[Buildroot] [git commit] package/usbguard: new package
Arnout Vandecappelle
arnout at mind.be
Thu Jun 17 08:04:36 UTC 2021
On 16/06/2021 23:58, Thomas Petazzoni wrote:
> Hello,
>
> Didn't had the time to review the original patch, but here are some
> comments.
Oops, seems I did a very sucky review myself...
>
> On Wed, 16 Jun 2021 23:38:54 +0200
> Arnout Vandecappelle (Essensium/Mind) <arnout at mind.be> wrote:
>
>> +USBGUARD_VERSION = 1.0.0
>> +USBGUARD_SITE = https://github.com/USBGuard/usbguard/releases/download/usbguard-$(USBGUARD_VERSION)
>> +USBGUARD_LICENSE = GPL-2.0+
>> +USBGUARD_LICENSE_FILES = LICENSE
>> +USBGUARD_CONF_OPTS= --with-bundled-catch --with-bundled-pegtl \
>> + --disable-debug-build --without-dbus --without-polkit \
>> + --disable-seccomp --disable-umockdev --disable-systemd
>
> --disable-seccomp should go in the seccomp conditional below.
>
> --disable-systemd should go in the systemd conditional below.
>
> Nit: missing space before the "=" sign
Hm, check-package should have caught this... I'll look into an update of
check-package.
Regards,
Arnout
>> +
>> +USBGUARD_DEPENDENCIES += libqb protobuf
>
> Should be a "=" sign.
>
>> +
>> +ifeq ($(BR2_PACKAGE_LIBOPENSSL),y)
>> +USBGUARD_CONF_OPTS += --with-crypto-library=openssl
>> +USBGUARD_DEPENDENCIES += libopenssl
>> +endif
>> +ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
>> +USBGUARD_CONF_OPTS += --with-crypto-library=gcrypt
>> +USBGUARD_DEPENDENCIES += libgcrypt
>> +endif
>> +ifeq ($(BR2_PACKAGE_LIBSODIUM),y)
>> +USBGUARD_CONF_OPTS += --with-crypto-library=sodium
>> +USBGUARD_DEPENDENCIES += libsodium
>> +endif
>
> Based on the --with-crypto-library= option name, it seems like these
> are mutually exclusive choice, so it should be a chain of if .. else
> ifeq ... else ifeq ... else ifeq ... endif.
>
>> +
>> +ifeq ($(BR2_PACKAGE_SYSTEMD),y)
>> +USBGUARD_CONF_OPTS += --enable-systemd
>> +USBGUARD_DEPENDENCIES += systemd
>
> else
> USBGUARD_CONF_OPTS += --disable-systemd
>
>> +endif
>> +
>> +ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
>> +USBGUARD_CONF_OPTS += --enable-seccomp
>> +USBGUARD_DEPENDENCIES += libseccomp
>
> else
> USBGUARD_CONF_OPTS += --disable-seccomp
>
>> +endif
>> +
>> +ifeq ($(BR2_PACKAGE_LIBCAP_NG),y)
>> +USBGUARD_CONF_OPTS += --enable-libcapng
>> +USBGUARD_DEPENDENCIES += libcap-ng
>
> else
> USBGUARD_CONF_OPTS += --disable-libcapng
>
>> +endif
>
> Also, I think it should have been good to explain why we are using
> bundled versions of "catch" and "pegtl", as we normally don't like
> bundled libraries in Buildroot packaging.
>
> Thomas
>
More information about the buildroot
mailing list