diff options
| author | Lennart Poettering <lennart@poettering.net> | 2014-02-18 22:14:00 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2014-02-18 22:14:00 +0100 |
| commit | e9642be2cce7f5e90406980092a6f71f504a16af (patch) | |
| tree | 261c0a274329240ef9c79f618f28fcb51f0a6a07 /Makefile.am | |
| parent | f3d5485b805de60ee71810eeb58e82d44ce24fe1 (diff) | |
seccomp: add helper call to add all secondary archs to a seccomp filter
And make use of it where appropriate for executing services and for
nspawn.
Diffstat (limited to 'Makefile.am')
| -rw-r--r-- | Makefile.am | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/Makefile.am b/Makefile.am index 83c70a63e2..1a7f9fb5b0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -196,7 +196,6 @@ AM_CPPFLAGS = \ -I $(top_srcdir)/src/libsystemd/sd-bus \ -I $(top_srcdir)/src/libsystemd/sd-event \ -I $(top_srcdir)/src/libsystemd/sd-rtnl \ - $(SECCOMP_CFLAGS) \ $(OUR_CPPFLAGS) AM_CFLAGS = $(OUR_CFLAGS) @@ -771,12 +770,6 @@ nodist_libsystemd_shared_la_SOURCES = \ src/shared/errno-from-name.h \ src/shared/errno-to-name.h -if HAVE_SECCOMP -libsystemd_shared_la_SOURCES += \ - src/shared/seccomp-util.h \ - src/shared/seccomp-util.c -endif - # ------------------------------------------------------------------------------ noinst_LTLIBRARIES += \ libsystemd-units.la @@ -817,6 +810,26 @@ libsystemd_label_la_LIBADD = \ $(SELINUX_LIBS) # ------------------------------------------------------------------------------ + +if HAVE_SECCOMP + +noinst_LTLIBRARIES += \ + libsystemd-seccomp.la + +libsystemd_seccomp_la_SOURCES = \ + src/shared/seccomp-util.h \ + src/shared/seccomp-util.c + +libsystemd_seccomp_la_CFLAGS = \ + $(AM_CFLAGS) \ + $(SECCOMP_CFLAGS) + +libsystemd_seccomp_la_LIBADD = \ + $(SECCOMP_LIBS) + +endif + +# ------------------------------------------------------------------------------ noinst_LTLIBRARIES += \ libsystemd-logs.la @@ -999,6 +1012,7 @@ libsystemd_core_la_CFLAGS = \ $(LIBWRAP_CFLAGS) \ $(PAM_CFLAGS) \ $(AUDIT_CFLAGS) \ + $(CAP_CFLAGS) \ $(KMOD_CFLAGS) \ $(SECCOMP_CFLAGS) \ -pthread @@ -1015,8 +1029,13 @@ libsystemd_core_la_LIBADD = \ $(PAM_LIBS) \ $(AUDIT_LIBS) \ $(CAP_LIBS) \ - $(SECCOMP_LIBS) \ - $(KMOD_LIBS) + $(KMOD_LIBS) \ + $(SECCOMP_LIBS) + +if HAVE_SECCOMP +libsystemd_core_la_LIBADD += \ + libsystemd-seccomp.la +endif src/core/load-fragment-gperf-nulstr.c: src/core/load-fragment-gperf.gperf $(AM_V_at)$(MKDIR_P) $(dir $@) @@ -1846,6 +1865,10 @@ systemd_nspawn_SOURCES = \ src/core/loopback-setup.c \ src/core/loopback-setup.h +systemd_nspawn_CFLAGS = \ + $(AM_CFLAGS) \ + $(SECCOMP_CFLAGS) + systemd_nspawn_LDADD = \ libsystemd-label.la \ libsystemd-capability.la \ @@ -1853,6 +1876,7 @@ systemd_nspawn_LDADD = \ libsystemd-daemon-internal.la \ libudev-internal.la \ libsystemd-shared.la \ + libsystemd-seccomp.la \ $(SECCOMP_LIBS) # ------------------------------------------------------------------------------ |