|
Packit Bot |
61bab5 |
cmake_minimum_required(VERSION 2.8...3.19)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# Inspired and referenced from https://blog.kitware.com/cmake-and-the-default-build-type
|
|
Packit |
517ee8 |
if(NOT CMAKE_BUILD_TYPE AND NOT CMAKE_CONFIGURATION_TYPES)
|
|
Packit |
517ee8 |
message(STATUS "Setting build type to 'Release' as none was specified.")
|
|
Packit |
517ee8 |
set(CMAKE_BUILD_TYPE Release CACHE STRING "Choose the type of build." FORCE)
|
|
Packit |
517ee8 |
set_property(CACHE CMAKE_BUILD_TYPE PROPERTY STRINGS "Debug" "Release"
|
|
Packit |
517ee8 |
"MinSizeRel" "RelWithDebInfo")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
project("openscap")
|
|
Packit |
517ee8 |
set(OPENSCAP_VERSION_MAJOR "1")
|
|
Packit |
517ee8 |
set(OPENSCAP_VERSION_MINOR "3")
|
|
Packit Bot |
61bab5 |
set(OPENSCAP_VERSION_PATCH "5")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
if(OPENSCAP_VERSION_SUFFIX)
|
|
Packit |
517ee8 |
set(OPENSCAP_VERSION "${OPENSCAP_VERSION_MAJOR}.${OPENSCAP_VERSION_MINOR}.${OPENSCAP_VERSION_PATCH}_${OPENSCAP_VERSION_SUFFIX}")
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
set(OPENSCAP_VERSION "${OPENSCAP_VERSION_MAJOR}.${OPENSCAP_VERSION_MINOR}.${OPENSCAP_VERSION_PATCH}")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# libtool versioning
|
|
Packit |
517ee8 |
# See http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91 for details
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
## increment if the interface has additions, changes, removals.
|
|
Packit Bot |
61bab5 |
set(LT_CURRENT 29)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
## increment any time the source changes; set 0 to if you increment CURRENT
|
|
Packit |
517ee8 |
set(LT_REVISION 0)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
## increment if any interfaces have been added; set to 0
|
|
Packit |
517ee8 |
## if any interfaces have been changed or removed. removal has
|
|
Packit |
517ee8 |
## precedence over adding, so set to 0 if both happened.
|
|
Packit Bot |
61bab5 |
set(LT_AGE 4)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
math(EXPR LT_CURRENT_MINUS_AGE "${LT_CURRENT} - ${LT_AGE}")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
set(SONAME ${LT_CURRENT_MINUS_AGE}.${LT_AGE}.${LT_REVISION})
|
|
Packit |
517ee8 |
set(SOVERSION ${LT_CURRENT_MINUS_AGE})
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} "${CMAKE_SOURCE_DIR}/cmake/")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "OpenSCAP ${OPENSCAP_VERSION}")
|
|
Packit |
517ee8 |
message(STATUS "(see ${CMAKE_SOURCE_DIR}/docs/developer/developer.adoc for build instructions)")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# Strictly speaking in-source will work but will be very messy, let's
|
|
Packit |
517ee8 |
# discourage our users from using them
|
|
Packit |
517ee8 |
if ("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
|
|
Packit |
517ee8 |
message(FATAL_ERROR "In-source builds are not supported! Please use out of source builds:\n"
|
|
Packit |
517ee8 |
"$ cd openscap\n"
|
|
Packit |
517ee8 |
"$ rm CMakeCache.txt\n"
|
|
Packit |
517ee8 |
"$ cd build\n"
|
|
Packit |
517ee8 |
"$ cmake ../\n"
|
|
Packit |
517ee8 |
"$ make -j4"
|
|
Packit |
517ee8 |
)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# In Microsoft Visual Studio, store built binaries to a single directory.
|
|
Packit |
517ee8 |
# We need to build all the binaries in a single directory on Windows, because
|
|
Packit |
517ee8 |
# vcpkg tool fails to fetch dependent DLLs (libxml, libcurl, etc.) if
|
|
Packit |
517ee8 |
# oscap.exe is build to a different directory than openscap.dll.
|
|
Packit |
517ee8 |
# See the discussion in https://github.com/Microsoft/vcpkg/issues/1002
|
|
Packit |
517ee8 |
if(MSVC)
|
|
Packit |
517ee8 |
set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR})
|
|
Packit |
517ee8 |
set(CMAKE_PDB_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR})
|
|
Packit |
517ee8 |
set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR})
|
|
Packit |
517ee8 |
set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR})
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- INCLUDES CMAKE MODULES
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
include(GNUInstallDirs)
|
|
Packit |
517ee8 |
include(FindPkgConfig)
|
|
Packit |
517ee8 |
include(CheckLibraryExists)
|
|
Packit |
517ee8 |
include(CheckFunctionExists)
|
|
Packit |
517ee8 |
include(CheckIncludeFile)
|
|
Packit Service |
deda86 |
include(CheckIncludeFiles)
|
|
Packit |
517ee8 |
include(CheckCSourceCompiles)
|
|
Packit |
517ee8 |
include(CMakeDependentOption)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- DEPENDENCIES
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(ACL)
|
|
Packit |
517ee8 |
if(ACL_FOUND)
|
|
Packit |
517ee8 |
check_library_exists("${ACL_LIBRARY}" acl_extended_file "" HAVE_ACL_EXTENDED_FILE)
|
|
Packit |
517ee8 |
check_include_file(acl/libacl.h HAVE_ACL_LIBACL_H)
|
|
Packit |
517ee8 |
check_include_file(sys/acl.h HAVE_SYS_ACL_H)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(AptPkg)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(Blkid)
|
|
Packit |
517ee8 |
if(BLKID_FOUND)
|
|
Packit |
517ee8 |
check_library_exists("${BLKID_LIBRARY}" blkid_get_tag_value "" HAVE_BLKID_GET_TAG_VALUE)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(Cap)
|
|
Packit |
517ee8 |
if(CAP_FOUND)
|
|
Packit |
517ee8 |
check_library_exists("${CAP_LIBRARIES}" cap_get_pid "" HAVE_CAP_GET_PID)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(CURL)
|
|
Packit Bot |
61bab5 |
find_package(DBUS)
|
|
Packit |
517ee8 |
find_package(Doxygen)
|
|
Packit |
517ee8 |
find_package(GConf)
|
|
Packit |
517ee8 |
find_package(Ldap)
|
|
Packit |
517ee8 |
find_package(OpenDbx)
|
|
Packit |
517ee8 |
find_package(PCRE REQUIRED)
|
|
Packit |
517ee8 |
find_package(PerlLibs)
|
|
Packit |
517ee8 |
find_package(Popt)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(Procps)
|
|
Packit |
517ee8 |
if(PROCPS_FOUND)
|
|
Packit |
517ee8 |
check_library_exists("${PROCPS_LIBRARY}" dev_to_tty "" HAVE_DEV_TO_TTY)
|
|
Packit |
517ee8 |
check_include_file(proc/devname.h HAVE_PROC_DEVNAME_H)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# According to CMake documentation:
