diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2018-06-09 09:27:03 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2018-06-09 09:27:03 +0100 |
| commit | cb3e8c6af7661fbcafdcacc7e0ecdfb610d098fa (patch) | |
| tree | 047fc92023c520d07f13ec5ac96e094d1b312a7a /sec-policy/selinux-base-policy | |
| parent | 7b9f15840068dfaeea5684f8a1af1fe460dfa14c (diff) | |
gentoo resync : 09.06.2018
Diffstat (limited to 'sec-policy/selinux-base-policy')
| -rw-r--r-- | sec-policy/selinux-base-policy/Manifest | 17 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild | 122 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r2.ebuild | 122 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r3.ebuild | 122 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r4.ebuild | 122 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild | 34 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r3.ebuild (renamed from sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r4.ebuild) | 34 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild | 34 |
8 files changed, 70 insertions, 537 deletions
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index 2e7e48b8c9fe..342bf4d1d37f 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -1,23 +1,14 @@ -DIST patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 327838 BLAKE2B 8b8f6241636c0aaa472df3b4ad035d3f6ed8bafa25f9d5b2106f41e6e9e589cd3105f91fbcb9a5972998b6deda3eaf034755bcb13b57cd51957b473a60dfcbfe SHA512 727dd11bc5a777388199fb1da67add940a6051cca874456cdc4bb65f567216481e70b92fcf37ac59cc48d907fbe87b67e97c3813c4c97d5f31b7c66b7246f166 -DIST patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 354083 BLAKE2B 9296ea072f27774e7e6b055be9c24ba5717a1502cb2b20f57768231d2fdc267cc2e340ff9e301e072a199e80434f5f5caeed6151ea424b52380665a9927c23d6 SHA512 ac907590cefdc69638fce25de481d3dce625f0f1511e0fa3d0bcc78b2a18c57c0bea392c225d314645b1aec5abbcedf67bfc50b66be8580447bbcac7223ea66d -DIST patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 342266 BLAKE2B 4b4fb4d495f9507152ef05815273bc3d09927f9cdb3e63aa6050a620a061c133519b503dc6dbdb658c04a81a0917a7a4872668ee3fef8c2a049e0006e1c103de SHA512 df46b785a17c633d6fcd063b48258a362a0df13fcb71fb699b6c19281f4d647db43639e08e083157fcd49405c5c38c8408534decff99536d28ada64e9192d130 -DIST patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 373731 BLAKE2B cb291e14e181c68d95c77dc07185ba6d186d4a7f2bf163cbe32670d54cdf29e32ecfac49d449d8631df7df67992499e2bec6b39f6096f4d9e9394a87f2b24654 SHA512 93a0644440064d85db32c56a381478f8ef94824a04531e6fbad26dd79be02dacd939b804759db35d0627908ff653f8107e18c48858df458c80ae785d80374667 DIST patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 314854 BLAKE2B 483d04f364195eb8627153647118eb23812a610db63a40d50819b42c19fc20ffd0a36cd5c1959a764eab2109bd2e5317f74fd3a5cc1c7ddd17d8c85be05579a5 SHA512 1358db158945b82e0e41907e3919a6888564b4f15ad765f0fe2dc7bf284485c18d11c5502d598268e33b2163a6fa0be2a4029a8e9f774abfd4377031ee9afd32 DIST patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 324834 BLAKE2B ecc3b0425987aa648b3dd52977a6e1fd987e605fe302c3b6d8742d3eac9a1c89697de1f97331e9863b132bb95814ae7577e161a024cdda297fb84458aa9417fd SHA512 62ec2e70397d06d464e95305a4c0699cc07063d879d986a74442955fb8076a00cbe4a4f7a3cda46876cbf2ad38189be06f0c05ce9698aadafa6e9f02a8daf668 -DIST patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 689641 BLAKE2B 1accfbecd4825a6cdb8c3c189c9e23898d1dbe8415d2fe26a842782dec634958f01861916a3c040740359562984718b61cee7af7d9395b125590931110e67eff SHA512 2067b090cd054e47d6496c9513d69a7a37a72de8dc873159a8055e27fe2380dc73006354d790c455ae893645f956c6be6d6ad2d30be7428ff8a442604a0c5400 DIST patchbundle-selinux-base-policy-2.20180114-r1.tar.bz2 285245 BLAKE2B 32ff8fa3330aa1e17d6a2fc3c267e9c66d5f540fe4b7d1da8961cdc8e3c4a86e157db66e144c9cef13d52b85aa8a242e89ccf6e9c3ef455a7133bc448586d70f SHA512 5d5ce77b42e183d0b0241567bbe718622ab388cf9538193730c999da832f3ea7e4e9306f2b96cfbcfad01e6fcc834cf1d43b7b388a5a50242dd7f5ef3e252b42 