1 |
commit: 20088a61587075bef265bed5192ae5ccd22cdbb6 |
2 |
Author: Milkey Mouse <milkeymouse <AT> meme <DOT> institute> |
3 |
AuthorDate: Fri Apr 27 20:30:29 2018 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Apr 27 22:04:14 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=20088a61 |
7 |
|
8 |
sys-apps/apparmor: add new package |
9 |
|
10 |
stdio_filebuf.h is only available from glibc. Fortunately the header |
11 |
is completely standalone, so it can just be copied here. |
12 |
|
13 |
Package-Manager: Portage-2.3.31, Repoman-2.3.9 |
14 |
Manifest-Sign-Key: C6EF5A02F5647987 |
15 |
|
16 |
sys-apps/apparmor/Manifest | 21 +++ |
17 |
sys-apps/apparmor/apparmor-2.11.1-r2.ebuild | 71 +++++++++ |
18 |
sys-apps/apparmor/apparmor-2.12.0.ebuild | 71 +++++++++ |
19 |
.../apparmor/files/apparmor-2.10-makefile.patch | 25 ++++ |
20 |
.../files/apparmor-2.11.1-dynamic-link.patch | 11 ++ |
21 |
.../apparmor/files/apparmor-2.12-missingdefs.patch | 32 ++++ |
22 |
.../files/apparmor-2.12-musl-filebuf.patch | 15 ++ |
23 |
sys-apps/apparmor/files/apparmor-init | 91 ++++++++++++ |
24 |
sys-apps/apparmor/files/apparmor.service | 14 ++ |
25 |
sys-apps/apparmor/files/apparmor_load.sh | 2 + |
26 |
sys-apps/apparmor/files/apparmor_unload.sh | 2 + |
27 |
sys-apps/apparmor/files/stdio_filebuf.h | 163 +++++++++++++++++++++ |
28 |
sys-apps/apparmor/metadata.xml | 14 ++ |
29 |
13 files changed, 532 insertions(+) |
30 |
|
31 |
diff --git a/sys-apps/apparmor/Manifest b/sys-apps/apparmor/Manifest |
32 |
new file mode 100644 |
33 |
index 0000000..61fdce2 |
34 |
--- /dev/null |
35 |
+++ b/sys-apps/apparmor/Manifest |
36 |
@@ -0,0 +1,21 @@ |
37 |
+-----BEGIN PGP SIGNED MESSAGE----- |
38 |
+Hash: SHA256 |
39 |
+ |
40 |
+DIST apparmor-2.11.1.tar.gz 5017646 BLAKE2B ee0176c87b2800eb562c136ff324f08e444c412117c4593ff97c4b0e4c63db2aea0721c6ed38f3c733e3c95024165f329e520acf838c4798a8285b8dedf0d51e SHA512 f088157cc116987e56c0e02127497b1ec6241f3d761ec3b53211fa188f5f02c9408d6b903f2d275328ede88ebfd1393e00aad9f68cbe78fa9ab3711ba0f9c00c |
41 |
+DIST apparmor-2.12.tar.gz 7258450 BLAKE2B c1d4e01d836c5f567ddb7c5ecf36dde6efccf1e59ae219824129fd5c92162a3fed7ebdc492f181ae132b07db068660078a9631543d40fd20ab0b44cd4c646d4c SHA512 d85fd47c66333fe5658ee5e977b32142697f6e36c575550712ee2ace2ad0fbf2aa59c8fd3b82ad8821c0190adf8cc150cf623ea09a84d5b32bde050a03dd6e9a |
42 |
+-----BEGIN PGP SIGNATURE----- |
43 |
+ |
44 |
+iQIzBAEBCAAdFiEE8JaD5QHaZGPThRiKxu9aAvVkeYcFAlrjiF8ACgkQxu9aAvVk |
45 |
+eYfQExAAqPJRck/9/iWZreBmvRW6Yh2U9xKdvffLKTD/7fneuJXNH2NwsoNnx2ed |
46 |
+xF+4KHkKSUkwelx9h7ca47cMg3eETUTKQ/ND4OdISutLD1aAwzrItKDkNtZQKViF |
47 |
+2cGoVjoq/4vDHip/llau0y5cA4RoC+aWhHA3JE6F+9kpwjQDoQEn2MBgJnl7tpGH |
48 |