|
|
Packit |
517ee8 |
# https://cmake.org/cmake/help/latest/module/FindPythonInterp.html
|
|
Packit |
517ee8 |
# If calling both find_package(PythonInterp) and find_package(PythonLibs),
|
|
Packit |
517ee8 |
# call find_package(PythonInterp) first to get the currently active Python
|
|
Packit |
517ee8 |
# version by default with a consistent version of PYTHON_LIBRARIES.
|
|
Packit |
517ee8 |
find_package(PythonInterp 3)
|
|
Packit |
517ee8 |
find_package(PythonLibs 3)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
set(PREFERRED_PYTHON_PATH "${PYTHON_EXECUTABLE}")
|
|
Packit |
517ee8 |
set(PYTHON3_PATH "${PYTHON_EXECUTABLE}")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(RPM)
|
|
Packit |
517ee8 |
if(RPM_FOUND)
|
|
Packit |
517ee8 |
check_library_exists("${RPM_LIBRARY}" rpmReadConfigFiles "" HAVE_RPMREADCONFIGFILES)
|
|
Packit |
517ee8 |
check_library_exists("${RPM_LIBRARY}" headerFormat "" HAVE_HEADERFORMAT)
|
|
Packit |
517ee8 |
check_library_exists("${RPMIO_LIBRARY}" rpmFreeCrypto "" HAVE_RPMFREECRYPTO)
|
|
Packit |
517ee8 |
check_library_exists("${RPM_LIBRARY}" rpmFreeFilesystems "" HAVE_RPMFREEFILESYSTEMS)
|
|
Packit |
517ee8 |
check_library_exists("${RPM_LIBRARY}" rpmVerifyFile "" HAVE_RPMVERIFYFILE)
|
|
Packit |
517ee8 |
set(HAVE_RPMVERCMP 1)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(SELinux)
|
|
Packit |
517ee8 |
find_package(SWIG)
|
|
Packit |
517ee8 |
find_package(LibXml2 REQUIRED)
|
|
Packit |
517ee8 |
find_package(LibXslt REQUIRED)
|
|
Packit Bot |
61bab5 |
find_package(XMLSEC REQUIRED)
|
|
Packit Bot |
61bab5 |
if (APPLE)
|
|
Packit Bot |
61bab5 |
set(OPENSSL_ROOT_DIR "/usr/local/opt/openssl/")
|
|
Packit Bot |
61bab5 |
endif()
|
|
Packit Bot |
61bab5 |
find_package(OpenSSL REQUIRED)
|
|
Packit Bot |
61bab5 |
add_definitions(${XMLSEC_DEFINITIONS})
|
|
Packit Bot |
61bab5 |
if (WIN32)
|
|
Packit Bot |
61bab5 |
add_compile_definitions("XMLSEC_CRYPTO_OPENSSL")
|
|
Packit Bot |
61bab5 |
endif()
|
|
Packit |
517ee8 |
find_package(BZip2)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# PThread
|
|
Packit |
517ee8 |
if (WIN32)
|
|
Packit |
517ee8 |
find_package(ZLIB REQUIRED)
|
|
Packit Service |
deda86 |
endif()
|
|
Packit Service |
deda86 |
|
|
Packit Service |
deda86 |
if (WIN32 AND NOT MINGW)
|
|
Packit |
517ee8 |
find_package(pthread CONFIG REQUIRED)
|
|
Packit |
517ee8 |
set(CMAKE_THREAD_LIBS_INIT ${PThreads4W_LIBRARY})
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
find_package(Threads REQUIRED)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
set(CMAKE_THREAD_PREFER_PTHREAD)
|
|
Packit |
517ee8 |
set(THREADS_PREFER_PTHREAD_FLAG)
|
|
Packit |
517ee8 |
set(THREADS_USE_PTHREADS_WIN32 TRUE)
|
|
Packit |
517ee8 |
check_library_exists(pthread pthread_timedjoin_np "" HAVE_PTHREAD_TIMEDJOIN_NP)
|
|
Packit |
517ee8 |
check_library_exists(pthread pthread_setname_np "" HAVE_PTHREAD_SETNAME_NP)
|
|
Packit |
517ee8 |
check_library_exists(pthread pthread_getname_np "" HAVE_PTHREAD_GETNAME_NP)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# WITH_CRYPTO
|
|
Packit |
517ee8 |
set(WITH_CRYPTO "gcrypt" CACHE STRING "gcrypt|nss3")
|
|
Packit |
517ee8 |
if(NOT (${WITH_CRYPTO} EQUAL "nss3"))
|
|
Packit |
517ee8 |
# gcrypt
|
|
Packit |
517ee8 |
find_package(GCrypt)
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
# nss3
|
|
Packit |
517ee8 |
find_package(NSS)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
if(GCRYPT_FOUND OR NSS_FOUND)
|
|
Packit |
517ee8 |
set(CRYPTO_FOUND TRUE)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
find_package(Libyaml)
|
|
Packit |
517ee8 |
if(EXISTS ${CMAKE_SOURCE_DIR}/yaml-filter/CMakeLists.txt)
|
|
Packit |
517ee8 |
message(STATUS "yaml-filter was found")
|
|
Packit |
517ee8 |
set(YAML_FILTER_FOUND TRUE)
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
message(STATUS "yaml-filter was not found")
|
|
Packit |
517ee8 |
set(YAML_FILTER_FOUND FALSE)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
check_library_exists(rt clock_gettime "" HAVE_CLOCK_GETTIME)
|
|
Packit |
517ee8 |
check_function_exists(posix_memalign HAVE_POSIX_MEMALIGN)
|
|
Packit |
517ee8 |
check_function_exists(memalign HAVE_MEMALIGN)
|
|
Packit |
517ee8 |
check_function_exists(fts_open HAVE_FTS_OPEN)
|
|
Packit |
517ee8 |
check_function_exists(strsep HAVE_STRSEP)
|
|
Packit |
517ee8 |
check_function_exists(strptime HAVE_STRPTIME)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
check_include_file(syslog.h HAVE_SYSLOG_H)
|
|
Packit |
517ee8 |
check_include_file(stdio_ext.h HAVE_STDIO_EXT_H)
|
|
Packit |
517ee8 |
check_include_file(shadow.h HAVE_SHADOW_H)
|
|
Packit |
517ee8 |
check_include_file(sys/systeminfo.h HAVE_SYS_SYSTEMINFO_H)
|
|
Packit |
517ee8 |
check_include_file(getopt.h HAVE_GETOPT_H)
|
|
Packit |
517ee8 |
check_include_file(sys/mman.h HAVE_MMAN_H)
|
|
Packit |
517ee8 |
check_include_file(sys/uio.h HAVE_UIO_H)
|
|
Packit |
517ee8 |
check_include_file(sys/xattr.h HAVE_SYS_XATTR_H)
|
|
Packit |
517ee8 |
check_include_file(attr/xattr.h HAVE_ATTR_XATTR_H)
|
|
Packit Service |
deda86 |
check_include_files("sys/types.h;sys/extattr.h" HAVE_SYS_EXTATTR_H)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# HAVE_ATOMIC_BUILTINS
|
|
Packit |
517ee8 |
check_c_source_compiles("#include <stdint.h>\nint main() {uint16_t foovar=0; uint16_t old=1; uint16_t new=2;__sync_bool_compare_and_swap(&foovar,old,new); return __sync_fetch_and_add(&foovar, 1); __sync_fetch_and_add(&foovar, 1);}" HAVE_ATOMIC_BUILTINS)
|
|
Packit |
517ee8 |
if(NOT HAVE_ATOMIC_BUILTINS)
|
|
Packit |
517ee8 |
message(WARNING "!!! Compiler does not support atomic builtins. Atomic operation will be emulated using mutex-based locking. !!!")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
mark_as_advanced(ENV_PRESENT VALGRIND_PRESENT)
|
|
Packit |
517ee8 |
