Refactor to conform to YP Compat requirements

Change the references to check for the distribution flag of 'selinux' being
set before taking any action within the bbappends.  This prevents the
signature from being modified.

Also remove PR changes, as they are no longer allowed.

Signed-off-by: Mark Hatle <mark.hatle@windriver.com>

meta-python/recipes-extended/augeas/augeas/augeas_%.bbappend

@@ -1 +1 @@
-inherit with-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}

networking-layer/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_%.bbappend

@@ -1 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

networking-layer/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_selinux.inc

@@ -0,0 +1 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"

recipes-connectivity/bind/bind_%.bbappend

@@ -1,13 +1 @@
-PR .= ".3"
-
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-
-SRC_URI += "file://volatiles.04_bind"
-
-do_install_append() {
-	install -d ${D}${sysconfdir}/default/volatiles
-	install -m 0644 ${WORKDIR}/volatiles.04_bind ${D}${sysconfdir}/default/volatiles/volatiles.04_bind
-
-	sed -i '/^\s*\/usr\/sbin\/rndc-confgen/a\
-	    [ -x /sbin/restorecon ] && /sbin/restorecon -F /etc/bind/rndc.key' ${D}${sysconfdir}/init.d/bind
-}
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-connectivity/bind/bind_selinux.inc

@@ -0,0 +1,11 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+SRC_URI += "file://volatiles.04_bind"
+
+do_install_append() {
+	install -d ${D}${sysconfdir}/default/volatiles
+	install -m 0644 ${WORKDIR}/volatiles.04_bind ${D}${sysconfdir}/default/volatiles/volatiles.04_bind
+
+	sed -i '/^\s*\/usr\/sbin\/rndc-confgen/a\
+	    [ -x /sbin/restorecon ] && /sbin/restorecon -F /etc/bind/rndc.key' ${D}${sysconfdir}/init.d/bind
+}

recipes-connectivity/dhcp/dhcp_%.bbappend

@@ -1,3 +1 @@
-inherit selinux
-
-FILESEXTRAPATHS_prepend := "${@target_selinux(d, '${THISDIR}/files:')}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-connectivity/dhcp/dhcp_selinux.inc

@@ -0,0 +1,3 @@
+inherit selinux
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"

recipes-connectivity/iproute2/iproute2_%.bbappend

@@ -1,9 +1 @@
-inherit with-selinux
-
-do_configure_append() {
-	if ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'true', 'false', d)}; then
-		sed -i 's/\(HAVE_SELINUX:=\).*/\1y/' ${B}/Config
-	else
-		sed -i 's/\(HAVE_SELINUX:=\).*/\1n/' ${B}/Config
-	fi
-}
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-connectivity/iproute2/iproute2_selinux.inc

@@ -0,0 +1,5 @@
+inherit with-selinux
+
+do_configure_append() {
+	sed -i 's/\(HAVE_SELINUX:=\).*/\1y/' ${B}/Config
+}

recipes-connectivity/openssh/openssh_%.bbappend

@@ -1,13 +1 @@
-PR .= ".5"
-
-inherit with-selinux
-
-FILESEXTRAPATHS_prepend := "${@target_selinux(d, '${THISDIR}/files:')}"
-
-# There is no distro feature just for audit.  If we want it,
-# uncomment the following.
-#
-#PACKAGECONFIG += "${@target_selinux(d, 'audit')}"
-
-PACKAGECONFIG[audit] = "--with-audit=linux,--without-audit,audit,"
-
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-connectivity/openssh/openssh_selinux.inc