+7pyNJSRdxgV8NML67cKQFSmdOHGJLVOy6p7DVlC2YeA12qSjQ5R4kqZYnyG/KPCQ |
49 |
+3bJCpFSuSoAdtvoTVC7kS5euuool4wt8VWEGVc4FPtkphBC7TsOo9jZ3Yr5PtSnj |
50 |
+5Z33WCSgUe01XFe2n2qV/JFGl9EKM8NWYaWpu0hEF/nFwPZuobpamaym+FuEwPp3 |
51 |
+Jj86hK7onSYmGDhf5m34+Qe3ROLDeRTYY+qQrWXFlFUbcTOcOW73OC4817fkGm3H |
52 |
+OcEjv6vOUdKJ5JaO8ZT6VrpFR7cSWTbj6zwY5KhOD9b1O9S8b/0+lvQ32xgw3T+2 |
53 |
+YpenqfBF+PAvepy/Y0mTV1EQteFEarscBEcpxLV9b8pYOjXBi1VIO8dp5RHhro5k |
54 |
+02X4/8Gu4/DpoP8o2loYmVDqCWR847LO8/AD12BfHjZ1k3BMQxsGWgBo5Li8Hwup |
55 |
+4sZoogyOrCBT5k45rxjkZV3CdDxaUmROA/bTPJgCevzYowcDiEs= |
56 |
+=ApQv |
57 |
+-----END PGP SIGNATURE----- |
58 |
|
59 |
diff --git a/sys-apps/apparmor/apparmor-2.11.1-r2.ebuild b/sys-apps/apparmor/apparmor-2.11.1-r2.ebuild |
60 |
new file mode 100644 |
61 |
index 0000000..8d5819a |
62 |
--- /dev/null |
63 |
+++ b/sys-apps/apparmor/apparmor-2.11.1-r2.ebuild |
64 |
@@ -0,0 +1,71 @@ |
65 |
+# Copyright 1999-2018 Gentoo Foundation |
66 |
+# Distributed under the terms of the GNU General Public License v2 |
67 |
+ |
68 |
+EAPI=6 |
69 |
+ |
70 |
+inherit systemd toolchain-funcs versionator flag-o-matic |
71 |
+ |
72 |
+MY_PV="$(get_version_component_range 1-2)" |
73 |
+ |
74 |
+DESCRIPTION="Userspace utils and init scripts for the AppArmor application security system" |
75 |
+HOMEPAGE="http://apparmor.net/" |
76 |
+SRC_URI="https://launchpad.net/${PN}/${MY_PV}/${PV}/+download/${P}.tar.gz" |
77 |
+ |
78 |
+LICENSE="GPL-2" |
79 |
+SLOT="0" |
80 |
+KEYWORDS="~amd64" |
81 |
+IUSE="doc" |
82 |
+ |
83 |
+RDEPEND="~sys-libs/libapparmor-${PV}" |
84 |
+DEPEND="${RDEPEND} |
85 |
+ dev-lang/perl |
86 |
+ sys-devel/bison |
87 |
+ sys-devel/flex |
88 |
+ doc? ( dev-tex/latex2html ) |
89 |
+" |
90 |
+ |
91 |
+S=${WORKDIR}/apparmor-${PV}/parser |
92 |
+ |
93 |
+PATCHES=( |
94 |
+ "${FILESDIR}/${PN}-2.10-makefile.patch" |
95 |
+ "${FILESDIR}/${PN}-2.11.1-dynamic-link.patch" |
96 |
+ "${FILESDIR}/${PN}-2.12-missingdefs.patch" |
97 |
+ "${FILESDIR}/${PN}-2.12-musl-filebuf.patch" |
98 |
+) |
99 |
+ |
100 |
+src_prepare() { |
101 |
+ default |
102 |
+ |
103 |
+ # remove warning about missing file that controls features |
104 |
+ # we don't currently support |
105 |
+ sed -e "/installation problem/ctrue" -i rc.apparmor.functions || die |
106 |
+ |
107 |
+ cp "${FILESDIR}/stdio_filebuf.h" libapparmor_re |
108 |
+} |
109 |
+ |
110 |
+src_compile() { |
111 |
+ # for some reason this isn't included? |
112 |
+ append-libs -lunwind |
113 |
+ |
114 |
+ emake CC="$(tc-getCC)" CXX="$(tc-getCXX)" USE_SYSTEM=1 arch manpages |
115 |
+ use doc && emake pdf |
116 |
+} |
117 |
+ |
118 |
+src_test() { |
119 |
+ emake CXX="$(tc-getCXX)" USE_SYSTEM=1 check |
120 |
+} |
121 |
+ |
122 |
+src_install() { |
123 |
