# Maintainer: David P. <megver83@parabola.nu>
# Contributor: Gordian Edenhofer <gordian.edenhofer@gmail.com>
# Contributor: Marcin Wieczorek <marcin@marcin.co>
# Contributor: Thomas Kuther <archlinux@kuther.net>
# Contributor: Gianni Vialetto <gianni at rootcube dot net>
# Contributor: Paul N. Maxwell <msg dot maxwel at gmail dot com>
# Contributor: Thomas Mudrunka <harvie@@email..cz>
# Contributor: Max Fierke <max@maxfierke.com>

pkgbase=apparmor
pkgname=("${pkgbase}" 'apparmor-parser' 'apparmor-libapparmor' 'apparmor-utils' 'apparmor-profiles' 'apparmor-pam' 'apparmor-vim')
_pkgbasever=2.11
pkgver="${_pkgbasever}.1"
pkgrel=1
pkgdesc='Linux application security framework - mandatory access control for programs'
arch=('i686' 'x86_64')
url='http://wiki.apparmor.net/index.php/Main_Page'
license=('GPL')
makedepends=('flex' 'swig' 'perl' 'python' 'perl-locale-gettext' 'perl-rpc-xml' 'audit')
source=("https://launchpad.net/${pkgbase}/${_pkgbasever}/${pkgver}/+download/${pkgbase}-${pkgver}.tar.gz"{,.asc}
	"apparmor_load.sh"
	"apparmor_unload.sh"
	"apparmor.service")
sha512sums=('f088157cc116987e56c0e02127497b1ec6241f3d761ec3b53211fa188f5f02c9408d6b903f2d275328ede88ebfd1393e00aad9f68cbe78fa9ab3711ba0f9c00c'
            'SKIP'
            'ae9598c2f7c7e04697ef542ef09b816eff0cdb32182a133769760d0669cdceb7ebf896f7c0523d6499394d2ac20d2d3ddec2189ead7ea3d98534c7b9fccdae25'
            '9f729a2d838cc48065ba3758b4c021e9ab57210a351724cc1a96819169d3f08efba13469483227f5bb482e5f4ea6a48f8cb682996716137e0c1fd0876b2b9a2d'
            'a288614318b35ac5ed50897d6064ee4c81f3f1628e171c6b5229261045d4b31aa977795584f7ed2753170ae8ce023ef7dafeb38fd12f07ab35ba78d020972b5b')
validpgpkeys=(
              '3ECDCBA5FB34D254961CC53F6689E64E3D3664BB' # AppArmor Development Team
              )

_core_perl_dir='/usr/bin/core_perl'
_vendorarch_perl_dir="$(perl -V:vendorarch | sed "s/^vendorarch='\(.*\)';$/\1/g")"
export MAKEFLAGS+=" POD2MAN=${_core_perl_dir}/pod2man"
export MAKEFLAGS+=" POD2HTML=${_core_perl_dir}/pod2html"
export MAKEFLAGS+=" PODCHECKER=${_core_perl_dir}/podchecker"
export MAKEFLAGS+=" PROVE=${_core_perl_dir}/prove"
export MAKEFLAGS+=" PYTHON=python3"

prepare() {
	cd "${srcdir}/${pkgbase}-${pkgver}/parser"
	# Skip compiling LaTex documents and hence avoid an additional dependency on texlive-latex
	sed -i -e 's/pdflatex/true/g' Makefile

	cd "${srcdir}/${pkgbase}-${pkgver}/utils"
	# Adapt logprof paths to Arch Linux defaults
	sed -e '/logfiles/ s/syslog /syslog.log /g' \
		-e '/logfiles/ s/messages/messages.log/g' \
		-e '/parser/ s# /sbin/# /usr/bin/#g' \
		-i logprof.conf
	# Skip building and installing vim related files within the utils package
	# becuase of false references to $srcdir and non-default file locations
	sed -i '/vim/d' Makefile

	cd "${srcdir}/${pkgbase}-${pkgver}/profiles/apparmor.d"
	# Adapt profile names to Arch linux defaults
	find . -name "*sbin*" -print0 | while read -r -d $'\0' i; do
		sed -i -e 's@sbin@bin@g' "${i}"
		mv "${i}" "${i/sbin/bin}"
	done
	for i in klogd ping syslog-ng syslogd; do
		sed -e "s@/bin/${i}@/usr/bin/${i}@g" \
			-e "s@bin\.${i}@usr\.bin\.${i}@g" \
			-i "bin.${i}"
		mv "bin.${i}" "usr.bin.${i}"
	done
}

build() {
	cd "${srcdir}/${pkgbase}-${pkgver}/libraries/libapparmor"
	unset PERL_MM_OPT
	NOCONFIGURE=1 ./autogen.sh
	./configure \
		--prefix=/usr \
		--sbindir=/usr/bin \
		--with-perl \
		--with-python
	make