@@ -0,0 +1,9 @@
+inherit with-selinux
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+# There is no distro feature just for audit.
+PACKAGECONFIG_append = " audit"
+
+PACKAGECONFIG[audit] = "--with-audit=linux,--without-audit,audit,"
+

recipes-core/busybox/busybox_%.bbappend

@@ -1,87 +1 @@
-PR .= ".1"
-
-FILES_${PN} += "${libdir}/${PN}"
-
-# We should use sh wrappers instead of links so the commands could get correct
-# security labels
-python create_sh_wrapper_reset_alternative_vars () {
-    # We need to load the full set of busybox provides from the /etc/busybox.links
-    # Use this to see the update-alternatives with the right information
-
-    dvar = d.getVar('D', True)
-    pn = d.getVar('PN', True)
-
-    def create_sh_alternative_vars(links, target, mode):
-        import shutil
-        # Create sh wrapper template
-        fwp = open("busybox_wrapper", 'w')
-        fwp.write("#!%s" % (target))
-        os.fchmod(fwp.fileno(), mode)
-        fwp.close()
-        # Install the sh wrappers and alternatives reset to link to them
-        wpdir = os.path.join(d.getVar('libdir', True), pn)
-        wpdir_dest = '%s%s' % (dvar, wpdir)
-        if not os.path.exists(wpdir_dest):
-            os.makedirs(wpdir_dest)
-        f = open('%s%s' % (dvar, links), 'r')
-        for alt_link_name in f:
-            alt_link_name = alt_link_name.strip()
-            alt_name = os.path.basename(alt_link_name)
-            # Copy script wrapper to wp_path
-            alt_wppath = '%s%s' % (wpdir, alt_link_name)
-            alt_wppath_dest = '%s%s' % (wpdir_dest, alt_link_name) 
-            alt_wpdir_dest = os.path.dirname(alt_wppath_dest)
-            if not os.path.exists(alt_wpdir_dest):
-                os.makedirs(alt_wpdir_dest)
-            shutil.copy2("busybox_wrapper", alt_wppath_dest)
-            # Re-set alternatives
-            # Match coreutils
-            if alt_name == '[':
-                alt_name = 'lbracket'
-            d.appendVar('ALTERNATIVE_%s' % (pn), ' ' + alt_name)
-            d.setVarFlag('ALTERNATIVE_LINK_NAME', alt_name, alt_link_name)
-            if os.path.exists(alt_wppath_dest):
-                d.setVarFlag('ALTERNATIVE_TARGET', alt_name, alt_wppath)
-        f.close()
-
-        os.remove("busybox_wrapper")
-        return
-
-    if os.path.exists('%s/etc/busybox.links' % (dvar)):
-        create_sh_alternative_vars("/etc/busybox.links", "/bin/busybox", 0o0755)
-    else:
-        create_sh_alternative_vars("/etc/busybox.links.nosuid", "/bin/busybox.nosuid", 0o0755)
-        create_sh_alternative_vars("/etc/busybox.links.suid", "/bin/busybox.suid", 0o4755)
-}
-
-# Add to PACKAGEBUILDPKGD so it could override the alternatives, which are set in
-# do_package_prepend() section of busybox_*.bb.
-PACKAGEBUILDPKGD_prepend = "create_sh_wrapper_reset_alternative_vars "
-
-# Use sh wrappers instead of links
-pkg_postinst_${PN} () {
-	# This part of code is dedicated to the on target upgrade problem.
-	# It's known that if we don't make appropriate symlinks before update-alternatives calls,
-	# there will be errors indicating missing commands such as 'sed'.
-	# These symlinks will later be updated by update-alternatives calls.
-	test -n 2 > /dev/null || alias test='busybox test'
-	if test "x$D" = "x"; then
-		# Remove busybox.nosuid if it's a symlink, because this situation indicates
-		# that we're installing or upgrading to a one-binary busybox.
-		if test -h /bin/busybox.nosuid; then
-			rm -f /bin/busybox.nosuid
-		fi
-		for suffix in "" ".nosuid" ".suid"; do
-			if test -e /etc/busybox.links$suffix; then
-				while read link; do
-					if test ! -e "$link"; then
-						# we can use busybox here because even if we are using splitted busybox
-						# we've made a symlink from /bin/busybox to /bin/busybox.nosuid.
-						busybox echo "#!/bin/busybox$suffix" > $link
-					fi
-				done < /etc/busybox.links$suffix
-			fi
-		done
-	fi
-}
-
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-core/busybox/busybox_selinux.inc

