reinit the tree, so we can have metadata

author: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
commit: 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree: ba5f07bf3f9d22d82e54a462313f5d244036c768 /sys-libs/libselinux
11 files changed, 886 insertions, 0 deletions
diff --git a/sys-libs/libselinux/Manifest b/sys-libs/libselinux/Manifest
new file mode 100644
index 000000000000..22b7550c14e8
--- /dev/null
+++ b/sys-libs/libselinux/Manifest
@@ -0,0 +1,14 @@
+AUX 0005-use-ruby-include-with-rubylibver.patch 634 SHA256 ca87111f9eb48b45b7271f4863ad4fbae99b64fd28a457cb15920250b0ded834 SHA512 6755c06e39a924dacc8cd21e8b56138938b55a54e76baddd2243bb4ec2cb99a92ca9d825f2f789ea84e87b1d795334a6b936e627d45b097ff724f00eb566c118 WHIRLPOOL 76a35b23454c941c32efdb2ed87a3fa3b044929d24acdcec53ab36f7d300bc94d6d8165a7b55483cc26ad21b4415aa47cb1540c07c498d3eeef2717f60a8ec3c
+AUX 0007-build-related-fixes-bug-500674-for-2.5.patch 2918 SHA256 15b6e58c721fa81ed4332a534e3e048e4daeacddbb847ce93c7c921b1131da30 SHA512 e8a30a382be1ebe04af2a161a7ea523af0218220302f339dec2a518075d8b06db966a3d30a28fb45183023709b003b90e366a6626b530c66e1e7cc0baff9a853 WHIRLPOOL 4ef3cf46569ecfcfdeee1c47b684ebb708f6c33d6c0db6204c5cd2505c54d0fc586b67bd2db8b57da3ae3765905b40401261dc46172a10e454ba74bbc5b086a5
+AUX libselinux-2.5-0001-only-mount-proc-if-necessary.patch 1612 SHA256 0f9bec3bfd575cf4b805bc9b6773f68fc23c6f9bab55321ae63990ae3d722c15 SHA512 dbe76ba56bd3bd223b0733dd0645c5869bd3beda8ee502862c0c156d7b8532e94894edd488b64071f5e9dde070bd078ec9f529445a2377d092da65a941e5b5dd WHIRLPOOL 6e64be7cbae5bf3c67a633181b4bde4b5533fc40ce64db809ef542e60359b4a4b5bdb7fb03299ce877fcb21a08e7cd57ff9a8952e24a533953deea5616b5ba82
+AUX libselinux-2.5-0002-Avoid-mounting-proc-outside-of-selinux_init_load_pol.patch 3418 SHA256 f575d32566a4ed03701c2d4f57029da0a5d182d87842f276145e31b0e2f5eea5 SHA512 05dd4f39fb1b849551e944847a02d32f0cccf9f1fa07b12ed3648dfb2351241036eb3afe791c83b753c53234c16d9b124f490fb40ff122d97800e7fbf57174ac WHIRLPOOL 9b0176237815d741550eb937b0bf9ad22c964d578ca6f414c1a92149c38f44323d3d941e5580a415e22cd110b294a386dbf9dc63d94a56412cec790e15a0813f
+AUX libselinux-2.5-0003-Change-the-location-of-_selinux.so.patch 1810 SHA256 61a833d92d233546bab338ccefa449e6f4b1cb70ac78c11d1ce94e6286bde9d1 SHA512 93b56eb3864dfee200d90f2e54ada3998219076b1408b028890fb4111264781374dfef47db774fcad12aa7e98c9737b566eccd436302ece0bd54f94055578dba WHIRLPOOL 289a6ba5f5e84ec686a3b93876cc989cde55a2aaca2ab6e5429bfec9a546a09c09f98dc66301933471ca5c540ed71becb770eaed3c793acf865a37b996087264
+AUX libselinux-2.6-0007-build-related-fixes-bug-500674.patch 3565 SHA256 2d7aef43e8fadb9becbc2ba7e0a478314540a50be6dbd205d0c56fcb2db13a7d SHA512 d377c6be001edb874e443d1a3992633bffef8b243ba73757e83b348d9db988be1af1239820471f4d319ea76a308148b5b06c23178910bfd032892ea861a47cd4 WHIRLPOOL fec6f0f05c5c7b62a37784ad7de78d03329b321e95ad351e9fcca4e17b522d744d17f67b78325893efa537988d68b020baf6c490303f556841bceb6fe7db3c54
+DIST libselinux-2.6.tar.gz 203119 SHA256 4ea2dde50665c202253ba5caac7738370ea0337c47b251ba981c60d24e1a118a SHA512 906e1bf98c669862ab4f4e883d511db8d739a5763dc857c9405ad3cc6c70766a482853d07134698a1a98257a8632cc756d0549a7640c2915d051714f502ff14b WHIRLPOOL bf60ce907b7057ada5d19e3a0cd1f092a7dfc2de774e504762424c325c657a4f144fbe252e7d908f7c6d902d80388517e15134a289f4358e564c8720ea6534d9
+DIST libselinux-2.7.tar.gz 187574 SHA256 d0fec0769b3ad60aa7baf9b9a4b7a056827769dc2dadda0dc0eb59b3d1c18c57 SHA512 415d10306692d4323455b61fb61d7e56e53b9144276ff206d72760e1df9b04ab07c62a4d6f04bf4e5fa708f9f14b21a9801069b16ece0a0aade886950941ab8d WHIRLPOOL dd9175c91fa8f6f87add7b0ad1b90706b1fb203ade866b42d886faeb3710e1138fc08a2d7d371fbc8c9480148f8fdec6f0a6dd3f7142f194da580365cd527351
