blob: a18889323425297ee726d817a41bdad4eacdf36d [file] [log] [blame]
# Copyright 2016 The Chromium OS Authors. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
EAPI=7
CROS_WORKON_COMMIT="57779f9c27d62896f66cced9cc88443ae9585372"
CROS_WORKON_TREE=("52a8a8b6d3bbca5e90d4761aa308a5541d52b1bb" "53114cf4ab5fd4c8cbb60c2e336fa2b47d7c62bc" "560dcfaf6405fec1de4abaf84150869126113ac7" "e7dba8c91c1f3257c34d4a7ffff0ea2537aeb6bb")
CROS_WORKON_INCREMENTAL_BUILD=1
CROS_WORKON_LOCALNAME="platform2"
CROS_WORKON_PROJECT="chromiumos/platform2"
CROS_WORKON_OUTOFTREE_BUILD=1
# TODO(crbug.com/809389): Avoid directly including headers from other packages.
CROS_WORKON_SUBTREE="common-mk authpolicy metrics .gn"
PLATFORM_SUBDIR="authpolicy"
inherit cros-workon platform user
DESCRIPTION="Provides authentication to LDAP and fetching device/user policies"
HOMEPAGE="https://chromium.googlesource.com/chromiumos/platform2/+/master/authpolicy/"
LICENSE="BSD-Google"
SLOT="0/0"
KEYWORDS="*"
IUSE="+samba asan fuzzer"
COMMMON_DEPEND="
app-crypt/mit-krb5:=
chromeos-base/libbrillo:=[asan?,fuzzer?]
>=chromeos-base/metrics-0.0.1-r3152:=
>=chromeos-base/minijail-0.0.1-r1477:=
dev-libs/protobuf:=
samba? ( >=net-fs/samba-4.5.3-r6:= )
sys-apps/dbus:=
sys-libs/libcap:=
"
RDEPEND="${COMMMON_DEPEND}"
DEPEND="
${COMMMON_DEPEND}
>=chromeos-base/protofiles-0.0.39:=
chromeos-base/session_manager-client:=
chromeos-base/system_api:=[fuzzer?]
"
pkg_setup() {
# Has to be done in pkg_setup() instead of pkg_preinst() since
# src_install() needs authpolicyd.
enewuser "authpolicyd"
enewgroup "authpolicyd"
enewuser "authpolicyd-exec"
enewgroup "authpolicyd-exec"
cros-workon_pkg_setup
}
src_install() {
dosbin "${OUT}"/authpolicyd
dosbin "${OUT}"/authpolicy_parser
insinto /etc/dbus-1/system.d
doins etc/dbus-1/org.chromium.AuthPolicy.conf
insinto /etc/init
doins etc/init/authpolicyd.conf
insinto /usr/share/policy
doins seccomp_filters/*.policy
insinto /usr/share/cros/startup/process_management_policies
doins setuid_restrictions/authpolicyd_whitelist.txt
# Create daemon store folder prototype, see
# https://chromium.googlesource.com/chromiumos/docs/+/master/sandboxing.md#securely-mounting-cryptohome-daemon-store-folders
local daemon_store="/etc/daemon-store/authpolicyd"
dodir "${daemon_store}"
fperms 0700 "${daemon_store}"
fowners authpolicyd:authpolicyd "${daemon_store}"
platform_fuzzer_install "${S}"/OWNERS "${OUT}"/preg_parser_fuzzer \
--dict "${S}"/policy/testdata/preg_parser_fuzzer.dict
}
platform_pkg_test() {
local tests=(
authpolicy_test
)
local test_bin
for test_bin in "${tests[@]}"; do
platform_test "run" "${OUT}/${test_bin}"
done
platform_fuzzer_test "${OUT}"/preg_parser_fuzzer
}