Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-dev:master commit in: sec-policy/selinux-base-policy/files/, sec-policy/selinux-base-policy/
Date: Thu, 30 Jun 2011 10:19:25
Message-Id: 6c6fe18612deef41e53b1e008dd3fc90fc209d73.blueness@gentoo
1 commit: 6c6fe18612deef41e53b1e008dd3fc90fc209d73
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Thu Jun 30 10:19:07 2011 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Thu Jun 30 10:19:07 2011 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=6c6fe186
7
8 sec-policy/elinux-base-policy: -r17 moved to the tree
9
10 (Portage version: 2.1.9.42/git/Linux x86_64, signed Manifest commit with key 0xD0455535)
11
12 ---
13 sec-policy/selinux-base-policy/ChangeLog | 505 --------------------
14 sec-policy/selinux-base-policy/files/config | 12 -
15 .../files/modules.conf.strict.20090730 | 49 --
16 .../files/modules.conf.targeted.20090730 | 50 --
17 ...ndle-selinux-base-policy-2.20101213-r17.tar.bz2 | Bin 15055 -> 0 bytes
18 sec-policy/selinux-base-policy/metadata.xml | 14 -
19 .../selinux-base-policy-2.20101213-r17.ebuild | 129 -----
20 7 files changed, 0 insertions(+), 759 deletions(-)
21
22 diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog
23 deleted file mode 100644
24 index 54c4b50..0000000
25 --- a/sec-policy/selinux-base-policy/ChangeLog
26 +++ /dev/null
27 @@ -1,505 +0,0 @@
28 -# ChangeLog for sec-policy/selinux-base-policy
29 -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
30 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.75 2011/06/02 12:06:45 blueness Exp $
31 -
32 -*selinux-base-policy-2.20101213-r17 (29 Jun 2011)
33 -
34 - 29 Jun 2011; <swift@g.o> +selinux-base-policy-2.20101213-r17.ebuild,
35 - +files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2, +files/config,
36 - +files/modules.conf.strict.20090730, +files/modules.conf.targeted.20090730,
37 - +metadata.xml:
38 - Add support for zabbix interfaces
39 -
40 - 02 Jun 2011; Anthony G. Basile <blueness@g.o>
41 - selinux-base-policy-2.20101213-r16.ebuild:
42 - Stable amd64 x86
43 -
44 - 20 May 2011; Anthony G. Basile <blueness@g.o>
45 - -selinux-base-policy-2.20101213-r5.ebuild,
46 - -selinux-base-policy-2.20101213-r6.ebuild,
47 - -selinux-base-policy-2.20101213-r7.ebuild,
48 - -selinux-base-policy-2.20101213-r9.ebuild,
49 - -selinux-base-policy-2.20101213-r10.ebuild,
50 - -files/patchbundle-selinux-base-policy-2.20101213-r10.tar.bz2,
51 - -files/patchbundle-selinux-base-policy-2.20101213-r5.tar.bz2,
52 - -files/patchbundle-selinux-base-policy-2.20101213-r6.tar.bz2,
53 - -files/patchbundle-selinux-base-policy-2.20101213-r7.tar.bz2,
54 - -files/patchbundle-selinux-base-policy-2.20101213-r9.tar.bz2:
55 - Removed deprecated revisions of base policy 2.20101213
56 -
57 -*selinux-base-policy-2.20101213-r16 (20 May 2011)
58 -
59 - 20 May 2011; Anthony G. Basile <blueness@g.o>
60 - +selinux-base-policy-2.20101213-r16.ebuild,
61 - +files/patchbundle-selinux-base-policy-2.20101213-r16.tar.bz2, metadata.xml:
62 - Drop obsoleted policy builds, add openrc support (rc-update, rc-status),
63 - correct file contexts for /lib64, make UBAC optional (#257111 and #306393),
64 - use portage_srcrepo_t for live ebuilds and match mdadm policy with upstream
65 -
66 -*selinux-base-policy-2.20101213-r12 (16 Apr 2011)
67 -*selinux-base-policy-2.20101213-r11 (16 Apr 2011)
68 -
69 - 16 Apr 2011; Anthony G. Basile <blueness@g.o>
70 - +selinux-base-policy-2.20101213-r11.ebuild,
71 - +selinux-base-policy-2.20101213-r12.ebuild,
72 - +files/patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2,
73 - +files/patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2:
74 - Added new patchbundles for rev bumps to base policy 2.20101213
75 -
76 -*selinux-base-policy-2.20101213-r10 (07 Mar 2011)
77 -*selinux-base-policy-2.20101213-r9 (07 Mar 2011)
78 -
79 - 07 Mar 2011; Anthony G. Basile <blueness@g.o>
80 - +selinux-base-policy-2.20101213-r9.ebuild,
81 - +selinux-base-policy-2.20101213-r10.ebuild,
82 - +files/patchbundle-selinux-base-policy-2.20101213-r10.tar.bz2,
83 - +files/patchbundle-selinux-base-policy-2.20101213-r9.tar.bz2:
84 - Added new patchbundles for rev bumps to base policy 2.20101213
85 -
86 - 05 Feb 2011; Anthony G. Basile <blueness@g.o>
87 - +files/patchbundle-selinux-base-policy-2.20101213-r5.tar.bz2,
88 - +files/patchbundle-selinux-base-policy-2.20101213-r6.tar.bz2,
89 - +files/patchbundle-selinux-base-policy-2.20101213-r7.tar.bz2:
90 - Added patchbundle for base policy 2.20101213.
91 -
92 -*selinux-base-policy-2.20101213-r7 (05 Feb 2011)
93 -*selinux-base-policy-2.20101213-r6 (05 Feb 2011)
94 -*selinux-base-policy-2.20101213-r5 (05 Feb 2011)
95 -
96 - 05 Feb 2011; Anthony G. Basile <blueness@g.o>
97 - +selinux-base-policy-2.20101213-r5.ebuild,
98 - +selinux-base-policy-2.20101213-r6.ebuild,
99 - +selinux-base-policy-2.20101213-r7.ebuild:
100 - New upstream policy.
101 -
102 -*selinux-base-policy-2.20091215 (16 Dec 2009)
103 -
104 - 16 Dec 2009; Chris PeBenito <pebenito@g.o>
105 - +selinux-base-policy-2.20091215.ebuild:
106 - New upstream release.
107 -
108 -*selinux-base-policy-20080525-r1 (14 Sep 2009)
109 -
110 - 14 Sep 2009; Chris PeBenito <pebenito@g.o>
111 - +selinux-base-policy-20080525-r1.ebuild:
112 - Update old base policy to support ext4.
113 -
114 - 14 Aug 2009; Chris PeBenito <pebenito@g.o>
115 - -selinux-base-policy-20070329.ebuild,
116 - -selinux-base-policy-20070928.ebuild, selinux-base-policy-20080525.ebuild:
117 - Mark 20080525 stable, clear old ebuilds.
118 -
119 -*selinux-base-policy-2.20090814 (14 Aug 2009)
120 -
121 - 14 Aug 2009; Chris PeBenito <pebenito@g.o>
122 - +selinux-base-policy-2.20090814.ebuild:
123 - Git version of refpolicy for misc fixes including some cron problems.
124 -
125 -*selinux-base-policy-2.20090730 (03 Aug 2009)
126 -
127 - 03 Aug 2009; Chris PeBenito <pebenito@g.o>
128 - +selinux-base-policy-2.20090730.ebuild:
129 - New upstream release.
130 -
131 - 18 Jul 2009; Chris PeBenito <pebenito@g.o>
132 - selinux-base-policy-20070329.ebuild, selinux-base-policy-20070928.ebuild,
133 - selinux-base-policy-20080525.ebuild:
134 - Drop alpha, mips, ppc, sparc selinux support.
135 -
136 -*selinux-base-policy-20080525 (25 May 2008)
137 -
138 - 25 May 2008; Chris PeBenito <pebenito@g.o>
139 - +selinux-base-policy-20080525.ebuild:
140 - New SVN snapshot.
141 -
142 - 16 Mar 2008; Chris PeBenito <pebenito@g.o>
143 - -selinux-base-policy-20051022-r1.ebuild,
144 - -selinux-base-policy-20061114.ebuild:
145 - Remove old ebuilds.
146 -
147 - 03 Feb 2008; Chris PeBenito <pebenito@g.o>
148 - selinux-base-policy-20070928.ebuild:
149 - Mark stable.
150 -
151 -*selinux-base-policy-20070928 (26 Nov 2007)
152 -
153 - 26 Nov 2007; Chris PeBenito <pebenito@g.o>
154 - +selinux-base-policy-20070928.ebuild:
155 - New SVN snapshot.
156 -
157 - 04 Jun 2007; Chris PeBenito <pebenito@g.o>
158 - selinux-base-policy-20070329.ebuild:
159 - Mark stable.
160 -
161 - 30 Mar 2007; Chris PeBenito <pebenito@g.o>
162 - +files/selinux-base-policy-20070329.diff,
163 - selinux-base-policy-20070329.ebuild:
164 - Compile fix.