+EBUILD libselinux-2.6.ebuild 4243 SHA256 f6ce0f1dcd1f12848ed3a91b7233ed3ba3b1f63378a7ff59fd2251b629da19a1 SHA512 696a399320ae12e0b1db84558e8470f166b261ad9b16ca28ddcc140957ded2a8ccaffe52bac3f6134e45841ee4bfffd6e8114bc50b57197b05f6644f7d713367 WHIRLPOOL a1c1b6c09913dde2fb9940954dddc5431472349bf7ddac38a382592ed13f295a35c1dfab8131b1df534a98c08588dd61fad2e984d3ac27ae429b99aa5d6b4478
+EBUILD libselinux-2.7.ebuild 4111 SHA256 94458649c550e69167a28f8f695c9990d8b12f8358cce6bfdee875e2caf9c5a4 SHA512 ba62e1a04a4c14441b55f4866cbf62a15175585ebf3c82be27940bcf75eee62f23ae9c2224a06d1d2845b27ca321061207d4d9c4ba73b85f996469b30d25183e WHIRLPOOL 4c4bdd1ae34fcb213b8e0ba5b820d7886449fea1bcb4f6e1bad25bcc36d5cf63149c9de3493dde53981abdb891d7396ef45c85c2c0096eb8628fc805c5c2dfa0
+EBUILD libselinux-9999.ebuild 4113 SHA256 7d082e7734d04cc969a7eda5fa1b3c91b4a7264e56252c732411a715ee4165c5 SHA512 d74dc1b851c8abbadf86d0bd77a798cf1e5a7e2b26fbb4453371c77f2179dcc2e03333522a1ad81ca074a6a83f0a1e3fc06882551badbdcd4d95879a3c058290 WHIRLPOOL b9156add2f82c59717dfba185fc7ffe1260348a758661ff29170fd4d2c705d497e6d2fd413794d6b8ac131e9af99452ce93c2ff42c1d3712c449a7d2ce496804
+MISC ChangeLog 6847 SHA256 3e40e0f2ca279c7920652ad62724b5b7ec615c34de1b1a2f471419bac8607a24 SHA512 6479a9db84e15e74200be39225ce77c7ca12f6970d2b0aaa550bc267ba08a25185d4b20411b07e0fcd9733f888ceda62d6b8e44e647e3cadb243c67a6f50cb0a WHIRLPOOL ad5e53aefd225d47b0d5334a4063239d6ff6981cbfd5b089005571a8b83731a2a5d18f9994086a81f2f950b50b26d8cce495693a6759d1ddc17db1ab197805e4
+MISC ChangeLog-2015 21667 SHA256 3c8ecd29df3b5dd6b0b751dde592c1be7ad4d3c58fc6abc4ff5ddf1fa0dff484 SHA512 d9599d12aa78d4b97f74d989132b5def6d3ad3f34792457795bea1b3bdc1a06f0532cafb3d932339dbf7576fa68bd2422af1e5f5cccb36f74d0ca09dfc6145e1 WHIRLPOOL e5901ad1fbcf84db8c915e51d56da7f72d3703410113e82cddaf08979bf79a4886a5618cfa922a1f564ad2fb14694e6f46a97b3519a31e33d983f84e2ca414fe
+MISC metadata.xml 676 SHA256 288211da34dc4cabaeaa85c52462c3ad2792347abbf88f78eae812a4e3dc8c8c SHA512 7b33e0d113637a129a7894d8720feb9024d67466b86d475fbc3398f514b2ecc28c70dc759952376208d2022a00658eb120fc3561edbb9c7ecdc4404bed5f57a7 WHIRLPOOL bd4938862e3ec119c1da448d5bc8c99a6063704a65c8a906514f5160adf65851af64c6a1c4626e97438e9f4a7288ef002b06a876b9d73e67d70e38ca31cc1319
diff --git a/sys-libs/libselinux/files/0005-use-ruby-include-with-rubylibver.patch b/sys-libs/libselinux/files/0005-use-ruby-include-with-rubylibver.patch
new file mode 100644
index 000000000000..0fc84141a3db
--- /dev/null
+++ b/sys-libs/libselinux/files/0005-use-ruby-include-with-rubylibver.patch
@@ -0,0 +1,12 @@
+diff -uNr libselinux-2.2.2.orig/src/Makefile libselinux-2.2.2/src/Makefile
+--- libselinux-2.2.2.orig/src/Makefile	2013-11-06 20:56:30.000000000 +0100
++++ libselinux-2.2.2/src/Makefile	2013-11-25 21:02:05.327561766 +0100
+@@ -16,7 +16,7 @@
+ PYLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
+ RUBYLIBVER ?= $(shell $(RUBY) -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
+ RUBYPLATFORM ?= $(shell $(RUBY) -e 'print RUBY_PLATFORM')
+-RUBYINC ?= $(shell pkg-config --cflags ruby)
++RUBYINC ?= $(shell pkg-config --cflags ruby-$(RUBYLIBVER))
+ RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
+ LIBBASE ?= $(shell basename $(LIBDIR))
+ 
diff --git a/sys-libs/libselinux/files/0007-build-related-fixes-bug-500674-for-2.5.patch b/sys-libs/libselinux/files/0007-build-related-fixes-bug-500674-for-2.5.patch
new file mode 100644
index 000000000000..67e47ad40a67
--- /dev/null
+++ b/sys-libs/libselinux/files/0007-build-related-fixes-bug-500674-for-2.5.patch
@@ -0,0 +1,69 @@
+https://bugs.gentoo.org/500674
+
+random fixes:
+- make sure PCRE_CFLAGS get used
+- use PCRE_LIBS via pkg-config
+- move LDFLAGS to before objects, not after