	cd "${srcdir}/${pkgbase}-${pkgver}"

	make -C parser

	make -C utils

	make -C profiles

	make -C changehat/pam_apparmor

	make -C utils/vim -j1
}

package_apparmor() {
	pkgdesc='Linux application security framework - mandatory access control for programs (metapackage)'
	depends=('apparmor-parser' 'apparmor-libapparmor' 'apparmor-utils' 'apparmor-profiles' 'apparmor-pam' 'apparmor-vim')
	optdepends=('linux-libre-lts-apparmor: a LTS kernel with AppArmor enabled'
                'linux-libre-xtreme: a mainline kernel with AppArmor enabled'
                'apparmor-openrc: OpenRC init script')
	install='apparmor.install'
}

package_apparmor-parser() {
	pkgdesc='AppArmor parser - loads AA profiles to kernel module'
	depends=('apparmor-libapparmor')

	cd "${srcdir}/${pkgbase}-${pkgver}"
	make -C parser DESTDIR="${pkgdir}" install
	mv "${pkgdir}/lib" "${pkgdir}/usr/lib"
	mv "${pkgdir}/sbin" "${pkgdir}/usr/bin"
}

package_apparmor-libapparmor() {
	pkgdesc='AppArmor library'
	makedepends=('swig' 'perl' 'python')
	depends=('python')

	cd "${srcdir}/${pkgbase}-${pkgver}"
	make -C libraries/libapparmor DESTDIR="${pkgdir}" install
	install -D -m644 "libraries/libapparmor/swig/perl/LibAppArmor.pm" "${pkgdir}/${_vendorarch_perl_dir}"
}

package_apparmor-utils() {
	pkgdesc='AppArmor userspace utilities'
	depends=('perl' 'perl-locale-gettext' 'perl-term-readkey' 'perl-file-tail' 'perl-rpc-xml' 'python')

	cd "${srcdir}/${pkgbase}-${pkgver}"
	make -C utils DESTDIR="${pkgdir}" BINDIR="${pkgdir}/usr/bin" install
	install -D -m755 "${srcdir}/apparmor_load.sh" "${pkgdir}/usr/bin/apparmor_load.sh"
	install -D -m755 "${srcdir}/apparmor_unload.sh" "${pkgdir}/usr/bin/apparmor_unload.sh"
	install -D -m644 "${srcdir}/apparmor.service" "${pkgdir}/usr/lib/systemd/system/apparmor.service"
}

package_apparmor-profiles() {
	pkgdesc='AppArmor sample pre-made profiles'
	depends=('apparmor-parser')

	# Add default profiles to the backup array
	cd "${srcdir}/${pkgbase}-${pkgver}/profiles/apparmor.d"
	# Without the PKGBUILD check the following command would confuse `makepkg --printsrcinfo`
	[[ -f "./PKGBUILD" ]] || backup=($(find . -type f | sed 's@./@etc/apparmor.d/@'))

	cd "${srcdir}/${pkgbase}-${pkgver}"
	make -C profiles DESTDIR="${pkgdir}" install
	
	# Remove profiles for non-FSDG software
	# https://labs.parabola.nu/issues/1371
	rm -r ${pkgdir}/etc/apparmor.d/abstractions/ubuntu* \
          ${pkgdir}/etc/apparmor.d/abstractions/nvidia \
          ${pkgdir}/usr/share/apparmor/extra-profiles/usr.lib.firefox.mozilla-xremote-client \
          ${pkgdir}/usr/share/apparmor/extra-profiles/usr.bin.{opera,skype}
          
    # Adapt firefox profiles for iceweasel
    # Do this really works? Many files and dirs that I don't see . . .
    cd ${pkgdir}/usr/share/apparmor/extra-profiles/
    mv usr.lib.firefox.firefox usr.lib.iceweasel.iceweasel
    mv usr.lib.firefox.firefox.sh usr.lib.iceweasel.iceweasel.sh
	sed 's|firefox|iceweasel|g' -i usr.lib.iceweasel.iceweasel*
}

package_apparmor-pam() {
	pkgdesc='AppArmor PAM library'
	depends=('apparmor-libapparmor' 'pam')

	cd "${srcdir}/${pkgbase}-${pkgver}"
	make -C changehat/pam_apparmor DESTDIR="${pkgdir}/usr" install
	install -D -m644 changehat/pam_apparmor/README "${pkgdir}/usr/share/doc/apparmor/README.pam_apparmor"
}

package_apparmor-vim() {
	pkgdesc='AppArmor VIM support'
	depends=('vim')

	cd "${srcdir}/${pkgbase}-${pkgver}/utils/vim"
	install -D -m644 apparmor.vim "${pkgdir}/usr/share/vim/vimfiles/syntax/apparmor.vim"
}