DIST patchbundle-selinux-base-policy-2.20180114-r2.tar.bz2 293604 BLAKE2B 4b301021a646431fe3a4431815ef66231e3436c7c5a4b02c4d52492a603ab58b54bfdbd589161779c4331f26f56ef6eac4c6f7d8dbc489410e41f7e3cedecff7 SHA512 bfb8e0fc852bc91c38ecdfb51823f5fa89f7e9021eae108648fa8b574cf8303d28cb74b0a6b6c0745576113e419e1f232131c3166a6da9b431aebd3de642f75d -DIST refpolicy-2.20170204.tar.bz2 709965 BLAKE2B 7fb10d6054d74204f8c7d6d8ee88603f37b6600ed4a03e937a3a233ea7a80feef6ab90ba01af8d444fa79b266456260b14af3be0ad6a311baff6e3408af7d1ba SHA512 30deabb02a5bde51c463e3e89988d850cff51596c2e72733a064245dec152ea46317eea79550dbe82a7a0d327ec0bcfbd9474ff8a902507392df0da00df6397f +DIST patchbundle-selinux-base-policy-2.20180114-r3.tar.bz2 302345 BLAKE2B b175c5564b44aa4256018e25fbe8ec1bf16bdb0b6a01486bd7afbc5c6332b555838838759fea4859f767211097748bb5e62139264b2f4b792b2dec854d3b7031 SHA512 1586857f6403527470a19e534217805e19460695a854c3630fda80b26cd8e1e5d6f1a327c6d56b3ffa7260858d0c1ae393ea427e9ac0239163e914edc97f1c07 DIST refpolicy-2.20170805.tar.bz2 740430 BLAKE2B 0597f51fceb5ca88b3506aa16cbd2d7f3df3a1d9c6afdf4cc5fc7eca25fa19c5810889f90ed1ee0abef401d41384558abb69f6638caf50341f71d075fa99e561 SHA512 dbb6809b028ae75296ad26d5997cc21d835c49555a0e37957cb39b36b144af6e817320073a29247448eba1876ab9e29d3956ff4456f1542b66ba38af459ec586 DIST refpolicy-2.20180114.tar.bz2 743725 BLAKE2B f64fc08dd68033a1762e147a0f205d8d1b71853017cefe4252ca4ca67029d457f28d81a82ae4e78c01e6c2131e9329d0e5634afee12fb4b291685e7563d59107 SHA512 9acb15d1d84670b25d1fc310e048348f707aa22ea184828e677946817aeb6ee2c590233195ead13aa91c7096544d6d29dfb6e98297120ef9464fc6107ffc9ce7 -EBUILD selinux-base-policy-2.20170204-r1.ebuild 3658 BLAKE2B 8f5f709e54ed60c5742094d672098c08f6be2a299c476e6f419c43d9677998bfc93d4d451362512912459191ba0d6812696c93dda272e718daeb5a78d2d61e94 SHA512 34009aaa106e759b806ad1b747ca61630c2d5bc5a5ca4ae52c625abc369361f1976a2072fb5ab8d0aba5f362a46e9daae0811a35a480398ae8591af931d8d920 -EBUILD selinux-base-policy-2.20170204-r2.ebuild 3656 BLAKE2B 9236f03e371586e62b2dcb2dc798c919307d5a192b8fcef2e370abb4bb92cb5cfb3fec932aa6c454a10ff0efc9e592c45100afe6eb52e7c5d3faddeb6c28106e SHA512 9cfe12f027876bfc6830061db11098a706495d8bda4661af5b13bb1d9c1a62064e70c875d0817df81b393948e61b060ff0dfb02efee4435c8656882d07566204 -EBUILD selinux-base-policy-2.20170204-r3.ebuild 3656 BLAKE2B 9236f03e371586e62b2dcb2dc798c919307d5a192b8fcef2e370abb4bb92cb5cfb3fec932aa6c454a10ff0efc9e592c45100afe6eb52e7c5d3faddeb6c28106e SHA512 9cfe12f027876bfc6830061db11098a706495d8bda4661af5b13bb1d9c1a62064e70c875d0817df81b393948e61b060ff0dfb02efee4435c8656882d07566204 -EBUILD selinux-base-policy-2.20170204-r4.ebuild 3656 BLAKE2B 9236f03e371586e62b2dcb2dc798c919307d5a192b8fcef2e370abb4bb92cb5cfb3fec932aa6c454a10ff0efc9e592c45100afe6eb52e7c5d3faddeb6c28106e SHA512 9cfe12f027876bfc6830061db11098a706495d8bda4661af5b13bb1d9c1a62064e70c875d0817df81b393948e61b060ff0dfb02efee4435c8656882d07566204 EBUILD selinux-base-policy-2.20170805-r2.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282 EBUILD selinux-base-policy-2.20170805-r3.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282 -EBUILD selinux-base-policy-2.20170805-r4.ebuild 3605 BLAKE2B 4f27262143270f66d1dc3752647adc4c6b8285d1147e3cd6247f6783f10a7c0fa3d11a4cd5b085218fc18d46d73c832cf340787d9d30af2dec09e7e8fba34559 SHA512 bb23adb0d62440dabb05d44566eef538d4fc0c905eb2c5c9f7b1ce85ea6ee2ed5770e0cb986b9ce71930538570c478621fb5ec740e55f3a00c63e82fa1e2d1f7 EBUILD selinux-base-policy-2.20180114-r1.