165 -
166 -*selinux-base-policy-20070329 (29 Mar 2007)
167 -
168 - 29 Mar 2007; Chris PeBenito <pebenito@g.o>
169 - +selinux-base-policy-20070329.ebuild:
170 - New SVN snapshot.
171 -
172 - 22 Feb 2007; Markus Ullmann <jokey@g.o> ChangeLog:
173 - Redigest for Manifest2
174 -
175 -*selinux-base-policy-20061114 (15 Nov 2006)
176 -
177 - 15 Nov 2006; Chris PeBenito <pebenito@g.o>
178 - +selinux-base-policy-20061114.ebuild:
179 - New SVN snapshot.
180 -
181 - 25 Oct 2006; Chris PeBenito <pebenito@g.o>
182 - selinux-base-policy-20061015.ebuild:
183 - Fix to have default POLICY_TYPES if it is empty.
184 -
185 - 21 Oct 2006; Chris PeBenito <pebenito@g.o>
186 - selinux-base-policy-20061015.ebuild:
187 - Fix xml generation failure to die.
188 -
189 -*selinux-base-policy-20061015 (15 Oct 2006)
190 -
191 - 15 Oct 2006; Chris PeBenito <pebenito@g.o>
192 - -selinux-base-policy-20061008.ebuild,
193 - +selinux-base-policy-20061015.ebuild:
194 - Update for testing fixes.
195 -
196 -*selinux-base-policy-20061008 (08 Oct 2006)
197 -
198 - 08 Oct 2006; Chris PeBenito <pebenito@g.o> -files/semanage.conf,
199 - +selinux-base-policy-20061008.ebuild,
200 - -selinux-base-policy-99999999.ebuild:
201 - First mainstream reference policy testing release.
202 -
203 - 29 Sep 2006; Chris PeBenito <pebenito@g.o>
204 - selinux-base-policy-99999999.ebuild:
205 - Fix for new SVN location. Fixes 147781.
206 -
207 - 22 Feb 2006; Stephen Bennett <spb@g.o>
208 - selinux-base-policy-20051022-r1.ebuild:
209 - Alpha stable
210 -
211 -*selinux-base-policy-99999999 (02 Feb 2006)
212 -
213 - 02 Feb 2006; Chris PeBenito <pebenito@g.o> +files/config,
214 - +files/modules.conf.strict, +files/modules.conf.targeted,
215 - +files/semanage.conf, +selinux-base-policy-99999999.ebuild:
216 - Add experimental policy for testing reference policy. Requires portage fix
217 - from bug #110857.
218 -
219 - 02 Feb 2006; Chris PeBenito <pebenito@g.o>
220 - -selinux-base-policy-20050322.ebuild,
221 - -selinux-base-policy-20050618.ebuild,
222 - -selinux-base-policy-20050821.ebuild,
223 - -selinux-base-policy-20051022.ebuild:
224 - Clean out old ebuilds.
225 -
226 - 14 Jan 2006; Stephen Bennett <spb@g.o>
227 - selinux-base-policy-20051022-r1.ebuild:
228 - Added ~alpha
229 -
230 -*selinux-base-policy-20051022-r1 (08 Dec 2005)
231 -
232 - 08 Dec 2005; Chris PeBenito <pebenito@g.o>
233 - +selinux-base-policy-20051022-r1.ebuild:
234 - Change to use compatability genhomedircon. Newer policycoreutils (1.28)
235 - breaks the backwards compatability this policy uses.
236 -
237 -*selinux-base-policy-20051022 (22 Oct 2005)
238 -
239 - 22 Oct 2005; Chris PeBenito <pebenito@g.o>
240 - +selinux-base-policy-20051022.ebuild:
241 - Very trivial fixes.
242 -
243 - 08 Sep 2005; Chris PeBenito <pebenito@g.o>
244 - selinux-base-policy-20050821.ebuild:
245 - Mark stable.
246 -
247 -*selinux-base-policy-20050821 (21 Aug 2005)
248 -
249 - 21 Aug 2005; Chris PeBenito <pebenito@g.o>
250 - +selinux-base-policy-20050821.ebuild:
251 - Minor updates for 2.6.12.
252 -
253 - 21 Jun 2005; Chris PeBenito <pebenito@g.o>
254 - selinux-base-policy-20050618.ebuild:
255 - Mark stable.
256 -
257 -*selinux-base-policy-20050618 (18 Jun 2005)
258 -
259 - 18 Jun 2005; Chris PeBenito <pebenito@g.o>
260 - -selinux-base-policy-20041123.ebuild,
261 - -selinux-base-policy-20050306.ebuild,
262 - +selinux-base-policy-20050618.ebuild:
263 - New release to support 2.6.12 features.
