[libvirt PATCH 093/351] meson: add secdriver build options

Pavel Hrdina phrdina at redhat.com
Thu Jul 16 09:55:29 UTC 2020 

Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
---
 configure.ac                  | 13 ---------
 m4/virt-secdriver-apparmor.m4 | 50 -----------------------------------
 m4/virt-secdriver-selinux.m4  | 43 ------------------------------
 meson.build                   | 18 +++++++++++++
 meson_options.txt             |  4 +++
 5 files changed, 22 insertions(+), 106 deletions(-)
 delete mode 100644 m4/virt-secdriver-apparmor.m4
 delete mode 100644 m4/virt-secdriver-selinux.m4

diff --git a/configure.ac b/configure.ac
index f2947074e5f..fdc7755716c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -144,14 +144,6 @@ dnl Need to test if pkg-config exists
 PKG_PROG_PKG_CONFIG
 
 
-dnl Security driver checks
-LIBVIRT_SECDRIVER_ARG_SELINUX
-LIBVIRT_SECDRIVER_ARG_APPARMOR
-
-LIBVIRT_SECDRIVER_CHECK_SELINUX
-LIBVIRT_SECDRIVER_CHECK_APPARMOR
-
-
 LIBVIRT_ARG_WITH_FEATURE([SECRETS], [local secrets management driver], [yes])
 
 if test "$with_libvirtd" = "no"; then
@@ -314,11 +306,6 @@ LIBVIRT_STORAGE_RESULT_GLUSTER
 LIBVIRT_STORAGE_RESULT_ZFS
 LIBVIRT_STORAGE_RESULT_VSTORAGE
 AC_MSG_NOTICE([])
-AC_MSG_NOTICE([Security Drivers])
-AC_MSG_NOTICE([])
-LIBVIRT_SECDRIVER_RESULT_SELINUX
-LIBVIRT_SECDRIVER_RESULT_APPARMOR
-AC_MSG_NOTICE([])
 AC_MSG_NOTICE([Driver Loadable Modules])
 AC_MSG_NOTICE([])
 LIBVIRT_RESULT_DRIVER_MODULES
diff --git a/m4/virt-secdriver-apparmor.m4 b/m4/virt-secdriver-apparmor.m4
deleted file mode 100644
index 1894e66ed55..00000000000
--- a/m4/virt-secdriver-apparmor.m4
+++ /dev/null
@@ -1,50 +0,0 @@
-dnl The AppArmor security driver
-dnl
-dnl Copyright (C) 2016 Red Hat, Inc.
-dnl
-dnl This library is free software; you can redistribute it and/or
-dnl modify it under the terms of the GNU Lesser General Public
-dnl License as published by the Free Software Foundation; either
-dnl version 2.1 of the License, or (at your option) any later version.
-dnl
-dnl This library is distributed in the hope that it will be useful,
-dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
-dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-dnl Lesser General Public License for more details.
-dnl
-dnl You should have received a copy of the GNU Lesser General Public
-dnl License along with this library.  If not, see
-dnl <http://www.gnu.org/licenses/>.
-dnl
-
-AC_DEFUN([LIBVIRT_SECDRIVER_ARG_APPARMOR], [
-  LIBVIRT_ARG_WITH([SECDRIVER_APPARMOR], [use AppArmor security driver], [check])
-])
-
-AC_DEFUN([LIBVIRT_SECDRIVER_CHECK_APPARMOR], [
-  AC_REQUIRE([LIBVIRT_CHECK_APPARMOR])
-
-  if test "$with_apparmor" != "yes" ; then
-    if test "$with_secdriver_apparmor" = "check" ; then
-      with_secdriver_apparmor=no
-    fi
-    if test "$with_secdriver_apparmor" != "no" ; then
-      AC_MSG_ERROR([You must install the AppArmor development package in order to compile libvirt])
-    fi
-  elif test "with_secdriver_apparmor" != "no" ; then
-    with_secdriver_apparmor=yes
-    AC_DEFINE_UNQUOTED([WITH_SECDRIVER_APPARMOR], 1, [whether AppArmor security driver is available])
-  fi
-  AM_CONDITIONAL([WITH_SECDRIVER_APPARMOR], [test "$with_secdriver_apparmor" != "no"])
-
-  LIBVIRT_ARG_WITH([APPARMOR_PROFILES], [install apparmor profiles], [no])
-  if test "$with_apparmor" = "no"; then
-    with_apparmor_profiles="no"
-  fi
-  AM_CONDITIONAL([WITH_APPARMOR_PROFILES], [test "$with_apparmor_profiles" != "no"])
-])
-
-AC_DEFUN([LIBVIRT_SECDRIVER_RESULT_APPARMOR], [
-  LIBVIRT_RESULT([AppArmor], [$with_secdriver_apparmor],
-                 [install profiles: $with_apparmor_profiles])
-])
diff --git a/m4/virt-secdriver-selinux.m4 b/m4/virt-secdriver-selinux.m4
deleted file mode 100644
index 4174249a510..00000000000
--- a/m4/virt-secdriver-selinux.m4
+++ /dev/null
@@ -1,43 +0,0 @@
-dnl The SElinux security driver
-dnl
-dnl Copyright (C) 2016 Red Hat, Inc.
-dnl
-dnl This library is free software; you can redistribute it and/or
-dnl modify it under the terms of the GNU Lesser General Public
-dnl License as published by the Free Software Foundation; either
-dnl version 2.1 of the License, or (at your option) any later version.
-dnl
-dnl This library is distributed in the hope that it will be useful,
-dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
-dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-dnl Lesser General Public License for more details.
-dnl
-dnl You should have received a copy of the GNU Lesser General Public
-dnl License along with this library.  If not, see
-dnl <http://www.gnu.org/licenses/>.
-dnl
-
-AC_DEFUN([LIBVIRT_SECDRIVER_ARG_SELINUX], [
-  LIBVIRT_ARG_WITH([SECDRIVER_SELINUX], [use SELinux security driver], [check])
-])
-
-AC_DEFUN([LIBVIRT_SECDRIVER_CHECK_SELINUX], [
-  AC_REQUIRE([LIBVIRT_CHECK_SELINUX])
-
-  if test "$with_selinux" != "yes" ; then
-    if test "$with_secdriver_selinux" = "check" ; then
-      with_secdriver_selinux=no
-    fi
-    if test "$with_secdriver_selinux" != "no"; then
-      AC_MSG_ERROR([You must install the libselinux development package and enable SELinux with the --with-selinux=yes in order to compile libvirt --with-secdriver-selinux=yes])
-    fi
-  elif test "$with_secdriver_selinux" != "no"; then
-    with_secdriver_selinux=yes
-    AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux security driver is available])
-  fi
-  AM_CONDITIONAL([WITH_SECDRIVER_SELINUX], [test "$with_secdriver_selinux" != "no"])
-])
-
-AC_DEFUN([LIBVIRT_SECDRIVER_RESULT_SELINUX], [
-  LIBVIRT_RESULT([SELinux], [$with_secdriver_selinux])
-])
diff --git a/meson.build b/meson.build
index 19b51890abb..eacfd57ee49 100644
--- a/meson.build
+++ b/meson.build
@@ -1824,6 +1824,18 @@ elif get_option('driver_vz').enabled()
   error('Parallels Virtualization SDK is needed to build the Virtuozzo driver.')
 endif
 
