summaryrefslogtreecommitdiff
path: root/sec-policy/selinux-base-policy
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2021-12-05 02:47:11 +0000
committerV3n3RiX <venerix@koprulu.sector>2021-12-05 02:47:11 +0000
commit2771f79232c273bc2a57d23bf335dd81ccf6af28 (patch)
treec8af0fd04194aed03cf067d44e53c7edd3e9ab84 /sec-policy/selinux-base-policy
parente9d044d4b9b71200a96adfa280848858c0f468c9 (diff)
gentoo resync : 05.12.2021
Diffstat (limited to 'sec-policy/selinux-base-policy')
-rw-r--r--sec-policy/selinux-base-policy/Manifest7
-rw-r--r--sec-policy/selinux-base-policy/selinux-base-policy-2.20200818-r2.ebuild2
-rw-r--r--sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild2
-rw-r--r--sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild129
4 files changed, 136 insertions, 4 deletions
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest
index 19f1cc09e7b3..b73f5942202d 100644
--- a/sec-policy/selinux-base-policy/Manifest
+++ b/sec-policy/selinux-base-policy/Manifest
@@ -1,8 +1,11 @@
DIST patchbundle-selinux-base-policy-2.20200818-r2.tar.bz2 433623 BLAKE2B f0655c45c50347faf1217e5861298dce822e4b726c0b4489d4c70c4815842f7c17ac1b0a302ae5482a3ad25d1d5b6c4c3b6395194e79005f31560d103ad0fce6 SHA512 9fd22683ecd602a429b2d489f7b8c2936409fa060046255b72a4b95c9fdefa2455ba7655945278dc972c22f3ade6617898ed169e22001aaaaded4b47ca51b0c3
DIST patchbundle-selinux-base-policy-2.20210203-r1.tar.bz2 298116 BLAKE2B 50c5523a8b758652af6aa59d548e9499b899898b58f52f74f1667a0c552f2b2d0ed5a44352e59245c7f0ebd199e2391400168d6ab27b4160d726fccded0c56f2 SHA512 ddb877ec3e2883f57e54e7380dd449d4d89a0769a1fb87141786e5de741ac21b2ead60362fd17c25888eb1334c68f71da561f4f29f406f0d4b5d13d378f6baff
+DIST patchbundle-selinux-base-policy-2.20210908-r1.tar.bz2 295091 BLAKE2B 649d9a1d9190aac4a42d460b0609175bb7e1a32624d7504ebfa294741ed5fc2eec286471af1b9128f4cdb9845240b37353a8e641e111b9e53250607c34257baf SHA512 5c9cbd97ece391a2ba0f3586bf19811a2425b9c94c9beafa781dd7b175d7572a46e31a46e8f8671a4b7e122186574f5098a247fee62e1be8afc89233d71effb9
DIST refpolicy-2.20200818.tar.bz2 570896 BLAKE2B 502c00fec39e1b81e42de3f7f942623f8b3fbdeac19f9f01126722a368b7d4f70427d6e4a574754c4f2fa551e4bc75c912dbc515c004f0dcd5eb28ab416498f6 SHA512 e4b527bb7a87b9359fc42eb111d5008103f57c37128998ea0e21ec7b0b8607ffe3f67697450e4c51a0db172ece69083335b279bacef4b1bd0b7748b58caa99a7
DIST refpolicy-2.20210203.tar.bz2 564099 BLAKE2B a94a11ebb78890ba2c98714be2fe9054fdb8ccaf5154f47b881a9575a4a6865e8df475805550d7bba8039b4230c6a0c9f5c6130bf8c35a26bc7c473d550fb40d SHA512 a6ffe718626dd6121023b4cbc424c933d44ca8b662bd708baad307cf6284be0d80fef40cdc8b37f6f17ecb3636fd8d6c1d5d4072c17d835b7f500e17a3acd9fc
-EBUILD selinux-base-policy-2.20200818-r2.ebuild 3855 BLAKE2B 522f1c59c4aa2033114fe2ec692f4916e7df8050fc9baa81b4add60b714322e87436af889f1aae8492c701962f9aea8d1dabb02e24a04fb878731ab23342905d SHA512 a5ecd6d31336d0ea91d8599fc46b69026781279b3dd152ce97650a38e33a511d280c46e54e0c17e4defb043f3d30336ceb2566679f49b9f42a0910c108a0d6df
-EBUILD selinux-base-policy-2.20210203-r1.ebuild 3847 BLAKE2B 9a0404a3c1c92f7d6e0670225aba08af8a16ddde87571767284aa693f46b11e765b2d78212183bc22b401fd852b576a1051ab47a7f8857f05515c2a23fe6f3bd SHA512 f014bab3ab35071e5ead5d7e72cc1b998605a974c5b6d34a1a032f0cfe6a45cf8f54d57dcc5c8e929fcdb2908c15d24ac7ae3575d293d9b9a4b7a9038ca6d237
