diff options
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 106 |
1 files changed, 97 insertions, 9 deletions
diff --git a/configure.ac b/configure.ac index b2e9a7b86..e8bd6fb80 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -54,6 +54,15 @@ AS_IF([test "x$enable_apparmor" = "xyes"], [ | |||
54 | AC_SUBST(HAVE_APPARMOR) | 54 | AC_SUBST(HAVE_APPARMOR) |
55 | ]) | 55 | ]) |
56 | 56 | ||
57 | HAVE_SELINUX="" | ||
58 | AC_ARG_ENABLE([selinux], | ||
59 | AS_HELP_STRING([--enable-selinux], [SELinux labeling support])) | ||
60 | AS_IF([test "x$enable_selinux" = "xyes"], [ | ||
61 | HAVE_SELINUX="-DHAVE_SELINUX" | ||
62 | EXTRA_LDFLAGS+=" -lselinux " | ||
63 | AC_SUBST(HAVE_SELINUX) | ||
64 | ]) | ||
65 | |||
57 | AC_SUBST([EXTRA_CFLAGS]) | 66 | AC_SUBST([EXTRA_CFLAGS]) |
58 | AC_SUBST([EXTRA_LDFLAGS]) | 67 | AC_SUBST([EXTRA_LDFLAGS]) |
59 | 68 | ||
@@ -77,6 +86,14 @@ AC_SUBST(HAVE_OVERLAYFS) | |||
77 | # AC_SUBST(HAVE_OVERLAYFS) | 86 | # AC_SUBST(HAVE_OVERLAYFS) |
78 | #]) | 87 | #]) |
79 | 88 | ||
89 | HAVE_OUTPUT="" | ||
90 | AC_ARG_ENABLE([output], | ||
91 | AS_HELP_STRING([--disable-output], [disable --output logging])) | ||
92 | AS_IF([test "x$enable_output" != "xno"], [ | ||
93 | HAVE_OUTPUT="-DHAVE_OUTPUT" | ||
94 | AC_SUBST(HAVE_OUTPUT) | ||
95 | ]) | ||
96 | |||
80 | HAVE_USERTMPFS="" | 97 | HAVE_USERTMPFS="" |
81 | AC_ARG_ENABLE([usertmpfs], | 98 | AC_ARG_ENABLE([usertmpfs], |
82 | AS_HELP_STRING([--disable-usertmpfs], [disable tmpfs as regular user])) | 99 | AS_HELP_STRING([--disable-usertmpfs], [disable tmpfs as regular user])) |
@@ -211,15 +228,70 @@ AS_IF([test "x$enable_contrib_install" = "xno"], | |||
211 | ) | 228 | ) |
212 | AC_SUBST(HAVE_CONTRIB_INSTALL) | 229 | AC_SUBST(HAVE_CONTRIB_INSTALL) |
213 | 230 | ||
214 | HAVE_SELINUX="" | 231 | HAVE_FORCE_NONEWPRIVS="" |
215 | AC_ARG_ENABLE([selinux], | 232 | AC_ARG_ENABLE([force-nonewprivs], |
216 | AS_HELP_STRING([--enable-selinux], [SELinux labeling support])) | 233 | AS_HELP_STRING([--enable-force-nonewprivs], [enable force nonewprivs])) |
217 | AS_IF([test "x$enable_selinux" = "xyes"], [ | 234 | AS_IF([test "x$enable_force_nonewprivs" = "xyes"], [ |
218 | HAVE_SELINUX="-DHAVE_SELINUX" | 235 | HAVE_FORCE_NONEWPRIVS="-DHAVE_FORCE_NONEWPRIVS" |
219 | EXTRA_LDFLAGS+=" -lselinux " | 236 | AC_SUBST(HAVE_FORCE_NONEWPRIVS) |
220 | AC_SUBST(HAVE_SELINUX) | 237 | ]) |
238 | |||
239 | HAVE_LTS="" | ||
240 | AC_ARG_ENABLE([lts], | ||
241 | AS_HELP_STRING([--enable-lts], [enable long-term support software version (LTS)])) | ||
242 | AS_IF([test "x$enable_lts" = "xyes"], [ | ||
243 | HAVE_LTS="-DHAVE_LTS" | ||
244 | AC_SUBST(HAVE_LTS) | ||
245 | |||
246 | HAVE_DBUSPROXY="" | ||
247 | AC_SUBST(HAVE_DBUSPROXY) | ||
248 | |||
249 | HAVE_OVERLAYFS="" | ||
250 | AC_SUBST(HAVE_OVERLAYFS) | ||
251 | |||
252 | HAVE_OUTPUT="" | ||
253 | AC_SUBST(HAVE_OUTPUT) | ||
254 | |||
255 | HAVE_USERTMPFS="" | ||
256 | AC_SUBST(HAVE_USERTMPFS) | ||
257 | |||
258 | HAVE_MAN="-DHAVE_MAN" | ||
259 | AC_SUBST(HAVE_MAN) | ||
260 | |||
261 | HAVE_FIRETUNNEL="" | ||
262 | AC_SUBST(HAVE_FIRETUNNEL) | ||
263 | |||
264 | HAVE_PRIVATEHOME="" | ||
265 | AC_SUBST(HAVE_PRIVATE_HOME) | ||
266 | |||
267 | HAVE_CHROOT="" | ||
268 | AC_SUBST(HAVE_CHROOT) | ||
269 | |||
270 | HAVE_GLOBALCFG="" | ||
271 | AC_SUBST(HAVE_GLOBALCFG) | ||
272 | |||
273 | HAVE_USERNS="" | ||
274 | AC_SUBST(HAVE_USERNS) | ||
275 | |||
276 | HAVE_X11="" | ||
277 | AC_SUBST(HAVE_X11) | ||
278 | |||
279 | HAVE_FILE_TRANSFER="" | ||
280 | AC_SUBST(HAVE_FILE_TRANSFER) | ||
281 | |||
282 | HAVE_SUID="yes" | ||
283 | AC_SUBST(HAVE_SUID) | ||
284 | |||
285 | BUSYBOX_WORKAROUND="no" | ||
286 | AC_SUBST(BUSYBOX_WORKAROUND) | ||
287 | |||
288 | HAVE_CONTRIB_INSTALL="no", | ||
289 | AC_SUBST(HAVE_CONTRIB_INSTALL) | ||