+ emake DESTDIR="${D}" DISTRO="unknown" USE_SYSTEM=1 install |
124 |
+ |
125 |
+ dodir /etc/apparmor.d/disable |
126 |
+ |
127 |
+ newinitd "${FILESDIR}/${PN}-init" ${PN} |
128 |
+ systemd_newunit "${FILESDIR}/apparmor.service" apparmor.service |
129 |
+ |
130 |
+ use doc && dodoc techdoc.pdf |
131 |
+ |
132 |
+ exeinto /usr/share/apparmor |
133 |
+ doexe "${FILESDIR}/apparmor_load.sh" |
134 |
+ doexe "${FILESDIR}/apparmor_unload.sh" |
135 |
+} |
136 |
|
137 |
diff --git a/sys-apps/apparmor/apparmor-2.12.0.ebuild b/sys-apps/apparmor/apparmor-2.12.0.ebuild |
138 |
new file mode 100644 |
139 |
index 0000000..10b1125 |
140 |
--- /dev/null |
141 |
+++ b/sys-apps/apparmor/apparmor-2.12.0.ebuild |
142 |
@@ -0,0 +1,71 @@ |
143 |
+# Copyright 1999-2018 Gentoo Foundation |
144 |
+# Distributed under the terms of the GNU General Public License v2 |
145 |
+ |
146 |
+EAPI=6 |
147 |
+ |
148 |
+inherit systemd toolchain-funcs versionator flag-o-matic |
149 |
+ |
150 |
+MY_PV="$(get_version_component_range 1-2)" |
151 |
+ |
152 |
+DESCRIPTION="Userspace utils and init scripts for the AppArmor application security system" |
153 |
+HOMEPAGE="http://apparmor.net/" |
154 |
+SRC_URI="https://launchpad.net/${PN}/${MY_PV}/${PV}/+download/${PN}-${MY_PV}.tar.gz" |
155 |
+ |
156 |
+LICENSE="GPL-2" |
157 |
+SLOT="0" |
158 |
+KEYWORDS="~amd64" |
159 |
+IUSE="doc" |
160 |
+ |
161 |
+RDEPEND="~sys-libs/libapparmor-${PV}" |
162 |
+DEPEND="${RDEPEND} |
163 |
+ dev-lang/perl |
164 |
+ sys-devel/bison |
165 |
+ sys-devel/flex |
166 |
+ doc? ( dev-tex/latex2html ) |
167 |
+" |
168 |
+ |
169 |
+S=${WORKDIR}/apparmor-${MY_PV}/parser |
170 |
+ |
171 |
+PATCHES=( |
172 |
+ "${FILESDIR}/${PN}-2.10-makefile.patch" |
173 |
+ "${FILESDIR}/${PN}-2.11.1-dynamic-link.patch" |
174 |
+ "${FILESDIR}/${PN}-2.12-missingdefs.patch" |
175 |
+ "${FILESDIR}/${PN}-2.12-musl-filebuf.patch" |
176 |
+) |
177 |
+ |
178 |
+src_prepare() { |
179 |
+ default |
180 |
+ |
181 |
+ # remove warning about missing file that controls features |
182 |
+ # we don't currently support |
183 |
+ sed -e "/installation problem/ctrue" -i rc.apparmor.functions || die |
184 |
+ |
185 |
+ cp "${FILESDIR}/stdio_filebuf.h" libapparmor_re |
186 |
+} |
187 |
+ |
188 |
+src_compile() { |
189 |
+ # for some reason this isn't included? |
190 |
+ append-libs -lunwind |
191 |
+ |
192 |
+ emake CC="$(tc-getCC)" CXX="$(tc-getCXX)" USE_SYSTEM=1 arch manpages |
193 |
+ use doc && emake pdf |
194 |
+} |
195 |
+ |
196 |
+src_test() { |
197 |
+ emake CXX="$(tc-getCXX)" USE_SYSTEM=1 check |
198 |
+} |
199 |
+ |
200 |
+src_install() { |
201 |
+ emake DESTDIR="${D}" DISTRO="unknown" USE_SYSTEM=1 install |
202 |
+ |
203 |
+ dodir /etc/apparmor.d/disable |
204 |
+ |
205 |