264 -
265 - 10 May 2005; Stephen Bennett <spb@g.o>
266 - selinux-base-policy-20050322.ebuild:
267 - mips stable
268 -
269 - 01 May 2005; Stephen Bennett <spb@g.o>
270 - selinux-base-policy-20050322.ebuild:
271 - Added ~mips.
272 -
273 -*selinux-base-policy-20050322 (23 Mar 2005)
274 -
275 - 23 Mar 2005; Chris PeBenito <pebenito@g.o>
276 - +selinux-base-policy-20050322.ebuild:
277 - New release.
278 -
279 -*selinux-base-policy-20050306 (06 Mar 2005)
280 -
281 - 06 Mar 2005; Chris PeBenito <pebenito@g.o>
282 - +selinux-base-policy-20050306.ebuild:
283 - Fix bad samba_domain dummy macro. Add policies needed for udev support.
284 -
285 -*selinux-base-policy-20050224 (24 Feb 2005)
286 -
287 - 24 Feb 2005; Chris PeBenito <pebenito@g.o>
288 - +selinux-base-policy-20050224.ebuild:
289 - New release.
290 -
291 - 19 Jan 2005; Chris PeBenito <pebenito@g.o>
292 - selinux-base-policy-20041123.ebuild:
293 - Mark stable.
294 -
295 -*selinux-base-policy-20041123 (23 Nov 2004)
296 -
297 - 23 Nov 2004; Chris PeBenito <pebenito@g.o>
298 - +selinux-base-policy-20041123.ebuild:
299 - New release with 1.18 merge.
300 -
301 -*selinux-base-policy-20041023 (23 Oct 2004)
302 -
303 - 23 Oct 2004; Chris PeBenito <pebenito@g.o>
304 - +selinux-base-policy-20041023.ebuild:
305 - New release with 1.16 merge. Tcpd and inetd have been deprecated since they
306 - are not in the base system anymore, and probably no one uses them anyway.
307 -
308 -*selinux-base-policy-20040906 (06 Sep 2004)
309 -
310 - 06 Sep 2004; Chris PeBenito <pebenito@g.o>
311 - +selinux-base-policy-20040906.ebuild:
312 - New release with 1.14 merge, which has policy 18 (fine-grained netlink)
313 - features.
314 -
315 - 05 Sep 2004; Chris PeBenito <pebenito@g.o>
316 - selinux-base-policy-20040225.ebuild, -selinux-base-policy-20040509.ebuild,
317 - -selinux-base-policy-20040604.ebuild, selinux-base-policy-20040629.ebuild,
318 - selinux-base-policy-20040702.ebuild:
319 - Remove old builds, switch to epause and ebeep in remaining builds.
320 -
321 -*selinux-base-policy-20040702 (02 Jul 2004)
322 -
323 - 02 Jul 2004; Chris PeBenito <pebenito@g.o>
324 - +selinux-base-policy-20040702.ebuild:
325 - Same as 20040629, except with updated flask headers, which will come out in
326 - 2.6.8.
327 -
328 -*selinux-base-policy-20040629 (29 Jun 2004)
329 -
330 - 29 Jun 2004; Chris PeBenito <pebenito@g.o>
331 - +selinux-base-policy-20040629.ebuild:
332 - Large sysadmfile cleanup: disable admin_separation to give sysadm_r back its
333 - ablility to modify all files. Minor fixes: portage_r works again, syslog-ng
334 - breakage fixed, put back manual PaX policy for pageexec/segmexec.
335 -
336 - 16 Jun 2004; Chris PeBenito <pebenito@g.o>
337 - selinux-base-policy-20040604.ebuild:
338 - Mark stable.
339 -
340 - 10 Jun 2004; Chris PeBenito <pebenito@g.o>
341 - selinux-base-policy-20040225.ebuild, selinux-base-policy-20040509.ebuild,
342 - selinux-base-policy-20040604.ebuild:
343 - Add src_compile() stub
344 -
345 -*selinux-base-policy-20040604 (04 Jun 2004)
346 -
347 - 04 Jun 2004; Chris PeBenito <pebenito@g.o>
348 - +selinux-base-policy-20040604.ebuild:
349 - New release including 1.12 NSA policy, and experimental sesandbox.
350 -
351 - 15 May 2004; Chris PeBenito <pebenito@g.o>
352 - selinux-base-policy-20040509.ebuild:
353 - Mark stable.
354 -
355 -*selinux-base-policy-20040509 (09 May 2004)
356 -
357 - 09 May 2004; Chris PeBenito <pebenito@g.o>
358 - +selinux-base-policy-20040509.ebuild:
359 - A few small cleanups. Make PaX non exec pages macro based on arch. Large
360 - portage update, get rid of portage_exec_fetch_t, portage will setexec. Add
361 - global_ssp tunable.