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282 -EBUILD selinux-base-policy-2.20180114-r2.ebuild 3605 BLAKE2B 4f27262143270f66d1dc3752647adc4c6b8285d1147e3cd6247f6783f10a7c0fa3d11a4cd5b085218fc18d46d73c832cf340787d9d30af2dec09e7e8fba34559 SHA512 bb23adb0d62440dabb05d44566eef538d4fc0c905eb2c5c9f7b1ce85ea6ee2ed5770e0cb986b9ce71930538570c478621fb5ec740e55f3a00c63e82fa1e2d1f7 -EBUILD selinux-base-policy-9999.ebuild 3605 BLAKE2B 4f27262143270f66d1dc3752647adc4c6b8285d1147e3cd6247f6783f10a7c0fa3d11a4cd5b085218fc18d46d73c832cf340787d9d30af2dec09e7e8fba34559 SHA512 bb23adb0d62440dabb05d44566eef538d4fc0c905eb2c5c9f7b1ce85ea6ee2ed5770e0cb986b9ce71930538570c478621fb5ec740e55f3a00c63e82fa1e2d1f7 +EBUILD selinux-base-policy-2.20180114-r2.ebuild 3937 BLAKE2B 9d2f4297edd38a837f6299f0fc1a1424e391ac5fa7f1c77f187e049545a0e4cdc3bffbdeb7b86f6bde30af093b813f4a8bd3ce85b8a25a4ab514bc8a5464e010 SHA512 6a7a3ac43cfc10aedd4cce05190c34877075da8ec699adb0ebfe15e94bcc5e026b7f0876cb7fb7f18f657a511f9906db1c8e6323d019f25679bfe778767a7591 +EBUILD selinux-base-policy-2.20180114-r3.ebuild 3937 BLAKE2B 9d2f4297edd38a837f6299f0fc1a1424e391ac5fa7f1c77f187e049545a0e4cdc3bffbdeb7b86f6bde30af093b813f4a8bd3ce85b8a25a4ab514bc8a5464e010 SHA512 6a7a3ac43cfc10aedd4cce05190c34877075da8ec699adb0ebfe15e94bcc5e026b7f0876cb7fb7f18f657a511f9906db1c8e6323d019f25679bfe778767a7591 +EBUILD selinux-base-policy-9999.ebuild 3937 BLAKE2B 9d2f4297edd38a837f6299f0fc1a1424e391ac5fa7f1c77f187e049545a0e4cdc3bffbdeb7b86f6bde30af093b813f4a8bd3ce85b8a25a4ab514bc8a5464e010 SHA512 6a7a3ac43cfc10aedd4cce05190c34877075da8ec699adb0ebfe15e94bcc5e026b7f0876cb7fb7f18f657a511f9906db1c8e6323d019f25679bfe778767a7591 MISC metadata.xml 534 BLAKE2B 1bb289204431150ae974c9fd677926faf72e75def3294b9df405a048e398ac3b6147de8483512487edaeea378e1dbd32df0675acb7fa50326c48382603c5dbfe SHA512 d8340bec9d0ec0feb396b17b53a6d53e3caa7ddd1efdc5e5de07baf86592ad0526d08fc08908295cf18a915eef1c7429c72970d56967162b2390eed6f28c822a diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild deleted file mode 100644 index 0c6f6a24107c..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" - done - done -} - -pkg_postinst() { - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd /usr/share/selinux/${i} - - semodule -s ${i} ${COMMAND} - done - - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r2.ebuild deleted file mode 100644 index b92e2c6358cd..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r2.ebuild +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" - done - done -} - -pkg_postinst() { - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd /usr/share/selinux/${i} - - semodule -s ${i} ${COMMAND} - done - - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r3.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r3.ebuild deleted file mode 100644 index b92e2c6358cd..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r3.ebuild +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" - done - done -} - -pkg_postinst() { - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd /usr/share/selinux/${i} - - semodule -s ${i} ${COMMAND} - done - - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r4.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r4.ebuild deleted file mode 100644 index b92e2c6358cd..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r4.ebuild +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" - done - done -} - -pkg_postinst() { - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd /usr/share/selinux/${i} - - semodule -s ${i} ${COMMAND} - done - - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild index ffcbe80f607c..b2976ccee54b 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild @@ -22,6 +22,7 @@ IUSE="systemd +unconfined" PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" +RDEPEND="$DEPEND" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" LICENSE="GPL-2" @@ -74,7 +75,7 @@ src_prepare() { src_compile() { for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" + emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed" done } @@ -91,6 +92,12 @@ src_install() { } pkg_postinst() { + # Set root path and don't load policy into the kernel when cross compiling + local root_opts="" + if [[ "${ROOT%/}" != "" ]]; then + root_opts="-p ${ROOT%/} -n" + fi + # Override the command from the eclass, we need to load in base as well here local COMMAND="-i base.pp" if has_version "<sys-apps/policycoreutils-2.5"; then @@ -104,19 +111,22 @@ pkg_postinst() { for i