+if not get_option('secdriver_apparmor').disabled() and apparmor_dep.found()
+  conf.set('WITH_SECDRIVER_APPARMOR', 1)
+elif get_option('secdriver_apparmor').enabled()
+  error('You must install the AppArmor development package in order to compile libvirt.')
+endif
+
+if not get_option('secdriver_selinux').disabled() and selinux_dep.found()
+  conf.set('WITH_SECDRIVER_SELINUX', 1)
+elif get_option('secdriver_selinux').enabled()
+  error('You must install the libselinux development package in order to compile libvirt.')
+endif
+
 
 # define top include directory
 
@@ -1860,6 +1872,12 @@ driver_summary = {
 }
 summary(driver_summary, section: 'Drivers', bool_yn: true)
 
+secdriver_summary = {
+  'SELinux': conf.has('WITH_SECDRIVER_SELINUX'),
+  'AppArmor': conf.has('WITH_SECDRIVER_APPARMOR'),
+}
+summary(secdriver_summary, section: 'Security Drivers', bool_yn: true)
+
 libs_summary = {
   'acl': acl_dep.found(),
   'apparmor': apparmor_dep.found(),
diff --git a/meson_options.txt b/meson_options.txt
index d6963fabd3c..fd370244f56 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -64,3 +64,7 @@ option('driver_vbox', type: 'feature', value: 'enabled', description: 'VirtualBo
 option('vbox_xpcomc_dir', type: 'string', value: '', description: 'Location of directory containing VirtualBox XPCOMC library')
 option('driver_vmware', type: 'feature', value: 'enabled', description: 'VMware driver')
 option('driver_vz', type: 'feature', value: 'auto', description: 'Virtuozzo driver')
+
+option('secdriver_apparmor', type: 'feature', value: 'auto', description: 'use AppArmor security driver')
+option('apparmor_profiles', type: 'boolean', value: false, description: 'install apparmor profiles')
+option('secdriver_selinux', type: 'feature', value: 'auto', description: 'use SELinux security driver')
-- 
2.26.2

More information about the libvir-list mailing list