+- do not hardcode -L$(LIBDIR) (let the toolchain handle it)
+- do not hardcode -I$(INCLUDEDIR) (let the toolchain handle it)
+
+diff -uNr libselinux-2.5.orig/src/Makefile libselinux-2.5/src/Makefile
+--- libselinux-2.5.orig/src/Makefile	2016-03-13 19:27:07.091000000 +0100
++++ libselinux-2.5/src/Makefile	2016-03-13 19:27:16.495000000 +0100
+@@ -73,7 +73,7 @@
+           -fipa-pure-const -Wno-suggest-attribute=pure -Wno-suggest-attribute=const \
+           -Werror -Wno-aggregate-return -Wno-redundant-decls
+ 
+-override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE $(EMFLAGS)
++override CFLAGS += -I../include $(PCRE_CFLAGS) -D_GNU_SOURCE $(EMFLAGS)
+ 
+ SWIG_CFLAGS += -Wno-error -Wno-unused-variable -Wno-unused-but-set-variable -Wno-unused-parameter \
+ 		-Wno-shadow -Wno-uninitialized -Wno-missing-prototypes -Wno-missing-declarations
+@@ -102,17 +102,17 @@
+ 	$(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $<
+ 
+ $(SWIGSO): $(SWIGLOBJ)
+-	$(CC) $(CFLAGS) -shared -o $@ $< -L. -lselinux $(LDFLAGS) -L$(LIBDIR)
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux
+ 
+ $(SWIGRUBYSO): $(SWIGRUBYLOBJ)
+-	$(CC) $(CFLAGS) -shared -o $@ $^ -L. -lselinux $(LDFLAGS) -L$(LIBDIR)
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux
+ 
+ $(LIBA): $(OBJS)
+ 	$(AR) rcs $@ $^
+ 	$(RANLIB) $@
+ 
+ $(LIBSO): $(LOBJS)
+-	$(CC) $(CFLAGS) -shared -o $@ $^ -lpcre -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl $(PCRE_LIBS) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ 	ln -sf $@ $(TARGET) 
+ 
+ $(LIBPC): $(LIBPC).in ../VERSION
+@@ -125,7 +125,7 @@
+ 	$(CC) $(filter-out -Werror, $(CFLAGS)) $(PYINC) -fPIC -DSHARED -c -o $@ $<
+ 
+ $(AUDIT2WHYSO): $(AUDIT2WHYLOBJ)
+-	$(CC) $(CFLAGS) -shared -o $@ $^ -L. $(LDFLAGS) -lselinux $(LIBDIR)/libsepol.a -L$(LIBDIR)
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux $(LIBDIR)/libsepol.a
+ 
+ %.o:  %.c policy.h
+ 	$(CC) $(CFLAGS) $(TLSFLAGS) -c -o $@ $<
+diff -uNr libselinux-2.5.orig/utils/Makefile libselinux-2.5/utils/Makefile
+--- libselinux-2.5.orig/utils/Makefile	2016-03-13 19:27:07.102000000 +0100
++++ libselinux-2.5/utils/Makefile	2016-03-13 19:27:40.297000000 +0100
+@@ -24,11 +24,12 @@
+           -fipa-pure-const -Wno-suggest-attribute=pure -Wno-suggest-attribute=const \
+           -Werror -Wno-aggregate-return -Wno-redundant-decls
+ override CFLAGS += -I../include -D_GNU_SOURCE $(EMFLAGS)
+-LDLIBS += -L../src -lselinux -L$(LIBDIR)
++LDLIBS += -L../src -lselinux
+ 
+ TARGETS=$(patsubst %.c,%,$(wildcard *.c))
+ 
+-sefcontext_compile: LDLIBS += -lpcre ../src/libselinux.a -lsepol
++sefcontext_compile: CFLAGS += $(PCRE_FLAGS)
++sefcontext_compile: LDLIBS += $(PCRE_LIBS) -lsepol ../src/libselinux.a
+ 
+ selinux_restorecon: LDLIBS += -lsepol
+ 
diff --git a/sys-libs/libselinux/files/libselinux-2.5-0001-only-mount-proc-if-necessary.patch b/sys-libs/libselinux/files/libselinux-2.5-0001-only-mount-proc-if-necessary.patch
new file mode 100644
index 000000000000..dfa6a0fa5553
--- /dev/null
+++ b/sys-libs/libselinux/files/libselinux-2.5-0001-only-mount-proc-if-necessary.patch
@@ -0,0 +1,54 @@
+From 5a8d8c499b2ef80eaa7b5abe2ec68d7101e613bf Mon Sep 17 00:00:00 2001
+From: Stephen Smalley <sds@tycho.nsa.gov>
+Date: Mon, 29 Feb 2016 10:10:55 -0500
+Subject: [PATCH] libselinux: only mount /proc if necessary
+
+Commit 9df498884665d ("libselinux: Mount procfs before checking
+/proc/filesystems") changed selinuxfs_exists() to always try
+mounting /proc before reading /proc/filesystems.  However, this is
+unnecessary if /proc is already mounted and can produce avc denials
+if the process is not allowed to perform the mount.  Check first
+to see if /proc is already present and only try the mount if it is not.
