From 87e7b313997b1d2be6553cfb22fef71b74c84ea6 Mon Sep 17 00:00:00 2001
From: Topi Miettinen <toiwoton@gmail.com>
Date: Wed, 13 May 2020 13:07:07 +0300
Subject: Configure Debian package with AA and SELinux options

Configure Debian package with AA and SELinux options if they are
enabled.
---
 .gitignore        |  1 +
 Makefile.in       |  6 ++---
 configure         |  8 +++++++
 configure.ac      |  1 +
 mkdeb-apparmor.sh | 56 --------------------------------------------
 mkdeb.sh          | 56 --------------------------------------------
 mkdeb.sh.in       | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 7 files changed, 83 insertions(+), 115 deletions(-)
 delete mode 100755 mkdeb-apparmor.sh
 delete mode 100755 mkdeb.sh
 create mode 100755 mkdeb.sh.in

diff --git a/.gitignore b/.gitignore
index 39380446b..70ced1a99 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,6 +19,7 @@ firejail-users.5
 firejail.1
 firemon.1
 firecfg.1
+mkdeb.sh
 src/firejail/firejail
 src/firemon/firemon
 src/firecfg/firecfg
diff --git a/Makefile.in b/Makefile.in
index 0da33544c..e811758e6 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -183,7 +183,7 @@ uninstall:
 	rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
 	@echo "If you want to install a different version of firejail, you might also need to run 'rm -fr $(DESTDIR)/$(sysconfdir)/firejail', see #2038."
 
-DISTFILES = "src etc m4 platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkdeb-apparmor.sh COPYING README RELNOTES"
+DISTFILES = "src etc m4 platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh.in COPYING README RELNOTES"
 DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot"
 
 dist:
@@ -202,10 +202,10 @@ dist:
 asc:; ./mkasc.sh $(VERSION)
 
 deb: dist
-	./mkdeb.sh $(NAME) $(VERSION)
+	./mkdeb.sh
 
 deb-apparmor: dist
-	./mkdeb-apparmor.sh $(NAME) $(VERSION)
+	./mkdeb.sh -apparmor
 
 test-compile: dist
 	cd test/compile; ./compile.sh $(NAME)-$(VERSION)
diff --git a/configure b/configure
index f587bb25e..12881fcaf 100755
--- a/configure
+++ b/configure
@@ -4186,6 +4186,8 @@ if test "$prefix" = /usr; then
 	test "$sysconfdir" = '${prefix}/etc' && sysconfdir="/etc"
 fi
 
+ac_config_files="$ac_config_files mkdeb.sh"
+
 ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile"
 
 cat >confcache <<\_ACEOF
@@ -4895,6 +4897,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 for ac_config_target in $ac_config_targets
 do
   case $ac_config_target in
+    "mkdeb.sh") CONFIG_FILES="$CONFIG_FILES mkdeb.sh" ;;
     "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
     "src/common.mk") CONFIG_FILES="$CONFIG_FILES src/common.mk" ;;
     "src/lib/Makefile") CONFIG_FILES="$CONFIG_FILES src/lib/Makefile" ;;
@@ -5333,6 +5336,11 @@ which seems to be undefined.  Please make sure it is defined" >&2;}
 
   esac
 
+
+  case $ac_file$ac_mode in
+    "mkdeb.sh":F) chmod +x mkdeb.sh ;;
+
+  esac
 done # for ac_tag
 
 
diff --git a/configure.ac b/configure.ac
index 8cf170c80..feb0b38a6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -204,6 +204,7 @@ if test "$prefix" = /usr; then
 	test "$sysconfdir" = '${prefix}/etc' && sysconfdir="/etc"
 fi
 
+AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh])
 AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \
 src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \
 src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \
diff --git a/mkdeb-apparmor.sh b/mkdeb-apparmor.sh
deleted file mode 100755
index 3c560179c..000000000
--- a/mkdeb-apparmor.sh
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/sh
-# This file is part of Firejail project
-# Copyright (C) 2014-2020 Firejail Authors
-# License GPL v2
-
-# based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/
-# a code archive should already be available
-
-set -e
-
-TOP=`pwd`
-CODE_ARCHIVE="$1-$2.tar.xz"
-CODE_DIR="$1-$2"
-INSTALL_DIR="${INSTALL_DIR}${CODE_DIR}/debian"
-DEBIAN_CTRL_DIR="${DEBIAN_CTRL_DIR}${CODE_DIR}/debian/DEBIAN"
-
-echo "*****************************************"
-echo "code archive: $CODE_ARCHIVE"
-echo "code directory: $CODE_DIR"
-echo "install directory: $INSTALL_DIR"
-echo "debian control directory: $DEBIAN_CTRL_DIR"
-echo "*****************************************"
-
-tar -xJvf $CODE_ARCHIVE
-#mkdir -p $INSTALL_DIR
-cd $CODE_DIR
-./configure --prefix=/usr --enable-apparmor
-make -j2
-mkdir debian
-DESTDIR=debian make install-strip
-
-cd ..
-echo "*****************************************"
-SIZE=`du -s $INSTALL_DIR`
-echo "install size $SIZE"
-echo "*****************************************"
-
-mv $INSTALL_DIR/usr/share/doc/firejail/RELNOTES $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
-gzip -9 -n $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
-rm $INSTALL_DIR/usr/share/doc/firejail/COPYING
-install -m644 platform/debian/copyright $INSTALL_DIR/usr/share/doc/firejail/.
-mkdir -p $DEBIAN_CTRL_DIR
-sed "s/FIREJAILVER/$2/g"  platform/debian/control.$(dpkg-architecture -qDEB_HOST_ARCH) > $DEBIAN_CTRL_DIR/control
-
-mkdir -p $INSTALL_DIR/usr/share/lintian/overrides/
-install -m644 platform/debian/firejail.lintian-overrides $INSTALL_DIR/usr/share/lintian/overrides/firejail
-
-find $INSTALL_DIR/etc -type f | sed "s,^$INSTALL_DIR,," | LC_ALL=C sort > $DEBIAN_CTRL_DIR/conffiles
-chmod 644 $DEBIAN_CTRL_DIR/conffiles
-find $INSTALL_DIR  -type d | xargs chmod 755
-cd $CODE_DIR
-fakeroot dpkg-deb --build debian
-lintian debian.deb
-mv debian.deb ../firejail-apparmor_$2_1_$(dpkg-architecture -qDEB_HOST_ARCH).deb
-cd ..
-rm -fr $CODE_DIR
diff --git a/mkdeb.sh b/mkdeb.sh
deleted file mode 100755
index dd784eb8a..000000000
--- a/mkdeb.sh
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/sh
-# This file is part of Firejail project
-# Copyright (C) 2014-2020 Firejail Authors
-# License GPL v2
-
-# based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/
-# a code archive should already be available
-
-set -e
-
-TOP=`pwd`
-CODE_ARCHIVE="$1-$2.tar.xz"
-CODE_DIR="$1-$2"
-INSTALL_DIR="${INSTALL_DIR}${CODE_DIR}/debian"
-DEBIAN_CTRL_DIR="${DEBIAN_CTRL_DIR}${CODE_DIR}/debian/DEBIAN"
-
-echo "*****************************************"
-echo "code archive: $CODE_ARCHIVE"
-echo "code directory: $CODE_DIR"
-echo "install directory: $INSTALL_DIR"
-echo "debian control directory: $DEBIAN_CTRL_DIR"
-echo "*****************************************"
-
-tar -xJvf $CODE_ARCHIVE
-#mkdir -p $INSTALL_DIR
-cd $CODE_DIR
-./configure --prefix=/usr
-make -j2
-mkdir debian
-DESTDIR=debian make install-strip
-
-cd ..
-echo "*****************************************"
-SIZE=`du -s $INSTALL_DIR`
-echo "install size $SIZE"
-echo "*****************************************"