@@ -0,0 +1,85 @@
+FILES_${PN} += "${libdir}/${PN}"
+
+# We should use sh wrappers instead of links so the commands could get correct
+# security labels
+python create_sh_wrapper_reset_alternative_vars () {
+    # We need to load the full set of busybox provides from the /etc/busybox.links
+    # Use this to see the update-alternatives with the right information
+
+    dvar = d.getVar('D', True)
+    pn = d.getVar('PN', True)
+
+    def create_sh_alternative_vars(links, target, mode):
+        import shutil
+        # Create sh wrapper template
+        fwp = open("busybox_wrapper", 'w')
+        fwp.write("#!%s" % (target))
+        os.fchmod(fwp.fileno(), mode)
+        fwp.close()
+        # Install the sh wrappers and alternatives reset to link to them
+        wpdir = os.path.join(d.getVar('libdir', True), pn)
+        wpdir_dest = '%s%s' % (dvar, wpdir)
+        if not os.path.exists(wpdir_dest):
+            os.makedirs(wpdir_dest)
+        f = open('%s%s' % (dvar, links), 'r')
+        for alt_link_name in f:
+            alt_link_name = alt_link_name.strip()
+            alt_name = os.path.basename(alt_link_name)
+            # Copy script wrapper to wp_path
+            alt_wppath = '%s%s' % (wpdir, alt_link_name)
+            alt_wppath_dest = '%s%s' % (wpdir_dest, alt_link_name) 
+            alt_wpdir_dest = os.path.dirname(alt_wppath_dest)
+            if not os.path.exists(alt_wpdir_dest):
+                os.makedirs(alt_wpdir_dest)
+            shutil.copy2("busybox_wrapper", alt_wppath_dest)
+            # Re-set alternatives
+            # Match coreutils
+            if alt_name == '[':
+                alt_name = 'lbracket'
+            d.appendVar('ALTERNATIVE_%s' % (pn), ' ' + alt_name)
+            d.setVarFlag('ALTERNATIVE_LINK_NAME', alt_name, alt_link_name)
+            if os.path.exists(alt_wppath_dest):
+                d.setVarFlag('ALTERNATIVE_TARGET', alt_name, alt_wppath)
+        f.close()
+
+        os.remove("busybox_wrapper")
+        return
+
+    if os.path.exists('%s/etc/busybox.links' % (dvar)):
+        create_sh_alternative_vars("/etc/busybox.links", "/bin/busybox", 0o0755)
+    else:
+        create_sh_alternative_vars("/etc/busybox.links.nosuid", "/bin/busybox.nosuid", 0o0755)
+        create_sh_alternative_vars("/etc/busybox.links.suid", "/bin/busybox.suid", 0o4755)
+}
+
+# Add to PACKAGEBUILDPKGD so it could override the alternatives, which are set in
+# do_package_prepend() section of busybox_*.bb.
+PACKAGEBUILDPKGD_prepend = "create_sh_wrapper_reset_alternative_vars "
+
+# Use sh wrappers instead of links
+pkg_postinst_${PN} () {
+	# This part of code is dedicated to the on target upgrade problem.
+	# It's known that if we don't make appropriate symlinks before update-alternatives calls,
+	# there will be errors indicating missing commands such as 'sed'.
+	# These symlinks will later be updated by update-alternatives calls.
+	test -n 2 > /dev/null || alias test='busybox test'
+	if test "x$D" = "x"; then
+		# Remove busybox.nosuid if it's a symlink, because this situation indicates
+		# that we're installing or upgrading to a one-binary busybox.
+		if test -h /bin/busybox.nosuid; then
+			rm -f /bin/busybox.nosuid
+		fi
+		for suffix in "" ".nosuid" ".suid"; do
+			if test -e /etc/busybox.links$suffix; then
+				while read link; do
+					if test ! -e "$link"; then
+						# we can use busybox here because even if we are using splitted busybox
+						# we've made a symlink from /bin/busybox to /bin/busybox.nosuid.
+						busybox echo "#!/bin/busybox$suffix" > $link
+					fi
+				done < /etc/busybox.links$suffix
+			fi
+		done
+	fi
+}
+

recipes-core/coreutils/coreutils_%.bbappend

@@ -1 +1,2 @@
-inherit with-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}
+