+
+Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
+---
+ libselinux/src/init.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/libselinux/src/init.c b/libselinux/src/init.c
+index 3db4de0..3530594 100644
+--- libselinux/src/init.c
++++ libselinux/src/init.c
+@@ -12,6 +12,7 @@
+ #include <stdint.h>
+ #include <limits.h>
+ #include <sys/mount.h>
++#include <linux/magic.h>
+ 
+ #include "dso.h"
+ #include "policy.h"
+@@ -57,13 +58,19 @@ static int verify_selinuxmnt(const char *mnt)
+ 
+ int selinuxfs_exists(void)
+ {
+-	int exists = 0, mnt_rc = 0;
++	int exists = 0, mnt_rc = -1, rc;
++	struct statfs sb;
+ 	FILE *fp = NULL;
+ 	char *buf = NULL;
+ 	size_t len;
+ 	ssize_t num;
+ 
+-	mnt_rc = mount("proc", "/proc", "proc", 0, 0);
++	do {
++		rc = statfs("/proc", &sb);
++	} while (rc < 0 && errno == EINTR);
++
++	if (rc == 0 && ((uint32_t)sb.f_type != (uint32_t)PROC_SUPER_MAGIC))
++		mnt_rc = mount("proc", "/proc", "proc", 0, 0);
+ 
+ 	fp = fopen("/proc/filesystems", "r");
+ 	if (!fp) {
+-- 
+2.7.3
+
diff --git a/sys-libs/libselinux/files/libselinux-2.5-0002-Avoid-mounting-proc-outside-of-selinux_init_load_pol.patch b/sys-libs/libselinux/files/libselinux-2.5-0002-Avoid-mounting-proc-outside-of-selinux_init_load_pol.patch
new file mode 100644
index 000000000000..c811450ba396
--- /dev/null
+++ b/sys-libs/libselinux/files/libselinux-2.5-0002-Avoid-mounting-proc-outside-of-selinux_init_load_pol.patch
@@ -0,0 +1,129 @@
+From 32773a99b1f0cf2b61b5f5a33359684b18aab1ed Mon Sep 17 00:00:00 2001
+From: Stephen Smalley <sds@tycho.nsa.gov>
+Date: Fri, 13 May 2016 11:59:47 -0400
+Subject: [PATCH] Avoid mounting /proc outside of selinux_init_load_policy().
+
+Temporarily mounting /proc within selinuxfs_exists() can cause
+problems since it can be called by a libselinux constructor and
+therefore may be invoked by every program linked with libselinux.
+Since this was only motivated originally by a situation where
+selinuxfs_exists() was called from selinux_init_load_policy()
+before /proc was mounted, fix it in selinux_init_load_policy() instead.
+
+This reverts commit 5a8d8c499b2ef80eaa7b5abe2ec68d7101e613bf
+("libselinux: only mount /proc if necessary") and
+commit 9df498884665d79474b79f0f30d1cd67df11bd3e
+("libselinux: Mount procfs before checking /proc/filesystems").
+
+Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
+---
+ libselinux/src/init.c        | 27 +++------------------------
+ libselinux/src/load_policy.c | 15 ++++++++++-----
+ 2 files changed, 13 insertions(+), 29 deletions(-)
+
+diff --git a/libselinux/src/init.c b/libselinux/src/init.c
+index 3530594..3c687a2 100644
+--- libselinux/src/init.c
++++ libselinux/src/init.c
+@@ -11,8 +11,6 @@
+ #include <sys/vfs.h>
+ #include <stdint.h>
+ #include <limits.h>
+-#include <sys/mount.h>
+-#include <linux/magic.h>
+ 
+ #include "dso.h"
+ #include "policy.h"
+@@ -58,26 +56,15 @@ static int verify_selinuxmnt(const char *mnt)
+ 
+ int selinuxfs_exists(void)
+ {
+-	int exists = 0, mnt_rc = -1, rc;
+-	struct statfs sb;
++	int exists = 0;
+ 	FILE *fp = NULL;
+ 	char *buf = NULL;
+ 	size_t len;
+ 	ssize_t num;
+ 
+-	do {
+-		rc = statfs("/proc", &sb);
+-	} while (rc < 0 && errno == EINTR);
+-
+-	if (rc == 0 && ((uint32_t)sb.f_type != (uint32_t)PROC_SUPER_MAGIC))
+-		mnt_rc = mount("proc", "/proc", "proc", 0, 0);
+-
+ 	fp = fopen("/proc/filesystems", "r");
+-	if (!fp) {
+-		exists = 1; /* Fail as if it exists */
+-		goto out;
+-	}
+-
++	if (!fp)
++		return 1; /* Fail as if it exists */
+ 	__fsetlocking(fp, FSETLOCKING_BYCALLER);
+ 
+ 	num = getline(&buf, &len, fp);
+@@ -91,14 +78,6 @@ int selinuxfs_exists(void)
+ 
+ 	free(buf);
+ 	fclose(fp);
+-
+-out:
+-#ifndef MNT_DETACH
+-#define MNT_DETACH 2
+-#endif
+-	if (mnt_rc == 0)
+-		umount2("/proc", MNT_DETACH);
+-
+ 	return exists;
+ }
+ hidden_def(selinuxfs_exists)
+diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
+index 21ee58b..4f39fc7 100644
+--- libselinux/src/load_policy.c
++++ libselinux/src/load_policy.c
+@@ -17,6 +17,10 @@
+ #include "policy.h"
+ #include <limits.h>
+ 
++#ifndef MNT_DETACH
++#define MNT_DETACH 2
++#endif
++
+ int security_load_policy(void *data, size_t len)
+ {
+ 	char path[PATH_MAX];
+@@ -348,11 +352,6 @@ int selinux_init_load_policy(int *enforce)
+ 		fclose(cfg);
+ 		free(buf);
+ 	}
+-#ifndef MNT_DETACH
+-#define MNT_DETACH 2
+-#endif
+-	if (rc == 0)
+-		umount2("/proc", MNT_DETACH);
+ 
+ 	/* 
+ 	 * Determine the final desired mode.
