1 |
swift 14/08/01 21:04:44 |
2 |
|
3 |
Modified: selinux-base-policy-2.20140311-r3.ebuild ChangeLog |
4 |
Added: selinux-base-policy-2.20140311-r4.ebuild |
5 |
Log: |
6 |
Stabilization of r3, and make r4 available for testing |
7 |
|
8 |
(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0x2EDD52403B68AF47) |
9 |
|
10 |
Revision Changes Path |
11 |
1.2 sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r3.ebuild |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r3.ebuild?rev=1.2&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r3.ebuild?rev=1.2&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r3.ebuild?r1=1.1&r2=1.2 |
16 |
|
17 |
Index: selinux-base-policy-2.20140311-r3.ebuild |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r3.ebuild,v |
20 |
retrieving revision 1.1 |
21 |
retrieving revision 1.2 |
22 |
diff -u -r1.1 -r1.2 |
23 |
--- selinux-base-policy-2.20140311-r3.ebuild 29 May 2014 18:57:41 -0000 1.1 |
24 |
+++ selinux-base-policy-2.20140311-r3.ebuild 1 Aug 2014 21:04:44 -0000 1.2 |
25 |
@@ -1,6 +1,6 @@ |
26 |
# Copyright 1999-2014 Gentoo Foundation |
27 |
# Distributed under the terms of the GNU General Public License v2 |
28 |
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r3.ebuild,v 1.1 2014/05/29 18:57:41 swift Exp $ |
29 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r3.ebuild,v 1.2 2014/08/01 21:04:44 swift Exp $ |
30 |
EAPI="5" |
31 |
|
32 |
inherit eutils |
33 |
@@ -16,7 +16,7 @@ |
34 |
DEPEND="" |
35 |
SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 |
36 |
http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2" |
37 |
-KEYWORDS="~amd64 ~x86" |
38 |
+KEYWORDS="amd64 x86" |
39 |
|
40 |
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg" |
41 |
LICENSE="GPL-2" |
42 |
|
43 |
|
44 |
|
45 |
1.145 sec-policy/selinux-base-policy/ChangeLog |
46 |
|
47 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.145&view=markup |
48 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.145&content-type=text/plain |
49 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?r1=1.144&r2=1.145 |
50 |
|
51 |
Index: ChangeLog |
52 |
=================================================================== |
53 |
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v |
54 |
retrieving revision 1.144 |
55 |
retrieving revision 1.145 |
56 |
diff -u -r1.144 -r1.145 |
57 |
--- ChangeLog 29 May 2014 20:23:26 -0000 1.144 |
58 |
+++ ChangeLog 1 Aug 2014 21:04:44 -0000 1.145 |
59 |
@@ -1,6 +1,13 @@ |
60 |
# ChangeLog for sec-policy/selinux-base-policy |
61 |
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 |
62 |
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.144 2014/05/29 20:23:26 swift Exp $ |
63 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.145 2014/08/01 21:04:44 swift Exp $ |
64 |
+ |
65 |
+*selinux-base-policy-2.20140311-r4 (01 Aug 2014) |
66 |
+ |
67 |
+ 01 Aug 2014; Sven Vermeulen <swift@g.o> |
68 |
+ +selinux-base-policy-2.20140311-r4.ebuild, |
69 |
+ selinux-base-policy-2.20140311-r3.ebuild: |
70 |
+ Stabilization of r3, and make r4 available for testing |
71 |
|
72 |
29 May 2014; Sven Vermeulen <swift@g.o> |
73 |
selinux-base-policy-2.20140311-r2.ebuild: |
74 |
|
75 |
|
76 |
|
77 |
1.1 sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r4.ebuild |
78 |
|
79 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r4.ebuild?rev=1.1&view=markup |
80 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r4.ebuild?rev=1.1&content-type=text/plain |
81 |
|
82 |
Index: selinux-base-policy-2.20140311-r4.ebuild |
83 |
=================================================================== |
84 |
# Copyright 1999-2014 Gentoo Foundation |
85 |
# Distributed under the terms of the GNU General Public License v2 |
86 |
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r4.ebuild,v 1.1 2014/08/01 21:04:44 swift Exp $ |
87 |
EAPI="5" |
88 |
|
89 |
inherit eutils |
