Signed-off-by: Pavel Hrdina <phrdina@xxxxxxxxxx> --- configure.ac | 13 --------- m4/virt-secdriver-apparmor.m4 | 50 ----------------------------------- m4/virt-secdriver-selinux.m4 | 43 ------------------------------ meson.build | 18 +++++++++++++ meson_options.txt | 4 +++ 5 files changed, 22 insertions(+), 106 deletions(-) delete mode 100644 m4/virt-secdriver-apparmor.m4 delete mode 100644 m4/virt-secdriver-selinux.m4 diff --git a/configure.ac b/configure.ac index f2947074e5f..fdc7755716c 100644 --- a/configure.ac +++ b/configure.ac @@ -144,14 +144,6 @@ dnl Need to test if pkg-config exists PKG_PROG_PKG_CONFIG -dnl Security driver checks -LIBVIRT_SECDRIVER_ARG_SELINUX -LIBVIRT_SECDRIVER_ARG_APPARMOR - -LIBVIRT_SECDRIVER_CHECK_SELINUX -LIBVIRT_SECDRIVER_CHECK_APPARMOR - - LIBVIRT_ARG_WITH_FEATURE([SECRETS], [local secrets management driver], [yes]) if test "$with_libvirtd" = "no"; then @@ -314,11 +306,6 @@ LIBVIRT_STORAGE_RESULT_GLUSTER LIBVIRT_STORAGE_RESULT_ZFS LIBVIRT_STORAGE_RESULT_VSTORAGE AC_MSG_NOTICE([]) -AC_MSG_NOTICE([Security Drivers]) -AC_MSG_NOTICE([]) -LIBVIRT_SECDRIVER_RESULT_SELINUX -LIBVIRT_SECDRIVER_RESULT_APPARMOR -AC_MSG_NOTICE([]) AC_MSG_NOTICE([Driver Loadable Modules]) AC_MSG_NOTICE([]) LIBVIRT_RESULT_DRIVER_MODULES diff --git a/m4/virt-secdriver-apparmor.m4 b/m4/virt-secdriver-apparmor.m4 deleted file mode 100644 index 1894e66ed55..00000000000 --- a/m4/virt-secdriver-apparmor.m4 +++ /dev/null @@ -1,50 +0,0 @@ -dnl The AppArmor security driver -dnl -dnl Copyright (C) 2016 Red Hat, Inc. -dnl -dnl This library is free software; you can redistribute it and/or -dnl modify it under the terms of the GNU Lesser General Public -dnl License as published by the Free Software Foundation; either -dnl version 2.1 of the License, or (at your option) any later version. -dnl -dnl This library is distributed in the hope that it will be useful, -dnl but WITHOUT ANY WARRANTY; without even the implied warranty of -dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -dnl Lesser General Public License for more details. -dnl -dnl You should have received a copy of the GNU Lesser General Public -dnl License along with this library. If not, see -dnl <http://www.gnu.org/licenses/>. -dnl - -AC_DEFUN([LIBVIRT_SECDRIVER_ARG_APPARMOR], [ - LIBVIRT_ARG_WITH([SECDRIVER_APPARMOR], [use AppArmor security driver], [check]) -]) - -AC_DEFUN([LIBVIRT_SECDRIVER_CHECK_APPARMOR], [ - AC_REQUIRE([LIBVIRT_CHECK_APPARMOR]) - - if test "$with_apparmor" != "yes" ; then - if test "$with_secdriver_apparmor" = "check" ; then - with_secdriver_apparmor=no - fi - if test "$with_secdriver_apparmor" != "no" ; then - AC_MSG_ERROR([You must install the AppArmor development package in order to compile libvirt]) - fi - elif test "with_secdriver_apparmor" != "no" ; then - with_secdriver_apparmor=yes - AC_DEFINE_UNQUOTED([WITH_SECDRIVER_APPARMOR], 1, [whether AppArmor security driver is available]) - fi - AM_CONDITIONAL([WITH_SECDRIVER_APPARMOR], [test "$with_secdriver_apparmor" != "no"]) - - LIBVIRT_ARG_WITH([APPARMOR_PROFILES], [install apparmor profiles], [no]) - if test "$with_apparmor" = "no"; then - with_apparmor_profiles="no" - fi - AM_CONDITIONAL([WITH_APPARMOR_PROFILES], [test "$with_apparmor_profiles" != "no"]) -]) - -AC_DEFUN([LIBVIRT_SECDRIVER_RESULT_APPARMOR], [ - LIBVIRT_RESULT([AppArmor], [$with_secdriver_apparmor], - [install profiles: $with_apparmor_profiles]) -]) diff --git a/m4/virt-secdriver-selinux.m4 b/m4/virt-secdriver-selinux.m4 deleted file mode 100644 index 4174249a510..00000000000 --- a/m4/virt-secdriver-selinux.m4 +++ /dev/null @@ -1,43 +0,0 @@ -dnl The SElinux security driver -dnl -dnl Copyright (C) 2016 Red Hat, Inc. -dnl -dnl