+@@ -400,11 +399,17 @@ int selinux_init_load_policy(int *enforce)
+ 			/* Only emit this error if selinux was not disabled */
+ 			fprintf(stderr, "Mount failed for selinuxfs on %s:  %s\n", SELINUXMNT, strerror(errno));
+ 		}
++
++		if (rc == 0)
++			umount2("/proc", MNT_DETACH);
+                 
+ 		goto noload;
+ 	}
+ 	set_selinuxmnt(mntpoint);
+ 
++	if (rc == 0)
++		umount2("/proc", MNT_DETACH);
++
+ 	/*
+ 	 * Note:  The following code depends on having selinuxfs 
+ 	 * already mounted and selinuxmnt set above.
+-- 
+2.7.3
+
diff --git a/sys-libs/libselinux/files/libselinux-2.5-0003-Change-the-location-of-_selinux.so.patch b/sys-libs/libselinux/files/libselinux-2.5-0003-Change-the-location-of-_selinux.so.patch
new file mode 100644
index 000000000000..542acfdc2437
--- /dev/null
+++ b/sys-libs/libselinux/files/libselinux-2.5-0003-Change-the-location-of-_selinux.so.patch
@@ -0,0 +1,44 @@
+From a9604c30a5e2f71007d31aa6ba41cf7b95d94822 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Mon, 27 Jun 2016 10:46:13 +0200
+Subject: [PATCH] libselinux: Change the location of _selinux.so
+
+There was a change in swig-3.10 to use importlib instead of imp. While
+the implementation with imp looked for _selinux.so also into the same directory
+as __init__.py is, a new module with importlib searchs only standard paths.
+It means that we need to move _selinux.so from $(PYLIBDIR)/site-packages/selinux/
+to $(PYLIBDIR)/site-packages/.
+
+Fixes:
+>>> import selinux
+Traceback (most recent call last):
+  File "<stdin>", line 1, in <module>
+  File "/usr/lib64/python2.7/site-packages/selinux/__init__.py", line 21, in <module>
+    _selinux = swig_import_helper()
+  File "/usr/lib64/python2.7/site-packages/selinux/__init__.py", line 20, in swig_import_helper
+    return importlib.import_module('_selinux')
+  File "/usr/lib64/python2.7/importlib/__init__.py", line 37, in import_module
+    __import__(name)
+ImportError: No module named _selinux
+
+Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
+---
+ libselinux/src/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
+index d94163e..37d01af 100644
+--- libselinux/src/Makefile
++++ libselinux/src/Makefile
+@@ -156,7 +156,7 @@ install: all
+ 
+ install-pywrap: pywrap
+ 	test -d $(PYLIBDIR)/site-packages/selinux || install -m 755 -d $(PYLIBDIR)/site-packages/selinux
+-	install -m 755 $(SWIGSO) $(PYLIBDIR)/site-packages/selinux/_selinux.so
++	install -m 755 $(SWIGSO) $(PYLIBDIR)/site-packages/_selinux.so
+ 	install -m 755 $(AUDIT2WHYSO) $(PYLIBDIR)/site-packages/selinux/audit2why.so
+ 	install -m 644 $(SWIGPYOUT) $(PYLIBDIR)/site-packages/selinux/__init__.py
+ 
+-- 
+2.7.3
+
diff --git a/sys-libs/libselinux/files/libselinux-2.6-0007-build-related-fixes-bug-500674.patch b/sys-libs/libselinux/files/libselinux-2.6-0007-build-related-fixes-bug-500674.patch
new file mode 100644
index 000000000000..83596e8e0a7f
--- /dev/null
+++ b/sys-libs/libselinux/files/libselinux-2.6-0007-build-related-fixes-bug-500674.patch
@@ -0,0 +1,91 @@
+https://bugs.gentoo.org/500674
+
+random fixes:
+- make sure PCRE_CFLAGS get used
+- use PCRE_LIBS via pkg-config
+- move LDFLAGS to before objects, not after
+- do not hardcode -L$(LIBDIR) (let the toolchain handle it)
+- do not hardcode -I$(INCLUDEDIR) (let the toolchain handle it)
+
+diff --git a/libselinux/Makefile b/libselinux/Makefile
+index baa0db3..4dc5aa0 100644
+--- libselinux/Makefile
++++ libselinux/Makefile
+@@ -1,5 +1,6 @@
+ SUBDIRS = src include utils man
+ 
++PKG_CONFIG ?= pkg-config
+ DISABLE_SETRANS ?= n
+ DISABLE_RPM ?= n
+ ANDROID_HOST ?= n
+@@ -20,10 +21,11 @@ export DISABLE_SETRANS DISABLE_RPM DISABLE_FLAGS ANDROID_HOST
+ 
+ USE_PCRE2 ?= n
+ ifeq ($(USE_PCRE2),y)
+-	PCRE_CFLAGS := -DUSE_PCRE2 -DPCRE2_CODE_UNIT_WIDTH=8
+-	PCRE_LDFLAGS := -lpcre2-8
++	PCRE_CFLAGS := -DUSE_PCRE2 -DPCRE2_CODE_UNIT_WIDTH=8 $(shell $(PKG_CONFIG) --cflags libpcre2-8)
++	PCRE_LDFLAGS := $(shell $(PKG_CONFIG) --libs libpcre2-8)
+ else
+-	PCRE_LDFLAGS := -lpcre
++	PCRE_CFLAGS := $(shell $(PKG_CONFIG) --cflags libpcre)
++	PCRE_LDFLAGS := $(shell $(PKG_CONFIG) --libs libpcre)
+ endif
+ export PCRE_CFLAGS PCRE_LDFLAGS
+ 
+diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
+index 13501cd..42cb2f6 100644
+--- libselinux/src/Makefile
++++ libselinux/src/Makefile
+@@ -67,7 +67,7 @@ CFLAGS ?= -O -Wall -W -Wundef -Wformat-y2k -Wformat-security -Winit-self -Wmissi
+ 
+ PCRE_LDFLAGS ?= -lpcre
+ 
+-override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS)
++override CFLAGS += -I../include -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS)
+ 
+ SWIG_CFLAGS += -Wno-error -Wno-unused-variable -Wno-unused-but-set-variable -Wno-unused-parameter \
+ 		-Wno-shadow -Wno-uninitialized -Wno-missing-prototypes -Wno-missing-declarations
