* [PATCH] package_rpm: Add %manifest support for spec generation.
@ 2014-08-29 17:39 Richard Purdie
2014-08-29 18:38 ` Mark Hatle
0 siblings, 1 reply; 4+ messages in thread
From: Richard Purdie @ 2014-08-29 17:39 UTC (permalink / raw)
To: openembedded-core; +Cc: ronan, Ed Bartosh
From: Ronan Le Martret <ronan@fridu.net>
The manifest file allow custom smack security for a package.
https://wiki.tizen.org/wiki/Security/Application_installation_and_Manifest
Signed-off-by: Ronan Le Martret <ronan@fridu.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
diff --git a/meta/classes/package_rpm.bbclass b/meta/classes/package_rpm.bbclass
index eecfcb2..0f565ac 100644
--- a/meta/classes/package_rpm.bbclass
+++ b/meta/classes/package_rpm.bbclass
@@ -389,6 +389,8 @@ python write_specfile () {
else:
bb.note("Creating RPM package for %s" % splitname)
spec_files_top.append('%files')
+ if localdata.getVar('MANIFESTFILES', True):
+ spec_files_top.append('%%manifest %s' % localdata.getVar('MANIFESTFILES', True))
spec_files_top.append('%defattr(-,-,-,-)')
if file_list:
bb.note("Creating RPM package for %s" % splitname)
@@ -495,6 +497,8 @@ python write_specfile () {
bb.note("Not creating empty RPM package for %s" % splitname)
else:
spec_files_bottom.append('%%files -n %s' % splitname)
+ if localdata.getVar('MANIFESTFILES', True):
+ spec_files_bottom.append('%%manifest %s' % localdata.getVar('MANIFESTFILES', True))
spec_files_bottom.append('%defattr(-,-,-,-)')
if file_list:
bb.note("Creating RPM package for %s" % splitname)
^ permalink raw reply related [flat|nested] 4+ messages in thread* Re: [PATCH] package_rpm: Add %manifest support for spec generation.
2014-08-29 17:39 [PATCH] package_rpm: Add %manifest support for spec generation Richard Purdie
@ 2014-08-29 18:38 ` Mark Hatle
2014-08-29 21:51 ` Richard Purdie
0 siblings, 1 reply; 4+ messages in thread
From: Mark Hatle @ 2014-08-29 18:38 UTC (permalink / raw)
To: openembedded-core
On 8/29/14, 12:39 PM, Richard Purdie wrote:
> From: Ronan Le Martret <ronan@fridu.net>
>
> The manifest file allow custom smack security for a package.
> https://wiki.tizen.org/wiki/Security/Application_installation_and_Manifest
I'm concerned with this simply because we're adding a very specific (non-oe)
mechanism into the mix.
I'd prefer if there was simple a "perform this generic action, which can add to
the .spec file"
The during the packaging (before writing the .spec) we can call the action and
it can insert the %manifest if appropriate.
That can then be distribution defined and work with any arbitrary mechanisms.
--Mark
> Signed-off-by: Ronan Le Martret <ronan@fridu.net>
> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
>
> diff --git a/meta/classes/package_rpm.bbclass b/meta/classes/package_rpm.bbclass
> index eecfcb2..0f565ac 100644
> --- a/meta/classes/package_rpm.bbclass
> +++ b/meta/classes/package_rpm.bbclass
> @@ -389,6 +389,8 @@ python write_specfile () {
> else:
> bb.note("Creating RPM package for %s" % splitname)
> spec_files_top.append('%files')
> + if localdata.getVar('MANIFESTFILES', True):
> + spec_files_top.append('%%manifest %s' % localdata.getVar('MANIFESTFILES', True))
> spec_files_top.append('%defattr(-,-,-,-)')
> if file_list:
> bb.note("Creating RPM package for %s" % splitname)
> @@ -495,6 +497,8 @@ python write_specfile () {
> bb.note("Not creating empty RPM package for %s" % splitname)
> else:
> spec_files_bottom.append('%%files -n %s' % splitname)
> + if localdata.getVar('MANIFESTFILES', True):
> + spec_files_bottom.append('%%manifest %s' % localdata.getVar('MANIFESTFILES', True))
> spec_files_bottom.append('%defattr(-,-,-,-)')
> if file_list:
> bb.note("Creating RPM package for %s" % splitname)
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH] package_rpm: Add %manifest support for spec generation.