find_program(ENV_PRESENT env)
|
|
Packit |
517ee8 |
find_program(VALGRIND_PRESENT valgrind)
|
|
Packit |
517ee8 |
find_program(ASCIIDOC_EXECUTABLE asciidoc)
|
|
Packit |
517ee8 |
find_program(SED_EXECUTABLE sed)
|
|
Packit |
517ee8 |
find_program(GIT_EXECUTABLE git)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- CORE FEATURE SWITCHES
|
|
Packit |
517ee8 |
if(WIN32 OR APPLE)
|
|
Packit |
517ee8 |
option(ENABLE_SCE "enables Script Check Engine - an alternative checking engine that lets you use executables instead of OVAL for checks" OFF)
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
option(ENABLE_SCE "enables Script Check Engine - an alternative checking engine that lets you use executables instead of OVAL for checks" ON)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- OVAL FEATURE SWITCHES
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
option(ENABLE_PROBES "build OVAL probes - each probe implements an OVAL test" TRUE)
|
|
Packit |
517ee8 |
set(SEAP_MSGID_BITS 32 CACHE STRING "Size of SEAP_msgid_t in bits [32|64]")
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_PROBES_INDEPENDENT "build OVAL probes for independent (cross platform) OVAL tests" ON "ENABLE_PROBES" OFF)
|
|
Packit |
517ee8 |
# On some platforms (Windows..) UNIX ends up being empty instead of "false"
|
|
Packit |
517ee8 |
set(IS_UNIX FALSE)
|
|
Packit |
517ee8 |
if (UNIX)
|
|
Packit |
517ee8 |
set(IS_UNIX TRUE)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_PROBES_UNIX "build OVAL probes for the UNIX OVAL tests" ${IS_UNIX} "ENABLE_PROBES" OFF)
|
|
Packit |
517ee8 |
string(COMPARE EQUAL ${CMAKE_SYSTEM_NAME} "Linux" IS_LINUX)
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_PROBES_LINUX "build OVAL probes for the Linux OVAL tests" ${IS_LINUX} "ENABLE_PROBES" OFF)
|
|
Packit |
517ee8 |
string(COMPARE EQUAL ${CMAKE_SYSTEM_NAME} "Solaris" IS_SOLARIS)
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_PROBES_SOLARIS "build OVAL probes for the Solaris OVAL tests" ${IS_SOLARIS} "ENABLE_PROBES" OFF)
|
|
Packit |
517ee8 |
set(IS_WIN32 FALSE)
|
|
Packit |
517ee8 |
if (WIN32)
|
|
Packit |
517ee8 |
set(IS_WIN32 TRUE)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_PROBES_WINDOWS "build OVAL probes for the Windows OVAL tests" ${IS_WIN32} "ENABLE_PROBES" OFF)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# INDEPENDENT PROBES
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_ENVIRONMENTVARIABLE "Independent environmentvariable probe" ON "ENABLE_PROBES_INDEPENDENT; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_ENVIRONMENTVARIABLE58 "Independent environmentvariable58 probe" ON "ENABLE_PROBES_INDEPENDENT; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_FAMILY "Independent family probe" ON "ENABLE_PROBES_INDEPENDENT" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_FILEHASH "Independent filehash probe" ON "ENABLE_PROBES_INDEPENDENT; CRYPTO_FOUND; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_FILEHASH58 "Independent filehash58 probe" ON "ENABLE_PROBES_INDEPENDENT; CRYPTO_FOUND; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_SQL "Independent sql probe" ON "ENABLE_PROBES_INDEPENDENT; OPENDBX_FOUND; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_SQL57 "Independent sql57 probe" ON "ENABLE_PROBES_INDEPENDENT; OPENDBX_FOUND; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_SYSTEM_INFO "Independent system info probe" ON "ENABLE_PROBES_INDEPENDENT" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_TEXTFILECONTENT "Independent textfilecontent probe" ON "ENABLE_PROBES_INDEPENDENT; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_TEXTFILECONTENT54 "Independent textfilecontent54 probe" ON "ENABLE_PROBES_INDEPENDENT; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_VARIABLE "Independent variable probe" ON "ENABLE_PROBES_INDEPENDENT" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_XMLFILECONTENT "Independent xmlfilecontent probe" ON "ENABLE_PROBES_INDEPENDENT; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_INDEPENDENT_YAMLFILECONTENT "Independent yamlfilecontent probe" ON "ENABLE_PROBES_INDEPENDENT; LIBYAML_FOUND; YAML_FILTER_FOUND; NOT WIN32" OFF)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# UNIX PROBES
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_DNSCACHE "Unix dnscache probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_FILE "Unix file probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit Service |
deda86 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_FILEEXTENDEDATTRIBUTE "Unix fileextendedattribute probe" ON "ENABLE_PROBES_UNIX; HAVE_SYS_XATTR_H OR HAVE_ATTR_XATTR_H OR HAVE_SYS_EXTATTR_H" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_GCONF "Unix gconf probe" ON "ENABLE_PROBES_UNIX; GCONF_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_INTERFACE "Unix interface probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_PASSWORD "Unix password probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_PROCESS "Unix process probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_PROCESS58 "Unix process58 probe" ON "ENABLE_PROBES_UNIX; CAP_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_ROUTINGTABLE "Unix routingtable probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_RUNLEVEL "Unix runlevel probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_SHADOW "Unix shadow probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_SYMLINK "Unix symlink probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_SYSCTL "Unix sysctl probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_UNAME "Unix uname probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_UNIX_XINETD "Unix xinetd probe" ON "ENABLE_PROBES_UNIX" OFF)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# LINUX PROBES