90 |
|
91 |
HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" |
92 |
DESCRIPTION="SELinux policy for core modules" |
93 |
|
94 |
IUSE="+unconfined" |
95 |
BASEPOL="2.20140311-r4" |
96 |
|
97 |
RDEPEND=">=sec-policy/selinux-base-${PVR}" |
98 |
PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" |
99 |
DEPEND="" |
100 |
SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 |
101 |
http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2" |
102 |
KEYWORDS="~amd64 ~x86" |
103 |
|
104 |
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg" |
105 |
LICENSE="GPL-2" |
106 |
SLOT="0" |
107 |
S="${WORKDIR}/" |
108 |
PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2" |
109 |
|
110 |
# Code entirely copied from selinux-eclass (cannot inherit due to dependency on |
111 |
# itself), when reworked reinclude it. Only postinstall (where -b base.pp is |
112 |
# added) needs to remain then. |
113 |
|
114 |
pkg_pretend() { |
115 |
for i in ${POLICY_TYPES}; do |
116 |
if [[ "${i}" == "targeted" ]] && ! use unconfined; then |
117 |
die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." |
118 |
fi |
119 |
done |
120 |
} |
121 |
|
122 |
src_prepare() { |
123 |
local modfiles |
124 |
|
125 |
# Patch the sources with the base patchbundle |
126 |
if [[ -n ${BASEPOL} ]]; |
127 |
then |
128 |
cd "${S}" |
129 |
EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ |
130 |
EPATCH_SUFFIX="patch" \ |
131 |
EPATCH_SOURCE="${WORKDIR}" \ |
132 |
EPATCH_FORCE="yes" \ |
133 |
epatch |
134 |
fi |
135 |
|
136 |
# Apply the additional patches refered to by the module ebuild. |
137 |
# But first some magic to differentiate between bash arrays and strings |
138 |
if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]]; |
139 |
then |
140 |
cd "${S}/refpolicy/policy/modules" |
141 |
for POLPATCH in "${POLICY_PATCH[@]}"; |
142 |
do |
143 |
epatch "${POLPATCH}" |
144 |
done |
145 |
else |
146 |
if [[ -n ${POLICY_PATCH} ]]; |
147 |
then |
148 |
cd "${S}/refpolicy/policy/modules" |
149 |
for POLPATCH in ${POLICY_PATCH}; |
150 |
do |
151 |
epatch "${POLPATCH}" |
152 |
done |
153 |
fi |
154 |
fi |
155 |
|
156 |
# Calling user patches |
157 |
epatch_user |
158 |
|
159 |
# Collect only those files needed for this particular module |
160 |
for i in ${MODS}; do |
161 |
modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" |
162 |
modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" |
163 |
done |
164 |
|
165 |
for i in ${POLICY_TYPES}; do |
166 |
mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" |
167 |
cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ |
168 |
|| die "Failed to copy Makefile.example to ${S}/${i}/Makefile" |
169 |
|
170 |
cp ${modfiles} "${S}"/${i} \ |
171 |
|| die "Failed to copy the module files to ${S}/${i}" |
172 |
done |
173 |
} |
174 |
|
175 |
src_compile() { |
176 |
for i in ${POLICY_TYPES}; do |
177 |
# Parallel builds are broken, so we need to force -j1 here |
178 |
emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed" |
179 |
done |
180 |
} |
181 |
|
182 |
src_install() { |
183 |
local BASEDIR="/usr/share/selinux" |
184 |
|
185 |
for i in ${POLICY_TYPES}; do |
186 |
for j in ${MODS}; do |
187 |
einfo "Installing ${i} ${j} policy package" |
188 |
insinto ${BASEDIR}/${i} |
189 |
doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" |
190 |
done |
191 |
done |
192 |
} |
193 |
|
194 |
pkg_postinst() { |
195 |
# Override the command from the eclass, we need to load in base as well here |
196 |
local COMMAND |
197 |
for i in ${MODS}; do |
198 |
COMMAND="-i ${i}.pp ${COMMAND}" |
199 |
done |
200 |
|
201 |
for i in ${POLICY_TYPES}; do |
202 |
einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" |
203 |
|
204 |
cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}" |
205 |
|
206 |
semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store" |
207 |
done |
208 |
} |