in ${POLICY_TYPES}; do einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - cd /usr/share/selinux/${i} + cd "${ROOT%/}/usr/share/selinux/${i}" - semodule -s ${i} ${COMMAND} + semodule ${root_opts} -s ${i} ${COMMAND} done - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; + # Don't relabel when cross compiling + if [[ "${ROOT%/}" == "" ]]; then + # Relabel depending packages + local PKGSET=""; + if [[ -x /usr/bin/qdepends ]] ; then + PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + elif [[ -x /usr/bin/equery ]] ; then + PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + fi + if [[ -n "${PKGSET}" ]] ; then + rlpkg ${PKGSET}; + fi fi } diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r4.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r3.ebuild index ffcbe80f607c..b2976ccee54b 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r4.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r3.ebuild @@ -22,6 +22,7 @@ IUSE="systemd +unconfined" PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" +RDEPEND="$DEPEND" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" LICENSE="GPL-2" @@ -74,7 +75,7 @@ src_prepare() { src_compile() { for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" + emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed" done } @@ -91,6 +92,12 @@ src_install() { } pkg_postinst() { + # Set root path and don't load policy into the kernel when cross compiling + local root_opts="" + if [[ "${ROOT%/}" != "" ]]; then + root_opts="-p ${ROOT%/} -n" + fi + # Override the command from the eclass, we need to load in base as well here local COMMAND="-i base.pp" if has_version "<sys-apps/policycoreutils-2.5"; then @@ -104,19 +111,22 @@ pkg_postinst() { for i in ${POLICY_TYPES}; do einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - cd /usr/share/selinux/${i} + cd "${ROOT%/}/usr/share/selinux/${i}" - semodule -s ${i} ${COMMAND} + semodule ${root_opts} -s ${i} ${COMMAND} done - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; + # Don't relabel when cross compiling + if [[ "${ROOT%/}" == "" ]]; then + # Relabel depending packages + local PKGSET=""; + if [[ -x /usr/bin/qdepends ]] ; then + PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + elif [[ -x /usr/bin/equery ]] ; then + PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + fi + if [[ -n "${PKGSET}" ]] ; then + rlpkg ${PKGSET}; + fi fi } diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild index ffcbe80f607c..b2976ccee54b 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild @@ -22,6 +22,7 @@ IUSE="systemd +unconfined" PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" +RDEPEND="$DEPEND" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" LICENSE="GPL-2" @@ -74,7 +75,7 @@ src_prepare() { src_compile() { for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" + emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed" done } @@ -91,6 +92,12 @@ src_install() { } pkg_postinst() { + # Set root path and don't load policy into the kernel when cross compiling + local root_opts="" + if [[ "${ROOT%/}" != "" ]]; then + root_opts="-p ${ROOT%/} -n" + fi + # Override the command from the eclass, we need to load in base as well here local COMMAND="-i base.pp" if has_version "<sys-apps/policycoreutils-2.5"; then @@ -104,19 +111,22 @@ pkg_postinst() { for i in ${POLICY_TYPES}; do einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - cd /usr/share/selinux/${i} + cd "${ROOT%/}/usr/share/selinux/${i}" - semodule -s ${i} ${COMMAND} + semodule ${root_opts} -s ${i} ${COMMAND} done - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; + # Don't relabel when cross compiling + if [[ "${ROOT%/}" == "" ]]; then + # Relabel depending packages + local PKGSET=""; + if [[ -x /usr/bin/qdepends ]] ; then + PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + elif [[ -x /usr/bin/equery ]] ; then + PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + fi + if [[ -n "${PKGSET}" ]] ; then + rlpkg ${PKGSET}; + fi fi } |