recipes-core/dbus/dbus_%.bbappend

@@ -1 +1,2 @@
-inherit enable-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'enable-selinux', '', d)}
+

recipes-core/eudev/eudev_%.bbappend

@@ -1,3 +1,2 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}
 
-inherit enable-selinux

recipes-core/eudev/eudev_selinux.inc

@@ -0,0 +1,3 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+inherit enable-selinux

recipes-core/glib-2.0/glib-2.0_%.bbappend

@@ -1 +1 @@
-inherit enable-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'enable-selinux', '', d)}

recipes-core/initscripts/initscripts-1.0_selinux.inc

@@ -0,0 +1,11 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+do_install_append () {
+	cat <<-EOF >> ${D}${sysconfdir}/init.d/populate-volatile.sh
+touch /var/log/lastlog
+test ! -x /sbin/restorecon || /sbin/restorecon -iRF /var/volatile/ /var/lib /run \
+    /etc/resolv.conf /etc/adjtime
+EOF
+	sed -i '/mount -n -o remount,$rootmode/i\test ! -x /sbin/restorecon || /sbin/restorecon -iRF /run' \
+	    ${D}${sysconfdir}/init.d/checkroot.sh
+}

recipes-core/initscripts/initscripts_1.0.bbappend

@@ -1,13 +1 @@
-PR .= ".3"
-
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-do_install_append () {
-	cat <<-EOF >> ${D}${sysconfdir}/init.d/populate-volatile.sh
-touch /var/log/lastlog
-test ! -x /sbin/restorecon || /sbin/restorecon -iRF /var/volatile/ /var/lib /run \
-    /etc/resolv.conf /etc/adjtime
-EOF
-	sed -i '/mount -n -o remount,$rootmode/i\test ! -x /sbin/restorecon || /sbin/restorecon -iRF /run' \
-	    ${D}${sysconfdir}/init.d/checkroot.sh
-}
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'initscripts-1.0_selinux.inc', '', d)}

recipes-core/libcgroup/libcgroup_%.bbappend

@@ -1,12 +1 @@
-PR .= ".3"
-
-EXTRA_OECONF_virtclass-native = "--enable-pam=no"
-
-do_install_append() {
-	test ! -f ${D}${base_libdir}/security/pam_cgroup.so.0.0.0 || {
-		mv -f ${D}${base_libdir}/security/pam_cgroup.so.0.0.0 ${D}${base_libdir}/security/pam_cgroup.so
-		rm -f ${D}${base_libdir}/security/pam_cgroup.so.*
-	}
-}
-
-BBCLASSEXTEND = "native"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-core/libcgroup/libcgroup_selinux.inc

@@ -0,0 +1,10 @@
+EXTRA_OECONF_virtclass-native = "--enable-pam=no"
+
+do_install_append() {
+	test ! -f ${D}${base_libdir}/security/pam_cgroup.so.0.0.0 || {
+		mv -f ${D}${base_libdir}/security/pam_cgroup.so.0.0.0 ${D}${base_libdir}/security/pam_cgroup.so
+		rm -f ${D}${base_libdir}/security/pam_cgroup.so.*
+	}
+}
+
+BBCLASSEXTEND = "native"

recipes-core/systemd/systemd_%.bbappend

@@ -1 +1 @@
-inherit enable-audit
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'enable-audit', '', d)}

recipes-core/sysvinit/sysvinit-2.88dsf_selinux.inc

@@ -0,0 +1,11 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+B = "${S}"
+
+SRC_URI += "file://sysvinit-fix-is_selinux_enabled.patch"
+
+inherit selinux
+
+DEPENDS += "${LIBSELINUX}"
+
+EXTRA_OEMAKE += "${@target_selinux(d, 'WITH_SELINUX=\"yes\"')}"

recipes-core/sysvinit/sysvinit_2.88dsf.bbappend

@@ -1,14 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}-${PV}:"
-
-B = "${S}"
-
-SRC_URI += "file://sysvinit-fix-is_selinux_enabled.patch"
-
-inherit selinux
-
-DEPENDS += "${LIBSELINUX}"
-
-EXTRA_OEMAKE += "${@target_selinux(d, 'WITH_SELINUX=\"yes\"')}"
-
-PR .= ".2"
-
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'sysvinit-2.88dsf_selinux.inc', '', d)}

recipes-core/util-linux/util-linux_%.bbappend

@@ -1,3 +1 @@
-PR .= ".3"
-
-inherit with-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}

recipes-devtools/e2fsprogs/e2fsprogs_%.bbappend

@@ -1,2 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-SRC_URI += "file://misc_create_inode.c-label_rootfs.patch"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-devtools/e2fsprogs/e2fsprogs_selinux.inc

