diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-05-15 12:23:14 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-05-17 11:42:42 -0300 |
commit | 1f671ab6cc1473e6d2a3354bced3a25ab4cb34df (patch) | |
tree | f7b2924c75d026828fd98c82d900cd7e9990c775 | |
parent | gitlab-ci: check for apparmor support on build_apparmor (diff) | |
download | firejail-1f671ab6cc1473e6d2a3354bced3a25ab4cb34df.tar.gz firejail-1f671ab6cc1473e6d2a3354bced3a25ab4cb34df.tar.zst firejail-1f671ab6cc1473e6d2a3354bced3a25ab4cb34df.zip |
gitlab-ci: actually link libapparmor on build_apparmor
The "build_apparmor" job was added on commit 342e71cd8 ("Add
deb-apparmor build to Gitlab CI", 2019-01-26). It would call
`./mkdeb-apparmor.sh`, which would run `./configure --enable-apparmor`
directly, adding `-lapparmor` to `EXTRA_LDFLAGS` and thus passing it to
the linker.
Later, commit 87e7b3139 ("Configure Debian package with AA and SELinux
options", 2020-05-13) / PR #3414 merged mkdeb.sh and mkdeb-apparmor.sh
into mkdeb.sh.in, which does not always pass `--enable-apparmor` to
./configure directly. Instead, it adds `--enable-apparmor` depending on
whether the `$HAVE_APPARMOR` environment variable is set, which would be
done by a previous run of ./configure with `--enable-apparmor`. Since
on "build_apparmor" ./configure is not run the first time with
`--enable-apparmor`, neither is it on the second time and thus
`-lapparmor` is never passed to the linker. This commit adds
`--enable-apparmor` to the first ./configure run on the ci job, so that
it gets passed to the one being executed on mkdeb.sh as well.
-rw-r--r-- | .gitlab-ci.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 06b3367e6..4871ef031 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml | |||
@@ -54,7 +54,7 @@ build_apparmor: | |||
54 | script: | 54 | script: |
55 | - apt-get update -qq | 55 | - apt-get update -qq |
56 | - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian libapparmor-dev pkg-config gawk | 56 | - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian libapparmor-dev pkg-config gawk |
57 | - ./configure --prefix=/usr && make deb-apparmor && dpkg -i firejail*.deb | 57 | - ./configure --prefix=/usr --enable-apparmor && make deb-apparmor && dpkg -i firejail*.deb |
58 | - command -V firejail && firejail --version | 58 | - command -V firejail && firejail --version |
59 | - firejail --version | grep -F 'AppArmor support is enabled' | 59 | - firejail --version | grep -F 'AppArmor support is enabled' |
60 | 60 | ||