From: RomanKubiak Date: Thu, 16 Jul 2015 14:55:05 +0000 (+0200) Subject: Build subsystem for nether (cmake, codeblocks, spec) X-Git-Tag: submit/tizen/20151110.144250~19 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ba6b09873a10dc2616c89e177db798e76f59ae4a;p=platform%2Fcore%2Fsecurity%2Fnether.git Build subsystem for nether (cmake, codeblocks, spec) Change-Id: I35e39dc7e34087126b0a8aa2999cd0f7eb733fe3 --- diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..d372f16 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,5 @@ +CMAKE_MINIMUM_REQUIRED (VERSION 2.6) +PROJECT (nether) +INCLUDE(FindPkgConfig) +SET (CMAKE_CXX_FLAGS "-std=c++11") +ADD_SUBDIRECTORY(src) diff --git a/nether.cbp b/nether.cbp new file mode 100644 index 0000000..aeedfa5 --- /dev/null +++ b/nether.cbp @@ -0,0 +1,119 @@ + + + + + + diff --git a/packaging/nether.manifest b/packaging/nether.manifest new file mode 100644 index 0000000..2a0cec5 --- /dev/null +++ b/packaging/nether.manifest @@ -0,0 +1,5 @@ + + + + + diff --git a/packaging/nether.spec b/packaging/nether.spec new file mode 100644 index 0000000..0482d03 --- /dev/null +++ b/packaging/nether.spec @@ -0,0 +1,66 @@ +Name: nether +Epoch: 1 +Version: 0.0.1 +Release: 0 +Source0: %{name}-%{version}.tar.gz +License: Apache-2.0 +Group: Security/Other +Summary: Daemon for enforcing network privileges +BuildRequires: cmake +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: libnetfilter_queue-devel +Requires: iptables + +%description +This package provides a daemon used to manage zones - start, stop and switch +between them. A process from inside a zone can request a switch of context +(display, input devices) to the other zone. + +%files +%manifest packaging/nether.manifest +%defattr(644,root,root,755) +%attr(755,root,root) %{_bindir}/nether +%dir /etc/nether +%config /etc/nether/nether.policy +%config /etc/nether/setrules.sh +%config /etc/nether/nether.rules +%prep +%setup -q + +%build +%{!?build_type:%define build_type "RELEASE"} + +%if %{build_type} == "DEBUG" || %{build_type} == "PROFILING" || %{build_type} == "CCOV" + CFLAGS="$CFLAGS -Wp,-U_FORTIFY_SOURCE" + CXXFLAGS="$CXXFLAGS -Wp,-U_FORTIFY_SOURCE" +%endif + +%cmake . -DVERSION=%{version} \ + -DCMAKE_BUILD_TYPE=%{build_type} \ + -DSCRIPT_INSTALL_DIR=%{script_dir} \ + -DSYSTEMD_UNIT_DIR=%{_unitdir} +make -k %{?jobs:-j%jobs} + +%install +%make_install + +%clean +rm -rf %{buildroot} + +%post +# Refresh systemd services list after installation +if [ $1 == 1 ]; then + systemctl daemon-reload || : +fi +# set needed caps on the binary to allow restart without loosing them +setcap CAP_SYS_ADMIN,CAP_MAC_OVERRIDE+ei %{_bindir}/nether + +%preun +# Stop the service before uninstall +if [ $1 == 0 ]; then + systemctl stop nether.service || : +fi + +%postun +# Refresh systemd services list after uninstall/upgrade +systemctl daemon-reload || : diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt new file mode 100644 index 0000000..3585b3d --- /dev/null +++ b/src/CMakeLists.txt @@ -0,0 +1,30 @@ +FILE (GLOB NETHER_SOURCES *.cpp) +FILE (GLOB VASUM_LOGGER logger/*.cpp) +PKG_CHECK_MODULES (CYNARA cynara-client-async QUIET) +PKG_CHECK_MODULES (NETFILTER libnetfilter_queue REQUIRED) +PKG_CHECK_MODULES (LOGGER libsystemd-journal QUIET) + +ADD_EXECUTABLE(nether ${NETHER_SOURCES} ${VASUM_LOGGER}) + +INCLUDE_DIRECTORIES ( + ../include + ${EXTERNAL_INCLUDE_DIRS} + ${CYNARA_INCLUDE_DIRS} + ${NETFILTER_INCLUDE_DIRS} + ${LOGGER_INCLUDE_DIRS} + ) +if(CYNARA_FOUND) + ADD_DEFINITIONS (-DHAVE_CYNARA=${CYNARA_FOUND}) +endif() + +if(LOGGER_FOUND) + ADD_DEFINITIONS (-DHAVE_SYSTEMD_JOURNAL=${LOGGER_FOUND}) +endif() + +IF(CMAKE_BUILD_TYPE MATCHES DEBUG) + ADD_DEFINITIONS (-D_DEBUG=1) +ENDIF(CMAKE_BUILD_TYPE MATCHES DEBUG) + +TARGET_LINK_LIBRARIES(nether ${CYNARA_LIBRARIES} + ${NETFILTER_LIBRARIES} + ${LOGGER_LIBRARIES} ) \ No newline at end of file