR/etc -type f | sed "s,^$INSTALL_DIR,," | LC_ALL=C sort > $DEBIAN_CTRL_DIR/conffiles
-chmod 644 $DEBIAN_CTRL_DIR/conffiles
-find $INSTALL_DIR  -type d | xargs chmod 755
-cd $CODE_DIR
-fakeroot dpkg-deb --build debian
-lintian debian.deb
-mv debian.deb ../firejail_$2_1_$(dpkg-architecture -qDEB_HOST_ARCH).deb
-cd ..
-rm -fr $CODE_DIR
--- a/mkdeb-apparmor.sh
+++ b/mkdeb-apparmor.sh
@ -7,10 +7,24 @@
 # a code archive should already be available

 set -e
+NAME=@PACKAGE_NAME@
+VERSION=@PACKAGE_VERSION@
+PACKAGE_TARNAME=@PACKAGE_TARNAME@
+HAVE_APPARMOR=@HAVE_APPARMOR@
+HAVE_SELINUX=@HAVE_SELINUX@
+EXTRA_VERSION=$1
+
+CONFIG_ARGS="--prefix=/usr"
+if [ -n "$HAVE_APPARMOR" ]; then
+    CONFIG_ARGS="$CONFIG_ARGS --enable-apparmor"
+fi
+if [ -n "$HAVE_SELINUX" ]; then
+    CONFIG_ARGS="$CONFIG_ARGS --enable-selinux"
+fi

 TOP=`pwd`
-CODE_ARCHIVE="$1-$2.tar.xz"
-CODE_DIR="$1-$2"
+CODE_ARCHIVE="$NAME-$VERSION.tar.xz"
+CODE_DIR="$NAME-$VERSION"
 INSTALL_DIR="${INSTALL_DIR}${CODE_DIR}/debian"
 DEBIAN_CTRL_DIR="${DEBIAN_CTRL_DIR}${CODE_DIR}/debian/DEBIAN"

@ -24,7 +38,7 @@ echo "*****************************************"
 tar -xJvf $CODE_ARCHIVE
 #mkdir -p $INSTALL_DIR
 cd $CODE_DIR
-./configure --prefix=/usr --enable-apparmor
+./configure $CONFIG_ARGS
 make -j2
 mkdir debian
 DESTDIR=debian make install-strip
@ -40,7 +54,7 @@ gzip -9 -n $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
 rm $INSTALL_DIR/usr/share/doc/firejail/COPYING
 install -m644 platform/debian/copyright $INSTALL_DIR/usr/share/doc/firejail/.
 mkdir -p $DEBIAN_CTRL_DIR
-sed "s/FIREJAILVER/$2/g"  platform/debian/control.$(dpkg-architecture -qDEB_HOST_ARCH) > $DEBIAN_CTRL_DIR/control
+sed "s/FIREJAILVER/$VERSION/g"  platform/debian/control.$(dpkg-architecture -qDEB_HOST_ARCH) > $DEBIAN_CTRL_DIR/control

 mkdir -p $INSTALL_DIR/usr/share/lintian/overrides/
 install -m644 platform/debian/firejail.lintian-overrides $INSTALL_DIR/usr/share/lintian/overrides/firejail
@ -51,6 +65,6 @@ find $INSTALL_DIR  -type d | xargs chmod 755
 cd $CODE_DIR
 fakeroot dpkg-deb --build debian
 lintian debian.deb
-mv debian.deb ../firejail-apparmor_$2_1_$(dpkg-architecture -qDEB_HOST_ARCH).deb
+mv debian.deb ../firejail_${VERSION}${EXTRA_VERSION}_1_$(dpkg-architecture -qDEB_HOST_ARCH).deb
 cd ..
 rm -fr $CODE_DIR