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_DPKGINFO "Linux dpkginfo probe" ON "ENABLE_PROBES_LINUX; APTPKG_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_IFLISTENERS "Linux iflisteners probe" ON "ENABLE_PROBES_LINUX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_INETLISTENINGSERVERS "Linux inetlisteningservers probe" ON "ENABLE_PROBES_LINUX" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_PARTITION "Linux partition probe" ON "ENABLE_PROBES_LINUX; BLKID_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_RPMINFO "Linux rpminfo probe" ON "ENABLE_PROBES_LINUX; RPM_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_RPMVERIFY "Linux rpmverify probe" ON "ENABLE_PROBES_LINUX; RPM_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_RPMVERIFYFILE "Linux rpmverifyfile probe" ON "ENABLE_PROBES_LINUX; RPM_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_RPMVERIFYPACKAGE "Linux rpmverifypackage probe" ON "ENABLE_PROBES_LINUX; RPM_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_SELINUXBOOLEAN "Linux selinuxboolean probe" ON "ENABLE_PROBES_LINUX; SELINUX_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_SELINUXSECURITYCONTEXT "Linux selinuxsecuritycontext probe" ON "ENABLE_PROBES_LINUX; SELINUX_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_SYSTEMDUNITDEPENDENCY "Linux systemdunitdependency probe" ON "ENABLE_PROBES_LINUX; DBUS_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_LINUX_SYSTEMDUNITPROPERTY "Linux systemdunitproperty probe" ON "ENABLE_PROBES_LINUX; DBUS_FOUND" OFF)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# SOLARIS PROBES
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_SOLARIS_ISAINFO "Solaris isainfo probe" ON "ENABLE_PROBES_SOLARIS" OFF)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# WINDOWS PROBES
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_WINDOWS_ACCESSTOKEN "Windows accesstoken probe" ON "ENABLE_PROBES_WINDOWS" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_WINDOWS_REGISTRY "Windows registry probe" ON "ENABLE_PROBES_WINDOWS" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(OPENSCAP_PROBE_WINDOWS_WMI57 "Windows wmi57 probe" ON "ENABLE_PROBES_WINDOWS" OFF)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- EXECUTABLES / UTILITIES SWITCHES
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
option(ENABLE_OSCAP_UTIL "build the oscap utility, oscap is the core utility for evaluation and processing of SCAP data" TRUE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
set(OSCAP_DOCKER_PYTHON ${PYTHON_EXECUTABLE} CACHE STRING "path to the Python interpreter for oscap-docker")
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_OSCAP_UTIL_DOCKER "enables the oscap-docker utility, this lets you scan containers and container images" ON "NOT WIN32" OFF)
|
|
Packit |
517ee8 |
if(ENABLE_OSCAP_UTIL_DOCKER AND NOT BZIP2_FOUND)
|
|
Packit |
517ee8 |
set(ENABLE_OSCAP_UTIL_DOCKER FALSE)
|
|
Packit |
517ee8 |
message(SEND_ERROR "oscap-docker requires bzip2! Either disable oscap-docker or install bzip2")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_OSCAP_UTIL_AS_RPM "enable the scap-as-rpm utility, this lets you package SCAP data as RPMs" ON "NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_OSCAP_UTIL_SSH "enables the oscap-ssh utility, this lets you scan remote machines over ssh" ON "NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_OSCAP_UTIL_VM "enables the oscap-vm utility, this lets you scan VMs and VM storage images" ON "NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_OSCAP_UTIL_PODMAN "enables the oscap-podman utility, this lets you scan Podman containers and container images" ON "NOT WIN32" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_OSCAP_UTIL_CHROOT "enables the oscap-chroot utility, this lets you scan entire chroots using offline scanning" ON "NOT WIN32" OFF)
|
|
Packit |
517ee8 |
option(ENABLE_OSCAP_UTIL_AUTOTAILOR "enables the autotailor utility that is able to perform command-line tailoring" TRUE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- TEST-SUITE SWITCHES
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# Tests will be turned off on Windows, because the test suite uses bash
|
|
Packit |
517ee8 |
# and other Linux-specific tools.
|
|
Packit |
517ee8 |
if(WIN32)
|
|
Packit |
517ee8 |
# TODO: I hate that the doc string is duplicated but cmake doesn't support evaluating expressions :-/
|
|
Packit |
517ee8 |
option(ENABLE_TESTS "enables the test suite, use `ctest` to run it" FALSE)
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
option(ENABLE_TESTS "enables the test suite, use `ctest` to run it" TRUE)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
option(ENABLE_VALGRIND "enables Valgrind memory testing in the test-suite" FALSE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
option(ENABLE_MITRE "enables MITRE tests -- requires specific environment support -- see developer documentation for more details" FALSE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- LANGUAGE BINDINGS
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_PYTHON3 "if enabled, the python3 swig bindings will be built" ON "PYTHONINTERP_FOUND;SWIG_FOUND;PYTHONLIBS_FOUND" OFF)
|
|
Packit |
517ee8 |
cmake_dependent_option(ENABLE_PERL "if enabled, the perl swig bindings will be built" ON "PERLLIBS_FOUND;SWIG_FOUND" OFF)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- NO IDEA WHAT THIS IS FOR
|
|
Packit |
517ee8 |
set(WANT_BASE64 TRUE CACHE BOOL "wants builtin Base64")
|
|
Packit |
517ee8 |
set(WANT_XBASE64 FALSE CACHE BOOL "wants builtin XBase64")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- Documentation
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# Due to the time it takes to build documentation on every change,
