1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
#
# Copyright (C) 2014-2016 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=procd
PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/procd.git
PKG_SOURCE_DATE:=2021-03-02
PKG_SOURCE_VERSION:=64e9f3a4ef61b53f72d0c9cf03da109e43b6700e
PKG_MIRROR_HASH:=59e1ea81e16b865c8e1bf16d747fd802285fd6bf8d689065e48dc1dee07447fb
CMAKE_INSTALL:=1
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=
PKG_MAINTAINER:=John Crispin <john@phrozen.org>
PKG_ASLR_PIE_REGULAR:=1
PKG_CONFIG_DEPENDS:= \
CONFIG_TARGET_INIT_PATH CONFIG_KERNEL_SECCOMP \
CONFIG_PROCD_SHOW_BOOT CONFIG_PROCD_ZRAM_TMPFS \
CONFIG_KERNEL_NAMESPACES CONFIG_PACKAGE_procd-ujail CONFIG_PACKAGE_procd-seccomp
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
ifeq ($(DUMP),)
STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell echo $(CONFIG_TARGET_INIT_PATH) | mkhash md5)
endif
CMAKE_OPTIONS += -DEARLY_PATH="$(TARGET_INIT_PATH)"
TARGET_LDFLAGS += $(if $(CONFIG_USE_GLIBC),-lrt)
TARGET_CFLAGS += -flto
TARGET_LDFLAGS += -flto
define Package/procd/Default
SECTION:=base
CATEGORY:=Base system
DEPENDS:=+ubusd +ubus +libjson-script +ubox +USE_GLIBC:librt +libubox \
+libubus +libblobmsg-json +libjson-c +jshn
TITLE:=OpenWrt system process manager
USERID:=:dialout=20 :audio=29
endef
define Package/procd
$(call Package/procd/Default)
VARIANT:=default
CONFLICTS:=procd-selinux
endef
define Package/procd-selinux
$(call Package/procd/Default)
DEPENDS += +libselinux
TITLE += with SELinux support
PROVIDES:=procd
VARIANT:=selinux
endef
define Package/procd-ujail
SECTION:=base
CATEGORY:=Base system
DEPENDS:=@KERNEL_NAMESPACES +@KERNEL_UTS_NS +@KERNEL_IPC_NS +@KERNEL_PID_NS \
+libubox +libubus +libblobmsg-json
TITLE:=OpenWrt process jail helper
endef
define Package/procd-ujail-console
SECTION:=base
CATEGORY:=Base system
DEPENDS:=+procd-ujail +libubus +libubox
TITLE:=OpenWrt process jail console
endef
define Package/procd-seccomp
SECTION:=base
CATEGORY:=Base system
DEPENDS:=@(arm||armeb||mips||mipsel||i386||powerpc||x86_64) @!TARGET_uml \
@KERNEL_SECCOMP +libubox +libblobmsg-json
TITLE:=OpenWrt process seccomp helper + utrace
endef
define Package/uxc
SECTION:=base
CATEGORY:=Base system
DEPENDS:=+procd-ujail +libubus +libubox +libblobmsg-json
TITLE:=OpenWrt container management
MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
endef
define Package/procd/config
menu "Configuration"
depends on PACKAGE_procd || PACKAGE_procd-selinux
config PROCD_SHOW_BOOT
bool
default n
prompt "Print the shutdown to the console as well as logging it to syslog"
config PROCD_ZRAM_TMPFS
bool
default n
prompt "Mount /tmp using zram."
endmenu
endef
ifeq ($(BUILD_VARIANT),selinux)
CMAKE_OPTIONS += -DSELINUX=1
endif
ifeq ($(CONFIG_PROCD_SHOW_BOOT),y)
CMAKE_OPTIONS += -DSHOW_BOOT_ON_CONSOLE=1
endif
ifeq ($(CONFIG_PROCD_ZRAM_TMPFS),y)
CMAKE_OPTIONS += -DZRAM_TMPFS=1
endif
ifdef CONFIG_PACKAGE_procd-ujail
CMAKE_OPTIONS += -DJAIL_SUPPORT=1
endif
SECCOMP=$(if $(CONFIG_PACKAGE_procd-seccomp),1,0)
CMAKE_OPTIONS += -DSECCOMP_SUPPORT=$(SECCOMP) -DUTRACE_SUPPORT=$(SECCOMP)
define Package/procd/install
$(INSTALL_DIR) $(1)/sbin $(1)/etc $(1)/lib/functions
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{init,procd,askfirst,udevtrigger,upgraded} $(1)/sbin/
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libsetlbf.so $(1)/lib
$(INSTALL_BIN) ./files/reload_config $(1)/sbin/
$(INSTALL_CONF) ./files/hotplug*.json $(1)/etc/
$(INSTALL_DATA) ./files/procd.sh $(1)/lib/functions/
endef
Package/procd-selinux/install = $(Package/procd/install)
define Package/procd-ujail/install
$(INSTALL_DIR) $(1)/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ujail $(1)/sbin/
endef
define Package/procd-ujail-console/install
$(INSTALL_DIR) $(1)/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ujail-console $(1)/sbin/
endef
define Package/procd-seccomp/install
$(INSTALL_DIR) $(1)/sbin $(1)/lib
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libpreload-seccomp.so $(1)/lib
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/utrace $(1)/sbin/
$(LN) utrace $(1)/sbin/seccomp-trace
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libpreload-trace.so $(1)/lib
endef
define Package/uxc/conffiles
/etc/uxc
endef
define Package/uxc/install
$(INSTALL_DIR) $(1)/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/uxc $(1)/sbin/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/uxc.init $(1)/etc/init.d/uxc
endef
$(eval $(call BuildPackage,procd))
$(eval $(call BuildPackage,procd-selinux))
$(eval $(call BuildPackage,procd-ujail))
$(eval $(call BuildPackage,procd-ujail-console))
$(eval $(call BuildPackage,procd-seccomp))
$(eval $(call BuildPackage,uxc))
|