-
-mv $INSTALL_DIR/usr/share/doc/firejail/RELNOTES $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
-gzip -9 -n $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
-rm $INSTALL_DIR/usr/share/doc/firejail/COPYING
-install -m644 platform/debian/copyright $INSTALL_DIR/usr/share/doc/firejail/.
-mkdir -p $DEBIAN_CTRL_DIR
-sed "s/FIREJAILVER/$2/g"  platform/debian/control.$(dpkg-architecture -qDEB_HOST_ARCH) > $DEBIAN_CTRL_DIR/control
-
-mkdir -p $INSTALL_DIR/usr/share/lintian/overrides/
-install -m644 platform/debian/firejail.lintian-overrides $INSTALL_DIR/usr/share/lintian/overrides/firejail
-
-find $INSTALL_DIR/etc -type f | sed "s,^$INSTALL_DIR,," | LC_ALL=C sort > $DEBIAN_CTRL_DIR/conffiles
-chmod 644 $DEBIAN_CTRL_DIR/conffiles
-find $INSTALL_DIR  -type d | xargs chmod 755
-cd $CODE_DIR
-fakeroot dpkg-deb --build debian
-lintian debian.deb
-mv debian.deb ../firejail_$2_1_$(dpkg-architecture -qDEB_HOST_ARCH).deb
-cd ..
-rm -fr $CODE_DIR
diff --git a/mkdeb.sh.in b/mkdeb.sh.in
new file mode 100755
index 000000000..efb477920
--- /dev/null
+++ b/mkdeb.sh.in
@@ -0,0 +1,70 @@
+#!/bin/sh
+# This file is part of Firejail project
+# Copyright (C) 2014-2020 Firejail Authors
+# License GPL v2
+
+# based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/
+# a code archive should already be available
+
+set -e
+NAME=@PACKAGE_NAME@
+VERSION=@PACKAGE_VERSION@
+PACKAGE_TARNAME=@PACKAGE_TARNAME@
+HAVE_APPARMOR=@HAVE_APPARMOR@
+HAVE_SELINUX=@HAVE_SELINUX@
+EXTRA_VERSION=$1
+
+CONFIG_ARGS="--prefix=/usr"
+if [ -n "$HAVE_APPARMOR" ]; then
+    CONFIG_ARGS="$CONFIG_ARGS --enable-apparmor"
+fi
+if [ -n "$HAVE_SELINUX" ]; then
+    CONFIG_ARGS="$CONFIG_ARGS --enable-selinux"
+fi
+
+TOP=`pwd`
+CODE_ARCHIVE="$NAME-$VERSION.tar.xz"
+CODE_DIR="$NAME-$VERSION"
+INSTALL_DIR="${INSTALL_DIR}${CODE_DIR}/debian"
+DEBIAN_CTRL_DIR="${DEBIAN_CTRL_DIR}${CODE_DIR}/debian/DEBIAN"
+
+echo "*****************************************"
+echo "code archive: $CODE_ARCHIVE"
+echo "code directory: $CODE_DIR"
+echo "install directory: $INSTALL_DIR"
+echo "debian control directory: $DEBIAN_CTRL_DIR"
+echo "*****************************************"
+
+tar -xJvf $CODE_ARCHIVE
+#mkdir -p $INSTALL_DIR
+cd $CODE_DIR
+./configure $CONFIG_ARGS
+make -j2
+mkdir debian
+DESTDIR=debian make install-strip
+
+cd ..
+echo "*****************************************"
+SIZE=`du -s $INSTALL_DIR`
+echo "install size $SIZE"
+echo "*****************************************"
+
+mv $INSTALL_DIR/usr/share/doc/firejail/RELNOTES $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
+gzip -9 -n $INSTALL_DIR/usr/share/doc/firejail/changelog.Debian
+rm $INSTALL_DIR/usr/share/doc/firejail/COPYING
+install -m644 platform/debian/copyright $INSTALL_DIR/usr/share/doc/firejail/.
+mkdir -p $DEBIAN_CTRL_DIR
+sed "s/FIREJAILVER/$VERSION/g"  platform/debian/control.$(dpkg-architecture -qDEB_HOST_ARCH) > $DEBIAN_CTRL_DIR/control
+
+mkdir -p $INSTALL_DIR/usr/share/lintian/overrides/
+install -m644 platform/debian/firejail.lintian-overrides $INSTALL_DIR/usr/share/lintian/overrides/firejail
+
+find $INSTALL_DIR/etc -type f | sed "s,^$INSTALL_DIR,," | LC_ALL=C sort > $DEBIAN_CTRL_DIR/conffiles
+chmod 644 $DEBIAN_CTRL_DIR/conffiles
+find $INSTALL_DIR  -type d | xargs chmod 755
+cd $CODE_DIR
+fakeroot dpkg-deb --build debian
+lintian debian.deb
+mv debian.deb ../firejail_${VERSION}${EXTRA_VERSION}_1_$(dpkg-architecture -qDEB_HOST_ARCH).deb
+cd ..
+rm -fr $CODE_DIR
-- 
cgit v1.2.3-54-g00ecf