2014-08-29 18:38 ` Mark Hatle
@ 2014-08-29 21:51 ` Richard Purdie
2014-08-29 22:07 ` Mark Hatle
0 siblings, 1 reply; 4+ messages in thread
From: Richard Purdie @ 2014-08-29 21:51 UTC (permalink / raw)
To: Mark Hatle; +Cc: openembedded-core
On Fri, 2014-08-29 at 13:38 -0500, Mark Hatle wrote:
> On 8/29/14, 12:39 PM, Richard Purdie wrote:
> > From: Ronan Le Martret <ronan@fridu.net>
> >
> > The manifest file allow custom smack security for a package.
> > https://wiki.tizen.org/wiki/Security/Application_installation_and_Manifest
>
> I'm concerned with this simply because we're adding a very specific (non-oe)
> mechanism into the mix.
>
> I'd prefer if there was simple a "perform this generic action, which can add to
> the .spec file"
>
> The during the packaging (before writing the .spec) we can call the action and
> it can insert the %manifest if appropriate.
>
> That can then be distribution defined and work with any arbitrary mechanisms.
The rough plan forming in my (and other people's) minds is that we need
a proper python "spec" construction class.
If we had such a thing, customisations like this would be much easier,
we could also likely more easily reconcile some of the archiver srpm
pieces too.
Right now we don't have that, there are people needing to fork the whole
of package_rpm to add the few tweaks I've posted. I'm therefore minded
to make things easier. If/as or more like when we implement the class,
this kind of issue should go away.
Cheers,
Richard
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] package_rpm: Add %manifest support for spec generation.
2014-08-29 21:51 ` Richard Purdie
@ 2014-08-29 22:07 ` Mark Hatle
0 siblings, 0 replies; 4+ messages in thread
From: Mark Hatle @ 2014-08-29 22:07 UTC (permalink / raw)
To: Richard Purdie; +Cc: openembedded-core
On 8/29/14, 4:51 PM, Richard Purdie wrote:
> On Fri, 2014-08-29 at 13:38 -0500, Mark Hatle wrote:
>> On 8/29/14, 12:39 PM, Richard Purdie wrote:
>>> From: Ronan Le Martret <ronan@fridu.net>
>>>
>>> The manifest file allow custom smack security for a package.
>>> https://wiki.tizen.org/wiki/Security/Application_installation_and_Manifest
>>
>> I'm concerned with this simply because we're adding a very specific (non-oe)
>> mechanism into the mix.
>>
>> I'd prefer if there was simple a "perform this generic action, which can add to
>> the .spec file"
>>
>> The during the packaging (before writing the .spec) we can call the action and
>> it can insert the %manifest if appropriate.
>>
>> That can then be distribution defined and work with any arbitrary mechanisms.
>
> The rough plan forming in my (and other people's) minds is that we need
> a proper python "spec" construction class.
>
> If we had such a thing, customisations like this would be much easier,
> we could also likely more easily reconcile some of the archiver srpm
> pieces too.
>
> Right now we don't have that, there are people needing to fork the whole
> of package_rpm to add the few tweaks I've posted. I'm therefore minded
> to make things easier. If/as or more like when we implement the class,
> this kind of issue should go away.
I was thinking of a simple interface where you'd just call an external function
(python) based on a variable set by the distro.
It would be passed the various pieces of the spec file, preamble, individual
sections and the files.. that way the necessary pieces can be manipulated --
the call would be made -after- all of the regular processing occurs.
As for a custom class, we can certainly do that.. perhaps it's something to plan
for 1.8? We already have much of the processing setup and broken into the
constituent pieces.. we just don't have a way to extend it before being written.
--Mark
> Cheers,
>
> Richard
>
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-08-29 22:07 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-29 17:39 [PATCH] package_rpm: Add %manifest support for spec generation Richard Purdie
2014-08-29 18:38 ` Mark Hatle
2014-08-29 21:51 ` Richard Purdie
2014-08-29 22:07 ` Mark Hatle
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox