1 |
commit: dff61709d44bbd83f843d88ff1c7c8069039069c |
2 |
Author: Grzegorz Filo <gf578 <AT> wp <DOT> pl> |
3 |
AuthorDate: Wed Dec 29 19:53:34 2021 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Jan 1 22:43:16 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dff61709 |
7 |
|
8 |
sec-policy/selinux-base-policy: Remove obsolete selinux modules |
9 |
|
10 |
Closes: https://github.com/gentoo/gentoo/pull/23568 |
11 |
Signed-off-by: Grzegorz Filo <gf578 <AT> wp.pl> |
12 |
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> |
13 |
|
14 |
.../selinux-base-policy-2.20210203-r1.ebuild | 12 ++++++++++++ |
15 |
.../selinux-base-policy-2.20210908-r1.ebuild | 12 ++++++++++++ |
16 |
.../selinux-base-policy/selinux-base-policy-9999.ebuild | 12 ++++++++++++ |
17 |
3 files changed, 36 insertions(+) |
18 |
|
19 |
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild |
20 |
index 56db7e92b5d0..cb444f4de09d 100644 |
21 |
--- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild |
22 |
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild |
23 |
@@ -28,6 +28,7 @@ BDEPEND=" |
24 |
sys-devel/m4" |
25 |
|
26 |
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" |
27 |
+DEL_MODS="hotplug" |
28 |
LICENSE="GPL-2" |
29 |
SLOT="0" |
30 |
S="${WORKDIR}/" |
31 |
@@ -60,6 +61,10 @@ src_prepare() { |
32 |
modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" |
33 |
done |
34 |
|
35 |
+ for i in ${DEL_MODS}; do |
36 |
+ [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" |
37 |
+ done |
38 |
+ |
39 |
for i in ${POLICY_TYPES}; do |
40 |
mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" |
41 |
cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ |
42 |
@@ -111,6 +116,13 @@ pkg_postinst() { |
43 |
cd "${ROOT}/usr/share/selinux/${i}" |
44 |
|
45 |
semodule ${root_opts} -s ${i} ${COMMAND} |
46 |
+ |
47 |
+ for mod in ${DEL_MODS}; do |
48 |
+ if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then |
49 |
+ einfo "Removing obsolete ${i} ${mod} policy package" |
50 |
+ semodule ${root_opts} -s ${i} -r ${mod} |
51 |
+ fi |
52 |
+ done |
53 |
done |
54 |
|
55 |
# Don't relabel when cross compiling |
56 |
|
57 |
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild |
58 |
index 56db7e92b5d0..cb444f4de09d 100644 |
59 |
--- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild |
60 |
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild |
61 |
@@ -28,6 +28,7 @@ BDEPEND=" |
62 |
sys-devel/m4" |
63 |
|
64 |
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" |
65 |
+DEL_MODS="hotplug" |
66 |
LICENSE="GPL-2" |
67 |
SLOT="0" |
68 |
S="${WORKDIR}/" |
69 |
@@ -60,6 +61,10 @@ src_prepare() { |
70 |
modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" |
71 |
done |
72 |
|
73 |
+ for i in ${DEL_MODS}; do |
74 |
+ [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" |
75 |
+ done |
76 |
+ |
77 |
for i in ${POLICY_TYPES}; do |
78 |
mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" |
79 |
cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ |
80 |
@@ -111,6 +116,13 @@ pkg_postinst() { |
81 |
cd "${ROOT}/usr/share/selinux/${i}" |
82 |
|
83 |
semodule ${root_opts} -s ${i} ${COMMAND} |
84 |
+ |
85 |
+ for mod in ${DEL_MODS}; do |
86 |
+ if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then |
87 |
+ einfo "Removing obsolete ${i} ${mod} policy package" |
88 |
+ semodule ${root_opts} -s ${i} -r ${mod} |
89 |
+ fi |
90 |
+ done |
91 |
done |
92 |
|
93 |
# Don't relabel when cross compiling |
94 |
|
95 |
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild |
96 |
index 76791df9dcb2..adeb92d6f444 100644 |
97 |
--- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild |
98 |
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild |
99 |
@@ -28,6 +28,7 @@ BDEPEND=" |
100 |
sys-devel/m4" |
101 |
|
102 |
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" |
103 |
+DEL_MODS="hotplug" |
104 |
LICENSE="GPL-2" |
105 |
SLOT="0" |
106 |
S="${WORKDIR}/" |
107 |
@@ -60,6 +61,10 @@ src_prepare() { |
108 |
modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" |
109 |
done |
110 |
|
111 |
+ for i in ${DEL_MODS}; do |
112 |
+ [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" |
113 |
+ done |
114 |
+ |
115 |
for i in ${POLICY_TYPES}; do |
116 |
mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" |
117 |
cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ |
118 |
@@ -111,6 +116,13 @@ pkg_postinst() { |
119 |
cd "${ROOT}/usr/share/selinux/${i}" |
120 |
|
121 |
semodule ${root_opts} -s ${i} ${COMMAND} |
122 |
+ |
123 |
+ for mod in ${DEL_MODS}; do |
124 |
+ if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then |
125 |
+ einfo "Removing obsolete ${i} ${mod} policy package" |
126 |
+ semodule ${root_opts} -s ${i} -r ${mod} |
127 |
+ fi |
128 |
+ done |
129 |
done |
130 |
|
131 |
# Don't relabel when cross compiling |