+@@ -107,17 +107,17 @@ $(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
+ 	$(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $<
+ 
+ $(SWIGSO): $(SWIGLOBJ)
+-	$(CC) $(CFLAGS) -shared -o $@ $< -L. -lselinux $(LDFLAGS) -L$(LIBDIR)
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux
+ 
+ $(SWIGRUBYSO): $(SWIGRUBYLOBJ)
+-	$(CC) $(CFLAGS) -shared -o $@ $^ -L. -lselinux $(LDFLAGS) -L$(LIBDIR)
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux
+ 
+ $(LIBA): $(OBJS)
+ 	$(AR) rcs $@ $^
+ 	$(RANLIB) $@
+ 
+ $(LIBSO): $(LOBJS)
+-	$(CC) $(CFLAGS) -shared -o $@ $^ $(PCRE_LDFLAGS) -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ $(PCRE_LDFLAGS) -ldl -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ 	ln -sf $@ $(TARGET) 
+ 
+ $(LIBPC): $(LIBPC).in ../VERSION
+@@ -130,7 +130,7 @@ $(AUDIT2WHYLOBJ): audit2why.c
+ 	$(CC) $(filter-out -Werror, $(CFLAGS)) $(PYINC) -fPIC -DSHARED -c -o $@ $<
+ 
+ $(AUDIT2WHYSO): $(AUDIT2WHYLOBJ)
+-	$(CC) $(CFLAGS) -shared -o $@ $^ -L. $(LDFLAGS) -lselinux $(LIBDIR)/libsepol.a -L$(LIBDIR)
++	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux $(LIBDIR)/libsepol.a
+ 
+ %.o:  %.c policy.h
+ 	$(CC) $(CFLAGS) $(TLSFLAGS) -c -o $@ $<
+diff --git a/libselinux/utils/Makefile b/libselinux/utils/Makefile
+index e56a953..6fd205a 100644
+--- libselinux/utils/Makefile
++++ libselinux/utils/Makefile
+@@ -25,7 +25,7 @@ CFLAGS ?= -O -Wall -W -Wundef -Wformat-y2k -Wformat-security -Winit-self -Wmissi
+           -fipa-pure-const -Wno-suggest-attribute=pure -Wno-suggest-attribute=const \
+           -Werror -Wno-aggregate-return -Wno-redundant-decls
+ override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS)
+-LDLIBS += -L../src -lselinux -L$(LIBDIR)
++LDLIBS += -L../src -lselinux
+ PCRE_LDFLAGS ?= -lpcre
+ 
+ ifeq ($(ANDROID_HOST),y)
diff --git a/sys-libs/libselinux/libselinux-2.6.ebuild b/sys-libs/libselinux/libselinux-2.6.ebuild
new file mode 100644
index 000000000000..c92bb50d3950
--- /dev/null
+++ b/sys-libs/libselinux/libselinux-2.6.ebuild
@@ -0,0 +1,154 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+PYTHON_COMPAT=( python2_7 python3_4 python3_5 python3_6 )
+USE_RUBY="ruby22 ruby23"
+
+# No, I am not calling ruby-ng
+inherit multilib python-r1 toolchain-funcs multilib-minimal
+
+MY_P="${P//_/-}"
+SEPOL_VER="${PV}"
+MY_RELEASEDATE="20161014"
+
+DESCRIPTION="SELinux userland library"
+HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
+
+if [[ ${PV} == 9999 ]] ; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
+	S="${WORKDIR}/${MY_P}/${PN}"
+else
+	SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz"
+	KEYWORDS="amd64 ~arm ~arm64 ~mips x86"
+	S="${WORKDIR}/${MY_P}"
+fi
+
+LICENSE="public-domain"
+SLOT="0"
+IUSE="pcre2 python ruby static-libs ruby_targets_ruby21 ruby_targets_ruby22 ruby_targets_ruby23"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}:=[${MULTILIB_USEDEP}]
+	!pcre2? ( >=dev-libs/libpcre-8.33-r1:=[static-libs?,${MULTILIB_USEDEP}] )
+	pcre2? ( dev-libs/libpcre2:=[static-libs?,${MULTILIB_USEDEP}] )
+	python? ( ${PYTHON_DEPS} )
+	ruby? (
+		ruby_targets_ruby22? ( dev-lang/ruby:2.2 )
+		ruby_targets_ruby23? ( dev-lang/ruby:2.3 )
+	)"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	python? ( >=dev-lang/swig-2.0.9 )"
+
+src_prepare() {
+	if [[ ${PV} != 9999 ]] ; then
+		# If needed for live builds, place them in /etc/portage/patches
+		eapply "${FILESDIR}/libselinux-2.6-0007-build-related-fixes-bug-500674.patch"
+	fi
+
+	eapply_user
+
+	multilib_copy_sources
+}
+
+multilib_src_compile() {
+	tc-export AR CC PKG_CONFIG RANLIB
+
+	emake \
+		LIBDIR="\$(PREFIX)/$(get_libdir)" \
+		SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+		LDFLAGS="-fPIC ${LDFLAGS} -pthread" \
+		USE_PCRE2="$(usex pcre2 y n)" \
+		all
+
+	if multilib_is_native_abi && use python; then
+		building() {
+			python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH
+			emake \
+				PYINC="-I${PYTHON_INCLUDEDIR}" \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				pywrap
+		}
+		python_foreach_impl building
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		building() {
+			einfo "Calling rubywrap for ${1}"
+			# Clean up .lo file to force rebuild
+			rm -f src/selinuxswig_ruby_wrap.lo || die
+			emake \
+				RUBY=${1} \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			building ${RUBYTARGET}
+		done
+	fi
+}
+
+multilib_src_install() {
+		emake DESTDIR="${D}" \
+			LIBDIR="\$(PREFIX)/$(get_libdir)" \
+			SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+			USE_PCRE2="$(usex pcre2 y n)" \
+			install
+
+	if multilib_is_native_abi && use python; then
+		installation() {
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-pywrap
+			python_optimize # bug 531638
