[apparmor] [patch 01/13] parser - build against in-tree libapparmor

John Johansen john.johansen at canonical.com
Thu Oct 10 22:33:19 UTC 2013 

On 10/10/2013 01:46 PM, Steve Beattie wrote:
> With trunk commit 2205 "use libapparmor's find mountpoint fn",
> the parser now builds against and uses libapparmor at runtime. However,
> it currently builds against the system installed libapparmor library and
> header files, which fails if either aren't installed, and is thus
> painful for bootstrapping in a new environment.
> 
> Instead, the parser, like pam_apparmor and mod_apparmor, should build
> against the in-tree libapparmor header and library. This patch does
> that and adjusts the tests to point LD_LIBRARY_PATH at the location
> of the built library as well.
> 
> Signed-off-by: Steve Beattie <steve at nxnw.org>

NAK

at least in the current form, this really breaks me. The idea is good
but for dev purposes I am often building the parser where I have a
library that won't build.

can we modifiy the LIBAPPARMOR_PATH with conditional assign or something
so I can a least do

  make LIBAPPARMOR_PATH=blah


> ---
>  README               |    2 +-
>  parser/Makefile      |    7 ++++---
>  parser/parser_main.c |    4 ++--
>  parser/tst/Makefile  |   19 ++++++++++---------
>  4 files changed, 17 insertions(+), 15 deletions(-)
> 
> Index: b/parser/Makefile
> ===================================================================
> --- a/parser/Makefile
> +++ b/parser/Makefile
> @@ -53,7 +53,8 @@ CFLAGS += -pg -D DEBUG
>  endif
>  endif #CFLAGS
>  
> -EXTRA_CXXFLAGS = ${CFLAGS} ${CXX_WARNINGS} -D_GNU_SOURCE
> +LIBAPPARMOR_PATH=../libraries/libapparmor/src/
> +EXTRA_CXXFLAGS = ${CFLAGS} ${CXX_WARNINGS} -D_GNU_SOURCE -I$(LIBAPPARMOR_PATH)
>  EXTRA_CFLAGS = ${EXTRA_CXXFLAGS} ${CPP_WARNINGS}
>  
>  #LEXLIB	:= -lfl
> @@ -85,7 +86,7 @@ OBJECTS = $(SRCS:.c=.o)
>  AAREDIR= libapparmor_re
>  AAREOBJECT = ${AAREDIR}/libapparmor_re.a
>  AAREOBJECTS = $(AAREOBJECT) libstdc++.a
> -AARE_LDFLAGS=-static-libgcc -L.
> +AARE_LDFLAGS=-static-libgcc -L. -L$(LIBAPPARMOR_PATH)/.libs/
>  AALIB = -lapparmor
>  
>  LEX_C_FILES	= parser_lex.c
> @@ -240,7 +241,7 @@ check: tests
>  
>  .SILENT: tests
>  tests: apparmor_parser ${TESTS}
> -	sh -e -c 'for test in ${TESTS} ; do echo "*** running $${test}" && ./$${test}; done'
> +	sh -e -c 'export LD_LIBRARY_PATH=$(LIBAPPARMOR_PATH)/.libs/ && for test in ${TESTS} ; do echo "*** running $${test}" && ./$${test}; done'
>  	$(Q)$(MAKE) -s -C tst tests
>  
>  # always need to rebuild.
> Index: b/parser/parser_main.c
> ===================================================================
> --- a/parser/parser_main.c
> +++ b/parser/parser_main.c
> @@ -2,7 +2,7 @@
>   *   Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
>   *   NOVELL (All rights reserved)
>   *
> - *   Copyright (c) 2010 - 2012
> + *   Copyright (c) 2010 - 2013
>   *   Canonical Ltd. (All rights reserved)
>   *
>   *   This program is free software; you can redistribute it and/or
> @@ -41,7 +41,7 @@
>  #include <sys/sysctl.h>
>  #include <sys/types.h>
>  #include <sys/stat.h>
> -#include <sys/apparmor.h>
> +#include <apparmor.h>
>  
>  #include "lib.h"