221 | ]) | 290 | ]) |
222 | 291 | ||
292 | |||
293 | |||
294 | |||
223 | # checking pthread library | 295 | # checking pthread library |
224 | AC_CHECK_LIB([pthread], [main], [], AC_MSG_ERROR([*** POSIX thread support not installed ***])) | 296 | AC_CHECK_LIB([pthread], [main], [], AC_MSG_ERROR([*** POSIX thread support not installed ***])) |
225 | AC_CHECK_HEADER(pthread.h,,AC_MSG_ERROR([*** POSIX thread support not installed ***])) | 297 | AC_CHECK_HEADER(pthread.h,,AC_MSG_ERROR([*** POSIX thread support not installed ***])) |
@@ -233,7 +305,7 @@ fi | |||
233 | AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh]) | 305 | AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh]) |
234 | AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ | 306 | AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ |
235 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ | 307 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ |
236 | src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ | 308 | src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ |
237 | src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile \ | 309 | src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile \ |
238 | src/jailtest/Makefile) | 310 | src/jailtest/Makefile) |
239 | 311 | ||
@@ -242,6 +314,7 @@ echo "Configuration options:" | |||
242 | echo " prefix: $prefix" | 314 | echo " prefix: $prefix" |
243 | echo " sysconfdir: $sysconfdir" | 315 | echo " sysconfdir: $sysconfdir" |
244 | echo " apparmor: $HAVE_APPARMOR" | 316 | echo " apparmor: $HAVE_APPARMOR" |
317 | echo " SELinux labeling support: $HAVE_SELINUX" | ||
245 | echo " global config: $HAVE_GLOBALCFG" | 318 | echo " global config: $HAVE_GLOBALCFG" |
246 | echo " chroot: $HAVE_CHROOT" | 319 | echo " chroot: $HAVE_CHROOT" |
247 | echo " network: $HAVE_NETWORK" | 320 | echo " network: $HAVE_NETWORK" |
@@ -253,6 +326,7 @@ echo " file transfer support: $HAVE_FILE_TRANSFER" | |||
253 | echo " overlayfs support: $HAVE_OVERLAYFS" | 326 | echo " overlayfs support: $HAVE_OVERLAYFS" |
254 | echo " DBUS proxy support: $HAVE_DBUSPROXY" | 327 | echo " DBUS proxy support: $HAVE_DBUSPROXY" |
255 | echo " allow tmpfs as regular user: $HAVE_USERTMPFS" | 328 | echo " allow tmpfs as regular user: $HAVE_USERTMPFS" |
329 | echo " enable --ouput logging: $HAVE_OUTPUT" | ||
256 | echo " Manpage support: $HAVE_MAN" | 330 | echo " Manpage support: $HAVE_MAN" |
257 | echo " firetunnel support: $HAVE_FIRETUNNEL" | 331 | echo " firetunnel support: $HAVE_FIRETUNNEL" |
258 | echo " busybox workaround: $BUSYBOX_WORKAROUND" | 332 | echo " busybox workaround: $BUSYBOX_WORKAROUND" |
@@ -262,6 +336,20 @@ echo " EXTRA_CFLAGS: $EXTRA_CFLAGS" | |||
262 | echo " fatal warnings: $HAVE_FATAL_WARNINGS" | 336 | echo " fatal warnings: $HAVE_FATAL_WARNINGS" |
263 | echo " Gcov instrumentation: $HAVE_GCOV" | 337 | echo " Gcov instrumentation: $HAVE_GCOV" |
264 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" | 338 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" |
265 | echo " SELinux labeling support: $HAVE_SELINUX" | ||
266 | echo " Install as a SUID executable: $HAVE_SUID" | 339 | echo " Install as a SUID executable: $HAVE_SUID" |
340 | echo " LTS: $HAVE_LTS" | ||
341 | echo " Always enforce filters: $HAVE_FORCE_NONEWPRIVS" | ||
267 | echo | 342 | echo |
343 | |||
344 | |||
345 | if test "$HAVE_LTS" = -DHAVE_LTS; then | ||
346 | echo | ||
347 | echo | ||
348 | echo "*********************************************************" | ||
349 | echo "* Warning: Long-term support (LTS) was enabled! *" | ||
350 | echo "* Most compile-time options have bean rewritten! *" | ||
351 | echo "*********************************************************" | ||
352 | echo | ||
353 | echo | ||
354 | fi | ||
355 | |||