+		}
+		python_foreach_impl installation
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		installation() {
+			einfo "Calling install-rubywrap for ${1}"
+			# Forcing (re)build here as otherwise the resulting SO file is used for all ruby versions
+			rm src/selinuxswig_ruby_wrap.lo
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				RUBY=${1} \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			installation ${RUBYTARGET}
+		done
+	fi
+
+	use static-libs || rm "${D}"/usr/lib*/*.a || die
+}
+
+pkg_postinst() {
+	# Fix bug 473502
+	for POLTYPE in ${POLICY_TYPES};
+	do
+		mkdir -p /etc/selinux/${POLTYPE}/contexts/files || die
+		touch /etc/selinux/${POLTYPE}/contexts/files/file_contexts.local || die
+		# Fix bug 516608
+		for EXPRFILE in file_contexts file_contexts.homedirs file_contexts.local ; do
+			if [[ -f "/etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE}" ]]; then
+				sefcontext_compile /etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE} \
+				|| die "Failed to recompile contexts"
+			fi
+		done
+	done
+}
diff --git a/sys-libs/libselinux/libselinux-2.7.ebuild b/sys-libs/libselinux/libselinux-2.7.ebuild
new file mode 100644
index 000000000000..a8ed808fe471
--- /dev/null
+++ b/sys-libs/libselinux/libselinux-2.7.ebuild
@@ -0,0 +1,150 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+PYTHON_COMPAT=( python2_7 python3_4 python3_5 python3_6 )
+USE_RUBY="ruby22 ruby23"
+
+# No, I am not calling ruby-ng
+inherit multilib python-r1 toolchain-funcs multilib-minimal
+
+MY_P="${P//_/-}"
+SEPOL_VER="${PV}"
+MY_RELEASEDATE="20170804"
+
+DESCRIPTION="SELinux userland library"
+HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
+
+if [[ ${PV} == 9999 ]] ; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
+	S="${WORKDIR}/${MY_P}/${PN}"
+else
+	SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz"
+	KEYWORDS="amd64 ~arm ~arm64 ~mips x86"
+	S="${WORKDIR}/${MY_P}"
+fi
+
+LICENSE="public-domain"
+SLOT="0"
+IUSE="pcre2 python ruby static-libs ruby_targets_ruby21 ruby_targets_ruby22 ruby_targets_ruby23"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}:=[${MULTILIB_USEDEP}]
+	!pcre2? ( >=dev-libs/libpcre-8.33-r1:=[static-libs?,${MULTILIB_USEDEP}] )
+	pcre2? ( dev-libs/libpcre2:=[static-libs?,${MULTILIB_USEDEP}] )
+	python? ( ${PYTHON_DEPS} )
+	ruby? (
+		ruby_targets_ruby22? ( dev-lang/ruby:2.2 )
+		ruby_targets_ruby23? ( dev-lang/ruby:2.3 )
+	)"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	python? ( >=dev-lang/swig-2.0.9 )"
+
+src_prepare() {
+	eapply_user
+
+	multilib_copy_sources
+}
+
+multilib_src_compile() {
+	tc-export AR CC PKG_CONFIG RANLIB
+
+	emake \
+		LIBDIR="\$(PREFIX)/$(get_libdir)" \
+		SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+		LDFLAGS="-fPIC ${LDFLAGS} -pthread" \
+		USE_PCRE2="$(usex pcre2 y n)" \
+		all
+
+	if multilib_is_native_abi && use python; then
+		building() {
+			emake \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				pywrap
+		}
+		python_foreach_impl building
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		building() {
+			einfo "Calling rubywrap for ${1}"
+			# Clean up .lo file to force rebuild
+			rm -f src/selinuxswig_ruby_wrap.lo || die
+			emake \
+				RUBY=${1} \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			building ${RUBYTARGET}
+		done
+	fi
+}
+
+multilib_src_install() {
+	emake DESTDIR="${D}" \
+		LIBDIR="\$(PREFIX)/$(get_libdir)" \
+		SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+		LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \
+		USE_PCRE2="$(usex pcre2 y n)" \
+		install
+
+	if multilib_is_native_abi && use python; then
+		installation() {
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-pywrap
+			python_optimize # bug 531638
+		}
+		python_foreach_impl installation
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		installation() {
+			einfo "Calling install-rubywrap for ${1}"
+			# Forcing (re)build here as otherwise the resulting SO file is used for all ruby versions
+			rm src/selinuxswig_ruby_wrap.lo
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \
+				RUBY=${1} \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			installation ${RUBYTARGET}
+		done
+	fi
+
+	use static-libs || rm "${D}"/usr/lib*/*.a || die
+}
+
+pkg_postinst() {
+	# Fix bug 473502
+	for POLTYPE in ${POLICY_TYPES};
+	do
+		mkdir -p /etc/selinux/${POLTYPE}/contexts/files || die
+		touch /etc/selinux/${POLTYPE}/contexts/files/file_contexts.local || die
+		# Fix bug 516608
+		for EXPRFILE in file_contexts file_contexts.homedirs file_contexts.local ; do
+			if [[ -f "/etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE}" ]]; then
+				sefcontext_compile /etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE} \
