[gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base-policy: ChangeLog selinux-base-policy-2.20101213-r17.ebuild - gentoo-commits

From:	"Anthony G. Basile (blueness)" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base-policy: ChangeLog selinux-base-policy-2.20101213-r17.ebuild
Date:	Thu, 30 Jun 2011 10:17:44
Message-Id:	`20110630101735.A8BC820054@flycatcher.gentoo.org`

1

blueness    11/06/30 10:17:35

2

3

  Modified:             ChangeLog

4

  Added:                selinux-base-policy-2.20101213-r17.ebuild

5

  Log:

6

  Add support for zabbix

7

8

  (Portage version: 2.1.9.42/cvs/Linux x86_64)

9

10

Revision  Changes    Path

11

1.76                 sec-policy/selinux-base-policy/ChangeLog

12

13

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.76&view=markup

14

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.76&content-type=text/plain

15

diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?r1=1.75&r2=1.76

16

17

Index: ChangeLog

18

===================================================================

19

RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v

20

retrieving revision 1.75

21

retrieving revision 1.76

22

diff -u -r1.75 -r1.76

23

--- ChangeLog	2 Jun 2011 12:06:45 -0000	1.75

24

+++ ChangeLog	30 Jun 2011 10:17:35 -0000	1.76

25

@@ -1,6 +1,13 @@

26

 # ChangeLog for sec-policy/selinux-base-policy

27

 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2

28

-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.75 2011/06/02 12:06:45 blueness Exp $

29

+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.76 2011/06/30 10:17:35 blueness Exp $

30

+

31

+*selinux-base-policy-2.20101213-r17 (30 Jun 2011)

32

+

33

+  30 Jun 2011; Anthony G. Basile <blueness@g.o>

34

+  +selinux-base-policy-2.20101213-r17.ebuild,

35

+  +files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2:

36

+  Add support for zabbix

37

38

   02 Jun 2011; Anthony G. Basile <blueness@g.o>

39

   selinux-base-policy-2.20101213-r16.ebuild:

1.1                  sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild

44

45

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild?rev=1.1&view=markup

46

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild?rev=1.1&content-type=text/plain

47

48

Index: selinux-base-policy-2.20101213-r17.ebuild

49

===================================================================

50

# Copyright 1999-2011 Gentoo Foundation

51

# Distributed under the terms of the GNU General Public License v2

52

# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild,v 1.1 2011/06/30 10:17:35 blueness Exp $

53

54

EAPI="1"

55

IUSE="+peer_perms +open_perms +ubac"

56

57

inherit eutils

58

59

PATCHBUNDLE="${FILESDIR}/patchbundle-${PF}.tar.bz2"

60

DESCRIPTION="Gentoo base policy for SELinux"

61

HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"

62

SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2"

63

LICENSE="GPL-2"

64

SLOT="0"

65

66

KEYWORDS="~amd64 ~x86"

67

68

RDEPEND=">=sys-apps/policycoreutils-1.30.30

69

	>=sys-fs/udev-151"

70

DEPEND="${RDEPEND}

71

	sys-devel/m4

72

	>=sys-apps/checkpolicy-1.30.12"

73

74

S=${WORKDIR}/

75

76

src_unpack() {

77

	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"

78

	MOD_CONF_VER="20090730"

79

80

	unpack ${A}

81

82

	cd "${S}"

83

	epatch "${PATCHBUNDLE}"

84

	cd "${S}/refpolicy"

85

	# Fix bug 257111

86

	sed -i -e 's:system_crond_t:system_cronjob_t:g' \

87

		"${S}/refpolicy/config/appconfig-standard/default_contexts"

88

89

	if ! use peer_perms; then

90

		sed -i -e '/network_peer_controls/d' \

91

			"${S}/refpolicy/policy/policy_capabilities"

92

fi

93

94

	if ! use open_perms; then

95

		sed -i -e '/open_perms/d' \

96

			"${S}/refpolicy/policy/policy_capabilities"

97

fi

98

99

	for i in ${POLICY_TYPES}; do

100

		cp -a "${S}/refpolicy" "${S}/${i}"

101

102

		cd "${S}/${i}";

103

		make conf || die "Make conf in ${i} failed"

104

105

		cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \

106

			"${S}/${i}/policy/modules.conf" \

107

			|| die "failed to set up modules.conf"

108

		sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \

109

			-e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \

110

			|| die "build.conf setup failed."