This library is free software; you can redistribute it and/or -dnl modify it under the terms of the GNU Lesser General Public -dnl License as published by the Free Software Foundation; either -dnl version 2.1 of the License, or (at your option) any later version. -dnl -dnl This library is distributed in the hope that it will be useful, -dnl but WITHOUT ANY WARRANTY; without even the implied warranty of -dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -dnl Lesser General Public License for more details. -dnl -dnl You should have received a copy of the GNU Lesser General Public -dnl License along with this library. If not, see -dnl <http://www.gnu.org/licenses/>. -dnl - -AC_DEFUN([LIBVIRT_SECDRIVER_ARG_SELINUX], [ - LIBVIRT_ARG_WITH([SECDRIVER_SELINUX], [use SELinux security driver], [check]) -]) - -AC_DEFUN([LIBVIRT_SECDRIVER_CHECK_SELINUX], [ - AC_REQUIRE([LIBVIRT_CHECK_SELINUX]) - - if test "$with_selinux" != "yes" ; then - if test "$with_secdriver_selinux" = "check" ; then - with_secdriver_selinux=no - fi - if test "$with_secdriver_selinux" != "no"; then - AC_MSG_ERROR([You must install the libselinux development package and enable SELinux with the --with-selinux=yes in order to compile libvirt --with-secdriver-selinux=yes]) - fi - elif test "$with_secdriver_selinux" != "no"; then - with_secdriver_selinux=yes - AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux security driver is available]) - fi - AM_CONDITIONAL([WITH_SECDRIVER_SELINUX], [test "$with_secdriver_selinux" != "no"]) -]) - -AC_DEFUN([LIBVIRT_SECDRIVER_RESULT_SELINUX], [ - LIBVIRT_RESULT([SELinux], [$with_secdriver_selinux]) -]) diff --git a/meson.build b/meson.build index 19b51890abb..eacfd57ee49 100644 --- a/meson.build +++ b/meson.build @@ -1824,6 +1824,18 @@ elif get_option('driver_vz').enabled() error('Parallels Virtualization SDK is needed to build the Virtuozzo driver.') endif +if not get_option('secdriver_apparmor').disabled() and apparmor_dep.found() + conf.set('WITH_SECDRIVER_APPARMOR', 1) +elif get_option('secdriver_apparmor').enabled() + error('You must install the AppArmor development package in order to compile libvirt.') +endif + +if not get_option('secdriver_selinux').disabled() and selinux_dep.found() + conf.set('WITH_SECDRIVER_SELINUX', 1) +elif get_option('secdriver_selinux').enabled() + error('You must install the libselinux development package in order to compile libvirt.') +endif + # define top include directory @@ -1860,6 +1872,12 @@ driver_summary = { } summary(driver_summary, section: 'Drivers', bool_yn: true) +secdriver_summary = { + 'SELinux': conf.has('WITH_SECDRIVER_SELINUX'), + 'AppArmor': conf.has('WITH_SECDRIVER_APPARMOR'), +} +summary(secdriver_summary, section: 'Security Drivers', bool_yn: true) + libs_summary = { 'acl': acl_dep.found(), 'apparmor': apparmor_dep.found(), diff --git a/meson_options.txt b/meson_options.txt index d6963fabd3c..fd370244f56 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -64,3 +64,7 @@ option('driver_vbox', type: 'feature', value: 'enabled', description: 'VirtualBo option('vbox_xpcomc_dir', type: 'string', value: '', description: 'Location of directory containing VirtualBox XPCOMC library') option('driver_vmware', type: 'feature', value: 'enabled', description: 'VMware driver') option('driver_vz', type: 'feature', value: 'auto', description: 'Virtuozzo driver') + +option('secdriver_apparmor', type: 'feature', value: 'auto', description: 'use AppArmor security driver') +option('apparmor_profiles', type: 'boolean', value: false, description: 'install apparmor profiles') +option('secdriver_selinux', type: 'feature', value: 'auto', description: 'use SELinux security driver') -- 2.26.2