+DIST refpolicy-2.20210908.tar.bz2 556375 BLAKE2B 12791eeed54204ef075b2d95a738c7d5007d48630d2a60d7e698bcb909dda0abcc15233811a91f4646415ab3daabe2cac46fbfbd04e61f71782e729c0209f99d SHA512 7b84330ca5dd631629302f342a11bf6211cf0711ff3f3273d63ddb072e84c8fe8bef48d511b264affc82090ee51036a09421f81878e10b0c047f572d7720de96
+EBUILD selinux-base-policy-2.20200818-r2.ebuild 3853 BLAKE2B 5acdb6aaa1a3293db13ea46e2f0ec1febe7322725d11718eec594afa46171f0f9454ac43acf29b3cf22da8ff8fb9ca3c87809b5f2a8b72c10d7aebb2978b7498 SHA512 0a3df8a89da609cdd9b888253f2ce9aa5e85487ff13f001930eb7783c67f0eeedf4ae1d675a5de993075368c4451bece8a55053406ae79600dd14f07822cd4d4
+EBUILD selinux-base-policy-2.20210203-r1.ebuild 3845 BLAKE2B 6254da130f2cfcf07f54248aa489c34157a3f05e84c289a98c837142fc3c7c8a4fb6b2be80d1f5986ba2dc9b81d80cc1e5441dc0c7560a62d9372c2f7d5fcd2b SHA512 94c796a46da2f1176e8e148f45ac6faff9626e1546272c695372cf66e51b7bf13bd1e21d7a5e7230d0618b62ec93f172749a210e6bfd30479875d2ea6e24b940
+EBUILD selinux-base-policy-2.20210908-r1.ebuild 3849 BLAKE2B e917b949eb751542bb4320df1ccfdfba179e264e4616afbb2d029be7593b30554f19d4df324904104b80387fc5cf7d7e1efacbe6ce74fbba8c3d73b5dbbdb25b SHA512 bba3d230f4215edd35102136f27c10417d117153147582deb70e5006bbcdb6726666986da3255fe2af6fba87857ac8132179c2b259be9d1c82d00096e657d411
EBUILD selinux-base-policy-9999.ebuild 3849 BLAKE2B e917b949eb751542bb4320df1ccfdfba179e264e4616afbb2d029be7593b30554f19d4df324904104b80387fc5cf7d7e1efacbe6ce74fbba8c3d73b5dbbdb25b SHA512 bba3d230f4215edd35102136f27c10417d117153147582deb70e5006bbcdb6726666986da3255fe2af6fba87857ac8132179c2b259be9d1c82d00096e657d411
MISC metadata.xml 535 BLAKE2B db3aa01f5f57a5d30b7a39721a569bd2efe77a87701fb4e5d4e64ead0d13b4055dc5224bb7c95bf261e623163a59c18da5500d8da77b3de07801dcb13a9d4077 SHA512 592e02632b459156a686aa752bdcd04c00b6de8029831e39c2bf7c2e9a5e7886d8ebf0a5d16cbe1f6878428ce4e266dc676bf80657d018d204304d1113af7fcf
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20200818-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20200818-r2.ebuild
index f1eece9e56fe..8f43b477ccee 100644
--- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20200818-r2.ebuild
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20200818-r2.ebuild
@@ -12,7 +12,7 @@ if [[ ${PV} == 9999* ]]; then
else
SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2
https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
- KEYWORDS="amd64 ~arm ~arm64 ~mips x86"
+ KEYWORDS="amd64 arm arm64 ~mips x86"
fi
HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux"
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild
index 471440a59b8a..56db7e92b5d0 100644
--- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild
@@ -12,7 +12,7 @@ if [[ ${PV} == 9999* ]]; then
else
SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2
https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
- KEYWORDS="amd64 ~arm ~arm64 ~mips x86"
+ KEYWORDS="amd64 arm arm64 ~mips x86"
fi
HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux"
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild
new file mode 100644
index 000000000000..76791df9dcb2
--- /dev/null
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild
@@ -0,0 +1,129 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+if [[ ${PV} == 9999* ]]; then
+ EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}"
+ EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}"
+ EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy"
+
+ inherit git-r3
+else
+ SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2
+ https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
+ KEYWORDS="~amd64 ~arm ~arm64 ~mips ~x86"
+fi
+
+HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux"
+DESCRIPTION="SELinux policy for core modules"
+
+IUSE="systemd +unconfined"
+
+PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
+DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]"
+RDEPEND="${DEPEND}"
+BDEPEND="
+ sys-apps/checkpolicy
+ sys-devel/m4"
+
+MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg"
+LICENSE="GPL-2"
+SLOT="0"
+S="${WORKDIR}/"
+
+# Code entirely copied from selinux-eclass (cannot inherit due to dependency on
+# itself), when reworked reinclude it. Only postinstall (where -b base.pp is
+# added) needs to remain then.
+
+pkg_pretend() {
+ for i in ${POLICY_TYPES}; do
+ if [[ "${i}" == "targeted" ]] && ! use unconfined; then
+ die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory."
+ fi
+ done
+}
+
+src_prepare() {
+ local modfiles
+
+ if [[ ${PV} != 9999* ]]; then
+ einfo "Applying SELinux policy updates ... "
+ eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch"
+ fi
+
+ eapply_user
+
+ # Collect only those files needed for this particular module
+ for i in ${MODS}; do
+ modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
+ modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
+ done
+
+ for i in ${POLICY_TYPES}; do
+ mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
+ cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
+ || die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
+
+ cp ${modfiles} "${S}"/${i} \
+ || die "Failed to copy the module files to ${S}/${i}"
+ done
+}
+
+src_compile() {
+ for i in ${POLICY_TYPES}; do
+ emake NAME=$i SHAREDIR="${ROOT}"/usr/share/selinux -C "${S}"/${i}
+ done
+}
+
+src_install() {
+ local BASEDIR="/usr/share/selinux"
+
+ for i in ${POLICY_TYPES}; do
+ for j in ${MODS}; do
+ einfo "Installing ${i} ${j} policy package"
+ insinto ${BASEDIR}/${i}
+ doins "${S}"/${i}/${j}.pp
+ done
+ done
+}
+
+pkg_postinst() {
+ # Set root path and don't load policy into the kernel when cross compiling
+ local root_opts=""
+ if [[ "${ROOT}" != "" ]]; then
+ root_opts="-p ${ROOT} -n"
+ fi
+
+ # Override the command from the eclass, we need to load in base as well here
+ local COMMAND="-i base.pp"
+ if has_version "<sys-apps/policycoreutils-2.5"; then
+ COMMAND="-b base.pp"
+ fi
+
+ for i in ${MODS}; do
+ COMMAND="${COMMAND} -i ${i}.pp"
+ done
+
+ for i in ${POLICY_TYPES}; do
+ einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
+
+ cd "${ROOT}/usr/share/selinux/${i}"
+
+ semodule ${root_opts} -s ${i} ${COMMAND}
+ done
+
+ # Don't relabel when cross compiling
+ if [[ "${ROOT}" == "" ]]; then
+ # Relabel depending packages
+ local PKGSET="";
+ if [[ -x /usr/bin/qdepends ]] ; then
+ PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ elif [[ -x /usr/bin/equery ]] ; then
+ PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ fi
+ if [[ -n "${PKGSET}" ]] ; then
+ rlpkg ${PKGSET};
+ fi
+ fi
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-12 04:40:17 +0000