]> git.proxmox.com Git - mirror_lxc.git/blobdiff - configure.ac
projects / mirror_lxc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
refactor AppArmor into LSM backend, add SELinux support
[mirror_lxc.git] / configure.ac
diff --git a/configure.ac b/configure.ac
index 6c74dcda9b150c5fde0afe42b0b5f2bd409494e2..92a4690dcad402a9ededeffc95de0b59f55b98d3 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -52,6 +52,7 @@ esac
 AC_MSG_RESULT([$with_distro])
 AM_CONDITIONAL([HAVE_DEBIAN], [test x"$with_distro" = "xdebian" -o x"$with_distro" = "xubuntu"])
 
+# Detect the newuidmap tool (required for userns)
 AC_CHECK_PROG([NEWUIDMAP], [newuidmap], [newuidmap])
 AM_CONDITIONAL([HAVE_NEWUIDMAP], [test -n "$NEWUIDMAP"])
 
@@ -90,6 +91,7 @@ if test "x$enable_doc" = "xyes" -o "x$enable_doc" = "xauto"; then
        AC_SUBST(db2xman)
 fi
 AM_CONDITIONAL([ENABLE_DOCBOOK], [test "x$db2xman" != "x"])
+AM_CONDITIONAL([USE_DOCBOOK2X], [test "x$db2xman" != "xdocbook2man"])
 
 if test "x$db2xman" = "xdocbook2man"; then
        docdtd="\"-//Davenport//DTD DocBook V3.0//EN\""
@@ -115,6 +117,20 @@ AM_COND_IF([ENABLE_APPARMOR],
        AC_CHECK_LIB([apparmor], [aa_change_profile],[],[AC_MSG_ERROR([You must install the AppArmor development package in order to compile lxc])])
        AC_SUBST([APPARMOR_LIBS], [-lapparmor])])
 
+# SELinux
+AC_ARG_ENABLE([selinux],
+       [AC_HELP_STRING([--enable-selinux], [enable SELinux support])],
+       [], [enable_selinux=check])
+
+if test "x$enable_selinux" = xcheck; then
+       AC_CHECK_LIB([selinux],[setexeccon_raw],[enable_selinux=yes],[enable_selinux=no])
+fi
+AM_CONDITIONAL([ENABLE_SELINUX], [test "x$enable_selinux" = "xyes"])
+AM_COND_IF([ENABLE_SELINUX],
+       [AC_CHECK_HEADER([selinux/selinux.h],[],[AC_MSG_ERROR([You must install the SELinux development package in order to compile lxc])])
+       AC_CHECK_LIB([selinux], [setexeccon_raw],[],[AC_MSG_ERROR([You must install the SELinux development package in order to compile lxc])])
+       AC_SUBST([SELINUX_LIBS])])
+
 # Seccomp syscall filter
 AC_ARG_ENABLE([seccomp],
        [AC_HELP_STRING([--enable-seccomp], [enable seccomp])],
@@ -242,12 +258,14 @@ AC_ARG_WITH([global-conf],
                [global lxc configuration file]
        )], [], [with_global_conf=['${sysconfdir}/lxc/lxc.conf']])
 
+# The path of the userns network configuration file
 AC_ARG_WITH([usernic-conf],
        [AC_HELP_STRING(
                [--with-usernic-conf],
                [user network interface configuration file]
        )], [], [with_usernic_conf=['${sysconfdir}/lxc/lxc-usernet']])
 
+# The path of the runtime usernic database
 AC_ARG_WITH([usernic-db],
        [AC_HELP_STRING(
                [--with-usernic-db],
@@ -260,6 +278,7 @@ AC_ARG_WITH([rootfs-path],
                [--with-rootfs-path=dir],
                [lxc rootfs mount point]
        )], [], [with_rootfs_path=['${libdir}/lxc/rootfs']])
+
 # cgroup pattern specification
 AC_ARG_WITH([cgroup-pattern],
        [AC_HELP_STRING(
LXC mirror