111

112

		if ! use ubac; then

113

			sed -i -e 's:^UBAC = y:UBAC = n:g' "${S}/${i}/build.conf"

114

fi

115

116

		echo "DISTRO = gentoo" >> "${S}/${i}/build.conf"

117

118

		if [ "${i}" == "targeted" ]; then

119

			sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \

120

			"${S}/${i}/config/appconfig-standard/seusers" \

121

			|| die "targeted seusers setup failed."

122

fi

123

	done

124

}

125

126

src_compile() {

127

	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"

128

129

	for i in ${POLICY_TYPES}; do

130

		cd "${S}/${i}"

131

		make base || die "${i} compile failed"

132

	done

133

}

134

135

src_install() {

136

	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"

137

138

	for i in ${POLICY_TYPES}; do

139

		cd "${S}/${i}"

140

141

		make DESTDIR="${D}" install \

142

			|| die "${i} install failed."

143

144

		make DESTDIR="${D}" install-headers \

145

			|| die "${i} headers install failed."

146

147

		echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type"

148

149

		echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types"

150

151

		# libsemanage won't make this on its own

152

		keepdir "/etc/selinux/${i}/policy"

153

	done

154

155

	dodoc doc/Makefile.example doc/example.{te,fc,if}

156

157

	insinto /etc/selinux

158

	doins "${FILESDIR}/config"

159

}

160

161

pkg_preinst() {

162

	has_version "<${CATEGORY}/${PN}-2.20101213-r13"

163

	previous_less_than_r13=$?

164

}

165

166

pkg_postinst() {

167

	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"

168

169

	for i in ${POLICY_TYPES}; do

170

		einfo "Inserting base module into ${i} module store."

171

172

		cd "/usr/share/selinux/${i}"

173

		semodule -s "${i}" -b base.pp || die "Could not load in new base policy"

174

	done

175

	elog "Updates on policies might require you to relabel files. If you, after"

176

	elog "installing new SELinux policies, get 'permission denied' errors,"

177

	elog "relabelling your system using 'rlpkg -a -r' might resolve the issues."