|
|
Packit |
517ee8 |
# we choose to disable documentation by default. Only when ENABLE_DOCS==TRUE
|
|
Packit |
517ee8 |
# will docs be built and added to the `make install` target.
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
option(ENABLE_DOCS "enables documentation building -- suggests doxygen, asciidoc" FALSE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- STATUS MESSAGES
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
message(STATUS "CMake:")
|
|
Packit |
517ee8 |
message(STATUS "generator: ${CMAKE_GENERATOR}")
|
|
Packit |
517ee8 |
message(STATUS "source directory: ${CMAKE_SOURCE_DIR}")
|
|
Packit |
517ee8 |
message(STATUS "build directory: ${CMAKE_BINARY_DIR}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Core features:")
|
|
Packit |
517ee8 |
message(STATUS "SCE: ${ENABLE_SCE}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "OVAL:")
|
|
Packit |
517ee8 |
message(STATUS "base probe support: ${ENABLE_PROBES}")
|
|
Packit |
517ee8 |
message(STATUS "SEAP msgid bit-size: ${SEAP_MSGID_BITS}")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "")
|
|
Packit |
517ee8 |
message(STATUS "Independent probes: ${ENABLE_PROBES_INDEPENDENT}")
|
|
Packit |
517ee8 |
message(STATUS " Independent family probe: ${OPENSCAP_PROBE_INDEPENDENT_FAMILY}")
|
|
Packit |
517ee8 |
message(STATUS " Independent system info probe: ${OPENSCAP_PROBE_INDEPENDENT_SYSTEM_INFO}")
|
|
Packit |
517ee8 |
message(STATUS " Independent variable probe: ${OPENSCAP_PROBE_INDEPENDENT_VARIABLE}")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "")
|
|
Packit |
517ee8 |
message(STATUS "Independent probes incompatible with WIN32 (WIN32 status: ${IS_WIN32})")
|
|
Packit Service |
deda86 |
message(STATUS " Independent environmentvariable probe: ${OPENSCAP_PROBE_INDEPENDENT_ENVIRONMENTVARIABLE}")
|
|
Packit |
517ee8 |
message(STATUS " Independent environmentvariable58 probe: ${OPENSCAP_PROBE_INDEPENDENT_ENVIRONMENTVARIABLE58}")
|
|
Packit |
517ee8 |
message(STATUS " Independent filehash probe: ${OPENSCAP_PROBE_INDEPENDENT_FILEHASH}")
|
|
Packit |
517ee8 |
message(STATUS " Independent filehash58 probe: ${OPENSCAP_PROBE_INDEPENDENT_FILEHASH58}")
|
|
Packit |
517ee8 |
message(STATUS " Independent sql probe (depends on opendbx): ${OPENSCAP_PROBE_INDEPENDENT_SQL}")
|
|
Packit |
517ee8 |
message(STATUS " Independent sql57 probe (depends on opendbx): ${OPENSCAP_PROBE_INDEPENDENT_SQL57}")
|
|
Packit |
517ee8 |
message(STATUS " Independent textfilecontent probe: ${OPENSCAP_PROBE_INDEPENDENT_TEXTFILECONTENT}")
|
|
Packit |
517ee8 |
message(STATUS " Independent textfilecontent54 probe: ${OPENSCAP_PROBE_INDEPENDENT_TEXTFILECONTENT54}")
|
|
Packit |
517ee8 |
message(STATUS " Independent xmlfilecontent probe: ${OPENSCAP_PROBE_INDEPENDENT_XMLFILECONTENT}")
|
|
Packit |
517ee8 |
message(STATUS " Independent yamlfilecontent probe (depends on libyaml, yaml-path): ${OPENSCAP_PROBE_INDEPENDENT_YAMLFILECONTENT}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Unix probes: ${ENABLE_PROBES_UNIX}")
|
|
Packit |
517ee8 |
message(STATUS " Unix dnscache probe: ${OPENSCAP_PROBE_UNIX_DNSCACHE}")
|
|
Packit |
517ee8 |
message(STATUS " Unix file probe: ${OPENSCAP_PROBE_UNIX_FILE}")
|
|
Packit |
517ee8 |
message(STATUS " Unix fileextendedattribute probe (depends on xattrh): ${OPENSCAP_PROBE_UNIX_FILEEXTENDEDATTRIBUTE}")
|
|
Packit |
517ee8 |
message(STATUS " Unix gconf probe (depends on gconf): ${OPENSCAP_PROBE_UNIX_GCONF}")
|
|
Packit |
517ee8 |
message(STATUS " Unix interface probe: ${OPENSCAP_PROBE_UNIX_INTERFACE}")
|
|
Packit |
517ee8 |
message(STATUS " Unix password probe: ${OPENSCAP_PROBE_UNIX_PASSWORD}")
|
|
Packit |
517ee8 |
message(STATUS " Unix process probe: ${OPENSCAP_PROBE_UNIX_PROCESS}")
|
|
Packit |
517ee8 |
message(STATUS " Unix process58 probe (depends on CAP): ${OPENSCAP_PROBE_UNIX_PROCESS58}")
|
|
Packit |
517ee8 |
message(STATUS " Unix routingtable probe: ${OPENSCAP_PROBE_UNIX_ROUTINGTABLE}")
|
|
Packit |
517ee8 |
message(STATUS " Unix runlevel probe: ${OPENSCAP_PROBE_UNIX_RUNLEVEL}")
|
|
Packit |
517ee8 |
message(STATUS " Unix shadow probe: ${OPENSCAP_PROBE_UNIX_SHADOW}")
|
|