+ newinitd "${FILESDIR}/${PN}-init" ${PN} |
206 |
+ systemd_newunit "${FILESDIR}/apparmor.service" apparmor.service |
207 |
+ |
208 |
+ use doc && dodoc techdoc.pdf |
209 |
+ |
210 |
+ exeinto /usr/share/apparmor |
211 |
+ doexe "${FILESDIR}/apparmor_load.sh" |
212 |
+ doexe "${FILESDIR}/apparmor_unload.sh" |
213 |
+} |
214 |
|
215 |
diff --git a/sys-apps/apparmor/files/apparmor-2.10-makefile.patch b/sys-apps/apparmor/files/apparmor-2.10-makefile.patch |
216 |
new file mode 100644 |
217 |
index 0000000..397534a |
218 |
--- /dev/null |
219 |
+++ b/sys-apps/apparmor/files/apparmor-2.10-makefile.patch |
220 |
@@ -0,0 +1,25 @@ |
221 |
+--- a/Makefile |
222 |
++++ b/Makefile |
223 |
+@@ -31,7 +31,7 @@ |
224 |
+ CONFDIR=/etc/apparmor |
225 |
+ INSTALL_CONFDIR=${DESTDIR}${CONFDIR} |
226 |
+ LOCALEDIR=/usr/share/locale |
227 |
+-MANPAGES=apparmor.d.5 apparmor.7 apparmor_parser.8 subdomain.conf.5 |
228 |
++MANPAGES=apparmor.d.5 apparmor.7 apparmor_parser.8 |
229 |
+ |
230 |
+ YACC := /usr/bin/bison |
231 |
+ YFLAGS := -d |
232 |
+@@ -284,11 +284,9 @@ |
233 |
+ .PHONY: install-indep |
234 |
+ install-indep: |
235 |
+ install -m 755 -d $(INSTALL_CONFDIR) |
236 |
+- install -m 644 subdomain.conf $(INSTALL_CONFDIR) |
237 |
++ install -m 755 -d ${DESTDIR}/usr/libexec |
238 |
+ install -m 644 parser.conf $(INSTALL_CONFDIR) |
239 |
+- install -m 755 -d ${DESTDIR}/var/lib/apparmor |
240 |
+- install -m 755 -d $(APPARMOR_BIN_PREFIX) |
241 |
+- install -m 755 rc.apparmor.functions $(APPARMOR_BIN_PREFIX) |
242 |
++ install -m 755 rc.apparmor.functions ${DESTDIR}/usr/libexec |
243 |
+ $(MAKE) -C po install NAME=${NAME} DESTDIR=${DESTDIR} |
244 |
+ $(MAKE) install_manpages DESTDIR=${DESTDIR} |
245 |
+ |
246 |
|
247 |
diff --git a/sys-apps/apparmor/files/apparmor-2.11.1-dynamic-link.patch b/sys-apps/apparmor/files/apparmor-2.11.1-dynamic-link.patch |
248 |
new file mode 100644 |
249 |
index 0000000..bde21c3 |
250 |
--- /dev/null |
251 |
+++ b/sys-apps/apparmor/files/apparmor-2.11.1-dynamic-link.patch |
252 |
@@ -0,0 +1,11 @@ |
253 |
+--- a/Makefile |
254 |
++++ b/Makefile |
255 |
+@@ -87,7 +87,7 @@ |
256 |
+ AAREOBJECT = ${AAREDIR}/libapparmor_re.a |
257 |
+ AAREOBJECTS = $(AAREOBJECT) |
258 |
+ AARE_LDFLAGS = -static-libgcc -static-libstdc++ -L. $(LDFLAGS) |
259 |
+-AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread |
260 |
++AALIB = -Wl,-Bdynamic -lapparmor -Wl,-Bdynamic -lpthread |
261 |
+ |
262 |
+ ifdef USE_SYSTEM |
263 |
+ # Using the system libapparmor so Makefile dependencies can't be used |
264 |
|
265 |
diff --git a/sys-apps/apparmor/files/apparmor-2.12-missingdefs.patch b/sys-apps/apparmor/files/apparmor-2.12-missingdefs.patch |
266 |
new file mode 100644 |
267 |
index 0000000..9ed8a9f |