+				|| die "Failed to recompile contexts"
+			fi
+		done
+	done
+}
diff --git a/sys-libs/libselinux/libselinux-9999.ebuild b/sys-libs/libselinux/libselinux-9999.ebuild
new file mode 100644
index 000000000000..fdd6f7fd3330
--- /dev/null
+++ b/sys-libs/libselinux/libselinux-9999.ebuild
@@ -0,0 +1,150 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+PYTHON_COMPAT=( python2_7 python3_4 python3_5 python3_6 )
+USE_RUBY="ruby22 ruby23"
+
+# No, I am not calling ruby-ng
+inherit multilib python-r1 toolchain-funcs multilib-minimal
+
+MY_P="${P//_/-}"
+SEPOL_VER="${PV}"
+MY_RELEASEDATE="20170804"
+
+DESCRIPTION="SELinux userland library"
+HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
+
+if [[ ${PV} == 9999 ]] ; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
+	S="${WORKDIR}/${MY_P}/${PN}"
+else
+	SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz"
+	KEYWORDS="~amd64 ~arm ~arm64 ~mips ~x86"
+	S="${WORKDIR}/${MY_P}"
+fi
+
+LICENSE="public-domain"
+SLOT="0"
+IUSE="pcre2 python ruby static-libs ruby_targets_ruby21 ruby_targets_ruby22 ruby_targets_ruby23"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}:=[${MULTILIB_USEDEP}]
+	!pcre2? ( >=dev-libs/libpcre-8.33-r1:=[static-libs?,${MULTILIB_USEDEP}] )
+	pcre2? ( dev-libs/libpcre2:=[static-libs?,${MULTILIB_USEDEP}] )
+	python? ( ${PYTHON_DEPS} )
+	ruby? (
+		ruby_targets_ruby22? ( dev-lang/ruby:2.2 )
+		ruby_targets_ruby23? ( dev-lang/ruby:2.3 )
+	)"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	python? ( >=dev-lang/swig-2.0.9 )"
+
+src_prepare() {
+	eapply_user
+
+	multilib_copy_sources
+}
+
+multilib_src_compile() {
+	tc-export AR CC PKG_CONFIG RANLIB
+
+	emake \
+		LIBDIR="\$(PREFIX)/$(get_libdir)" \
+		SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+		LDFLAGS="-fPIC ${LDFLAGS} -pthread" \
+		USE_PCRE2="$(usex pcre2 y n)" \
+		all
+
+	if multilib_is_native_abi && use python; then
+		building() {
+			emake \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				pywrap
+		}
+		python_foreach_impl building
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		building() {
+			einfo "Calling rubywrap for ${1}"
+			# Clean up .lo file to force rebuild
+			rm -f src/selinuxswig_ruby_wrap.lo || die
+			emake \
+				RUBY=${1} \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			building ${RUBYTARGET}
+		done
+	fi
+}
+
+multilib_src_install() {
+	emake DESTDIR="${D}" \
+		LIBDIR="\$(PREFIX)/$(get_libdir)" \
+		SHLIBDIR="\$(DESTDIR)/$(get_libdir)" \
+		LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \
+		USE_PCRE2="$(usex pcre2 y n)" \
+		install
+
+	if multilib_is_native_abi && use python; then
+		installation() {
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-pywrap
+			python_optimize # bug 531638
+		}
+		python_foreach_impl installation
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		installation() {
+			einfo "Calling install-rubywrap for ${1}"
+			# Forcing (re)build here as otherwise the resulting SO file is used for all ruby versions
+			rm src/selinuxswig_ruby_wrap.lo
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \
+				RUBY=${1} \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			installation ${RUBYTARGET}
+		done
+	fi
+
+	use static-libs || rm "${D}"/usr/lib*/*.a || die
+}
+
+pkg_postinst() {
+	# Fix bug 473502
+	for POLTYPE in ${POLICY_TYPES};
+	do
+		mkdir -p /etc/selinux/${POLTYPE}/contexts/files || die
+		touch /etc/selinux/${POLTYPE}/contexts/files/file_contexts.local || die
+		# Fix bug 516608
+		for EXPRFILE in file_contexts file_contexts.homedirs file_contexts.local ; do
+			if [[ -f "/etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE}" ]]; then
+				sefcontext_compile /etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE} \
+				|| die "Failed to recompile contexts"
+			fi
+		done
+	done
+}
diff --git a/sys-libs/libselinux/metadata.xml b/sys-libs/libselinux/metadata.xml
new file mode 100644
index 000000000000..537e0aa97df3
--- /dev/null
+++ b/sys-libs/libselinux/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="project">
+		<email>selinux@gentoo.org</email>
+		<name>SELinux Team</name>
+	</maintainer>
+	<longdescription>
+		Libselinux provides an API for SELinux applications to get and set
+		process and file security contexts and to obtain security policy
+		decisions.  Required for any applications that use the SELinux API.
+	</longdescription>
+	<use>
+		<flag name="pcre2">Use <pkg>dev-libs/libpcre2</pkg> for fcontext regexes</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">SELinuxProject/selinux</remote-id>
+	</upstream>
+</pkgmetadata>
author	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
commit	4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree	ba5f07bf3f9d22d82e54a462313f5d244036c768 /sys-libs/libselinux