178

}

1	blueness 11/06/30 10:17:35
2
3	Modified: ChangeLog
4	Added: selinux-base-policy-2.20101213-r17.ebuild
5	Log:
6	Add support for zabbix
7
8	(Portage version: 2.1.9.42/cvs/Linux x86_64)
9
10	Revision Changes Path
11	1.76 sec-policy/selinux-base-policy/ChangeLog
12
13	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.76&view=markup
14	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.76&content-type=text/plain
15	diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?r1=1.75&r2=1.76
16
17	Index: ChangeLog
18	===================================================================
19	RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v
20	retrieving revision 1.75
21	retrieving revision 1.76
22	diff -u -r1.75 -r1.76
23	--- ChangeLog 2 Jun 2011 12:06:45 -0000 1.75
24	+++ ChangeLog 30 Jun 2011 10:17:35 -0000 1.76
25	@@ -1,6 +1,13 @@
26	# ChangeLog for sec-policy/selinux-base-policy
27	# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
28	-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.75 2011/06/02 12:06:45 blueness Exp $
29	+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.76 2011/06/30 10:17:35 blueness Exp $
30	+
31	+*selinux-base-policy-2.20101213-r17 (30 Jun 2011)
32	+
33	+ 30 Jun 2011; Anthony G. Basile <blueness@g.o>
34	+ +selinux-base-policy-2.20101213-r17.ebuild,
35	+ +files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2:
36	+ Add support for zabbix
37
38	02 Jun 2011; Anthony G. Basile <blueness@g.o>
39	selinux-base-policy-2.20101213-r16.ebuild:
40
41
42
43	1.1 sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild
44
45	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild?rev=1.1&view=markup
46	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild?rev=1.1&content-type=text/plain
47
48	Index: selinux-base-policy-2.20101213-r17.ebuild
49	===================================================================
50	# Copyright 1999-2011 Gentoo Foundation
51	# Distributed under the terms of the GNU General Public License v2
52	# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r17.ebuild,v 1.1 2011/06/30 10:17:35 blueness Exp $
53
54	EAPI="1"
55	IUSE="+peer_perms +open_perms +ubac"
56
57	inherit eutils
58
59	PATCHBUNDLE="${FILESDIR}/patchbundle-${PF}.tar.bz2"
60	DESCRIPTION="Gentoo base policy for SELinux"
61	HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
62	SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2"
63	LICENSE="GPL-2"
64	SLOT="0"
65
66	KEYWORDS="~amd64 ~x86"
67
68	RDEPEND=">=sys-apps/policycoreutils-1.30.30
69	>=sys-fs/udev-151"
70	DEPEND="${RDEPEND}
71	sys-devel/m4
72	>=sys-apps/checkpolicy-1.30.12"
73
74	S=${WORKDIR}/
75
76	src_unpack() {
77	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
78	MOD_CONF_VER="20090730"
79
80	unpack ${A}
81
82	cd "${S}"
83	epatch "${PATCHBUNDLE}"
84	cd "${S}/refpolicy"
85	# Fix bug 257111
86	sed -i -e 's:system_crond_t:system_cronjob_t:g' \
87	"${S}/refpolicy/config/appconfig-standard/default_contexts"
88
89	if ! use peer_perms; then
90	sed -i -e '/network_peer_controls/d' \
91	"${S}/refpolicy/policy/policy_capabilities"
92	fi
93
94	if ! use open_perms; then
95	sed -i -e '/open_perms/d' \
96	"${S}/refpolicy/policy/policy_capabilities"
97	fi
98
99	for i in ${POLICY_TYPES}; do
100	cp -a "${S}/refpolicy" "${S}/${i}"
101
102	cd "${S}/${i}";
103	make conf \|\| die "Make conf in ${i} failed"
104
105	cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \
106	"${S}/${i}/policy/modules.conf" \
107	\|\| die "failed to set up modules.conf"
108	sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \
109	-e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \
110	\|\| die "build.conf setup failed."
111
112	if ! use ubac; then
113	sed -i -e 's:^UBAC = y:UBAC = n:g' "${S}/${i}/build.conf"
114	fi
115
116	echo "DISTRO = gentoo" >> "${S}/${i}/build.conf"
117
118	if [ "${i}" == "targeted" ]; then
119	sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \
120	"${S}/${i}/config/appconfig-standard/seusers" \
121	\|\| die "targeted seusers setup failed."
122	fi
123	done
124	}
125
126	src_compile() {
127	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
128
129	for i in ${POLICY_TYPES}; do
130	cd "${S}/${i}"
131	make base \|\| die "${i} compile failed"
132	done
133	}
134
135	src_install() {
136	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
137
138	for i in ${POLICY_TYPES}; do
139	cd "${S}/${i}"
140
141	make DESTDIR="${D}" install \
142	\|\| die "${i} install failed."
143
144	make DESTDIR="${D}" install-headers \
145	\|\| die "${i} headers install failed."
146
147	echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type"
148
149	echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types"
150
151	# libsemanage won't make this on its own
152	keepdir "/etc/selinux/${i}/policy"
153	done
154
155	dodoc doc/Makefile.example doc/example.{te,fc,if}
156
157	insinto /etc/selinux
158	doins "${FILESDIR}/config"
159	}
160
161	pkg_preinst() {
162	has_version "<${CATEGORY}/${PN}-2.20101213-r13"
163	previous_less_than_r13=$?
164	}
165
166	pkg_postinst() {
167	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
168
169	for i in ${POLICY_TYPES}; do
170	einfo "Inserting base module into ${i} module store."
171
172	cd "/usr/share/selinux/${i}"
173	semodule -s "${i}" -b base.pp \|\| die "Could not load in new base policy"
174	done
175	elog "Updates on policies might require you to relabel files. If you, after"
176	elog "installing new SELinux policies, get 'permission denied' errors,"
177	elog "relabelling your system using 'rlpkg -a -r' might resolve the issues."
178	}

Gentoo Archives: gentoo-commits