362 -
363 -*selinux-base-policy-20040418 (18 Apr 2004)
364 -
365 - 18 Apr 2004; Chris PeBenito <pebenito@g.o>
366 - +selinux-base-policy-20040418.ebuild:
367 - New release for checkpolicy 1.10
368 -
369 -*selinux-base-policy-20040414 (14 Apr 2004)
370 -
371 - 14 Apr 2004; Chris PeBenito <pebenito@g.o>
372 - -selinux-base-policy-20040408.ebuild, +selinux-base-policy-20040414.ebuild:
373 - Minor updates
374 -
375 -*selinux-base-policy-20040408 (08 Apr 2004)
376 -
377 - 08 Apr 2004; Chris PeBenito <pebenito@g.o>
378 - selinux-base-policy-20040408.ebuild:
379 - New update. Users.fc is now deprecated, as the contexts for user directories
380 - is now automatically generated. Portage fetching of distfiles now has a
381 - subdomain, for dropping priviledges.
382 -
383 - 28 Feb 2004; Chris PeBenito <pebenito@g.o>
384 - selinux-base-policy-20040225.ebuild:
385 - Mark stable.
386 -
387 -*selinux-base-policy-20040225 (25 Feb 2004)
388 -
389 - 25 Feb 2004; Chris PeBenito <pebenito@g.o>
390 - selinux-base-policy-20040225.ebuild:
391 - New support for PaX ACL hooks. Addition of tunable.te for configurable policy
392 - options. Rewrite of portage.te. Now auto-transition for sysadm is default, can
393 - reenable portage_r by tunable.te. Makefile update from NSA CVS.
394 -
395 -*selinux-base-policy-20040209 (09 Feb 2004)
396 -
397 - 09 Feb 2004; Chris PeBenito <pebenito@g.o>
398 - selinux-base-policy-20040209.ebuild:
399 - Minor revision to add XFS labeling and policy for integrated
400 - runscript-run_init.
401 -
402 - 07 Feb 2004; Chris PeBenito <pebenito@g.o>
403 - selinux-base-policy-20040202.ebuild:
404 - Mark x86 stable.
405 -
406 -*selinux-base-policy-20040202 (02 Feb 2004)
407 -
408 - 02 Feb 2004; Chris PeBenito <pebenito@g.o>
409 - selinux-base-policy-20040202.ebuild:
410 - A few misc fixes. Allow portage to update bootloader code, such as in lilo or
411 - grub postinst. This requires checkpolicy 1.4-r1.
412 -
413 -*selinux-base-policy-20031225 (25 Dec 2003)
414 -
415 - 25 Dec 2003; Chris PeBenito <pebenito@g.o>
416 - selinux-base-policy-20031225.ebuild:
417 - New release, with merged NSA 1.4 policy. One critical note, this policy
418 - requires pam 0.77. Much work has been done to minimize access to /etc/shadow,
419 - and one requirement is in the patch for pam 0.77. If you do not use this pam
420 - version or newer, you will be unable to authenticate in enforcing. Since
421 - devfs no longer is usable in SELinux, it's policy has been removed. You
422 - should merge the changes, remove the devfsd policy (devfsd.te and devfsd.fc),
423 - load the policy, and relabel.
424 -
425 - 27 Nov 2003; Chris PeBenito <pebenito@g.o>
426 - selinux-base-policy-20031010-r1.ebuild:
427 - Mark stable. Add build USE flag for stage building.
428 -
429 -*selinux-base-policy-20031010-r1 (12 Nov 2003)
430 -
431 - 12 Nov 2003; Chris PeBenito <pebenito@g.o>
432 - selinux-base-policy-20031010-r1.ebuild,
433 - files/selinux-base-policy-20031010-cvs.diff:
434 - Add fixes from policy cvs for compilers, so non x86 and ppc compilers can
435 - work. Also portage update as a side effect of updated setfiles code in
436 - portage, from bug 31748.
437 -
438 - 28 Oct 2003; Chris PeBenito <pebenito@g.o>
439 - selinux-base-policy-20031010.ebuild:
440 - Mark stable
441 -
442 -*selinux-base-policy-20031010 (10 Oct 2003)
443 -
444 - 10 Oct 2003; Chris PeBenito <pebenito@g.o>
445 - selinux-base-policy-20031010.ebuild:
446 - New release for new API. Massive cleanups all over the place.