>  #include "parser.h"
> Index: b/parser/tst/Makefile
> ===================================================================
> --- a/parser/tst/Makefile
> +++ b/parser/tst/Makefile
> @@ -5,6 +5,7 @@ PARSER_DIR=..
>  PARSER_BIN=apparmor_parser
>  PARSER=$(PARSER_DIR)/$(PARSER_BIN)
>  PROVE_ARG=-f
> +LIBAPPARMOR_LDPATH=../../libraries/libapparmor/src/.libs
>  
>  ifeq ($(VERBOSE),1)
>    PROVE_ARG+=-v
> @@ -27,28 +28,28 @@ gen_dbus: $(GEN_TRANS_DIRS)
>  	./gen-dbus.pl
>  
>  error_output: $(PARSER)
> -	$(PARSER) -S -I errors >/dev/null errors/okay.sd
> -	LANG=C $(PARSER) -S -I errors 2>&1 >/dev/null errors/single.sd | \
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) $(PARSER) -S -I errors >/dev/null errors/okay.sd
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) $(PARSER) -S -I errors 2>&1 >/dev/null errors/single.sd | \
>  		grep -q "AppArmor parser error for errors/single.sd in errors/single.sd at line 3: Could not open 'failure'"
> -	LANG=C $(PARSER) -S -I errors 2>&1 >/dev/null errors/double.sd | \
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) $(PARSER) -S -I errors 2>&1 >/dev/null errors/double.sd | \
>  		grep -q "AppArmor parser error for errors/double.sd in errors/includes/busted at line 66: Could not open 'does-not-exist'"
> -	LANG=C $(PARSER) -S -I errors 2>&1 >/dev/null errors/modefail.sd | \
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) $(PARSER) -S -I errors 2>&1 >/dev/null errors/modefail.sd | \
>  		grep -q "AppArmor parser error for errors/modefail.sd in errors/modefail.sd at line 6: syntax error"
> -	LANG=C $(PARSER) -S -I errors 2>&1 >/dev/null errors/multi_include.sd | \
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) $(PARSER) -S -I errors 2>&1 >/dev/null errors/multi_include.sd | \
>  		grep -q "AppArmor parser error for errors/multi_include.sd in errors/multi_include.sd at line 12: Could not open 'failure'"
>  	@echo "Error Output: PASS"
>  
>  parser_sanity: $(PARSER)
> -	$(Q)LANG=C APPARMOR_PARSER="$(PARSER)" ${PROVE} ${PROVE_ARG} ${TESTS}
> +	$(Q)LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) APPARMOR_PARSER="$(PARSER)" ${PROVE} ${PROVE_ARG} ${TESTS}
>  
>  caching: $(PARSER)
> -	LANG=C APPARMOR_PARSER="$(PARSER)" ./caching.sh
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) APPARMOR_PARSER="$(PARSER)" ./caching.sh
>  
>  minimize: $(PARSER)
> -	LANG=C APPARMOR_PARSER="$(PARSER)" ./minimize.sh
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) APPARMOR_PARSER="$(PARSER)" ./minimize.sh
>  
>  equality: $(PARSER)
> -	LANG=C APPARMOR_PARSER="$(PARSER)" ./equality.sh
> +	LANG=C LD_LIBRARY_PATH=$(LIBAPPARMOR_LDPATH) APPARMOR_PARSER="$(PARSER)" ./equality.sh
>  
>  $(PARSER):
>  	make -C $(PARSER_DIR) $(PARSER_BIN)
> Index: b/README
> ===================================================================
> --- a/README
> +++ b/README
> @@ -81,7 +81,7 @@ $ make install
>  
>  parser:
>  $ cd parser
> -$ make
> +$ make		# depends on libapparmor having been built first
>  $ make check
>  $ make install
>  
> 
> 
> -- AppArmor mailing list AppArmor at lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>

More information about the AppArmor mailing list