@@ -0,0 +1,3 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+SRC_URI += "file://misc_create_inode.c-label_rootfs.patch"

recipes-devtools/prelink/prelink_git.bbappend

@@ -1,3 +1 @@
-PR .= ".2"
-
-inherit enable-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'enable-selinux', '', d)}

recipes-devtools/python/python_%.bbappend

@@ -1,3 +1 @@
-inherit selinux
-# If selinux enabled, disable handlers to rw command history file
-FILESEXTRAPATHS_prepend := "${@target_selinux(d, '${THISDIR}/${PN}:')}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-devtools/python/python_selinux.inc

@@ -0,0 +1,5 @@
+# If selinux enabled, disable handlers to rw command history file
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+inherit selinux
+

recipes-devtools/rpm/rpm_%.bbappend

@@ -1,4 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-inherit with-selinux
-PACKAGECONFIG[selinux] = "${WITH_SELINUX},${WITHOUT_SELINUX},libsemanage,"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-devtools/rpm/rpm_selinux.inc

@@ -0,0 +1,2 @@
+inherit with-selinux
+PACKAGECONFIG[selinux] = "${WITH_SELINUX},${WITHOUT_SELINUX},libsemanage,"

recipes-extended/at/at_%.bbappend

@@ -1 +1 @@
-inherit with-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}

recipes-extended/cronie/cronie_%.bbappend

@@ -1,3 +1,2 @@
-PR .= ".2"
-
-inherit with-selinux with-audit
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-audit', '', d)}
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}

recipes-extended/findutils/findutils_4.6.%.bbappend

@@ -1,2 +1 @@
-inherit with-selinux
-
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}

recipes-extended/logrotate/logrotate_%.bbappend

@@ -1,5 +1 @@
-inherit selinux
-
-DEPENDS += "${LIBSELINUX}"
-
-EXTRA_OEMAKE += "${@target_selinux(d, 'WITH_SELINUX=\"yes\"')}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-extended/logrotate/logrotate_selinux.inc

@@ -0,0 +1,5 @@
+inherit selinux
+
+DEPENDS += "${LIBSELINUX}"
+
+EXTRA_OEMAKE += "${@target_selinux(d, 'WITH_SELINUX=\"yes\"')}"

recipes-extended/lsof/lsof_%.bbappend

@@ -1,16 +1 @@
-PR .= ".2"
-
-inherit selinux
-
-DEPENDS += "${LIBSELINUX}"
-
-do_configure_prepend () {
-	export LINUX_HASSELINUX="${@target_selinux(d, 'Y', 'N')}"
-	export LSOF_CFGF="${CFLAGS}"
-	export LSOF_CFGL="${LDFLAGS}"
-	export LSOF_CC="${BUILD_CC}"
-}
-
-do_compile () {
-	oe_runmake 'CC=${CC}' 'DEBUG='
-}
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-extended/lsof/lsof_selinux.inc

@@ -0,0 +1,14 @@
+inherit selinux
+
+DEPENDS += "${LIBSELINUX}"
+
+do_configure_prepend () {
+	export LINUX_HASSELINUX="${@target_selinux(d, 'Y', 'N')}"
+	export LSOF_CFGF="${CFLAGS}"
+	export LSOF_CFGL="${LDFLAGS}"
+	export LSOF_CC="${BUILD_CC}"
+}
+
+do_compile () {
+	oe_runmake 'CC=${CC}' 'DEBUG='
+}

recipes-extended/net-tools/net-tools_%.bbappend

@@ -1,11 +1 @@
-PR .= ".2"
-
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-SRC_URI += "file://netstat-selinux-support.patch"
-
-inherit selinux
-
-DEPENDS += "${LIBSELINUX}"
-
-EXTRA_OEMAKE += "${@target_selinux(d, 'HAVE_SELINUX=1', 'HAVE_SELINUX=0')}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-extended/net-tools/net-tools_selinux.inc