Packit |
517ee8 |
message(STATUS " Unix symlink probe: ${OPENSCAP_PROBE_UNIX_SYMLINK}")
|
|
Packit |
517ee8 |
message(STATUS " Unix sysctl probe: ${OPENSCAP_PROBE_UNIX_SYSCTL}")
|
|
Packit |
517ee8 |
message(STATUS " Unix uname probe: ${OPENSCAP_PROBE_UNIX_UNAME}")
|
|
Packit |
517ee8 |
message(STATUS " Unix xinetd probe: ${OPENSCAP_PROBE_UNIX_XINETD}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Linux probes: ${ENABLE_PROBES_LINUX}")
|
|
Packit |
517ee8 |
message(STATUS " Linux dpkginfo probe (depends on aptpkg): ${OPENSCAP_PROBE_LINUX_DPKGINFO}")
|
|
Packit |
517ee8 |
message(STATUS " Linux iflisteners probe: ${OPENSCAP_PROBE_LINUX_IFLISTENERS}")
|
|
Packit |
517ee8 |
message(STATUS " Linux inetlisteningservers probe: ${OPENSCAP_PROBE_LINUX_INETLISTENINGSERVERS}")
|
|
Packit |
517ee8 |
message(STATUS " Linux partition probe (depends on blkid): ${OPENSCAP_PROBE_LINUX_PARTITION}")
|
|
Packit |
517ee8 |
message(STATUS " Linux rpminfo probe (depends on rpm): ${OPENSCAP_PROBE_LINUX_RPMINFO}")
|
|
Packit |
517ee8 |
message(STATUS " Linux rpmverify probe (depends on rpm): ${OPENSCAP_PROBE_LINUX_RPMVERIFY}")
|
|
Packit |
517ee8 |
message(STATUS " Linux rpmverifyfile probe (depends on rpm): ${OPENSCAP_PROBE_LINUX_RPMVERIFYFILE}")
|
|
Packit |
517ee8 |
message(STATUS " Linux rpmverifypackage probe (depends on rpm): ${OPENSCAP_PROBE_LINUX_RPMVERIFYPACKAGE}")
|
|
Packit |
517ee8 |
message(STATUS " Linux selinuxboolean probe (depends on selinux): ${OPENSCAP_PROBE_LINUX_SELINUXBOOLEAN}")
|
|
Packit |
517ee8 |
message(STATUS " Linux selinuxsecuritycontext probe (depends on selinux): ${OPENSCAP_PROBE_LINUX_SELINUXSECURITYCONTEXT}")
|
|
Packit |
517ee8 |
message(STATUS " Linux systemdunitdependency probe (depends on dbus): ${OPENSCAP_PROBE_LINUX_SYSTEMDUNITDEPENDENCY}")
|
|
Packit |
517ee8 |
message(STATUS " Linux systemdunitproperty probe (depends on dbus): ${OPENSCAP_PROBE_LINUX_SYSTEMDUNITPROPERTY}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Solaris probes: ${ENABLE_PROBES_SOLARIS}")
|
|
Packit |
517ee8 |
message(STATUS " Solaris isainfo probe: ${OPENSCAP_PROBE_SOLARIS_ISAINFO}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Windows probes: ${ENABLE_PROBES_WINDOWS}")
|
|
Packit |
517ee8 |
message(STATUS " Windows accesstoken probe: ${OPENSCAP_PROBE_WINDOWS_ACCESSTOKEN}")
|
|
Packit |
517ee8 |
message(STATUS " Windows registry probe: ${OPENSCAP_PROBE_WINDOWS_REGISTRY}")
|
|
Packit |
517ee8 |
message(STATUS " Windows wmi57 probe: ${OPENSCAP_PROBE_WINDOWS_WMI57}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Language bindings:")
|
|
Packit |
517ee8 |
message(STATUS "python3 bindings: ${ENABLE_PYTHON3}")
|
|
Packit |
517ee8 |
message(STATUS "perl bindings: ${ENABLE_PERL}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Utilities:")
|
|
Packit |
517ee8 |
message(STATUS "oscap: ${ENABLE_OSCAP_UTIL}")
|
|
Packit |
517ee8 |
message(STATUS "oscap-docker: ${ENABLE_OSCAP_UTIL_DOCKER}")
|
|
Packit |
517ee8 |
message(STATUS "scap-as-rpm: ${ENABLE_OSCAP_UTIL_AS_RPM}")
|
|
Packit |
517ee8 |
message(STATUS "oscap-ssh: ${ENABLE_OSCAP_UTIL_SSH}")
|
|
Packit |
517ee8 |
message(STATUS "oscap-vm: ${ENABLE_OSCAP_UTIL_VM}")
|
|
Packit |
517ee8 |
message(STATUS "oscap-podman: ${ENABLE_OSCAP_UTIL_PODMAN}")
|
|
Packit |
517ee8 |
message(STATUS "oscap-chroot: ${ENABLE_OSCAP_UTIL_CHROOT}")
|
|
Packit |
517ee8 |
message(STATUS "autotailor: ${ENABLE_OSCAP_UTIL_AUTOTAILOR}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Testing:")
|
|
Packit |
517ee8 |
message(STATUS "tests: ${ENABLE_TESTS}")
|
|
Packit |
517ee8 |
message(STATUS "valgrind: ${ENABLE_VALGRIND}")
|
|
Packit |
517ee8 |
message(STATUS "MITRE: ${ENABLE_MITRE}")
|
|
Packit |
517ee8 |
message(STATUS " ")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
message(STATUS "Documentation:")
|
|
Packit |
517ee8 |
message(STATUS "enabled: ${ENABLE_DOCS}")
|
|
Packit |
517ee8 |
message(STATUS "doxygen: ${DOXYGEN_EXECUTABLE}")
|
|
Packit |
517ee8 |
message(STATUS "asciidoc: ${ASCIIDOC_EXECUTABLE}")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- PATHS
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
if(WIN32)