268 |
--- /dev/null |
269 |
+++ b/sys-apps/apparmor/files/apparmor-2.12-missingdefs.patch |
270 |
@@ -0,0 +1,32 @@ |
271 |
+--- /dev/null |
272 |
++++ b/missingdefs.h |
273 |
+@@ -0,0 +1,9 @@ |
274 |
++#ifndef PARSER_MISSINGDEFS_H |
275 |
++#define PARSER_MISSINGDEFS_H |
276 |
++ |
277 |
++typedef int (*__compar_fn_t) (const void *, const void *); |
278 |
++typedef __compar_fn_t comparison_fn_t; |
279 |
++typedef void (*__free_fn_t) (void *__nodep); |
280 |
++ |
281 |
++#endif |
282 |
++ |
283 |
+--- a/parser_alias.c |
284 |
++++ b/parser_alias.c |
285 |
+@@ -24,6 +24,7 @@ |
286 |
+ #include "immunix.h" |
287 |
+ #include "parser.h" |
288 |
+ #include "profile.h" |
289 |
++#include "missingdefs.h" |
290 |
+ |
291 |
+ struct alias_rule { |
292 |
+ char *from; |
293 |
+--- a/parser_symtab.c |
294 |
++++ b/parser_symtab.c |
295 |
+@@ -24,6 +24,7 @@ |
296 |
+ |
297 |
+ #include "immunix.h" |
298 |
+ #include "parser.h" |
299 |
++#include "missingdefs.h" |
300 |
+ |
301 |
+ enum var_type { |
302 |
+ sd_boolean, |
303 |
|
304 |
diff --git a/sys-apps/apparmor/files/apparmor-2.12-musl-filebuf.patch b/sys-apps/apparmor/files/apparmor-2.12-musl-filebuf.patch |
305 |
new file mode 100644 |
306 |
index 0000000..446bff1 |
307 |
--- /dev/null |
308 |
+++ b/sys-apps/apparmor/files/apparmor-2.12-musl-filebuf.patch |
309 |
@@ -0,0 +1,15 @@ |
310 |
+--- a/libapparmor_re/aare_rules.cc |
311 |
++++ b/libapparmor_re/aare_rules.cc |
312 |
+@@ -23,7 +23,11 @@ |
313 |
+ #include <iostream> |
314 |
+ #include <fstream> |
315 |
+ #include <sstream> |
316 |
+-#include <ext/stdio_filebuf.h> |
317 |
++#ifdef __GLIBC__ |
318 |
++ #include <ext/stdio_filebuf.h> |
319 |
++#else |
320 |
++ #include "stdio_filebuf.h" |
321 |
++#endif |
322 |
+ #include <assert.h> |
323 |
+ #include <stdlib.h> |
324 |
+ |
325 |
|
326 |
diff --git a/sys-apps/apparmor/files/apparmor-init b/sys-apps/apparmor/files/apparmor-init |
327 |
new file mode 100644 |
328 |
index 0000000..3e1cf35 |
329 |
--- /dev/null |
330 |
+++ b/sys-apps/apparmor/files/apparmor-init |
331 |
@@ -0,0 +1,91 @@ |
332 |
+#!/sbin/openrc-run |
333 |
+# Copyright 1999-2018 Gentoo Foundation |
334 |
+# Distributed under the terms of the GNU General Public License v2 |
335 |
+ |
336 |
+description="Load all configured profiles for the AppArmor security module." |
337 |
+description_reload="Reload all profiles" |
338 |
+ |
339 |
+extra_started_commands="reload" |
340 |
+ |
341 |
+aa_action() { |
342 |
+ local arg=$1 |
343 |
+ local return |
344 |
+ |
345 |
+ shift |
346 |
+ $* |
347 |
+ return=$? |
348 |
+ |
349 |
+ if [ ${return} -eq 0 ]; then |
350 |
+ aa_log_success_msg $arg |
351 |
+ else |
352 |
+ aa_log_failure_msg arg |
353 |
+ fi |
354 |
+ |
355 |