@@ -0,0 +1,9 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+SRC_URI += "file://netstat-selinux-support.patch"
+
+inherit selinux
+
+DEPENDS += "${LIBSELINUX}"
+
+EXTRA_OEMAKE += "${@target_selinux(d, 'HAVE_SELINUX=1', 'HAVE_SELINUX=0')}"

recipes-extended/pam/libpam_%.bbappend

@@ -1,3 +1 @@
-inherit enable-selinux
-
-RDEPENDS_${PN}-runtime += "${@target_selinux(d, 'pam-plugin-selinux')}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-extended/pam/libpam_selinux.inc

@@ -0,0 +1,3 @@
+inherit enable-selinux
+
+RDEPENDS_${PN}-runtime += "${@target_selinux(d, 'pam-plugin-selinux')}"

recipes-extended/parted/parted_%.bbappend

@@ -1,3 +1 @@
-PR .= ".2"
-
-inherit enable-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'enable-selinux', '', d)}

recipes-extended/psmisc/psmisc_%.bbappend

@@ -1,5 +1 @@
-PR .= ".2"
-
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-inherit enable-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'enable-selinux', '', d)}

recipes-extended/sed/sed_4.2.2.bbappend

@@ -1,3 +1 @@
-PR .= ".3"
-
-inherit with-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}

recipes-extended/shadow/shadow_%.bbappend

@@ -1,7 +1 @@
-PR .= ".1"
-
-inherit with-selinux with-audit
-
-PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux libsemanage,"
-
-FILESEXTRAPATHS_prepend := "${@target_selinux(d, '${THISDIR}/files:')}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-extended/shadow/shadow_selinux.inc

@@ -0,0 +1,6 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+inherit with-selinux with-audit
+
+PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux libsemanage,"
+

recipes-extended/sudo/sudo_%.bbappend

@@ -1,3 +1 @@
-PR .= ".2"
-
-inherit with-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'with-selinux', '', d)}

recipes-extended/sysklogd/sysklogd_%.bbappend

@@ -1 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-extended/sysklogd/sysklogd_selinux.inc

@@ -0,0 +1 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"

recipes-extended/tar/tar_%.bbappend

@@ -1,6 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-inherit with-selinux
-
-
-PACKAGECONFIG += "${@bb.utils.contains('DISTRO_FEATURES', 'acl', 'acl', '', d)}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-extended/tar/tar_selinux.inc

@@ -0,0 +1,3 @@
+inherit with-selinux
+
+PACKAGECONFIG_append = "${@bb.utils.contains('DISTRO_FEATURES', 'acl', ' acl', '', d)}"

recipes-graphics/mesa/mesa_%.bbappend

@@ -1,6 +1,2 @@
-inherit enable-selinux
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}
 
-# But wait!  There's more!  mesa builds a host program named builtin_compiler
-# and it needs selinux, too.  We replace the PACKAGECONFIG[] in the bbclass.
-#
-PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux libselinux-native,"

recipes-graphics/mesa/mesa_selinux.inc

@@ -0,0 +1,6 @@
+inherit enable-selinux
+
+# But wait!  There's more!  mesa builds a host program named builtin_compiler
+# and it needs selinux, too.  We replace the PACKAGECONFIG[] in the bbclass.
+#
+PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux libselinux-native,"

recipes-graphics/xcb/libxcb_%.bbappend

@@ -1,8 +1 @@
-PR .= ".1"
-
-inherit enable-selinux
-# libxcb-xselinux will not build with libselinux, so remove the depend
-PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,,"
-
-PACKAGES += "${PN}-xselinux"
-FILES_${PN}-xselinux += "${libdir}/libxcb-xselinux.so.*"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-graphics/xcb/libxcb_selinux.inc