|
|
Packit |
517ee8 |
# Windows installer does not allow full paths.
|
|
Packit |
517ee8 |
# The install path can be changed by user in Windows installer.
|
|
Packit |
517ee8 |
# We will use relative names - "schemas", "xsl" and "cpe"
|
|
Packit |
517ee8 |
# directories will be located in the same directory as oscap.exe.
|
|
Packit |
517ee8 |
set(OSCAP_DEFAULT_SCHEMA_PATH "schemas")
|
|
Packit |
517ee8 |
set(OSCAP_DEFAULT_XSLT_PATH "xsl")
|
|
Packit |
517ee8 |
set(OSCAP_DEFAULT_CPE_PATH "cpe")
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
set(OSCAP_DEFAULT_SCHEMA_PATH "${CMAKE_INSTALL_FULL_DATADIR}/openscap/schemas")
|
|
Packit |
517ee8 |
set(OSCAP_DEFAULT_XSLT_PATH "${CMAKE_INSTALL_FULL_DATADIR}/openscap/xsl")
|
|
Packit |
517ee8 |
set(OSCAP_DEFAULT_CPE_PATH "${CMAKE_INSTALL_FULL_DATADIR}/openscap/cpe")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
set(OSCAP_TEMP_DIR "/tmp" CACHE STRING "use different temporary directory to execute sce scripts (default=/tmp)")
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# ---------- RPATHS for linking
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# see https://cmake.org/Wiki/CMake_RPATH_handling
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# use, i.e. don't skip the full RPATH for the build tree
|
|
Packit |
517ee8 |
set(CMAKE_SKIP_BUILD_RPATH FALSE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# when building, don't use the install RPATH already
|
|
Packit |
517ee8 |
# (but later on when installing)
|
|
Packit |
517ee8 |
set(CMAKE_BUILD_WITH_INSTALL_RPATH FALSE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR})
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# add the automatically determined parts of the RPATH
|
|
Packit |
517ee8 |
# which point to directories outside the build tree to the install RPATH
|
|
Packit |
517ee8 |
set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# Turn on RPATH for OSX for policy warning
|
|
Packit |
517ee8 |
set(CMAKE_MACOSX_RPATH ON)
|
|
Packit |
517ee8 |
# ---------- CONFIGURATION
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
configure_file("config.h.in" "config.h")
|
|
Packit |
517ee8 |
add_definitions(-DHAVE_CONFIG_H)
|
|
Packit |
517ee8 |
if (MSVC)
|
|
Packit |
517ee8 |
# Disable some of Microsoft Visual Studio 2017 warnings
|
|
Packit |
517ee8 |
#
|
|
Packit |
517ee8 |
# Visual Studio recommends using some non-standard functions with _s suffix
|
|
Packit |
517ee8 |
# instead of standard functions, because they considered it more secure.
|
|
Packit |
517ee8 |
# However these functions are available only in Microsoft C Runtime.
|
|
Packit |
517ee8 |
# Therefore we disable this type of warnings.
|
|
Packit |
517ee8 |
# https://docs.microsoft.com/en-us/cpp/c-runtime-library/security-features-in-the-crt
|
|
Packit |
517ee8 |
add_definitions(-D_CRT_SECURE_NO_WARNINGS)
|
|
Packit |
517ee8 |
# Microsoft has renamed some POSIX functions in the CRT to conform with C99 rules for
|
|
Packit |
517ee8 |
# implementation-defined global function names. In most cases, a leading underscore was
|
|
Packit |
517ee8 |
# added to the POSIX function name to create a standard conformant name.
|
|
Packit |
517ee8 |
# If we use POSIX functions without leading underscore, a deprecation warning is shown.
|
|
Packit |
517ee8 |
# Therefore we disable this type of warnings.
|
|
Packit |
517ee8 |
# https://docs.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-3-c4996
|
|
Packit |
517ee8 |
add_definitions(-D_CRT_NONSTDC_NO_WARNINGS)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
if (${CMAKE_C_COMPILER_ID} STREQUAL "GNU" OR ${CMAKE_C_COMPILER_ID} STREQUAL "Clang")
|
|
Packit Service |
deda86 |
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -pipe -W -Wall -Wnonnull -Wshadow -Wformat -Wundef -Wno-unused-parameter -Wmissing-prototypes -Wno-unknown-pragmas -D_GNU_SOURCE -std=c99")
|
|
Packit Service |
deda86 |
endif()
|
|
Packit Service |
deda86 |
if(${CMAKE_SYSTEM_NAME} STREQUAL "FreeBSD")
|
|
Packit Service |
deda86 |
add_link_options(-lkvm -lm -lprocstat)
|
|
Packit Service |
deda86 |
else()
|
|
Packit Service |
deda86 |
# We do not define this on FreeBSD as it causes required functionality to not be exposed, e.g. getprogname() and u_<types>
|
|
Packit Service |
deda86 |
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_POSIX_C_SOURCE=200112L")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
if(${CMAKE_SYSTEM_NAME} EQUAL "Solaris")
|
|
Packit |
517ee8 |
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D__EXTENSIONS__")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
if(WIN32)
|
|
Packit |
517ee8 |
# expose new WinAPI function appearing on Windows 7
|
|
Packit |
517ee8 |
# eg. inet_pton
|
|
Packit |
517ee8 |
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_WIN32_WINNT=0x0600")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
if(APPLE)
|
|
Packit |
517ee8 |
#full Single Unix Standard v3 (SUSv3) conformance (the Unix API)
|
|
Packit |
517ee8 |
add_definitions(-D_DARWIN_C_SOURCE)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
include_directories(
|
|
Packit |
517ee8 |
"compat/"
|
|
Packit |
517ee8 |
"src/"
|
|
Packit |
517ee8 |
"src/common/"
|
|
Packit |
517ee8 |
"src/common/public/"
|
|
Packit |
517ee8 |
"src/CPE/public/"
|
|
Packit |
517ee8 |
"src/CVE/public/"
|
|
Packit |
517ee8 |
"src/CVRF/public/"
|
|
Packit |
517ee8 |
"src/CVSS/public/"
|
|
Packit |
517ee8 |
"src/DS/public/"
|
|
Packit |
517ee8 |
"src/OVAL/public/"
|
|
Packit |
517ee8 |
"src/OVAL/probes/public/"
|
|
Packit |
517ee8 |
"src/OVAL/probes/SEAP/"
|
|
Packit |
517ee8 |
"src/OVAL/probes/SEAP/public/"
|
|
Packit |
517ee8 |
"src/OVAL/"
|
|
Packit |
517ee8 |
"src/source/public/"
|
|
Packit |
517ee8 |
"src/XCCDF/"
|
|
Packit |
517ee8 |
"src/XCCDF/public/"
|
|
Packit |
517ee8 |
"src/XCCDF_POLICY/"
|
|
Packit |
517ee8 |
"src/XCCDF_POLICY/public/"
|
|
Packit Service |
deda86 |
"yaml-filter/src/"
|
|
Packit |
517ee8 |
${CMAKE_BINARY_DIR} # config.h is generated to build directory
|
|
Packit |
517ee8 |
${LIBXML2_INCLUDE_DIR}
|
|
Packit Bot |
61bab5 |
${XMLSEC_INCLUDE_DIRS}
|
|
Packit Bot |
61bab5 |
${OPENSSL_INCLUDE_DIR}
|
|
Packit |
517ee8 |
${PCRE_INCLUDE_DIRS}
|
|
Packit |
517ee8 |
)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# Honor visibility properties for all target types
|
|
Packit |
517ee8 |
# Run "cmake --help-policy CMP0063" for policy details
|
|
Packit |
517ee8 |
if (POLICY CMP0063)
|
|
Packit |
517ee8 |
cmake_policy(SET CMP0063 NEW)
|
|
Packit |
517ee8 |
else()
|
|
Packit |
517ee8 |
message(WARNING "It is not possible to correctly set symbol visibility in object files with your version of CMake. We recommend using CMake 3.3 or newer.")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
function(set_oscap_generic_properties TARGET_OBJECT)
