From 36058bc54a059cd63bd4ce94b680f5f8c1441c92 Mon Sep 17 00:00:00 2001 From: "Kelvin M. Klann" Date: Tue, 16 Nov 2021 09:49:49 -0300 Subject: configure*: Move AC_SUBST calls to more obvious places These macros should always be called regardless of the intended value of each variable, as even if e.g.: no --enable-apparmor flag is given, the configure script still has to substitute `@HAVE_APPARMOR@` with blank in the relevant files. Something similar is already being done for HAVE_OVERLAYFS since commit fb9f2a5fb ("disabled overlayfs, fixes pending; added video channels to README* files", 2021-02-06). Note that each AC_SUBST is not immediately converted into search/replace code when generating the configure script. It appears that the variables are handled only after parsing all of configure.ac (or until a specific command is found), as all arguments passed to every AC_SUBST call are defined at once on the `ac_subst_vars` list. The actual substitutions are also done all at once (while iterating through the list) and that happens much later in the script (see both occurrences of `ac_subs_vars` on the current script). --- configure | 46 ++++++++++++++++++++++------------------------ configure.ac | 44 +++++++++++++++++++++----------------------- 2 files changed, 43 insertions(+), 47 deletions(-) diff --git a/configure b/configure index 0aa278e94..ab11aa020 100755 --- a/configure +++ b/configure @@ -651,12 +651,12 @@ HAVE_DBUSPROXY EXTRA_LDFLAGS EXTRA_CFLAGS HAVE_SELINUX -HAVE_APPARMOR AA_LIBS AA_CFLAGS PKG_CONFIG_LIBDIR PKG_CONFIG_PATH PKG_CONFIG +HAVE_APPARMOR RANLIB INSTALL_DATA INSTALL_SCRIPT @@ -3303,6 +3303,7 @@ fi fi HAVE_APPARMOR="" + # Check whether --enable-apparmor was given. if test "${enable_apparmor+set}" = set; then : enableval=$enable_apparmor; @@ -3523,10 +3524,10 @@ $as_echo "yes" >&6; } EXTRA_CFLAGS="$EXTRA_CFLAGS $AA_CFLAGS" && EXTRA_LDFLAGS="$EXTRA_LDFLAGS $AA_LIBS" fi - fi HAVE_SELINUX="" + # Check whether --enable-selinux was given. if test "${enable_selinux+set}" = set; then : enableval=$enable_selinux; @@ -3537,7 +3538,6 @@ if test "x$enable_selinux" = "xyes"; then : HAVE_SELINUX="-DHAVE_SELINUX" EXTRA_LDFLAGS="$EXTRA_LDFLAGS -lselinux" - fi @@ -3545,6 +3545,7 @@ fi HAVE_DBUSPROXY="" + # Check whether --enable-dbusproxy was given. if test "${enable_dbusproxy+set}" = set; then : enableval=$enable_dbusproxy; @@ -3554,21 +3555,19 @@ if test "x$enable_dbusproxy" != "xno"; then : HAVE_DBUSPROXY="-DHAVE_DBUSPROXY" - fi # overlayfs features temporarily disabled pending fixes HAVE_OVERLAYFS="" -# #AC_ARG_ENABLE([overlayfs], # [AS_HELP_STRING([--disable-overlayfs], [disable overlayfs])]) #AS_IF([test "x$enable_overlayfs" != "xno"], [ # HAVE_OVERLAYFS="-DHAVE_OVERLAYFS" -# AC_SUBST([HAVE_OVERLAYFS]) #]) HAVE_OUTPUT="" + # Check whether --enable-output was given. if test "${enable_output+set}" = set; then : enableval=$enable_output; @@ -3578,10 +3577,10 @@ if test "x$enable_output" != "xno"; then : HAVE_OUTPUT="-DHAVE_OUTPUT" - fi HAVE_USERTMPFS="" + # Check whether --enable-usertmpfs was given. if test "${enable_usertmpfs+set}" = set; then : enableval=$enable_usertmpfs; @@ -3591,10 +3590,10 @@ if test "x$enable_usertmpfs" != "xno"; then : HAVE_USERTMPFS="-DHAVE_USERTMPFS" - fi HAVE_MAN="no" + # Check whether --enable-man was given. if test "${enable_man+set}" = set; then : enableval=$enable_man; @@ -3603,7 +3602,6 @@ fi if test "x$enable_man" != "xno"; then : HAVE_MAN="-DHAVE_MAN" - # Extract the first word of "gawk", so it can be a program name with args. set dummy gawk; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 @@ -3649,6 +3647,7 @@ fi fi HAVE_FIRETUNNEL="" + # Check whether --enable-firetunnel was given. if test "${enable_firetunnel+set}" = set; then : enableval=$enable_firetunnel; @@ -3658,10 +3657,10 @@ if test "x$enable_firetunnel" != "xno"; then : HAVE_FIRETUNNEL="-DHAVE_FIRETUNNEL" - fi HAVE_PRIVATEHOME="" + # Check whether --enable-private-home was given. if test "${enable_private_home+set}" = set; then : enableval=$enable_private_home; @@ -3671,10 +3670,10 @@ if test "x$enable_private_home" != "xno"; then : HAVE_PRIVATE_HOME="-DHAVE_PRIVATE_HOME" - fi HAVE_CHROOT="" + # Check whether --enable-chroot was given. if test "${enable_chroot+set}" = set; then : enableval=$enable_chroot; @@ -3684,10 +3683,10 @@ if test "x$enable_chroot" != "xno"; then : HAVE_CHROOT="-DHAVE_CHROOT" - fi HAVE_GLOBALCFG="" + # Check whether --enable-globalcfg was given. if test "${enable_globalcfg+set}" = set; then : enableval=$enable_globalcfg; @@ -3697,10 +3696,10 @@ if test "x$enable_globalcfg" != "xno"; then : HAVE_GLOBALCFG="-DHAVE_GLOBALCFG" - fi HAVE_NETWORK="" + # Check whether --enable-network was given. if test "${enable_network+set}" = set; then : enableval=$enable_network; @@ -3710,10 +3709,10 @@ if test "x$enable_network" != "xno"; then : HAVE_NETWORK="-DHAVE_NETWORK" - fi HAVE_USERNS="" + # Check whether --enable-userns was given. if test "${enable_userns+set}" = set; then : enableval=$enable_userns; @@ -3723,10 +3722,10 @@ if test "x$enable_userns" != "xno"; then : HAVE_USERNS="-DHAVE_USERNS" - fi HAVE_X11="" + # Check whether --enable-x11 was given. if test "${enable_x11+set}" = set; then : enableval=$enable_x11; @@ -3736,10 +3735,10 @@ if test "x$enable_x11" != "xno"; then : HAVE_X11="-DHAVE_X11" - fi HAVE_FILE_TRANSFER="" + # Check whether --enable-file-transfer was given. if test "${enable_file_transfer+set}" = set; then : enableval=$enable_file_transfer; @@ -3749,10 +3748,10 @@ if test "x$enable_file_transfer" != "xno"; then : HAVE_FILE_TRANSFER="-DHAVE_FILE_TRANSFER" - fi HAVE_SUID="" + # Check whether --enable-suid was given. if test "${enable_suid+set}" = set; then : enableval=$enable_suid; @@ -3765,8 +3764,8 @@ else fi - HAVE_FATAL_WARNINGS="" + # Check whether --enable-fatal_warnings was given. if test "${enable_fatal_warnings+set}" = set; then : enableval=$enable_fatal_warnings; @@ -3776,10 +3775,10 @@ if test "x$enable_fatal_warnings" = "xyes"; then : HAVE_FATAL_WARNINGS="-W -Wall -Werror" - fi BUSYBOX_WORKAROUND="no" + # Check whether --enable-busybox-workaround was given. if test "${enable_busybox_workaround+set}" = set; then : enableval=$enable_busybox_workaround; @@ -3789,11 +3788,11 @@ if test "x$enable_busybox_workaround" = "xyes"; then : BUSYBOX_WORKAROUND="yes" - fi HAVE_GCOV="" + # Check whether --enable-gcov was given. if test "${enable_gcov+set}" = set; then : enableval=$enable_gcov; @@ -3804,10 +3803,10 @@ if test "x$enable_gcov" = "xyes"; then : HAVE_GCOV="--coverage -DHAVE_GCOV" EXTRA_LDFLAGS="$EXTRA_LDFLAGS -lgcov --coverage" - fi HAVE_CONTRIB_INSTALL="yes" + # Check whether --enable-contrib-install was given. if test "${enable_contrib_install+set}" = set; then : enableval=$enable_contrib_install; @@ -3820,8 +3819,8 @@ else fi - HAVE_FORCE_NONEWPRIVS="" + # Check whether --enable-force-nonewprivs was given. if test "${enable_force_nonewprivs+set}" = set; then : enableval=$enable_force_nonewprivs; @@ -3831,10 +3830,10 @@ if test "x$enable_force_nonewprivs" = "xyes"; then : HAVE_FORCE_NONEWPRIVS="-DHAVE_FORCE_NONEWPRIVS" - fi HAVE_LTS="" + # Check whether --enable-lts was given. if test "${enable_lts+set}" = set; then : enableval=$enable_lts; @@ -3844,7 +3843,6 @@ if test "x$enable_lts" = "xyes"; then : HAVE_LTS="-DHAVE_LTS" - HAVE_DBUSPROXY="" diff --git a/configure.ac b/configure.ac index 3f3d41bb9..20b60b522 100644 --- a/configure.ac +++ b/configure.ac @@ -57,22 +57,22 @@ AS_IF([test "x$enable_sanitizer" != "xno" ], )]) HAVE_APPARMOR="" +AC_SUBST([HAVE_APPARMOR]) AC_ARG_ENABLE([apparmor], [AS_HELP_STRING([--enable-apparmor], [enable apparmor])]) AS_IF([test "x$enable_apparmor" = "xyes"], [ HAVE_APPARMOR="-DHAVE_APPARMOR" PKG_CHECK_MODULES([AA], [libapparmor], [EXTRA_CFLAGS="$EXTRA_CFLAGS $AA_CFLAGS" && EXTRA_LDFLAGS="$EXTRA_LDFLAGS $AA_LIBS"]) - AC_SUBST([HAVE_APPARMOR]) ]) HAVE_SELINUX="" +AC_SUBST([HAVE_SELINUX]) AC_ARG_ENABLE([selinux], [AS_HELP_STRING([--enable-selinux], [SELinux labeling support])]) AS_IF([test "x$enable_selinux" = "xyes"], [ HAVE_SELINUX="-DHAVE_SELINUX" EXTRA_LDFLAGS="$EXTRA_LDFLAGS -lselinux" - AC_SUBST([HAVE_SELINUX]) ]) AC_SUBST([EXTRA_CFLAGS]) @@ -80,173 +80,171 @@ AC_SUBST([EXTRA_LDFLAGS]) HAVE_DBUSPROXY="" +AC_SUBST([HAVE_DBUSPROXY]) AC_ARG_ENABLE([dbusproxy], [AS_HELP_STRING([--disable-dbusproxy], [disable dbus proxy])]) AS_IF([test "x$enable_dbusproxy" != "xno"], [ HAVE_DBUSPROXY="-DHAVE_DBUSPROXY" - AC_SUBST([HAVE_DBUSPROXY]) ]) # overlayfs features temporarily disabled pending fixes HAVE_OVERLAYFS="" AC_SUBST([HAVE_OVERLAYFS]) -# #AC_ARG_ENABLE([overlayfs], # [AS_HELP_STRING([--disable-overlayfs], [disable overlayfs])]) #AS_IF([test "x$enable_overlayfs" != "xno"], [ # HAVE_OVERLAYFS="-DHAVE_OVERLAYFS" -# AC_SUBST([HAVE_OVERLAYFS]) #]) HAVE_OUTPUT="" +AC_SUBST([HAVE_OUTPUT]) AC_ARG_ENABLE([output], [AS_HELP_STRING([--disable-output], [disable --output logging])]) AS_IF([test "x$enable_output" != "xno"], [ HAVE_OUTPUT="-DHAVE_OUTPUT" - AC_SUBST([HAVE_OUTPUT]) ]) HAVE_USERTMPFS="" +AC_SUBST([HAVE_USERTMPFS]) AC_ARG_ENABLE([usertmpfs], [AS_HELP_STRING([--disable-usertmpfs], [disable tmpfs as regular user])]) AS_IF([test "x$enable_usertmpfs" != "xno"], [ HAVE_USERTMPFS="-DHAVE_USERTMPFS" - AC_SUBST([HAVE_USERTMPFS]) ]) HAVE_MAN="no" +AC_SUBST([HAVE_MAN]) AC_ARG_ENABLE([man], [AS_HELP_STRING([--disable-man], [disable man pages])]) AS_IF([test "x$enable_man" != "xno"], [ HAVE_MAN="-DHAVE_MAN" - AC_SUBST([HAVE_MAN]) AC_CHECK_PROG([HAVE_GAWK], [gawk], [yes], [no]) AS_IF([test "x$HAVE_GAWK" != "xyes"], [AC_MSG_ERROR([*** gawk not found ***])]) ]) HAVE_FIRETUNNEL="" +AC_SUBST([HAVE_FIRETUNNEL]) AC_ARG_ENABLE([firetunnel], [AS_HELP_STRING([--disable-firetunnel], [disable firetunnel])]) AS_IF([test "x$enable_firetunnel" != "xno"], [ HAVE_FIRETUNNEL="-DHAVE_FIRETUNNEL" - AC_SUBST([HAVE_FIRETUNNEL]) ]) HAVE_PRIVATEHOME="" +AC_SUBST([HAVE_PRIVATE_HOME]) AC_ARG_ENABLE([private-home], [AS_HELP_STRING([--disable-private-home], [disable private home feature])]) AS_IF([test "x$enable_private_home" != "xno"], [ HAVE_PRIVATE_HOME="-DHAVE_PRIVATE_HOME" - AC_SUBST([HAVE_PRIVATE_HOME]) ]) HAVE_CHROOT="" +AC_SUBST([HAVE_CHROOT]) AC_ARG_ENABLE([chroot], [AS_HELP_STRING([--disable-chroot], [disable chroot])]) AS_IF([test "x$enable_chroot" != "xno"], [ HAVE_CHROOT="-DHAVE_CHROOT" - AC_SUBST([HAVE_CHROOT]) ]) HAVE_GLOBALCFG="" +AC_SUBST([HAVE_GLOBALCFG]) AC_ARG_ENABLE([globalcfg], [AS_HELP_STRING([--disable-globalcfg], [if the global config file firejail.cfg is not present, continue the program using defaults])]) AS_IF([test "x$enable_globalcfg" != "xno"], [ HAVE_GLOBALCFG="-DHAVE_GLOBALCFG" - AC_SUBST([HAVE_GLOBALCFG]) ]) HAVE_NETWORK="" +AC_SUBST([HAVE_NETWORK]) AC_ARG_ENABLE([network], [AS_HELP_STRING([--disable-network], [disable network])]) AS_IF([test "x$enable_network" != "xno"], [ HAVE_NETWORK="-DHAVE_NETWORK" - AC_SUBST([HAVE_NETWORK]) ]) HAVE_USERNS="" +AC_SUBST([HAVE_USERNS]) AC_ARG_ENABLE([userns], [AS_HELP_STRING([--disable-userns], [disable user namespace])]) AS_IF([test "x$enable_userns" != "xno"], [ HAVE_USERNS="-DHAVE_USERNS" - AC_SUBST([HAVE_USERNS]) ]) HAVE_X11="" +AC_SUBST([HAVE_X11]) AC_ARG_ENABLE([x11], [AS_HELP_STRING([--disable-x11], [disable X11 sandboxing support])]) AS_IF([test "x$enable_x11" != "xno"], [ HAVE_X11="-DHAVE_X11" - AC_SUBST([HAVE_X11]) ]) HAVE_FILE_TRANSFER="" +AC_SUBST([HAVE_FILE_TRANSFER]) AC_ARG_ENABLE([file-transfer], [AS_HELP_STRING([--disable-file-transfer], [disable file transfer])]) AS_IF([test "x$enable_file_transfer" != "xno"], [ HAVE_FILE_TRANSFER="-DHAVE_FILE_TRANSFER" - AC_SUBST([HAVE_FILE_TRANSFER]) ]) HAVE_SUID="" +AC_SUBST([HAVE_SUID]) AC_ARG_ENABLE([suid], [AS_HELP_STRING([--disable-suid], [install as a non-SUID executable])]) AS_IF([test "x$enable_suid" = "xno"], [HAVE_SUID="no"], [HAVE_SUID="yes"] ) -AC_SUBST([HAVE_SUID]) HAVE_FATAL_WARNINGS="" +AC_SUBST([HAVE_FATAL_WARNINGS]) AC_ARG_ENABLE([fatal_warnings], [AS_HELP_STRING([--enable-fatal-warnings], [-W -Wall -Werror])]) AS_IF([test "x$enable_fatal_warnings" = "xyes"], [ HAVE_FATAL_WARNINGS="-W -Wall -Werror" - AC_SUBST([HAVE_FATAL_WARNINGS]) ]) BUSYBOX_WORKAROUND="no" +AC_SUBST([BUSYBOX_WORKAROUND]) AC_ARG_ENABLE([busybox-workaround], [AS_HELP_STRING([--enable-busybox-workaround], [enable busybox workaround])]) AS_IF([test "x$enable_busybox_workaround" = "xyes"], [ BUSYBOX_WORKAROUND="yes" - AC_SUBST([BUSYBOX_WORKAROUND]) ]) HAVE_GCOV="" +AC_SUBST([HAVE_GCOV]) AC_ARG_ENABLE([gcov], [AS_HELP_STRING([--enable-gcov], [Gcov instrumentation])]) AS_IF([test "x$enable_gcov" = "xyes"], [ HAVE_GCOV="--coverage -DHAVE_GCOV" EXTRA_LDFLAGS="$EXTRA_LDFLAGS -lgcov --coverage" - AC_SUBST([HAVE_GCOV]) ]) HAVE_CONTRIB_INSTALL="yes" +AC_SUBST([HAVE_CONTRIB_INSTALL]) AC_ARG_ENABLE([contrib-install], [AS_HELP_STRING([--enable-contrib-install], [install contrib scripts])]) AS_IF([test "x$enable_contrib_install" = "xno"], [HAVE_CONTRIB_INSTALL="no"], [HAVE_CONTRIB_INSTALL="yes"] ) -AC_SUBST([HAVE_CONTRIB_INSTALL]) HAVE_FORCE_NONEWPRIVS="" +AC_SUBST([HAVE_FORCE_NONEWPRIVS]) AC_ARG_ENABLE([force-nonewprivs], [AS_HELP_STRING([--enable-force-nonewprivs], [enable force nonewprivs])]) AS_IF([test "x$enable_force_nonewprivs" = "xyes"], [ HAVE_FORCE_NONEWPRIVS="-DHAVE_FORCE_NONEWPRIVS" - AC_SUBST([HAVE_FORCE_NONEWPRIVS]) ]) HAVE_LTS="" +AC_SUBST([HAVE_LTS]) AC_ARG_ENABLE([lts], [AS_HELP_STRING([--enable-lts], [enable long-term support software version (LTS)])]) AS_IF([test "x$enable_lts" = "xyes"], [ HAVE_LTS="-DHAVE_LTS" - AC_SUBST([HAVE_LTS]) HAVE_DBUSPROXY="" AC_SUBST([HAVE_DBUSPROXY]) -- cgit v1.2.3-70-g09d2