@@ -0,0 +1,6 @@
+inherit enable-selinux
+# libxcb-xselinux will not build with libselinux, so remove the depend
+PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,,"
+
+PACKAGES += "${PN}-xselinux"
+FILES_${PN}-xselinux += "${libdir}/libxcb-xselinux.so.*"

recipes-kernel/linux/linux-yocto_4.%.bbappend

@@ -1,8 +1 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-# Enable selinux support in the kernel if the feature is enabled
-SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'file://selinux.cfg', '', d)}"
-
-# For inconsistent kallsyms data bug on ARM
-# http://lists.infradead.org/pipermail/linux-arm-kernel/2012-March/thread.html#89718
-EXTRA_OEMAKE += "${@bb.utils.contains('TARGET_ARCH', 'arm', ' KALLSYMS_EXTRA_PASS=1', '', d)}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-kernel/linux/linux-yocto_selinux.inc

@@ -0,0 +1,4 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+# Enable selinux support in the kernel if the feature is enabled
+SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'file://selinux.cfg', '', d)}"

recipes-kernel/perf/perf.bbappend

@@ -1 +1,2 @@
-DEPENDS += " ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'audit', '', d)}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}
+

recipes-kernel/perf/perf_selinux.inc

@@ -0,0 +1 @@
+DEPENDS .= "${@bb.utils.contains('DISTRO_FEATURES', 'selinux', ' audit', '', d)}"

recipes-support/attr/attr_%.bbappend

@@ -1,5 +1 @@
-inherit selinux
-
-FILESEXTRAPATHS_prepend := "${THISDIR}/${BPN}:"
-
-SRC_URI += "${@target_selinux(d, 'file://fix-ptest-failures-when-selinux-enabled.patch')}"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-support/attr/attr_selinux.inc

@@ -0,0 +1,5 @@
+inherit selinux
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+SRC_URI += "file://fix-ptest-failures-when-selinux-enabled.patch"

recipes-support/gnupg/gnupg_2.%.bbappend

@@ -1,3 +1 @@
-inherit enable-selinux
-# gnupg will not build with libselinux, so remove the depend
-PACKAGECONFIG[selinux] = "--enable-selinux-support,--disable-selinux-support,,"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-support/gnupg/gnupg_selinux.inc

@@ -0,0 +1,3 @@
+inherit enable-selinux
+# gnupg will not build with libselinux, so remove the depend
+PACKAGECONFIG[selinux] = "--enable-selinux-support,--disable-selinux-support,,"

recipes-support/libpcre/libpcre_%.bbappend

@@ -1,14 +1 @@
-PR .= "9"
-
-do_install_append () {
-	if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
-		realsofile=`readlink ${D}${libdir}/libpcre.so`
-		mkdir -p ${D}/${base_libdir}/
-		mv -f ${D}${libdir}/libpcre.so.* ${D}${base_libdir}/
-		relpath=${@os.path.relpath("${base_libdir}", "${libdir}")}
-		ln -sf ${relpath}/${realsofile} ${D}${libdir}/libpcre.so
-		ln -sf ${relpath}/${realsofile} ${D}${libdir}/libpcre.so.1
-	fi
-}
-
-FILES_${PN} += "${base_libdir}/libpcre.so.*"
+require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}

recipes-support/libpcre/libpcre_selinux.inc

@@ -0,0 +1,12 @@
+do_install_append () {
+	if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
+		realsofile=`readlink ${D}${libdir}/libpcre.so`
+		mkdir -p ${D}/${base_libdir}/
+		mv -f ${D}${libdir}/libpcre.so.* ${D}${base_libdir}/
+		relpath=${@os.path.relpath("${base_libdir}", "${libdir}")}
+		ln -sf ${relpath}/${realsofile} ${D}${libdir}/libpcre.so
+		ln -sf ${relpath}/${realsofile} ${D}${libdir}/libpcre.so.1
+	fi
+}
+
+FILES_${PN} += "${base_libdir}/libpcre.so.*"

virtualization-layer/recipes-containers/lxc/lxc_%.bbappend

@@ -1 +1 @@
-inherit enable-selinux
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'enable-selinux', '', d)}