|
|
Packit |
517ee8 |
set_target_properties(${TARGET_OBJECT} PROPERTIES
|
|
Packit |
517ee8 |
# Make global variables and functions HIDDEN by default.
|
|
Packit |
517ee8 |
C_VISIBILITY_PRESET hidden
|
|
Packit |
517ee8 |
CXX_VISIBILITY_PRESET hidden
|
|
Packit |
517ee8 |
POSITION_INDEPENDENT_CODE ON # Compile this object code position independent.
|
|
Packit |
517ee8 |
)
|
|
Packit |
517ee8 |
target_compile_definitions(${TARGET_OBJECT} PRIVATE OSCAP_BUILD_SHARED)
|
|
Packit |
517ee8 |
endfunction()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
if(OPENSCAP_PROBE_INDEPENDENT_YAMLFILECONTENT)
|
|
Packit Service |
deda86 |
add_library(yamlfilter_object OBJECT yaml-filter/src/yaml-path.c yaml-filter/src/yaml-path.h)
|
|
Packit |
517ee8 |
set_oscap_generic_properties(yamlfilter_object)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
add_subdirectory("compat")
|
|
Packit |
517ee8 |
add_subdirectory("src")
|
|
Packit |
517ee8 |
add_subdirectory("utils")
|
|
Packit |
517ee8 |
add_subdirectory("docs")
|
|
Packit |
517ee8 |
add_subdirectory("dist")
|
|
Packit |
517ee8 |
add_subdirectory("schemas")
|
|
Packit |
517ee8 |
add_subdirectory("xsl")
|
|
Packit |
517ee8 |
add_subdirectory("cpe")
|
|
Packit |
517ee8 |
add_subdirectory("swig")
|
|
Packit |
517ee8 |
configure_file("run.in" ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/run @ONLY)
|
|
Packit |
517ee8 |
configure_file("oscap_wrapper.in" ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/oscap_wrapper @ONLY)
|
|
Packit |
517ee8 |
file(
|
|
Packit |
517ee8 |
COPY "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/run" "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/oscap_wrapper"
|
|
Packit |
517ee8 |
DESTINATION ${CMAKE_BINARY_DIR}
|
|
Packit |
517ee8 |
FILE_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
|
|
Packit |
517ee8 |
)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
if(NOT WIN32)
|
|
Packit |
517ee8 |
# pkgconfig file
|
|
Packit |
517ee8 |
configure_file("libopenscap.pc.in" "libopenscap.pc" @ONLY)
|
|
Packit |
517ee8 |
install(FILES
|
|
Packit |
517ee8 |
${CMAKE_CURRENT_BINARY_DIR}/libopenscap.pc
|
|
Packit |
517ee8 |
DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig
|
|
Packit |
517ee8 |
)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# changelog
|
|
Packit |
517ee8 |
if(GIT_EXECUTABLE AND SED_EXECUTABLE)
|
|
Packit |
517ee8 |
add_custom_target(changelog
|
|
Packit |
517ee8 |
COMMAND "${GIT_EXECUTABLE}" log | "${SED_EXECUTABLE}" '/^commit/d\; /^Merge/d' > "${CMAKE_BINARY_DIR}/ChangeLog"
|
|
Packit |
517ee8 |
COMMENT "Generating ChangeLog"
|
|
Packit |
517ee8 |
)
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# Ctest
|
|
Packit |
517ee8 |
if(ENABLE_TESTS)
|
|
Packit |
517ee8 |
enable_testing()
|
|
Packit |
517ee8 |
add_subdirectory("tests")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
# CPack
|
|
Packit |
517ee8 |
set(CPACK_SOURCE_PACKAGE_FILE_NAME "openscap-${OPENSCAP_VERSION}")
|
|
Packit |
517ee8 |
set(CPACK_SOURCE_GENERATOR "TGZ")
|
|
Packit |
517ee8 |
set(CPACK_SOURCE_IGNORE_FILES
|
|
Packit |
517ee8 |
"\\\\.git.*"
|
|
Packit |
517ee8 |
"build/"
|
|
Packit |
517ee8 |
"build-win32/"
|
|
Packit |
517ee8 |
"~$"
|
|
Packit |
517ee8 |
"\\\\CMakeLists.txt.user"
|
|
Packit |
517ee8 |
)
|
|
Packit |
517ee8 |
if(WIN32)
|
|
Packit |
517ee8 |
set(CPACK_GENERATOR WIX)
|
|
Packit |
517ee8 |
set(CPACK_WIX_PATCH_FILE "${CMAKE_SOURCE_DIR}/wix_patch.xml")
|
|
Packit |
517ee8 |
endif()
|
|
Packit |
517ee8 |
set(CPACK_PACKAGE_NAME "OpenSCAP")
|
|
Packit |
517ee8 |
set(CPACK_PACKAGE_VENDOR "OpenSCAP Project")
|
|
Packit |
517ee8 |
set(CPACK_PACKAGE_VERSION_MAJOR "${OPENSCAP_VERSION_MAJOR}")
|
|
Packit |
517ee8 |
set(CPACK_PACKAGE_VERSION_MINOR "${OPENSCAP_VERSION_MINOR}")
|
|
Packit |
517ee8 |
set(CPACK_PACKAGE_VERSION_PATCH "${OPENSCAP_VERSION_PATCH}")
|
|
Packit |
517ee8 |
set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/lgpl-2.1.rtf")
|
|
Packit |
517ee8 |
set(CPACK_PACKAGE_CHECKSUM SHA512)
|
|
Packit |
517ee8 |
|
|
Packit |
517ee8 |
include(CPack)
|