447 -
448 -*selinux-base-policy-20030817 (17 Aug 2003)
449 -
450 - 17 Aug 2003; Chris PeBenito <pebenito@g.o>
451 - selinux-base-policy-20030817.ebuild:
452 - Initial commit of new API policy
453 -
454 - 10 Aug 2003; Chris PeBenito <pebenito@g.o>
455 - selinux-base-policy-20030729-r1.ebuild:
456 - Mark stable
457 -
458 -*selinux-base-policy-20030729-r1 (31 Jul 2003)
459 -
460 - 31 Jul 2003; Chris PeBenito <pebenito@g.o>
461 - selinux-base-policy-20030729-r1.ebuild:
462 - New rev that handles an empty POLICYDIR sanely.
463 -
464 -*selinux-base-policy-20030729 (29 Jul 2003)
465 -
466 - 29 Jul 2003; Chris PeBenito <pebenito@g.o>
467 - selinux-base-policy-20030729.ebuild:
468 - Make the ebuild use POLICYDIR. Important fix so portage can load policy so
469 - selinux-policy.eclass works. update_modules_t cleanup. Fix for an access when
470 - merging baselayout.
471 -
472 -*selinux-base-policy-20030720 (20 Jul 2003)
473 -
474 - 20 Jul 2003; Chris PeBenito <pebenito@g.o>
475 - selinux-base-policy-20030720.ebuild:
476 - Many fixes, including the syslog fix. File contexts have changed, so a relabel
477 - is needed. You may encounter problems relabeling /usr/portage, as its file
478 - context has changed, as files should not have the same type as a domain.
479 - Relabelling in permissive will fix this, or temporarily give portage_t a
480 - file_type attribute. Tightened the can_exec_any() macro. Moved staff.fc to
481 - users.fc, since all users with SELinux identities should have their home
482 - directories have the correct identity, not the generic identity.
483 -
484 - 06 Jun 2003; Chris PeBenito <pebenito@g.o>
485 - selinux-base-policy-20030604.ebuild:
486 - Mark stable
487 -
488 -*selinux-base-policy-20030604 (04 Jun 2003)
489 -
490 - 04 Jun 2003; Chris PeBenito <pebenito@g.o>
491 - selinux-base-policy-20030604.ebuild:
492 - Fix broken 20030603
493 -
494 - 04 Jun 2003; Chris PeBenito <pebenito@g.o>
495 - selinux-base-policy-20030603.ebuild:
496 - Pulling 20030603, as there are problems, 20030604 later today
497 -
498 -*selinux-base-policy-20030603 (03 Jun 2003)
499 -
500 - 03 Jun 2003; Chris PeBenito <pebenito@g.o>
501 - selinux-base-policy-20030603.ebuild:
502 - Numerous various fixes. Added staff role. Removed ipsec, gpm and gpg policies
503 - as they are not appropriate for the base policy, and untested.
504 -
505 -*selinux-base-policy-20030522 (22 May 2003)
506 -
507 - 22 May 2003; Chris PeBenito <pebenito@g.o>
508 - selinux-base-policy-20030522.ebuild:
509 - The policy is in pretty good shape now. I've been able to run in enforcing mode
510 - with little problem. I've also been able to successfully merge and unmerge
511 - packages in enforcing mode, with few exceptions (why does mysql need to run ps
512 - during configure?).
513 -
514 -*selinux-base-policy-20030514 (14 May 2003)
515 -
516 - 14 May 2003; Chris PeBenito <pebenito@g.o>
517 - selinux-base-policy-20030514.ebuild:
518 - Many improvements in many areas. Of note, rlogind policies were removed. Klogd
519 - is being merged into syslogd. The portage policy is much more complete, but
520 - still needs work. Its suggested that all changes be merged in, policy
521 - reloaded, then relabel.
522 -
523 -*selinux-base-policy-20030419 (19 Apr 2003)
524 -
525 - 23 Apr 2003; Chris PeBenito <pebenito@g.o>
526 - selinux-base-policy-20030419.ebuild:
527 - Marking stable for selinux-small stable usage
528 -
529 - 19 Apr 2003; Chris PeBenito <pebenito@g.o> Manifest,
530 - selinux-base-policy-20030419.ebuild:
531 - Initial commit. Base policies for SELinux, with Gentoo-specifics
532 -
533
534 diff --git a/sec-policy/selinux-base-policy/files/config b/sec-policy/selinux-base-policy/files/config
535 deleted file mode 100644
536 index 41e6993..0000000
537 --- a/sec-policy/selinux-base-policy/files/config
538 +++ /dev/null
539 @@ -1,12 +0,0 @@
540 -# This file controls the state of SELinux on the system on boot.
541 -
542 -# SELINUX can take one of these three values:
543 -# enforcing - SELinux security policy is enforced.
544 -# permissive - SELinux prints warnings instead of enforcing.
