busybox: selinux support

Add a configure option to enable the SELinux support in the busybox configuration from the Buildroot menuconfig. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com> Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> Reviewed-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2025-07-29 14:16:31 +00:00 · 2015-07-14 15:20:17 -05:00 · 2015-07-14 15:20:17 -05:00 · b0b3dc5612
commit b0b3dc5612
parent b685629b9c
3 changed files with 55 additions and 0 deletions
--- a/package/busybox/0008-Makefile.flags-strip-non-l-arguments-returned-by-pkg.patch
+++ b/package/busybox/0008-Makefile.flags-strip-non-l-arguments-returned-by-pkg.patch
@ -0,0 +1,28 @@
 From 67eb23d2be8aba3c474dac81a15b0fa11e5847b7 Mon Sep 17 00:00:00 2001
 From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 Date: Mon, 25 Nov 2013 22:51:53 +0100
 Subject: [PATCH] Makefile.flags: strip non -l arguments returned by pkg-config
 Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 ---
 Makefile.flags | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
 diff --git a/Makefile.flags b/Makefile.flags
 index 307afa7..885e323 100644
 --- a/Makefile.flags
 +++ b/Makefile.flags
@@ -141,7 +141,9 @@ ifeq ($(CONFIG_SELINUX),y)
 SELINUX_PC_MODULES = libselinux libsepol
 $(eval $(call pkg_check_modules,SELINUX,$(SELINUX_PC_MODULES)))
 CPPFLAGS += $(SELINUX_CFLAGS)
 -LDLIBS += $(if $(SELINUX_LIBS),$(SELINUX_LIBS:-l%=%),$(SELINUX_PC_MODULES:lib%=%))
 +LDLIBS += $(if $(SELINUX_LIBS),\
 +       $(patsubst -l%,%,$(filter -l%,$(SELINUX_LIBS))),\
 +       $(SELINUX_PC_MODULES:lib%=%))
 endif
 ifeq ($(CONFIG_EFENCE),y)
 -- 
 1.8.1.2
--- a/package/busybox/Config.in
+++ b/package/busybox/Config.in
@ -32,6 +32,24 @@ config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
 	  Show packages in menuconfig that are potentially also provided
 	  by busybox.
 config BR2_PACKAGE_BUSYBOX_SELINUX
 	select BR2_PACKAGE_LIBSELINUX
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on !BR2_STATIC_LIBS
 	bool "Enable SELinux support"
 	help
 	  Enable SELinux support in BusyBox. Please note that
 	  depending on your BusyBox configuration and the SELinux
 	  policy implementation, you may want to also enable
 	  BR2_PACKAGE_BUSYBOX_INDIVIDUAL_BINARIES.
 	  For instance, if your BusyBox configuration only uses a
 	  couple of minor BusyBox features, such as simple command
 	  line utilities, the symlinked version of BusyBox can be used
 	  to save space. If BusyBox provides more features, such as
 	  crond, then individual binaries have to be enabled for the
 	  SELinux type transitions to occur properly.
 config BR2_PACKAGE_BUSYBOX_WATCHDOG
 	bool "Install the watchdog daemon startup script"
 	help
--- a/package/busybox/busybox.mk
+++ b/package/busybox/busybox.mk
@ -141,6 +141,14 @@ define BUSYBOX_SET_INIT
 endef
 endif
 ifeq ($(BR2_PACKAGE_BUSYBOX_SELINUX),y)
 BUSYBOX_DEPENDENCIES += host-pkgconf libselinux libsepol
 define BUSYBOX_SET_SELINUX
 	$(call KCONFIG_ENABLE_OPT,CONFIG_SELINUX,$(BUSYBOX_BUILD_CONFIG))
 	$(call KCONFIG_ENABLE_OPT,CONFIG_SELINUXENABLED,$(BUSYBOX_BUILD_CONFIG))
 endef
 endif
 define BUSYBOX_INSTALL_LOGGING_SCRIPT
 	if grep -q CONFIG_SYSLOGD=y $(@D)/.config; then \
 		$(INSTALL) -m 0755 -D package/busybox/S01logging \
@ -199,6 +207,7 @@ define BUSYBOX_KCONFIG_FIXUP_CMDS
 	$(BUSYBOX_INTERNAL_SHADOW_PASSWORDS)
 	$(BUSYBOX_SET_INIT)
 	$(BUSYBOX_SET_WATCHDOG)
 	$(BUSYBOX_SET_SELINUX)
 endef
 define BUSYBOX_CONFIGURE_CMDS