545 -# disabled - No SELinux policy is loaded.
546 -SELINUX=permissive
547 -
548 -# SELINUXTYPE can take one of these two values:
549 -# targeted - Only targeted network daemons are protected.
550 -# strict - Full SELinux protection.
551 -SELINUXTYPE=strict
552
553 diff --git a/sec-policy/selinux-base-policy/files/modules.conf.strict.20090730 b/sec-policy/selinux-base-policy/files/modules.conf.strict.20090730
554 deleted file mode 100644
555 index fcb3fd8..0000000
556 --- a/sec-policy/selinux-base-policy/files/modules.conf.strict.20090730
557 +++ /dev/null
558 @@ -1,49 +0,0 @@
559 -application = base
560 -authlogin = base
561 -bootloader = base
562 -clock = base
563 -consoletype = base
564 -corecommands = base
565 -corenetwork = base
566 -cron = base
567 -devices = base
568 -dmesg = base
569 -domain = base
570 -files = base
571 -filesystem = base
572 -fstools = base
573 -getty = base
574 -hostname = base
575 -hotplug = base
576 -init = base
577 -iptables = base
578 -kernel = base
579 -libraries = base
580 -locallogin = base
581 -logging = base
582 -lvm = base
583 -miscfiles = base
584 -mcs = base
585 -mls = base
586 -modutils = base
587 -mount = base
588 -mta = base
589 -netutils = base
590 -nscd = base
591 -portage = base
592 -raid = base
593 -rsync = base
594 -selinux = base
595 -selinuxutil = base
596 -ssh = base
597 -staff = base
598 -storage = base
599 -su = base
600 -sysadm = base
601 -sysnetwork = base
602 -terminal = base
603 -ubac = base
604 -udev = base
605 -userdomain = base
606 -usermanage = base
607 -unprivuser = base
608
609 diff --git a/sec-policy/selinux-base-policy/files/modules.conf.targeted.20090730 b/sec-policy/selinux-base-policy/files/modules.conf.targeted.20090730
610 deleted file mode 100644
611 index ee8a14c..0000000
612 --- a/sec-policy/selinux-base-policy/files/modules.conf.targeted.20090730
613 +++ /dev/null
614 @@ -1,50 +0,0 @@
615 -application = base
616 -authlogin = base
617 -bootloader = base
618 -clock = base
619 -consoletype = base
620 -corecommands = base
621 -corenetwork = base
622 -cron = base
623 -devices = base
624 -dmesg = base
625 -domain = base
626 -files = base
627 -filesystem = base
628 -fstools = base
629 -getty = base
630 -hostname = base
631 -hotplug = base
632 -init = base
633 -iptables = base
634 -kernel = base
635 -libraries = base
636 -locallogin = base
637 -logging = base
638 -lvm = base
639 -miscfiles = base
640 -mcs = base
641 -mls = base
642 -modutils = base
643 -mount = base
644 -mta = base
645 -netutils = base
646 -nscd = base
647 -portage = base
648 -raid = base
649 -rsync = base
650 -selinux = base
651 -selinuxutil = base
652 -ssh = base
653 -staff = base
654 -storage = base
655 -su = base
656 -sysadm = base
657 -sysnetwork = base
658 -terminal = base
659 -ubac = base
660 -udev = base
661 -unconfined = base
662 -userdomain = base
663 -usermanage = base
664 -unprivuser = base
665
666 diff --git a/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2 b/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2
667 deleted file mode 100644
668 index 5cab0d3..0000000
669 Binary files a/sec-policy/selinux-base-policy/files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2 and /dev/null differ
670
671 diff --git a/sec-policy/selinux-base-policy/metadata.xml b/sec-policy/selinux-base-policy/metadata.xml
672 deleted file mode 100644
673 index 393f3bb..0000000
674 --- a/sec-policy/selinux-base-policy/metadata.xml
675 +++ /dev/null
676 @@ -1,14 +0,0 @@
677 -<?xml version="1.0" encoding="UTF-8"?>
678 -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
679 -<pkgmetadata>
680 - <herd>selinux</herd>
681 - <longdescription>
682 - Gentoo SELinux base policy. This contains policy for a system at the end of system installation.
683 - There is no extra policy in this package.
684 - </longdescription>
685 - <use>
686 - <flag name='peer_perms'>Enable the labeled networking peer permissions (SELinux policy capability).</flag>
687 - <flag name='open_perms'>Enable the open permissions for file object classes (SELinux policy capability).</flag>
688 - <flag name='ubac'>Enable User Based Access Control (UBAC) in the SELinux policy</flag>
689 - </use>
690 -</pkgmetadata>
691
692 diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild
693 deleted file mode 100644
694 index 7bc78de..0000000
695 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild
696 +++ /dev/null
697 @@ -1,129 +0,0 @@
698 -# Copyright 1999-2011 Gentoo Foundation
699 -# Distributed under the terms of the GNU General Public License v2
700 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r12.ebuild,v 1.1 2011/04/16 13:02:44 blueness Exp $
701 -
702 -EAPI="1"
703 -IUSE="+peer_perms +open_perms +ubac"
704 -
705 -inherit eutils
706 -
707 -PATCHBUNDLE="${FILESDIR}/patchbundle-${PF}.tar.bz2"
708 -DESCRIPTION="Gentoo base policy for SELinux"
709 -HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
710 -SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2"
711 -LICENSE="GPL-2"
712 -SLOT="0"
713 -
714 -KEYWORDS="~amd64 ~x86"
715 -
716 -RDEPEND=">=sys-apps/policycoreutils-1.30.30
717 - >=sys-fs/udev-151"
718 -DEPEND="${RDEPEND}
719 - sys-devel/m4
720 - >=sys-apps/checkpolicy-1.30.12"
721 -
722 -S=${WORKDIR}/
723 -
724 -src_unpack() {
725 - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
726 - MOD_CONF_VER="20090730"
727 -
728 - unpack ${A}
729 -
730 - cd "${S}"
731 - epatch "${PATCHBUNDLE}"
732 - cd "${S}/refpolicy"
733 - # Fix bug 257111
734 - sed -i -e 's:system_crond_t:system_cronjob_t:g' \
735 - "${S}/refpolicy/config/appconfig-standard/default_contexts"
736 -
737 - if ! use peer_perms; then
738 - sed -i -e '/network_peer_controls/d' \
739 - "${S}/refpolicy/policy/policy_capabilities"
740 - fi
741 -
742 - if ! use open_perms; then
743 - sed -i -e '/open_perms/d' \
744 - "${S}/refpolicy/policy/policy_capabilities"
745 - fi
746 -
747 - for i in ${POLICY_TYPES}; do
748 - cp -a "${S}/refpolicy" "${S}/${i}"
749 -
750 - cd "${S}/${i}";
751 - make conf || die "Make conf in ${i} failed"
752 -
753 - cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \
754 - "${S}/${i}/policy/modules.conf" \
755 - || die "failed to set up modules.conf"
756 - sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \
757 - -e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \
758 - || die "build.conf setup failed."
759 -
760 - if ! use ubac; then
761 - sed -i -e 's:^UBAC = y:UBAC = n:g' "${S}/${i}/build.conf"
762 - fi
763 -
764 - echo "DISTRO = gentoo" >> "${S}/${i}/build.conf"
765 -
766 - if [ "${i}" == "targeted" ]; then
767 - sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \
768 - "${S}/${i}/config/appconfig-standard/seusers" \
769 - || die "targeted seusers setup failed."
770 - fi
771 - done
772 -}
773 -
774 -src_compile() {
775 - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
776 -
777 - for i in ${POLICY_TYPES}; do
778 - cd "${S}/${i}"
779 - make base || die "${i} compile failed"
780 - done
781 -}
782 -
783 -src_install() {
784 - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
785 -
786 - for i in ${POLICY_TYPES}; do
787 - cd "${S}/${i}"
788 -
789 - make DESTDIR="${D}" install \
790 - || die "${i} install failed."
791 -
792 - make DESTDIR="${D}" install-headers \
793 - || die "${i} headers install failed."
794 -
795 - echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type"
796 -
797 - echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types"
798 -
799 - # libsemanage won't make this on its own
800 - keepdir "/etc/selinux/${i}/policy"
801 - done
802 -
803 - dodoc doc/Makefile.example doc/example.{te,fc,if}
804 -
805 - insinto /etc/selinux
806 - doins "${FILESDIR}/config"
807 -}
808 -
809 -pkg_preinst() {
810 - has_version "<${CATEGORY}/${PN}-2.20101213-r13"
811 - previous_less_than_r13=$?
812 -}
813 -
814 -pkg_postinst() {
815 - [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
816 -
817 - for i in ${POLICY_TYPES}; do
818 - einfo "Inserting base module into ${i} module store."
819 -
820 - cd "/usr/share/selinux/${i}"
821 - semodule -s "${i}" -b base.pp || die "Could not load in new base policy"
822 - done
823 - elog "Updates on policies might require you to relabel files. If you, after"
824 - elog "installing new SELinux policies, get 'permission denied' errors,"
825 - elog "relabelling your system using 'rlpkg -a -r' might resolve the issues."
826 -}
Report Message
Find on MARC Find on Google Groups