+ return $return |
356 |
+} |
357 |
+ |
358 |
+aa_log_action_start() { |
359 |
+ ebegin $1 |
360 |
+} |
361 |
+ |
362 |
+aa_log_action_end() { |
363 |
+ eend $1 |
364 |
+} |
365 |
+ |
366 |
+aa_log_success_msg() { |
367 |
+ einfo $1 |
368 |
+} |
369 |
+ |
370 |
+aa_log_warning_msg() { |
371 |
+ ewarn $1 |
372 |
+} |
373 |
+ |
374 |
+aa_log_failure_msg() { |
375 |
+ eerror $1 |
376 |
+} |
377 |
+ |
378 |
+aa_log_skipped_msg() { |
379 |
+ einfo $1 |
380 |
+} |
381 |
+ |
382 |
+aa_log_daemon_msg() { |
383 |
+ einfo $1 |
384 |
+} |
385 |
+ |
386 |
+aa_log_end_msg() { |
387 |
+ eend $1 |
388 |
+} |
389 |
+ |
390 |
+. /usr/libexec/rc.apparmor.functions |
391 |
+ |
392 |
+start() { |
393 |
+ ebegin "Starting AppArmor" |
394 |
+ eindent |
395 |
+ |
396 |
+ if ! is_apparmor_loaded ; then |
397 |
+ load_module |
398 |
+ if [ $? -ne 0 ]; then |
399 |
+ eerror "AppArmor kernel support is not present" |
400 |
+ eend 1 |
401 |
+ return 1 |
402 |
+ fi |
403 |
+ fi |
404 |
+ |
405 |
+ parse_profiles load |
406 |
+ |
407 |
+ eoutdent |
408 |
+} |
409 |
+ |
410 |
+stop() { |
411 |
+ ebegin "Stopping AppArmor" |
412 |
+ eindent |
413 |
+ apparmor_stop |
414 |
+ eoutdent |
415 |
+} |
416 |
+ |
417 |
+reload() { |
418 |
+ # todo: split out clean_profiles into its own function upstream |
419 |
+ # so we can do parse_profiles reload && clean_profiles |
420 |
+ # and do a proper reload instead of restart |
421 |
+ apparmor_restart |
422 |
+} |
423 |
|
424 |
diff --git a/sys-apps/apparmor/files/apparmor.service b/sys-apps/apparmor/files/apparmor.service |
425 |
new file mode 100644 |
426 |
index 0000000..89f14fe |
427 |
--- /dev/null |
428 |
+++ b/sys-apps/apparmor/files/apparmor.service |
429 |
@@ -0,0 +1,14 @@ |
430 |
+[Unit] |
431 |
+Description=AppArmor profiles |
432 |
+DefaultDependencies=no |
433 |
+After=local-fs.target |
434 |
+Before=sysinit.target |
435 |
+ |
436 |
+[Service] |
437 |
+Type=oneshot |
438 |
+ExecStart=/usr/share/apparmor/apparmor_load.sh |
439 |
+ExecStop=/usr/share/apparmor/apparmor_unload.sh |
440 |
+RemainAfterExit=yes |
441 |
+ |
442 |
+[Install] |
443 |
+WantedBy=multi-user.target |
444 |
|
445 |
diff --git a/sys-apps/apparmor/files/apparmor_load.sh b/sys-apps/apparmor/files/apparmor_load.sh |
446 |
new file mode 100755 |
447 |
index 0000000..e6fe6b6 |
448 |
--- /dev/null |
449 |
+++ b/sys-apps/apparmor/files/apparmor_load.sh |
450 |
@@ -0,0 +1,2 @@ |
451 |
+#!/bin/sh |
452 |
+find "/etc/apparmor.d/" -maxdepth 1 -type f -exec apparmor_parser -r {} + |
453 |
|
454 |
diff --git a/sys-apps/apparmor/files/apparmor_unload.sh b/sys-apps/apparmor/files/apparmor_unload.sh |
455 |
new file mode 100755 |
456 |
index 0000000..19e598b |
457 |
--- /dev/null |
458 |
+++ b/sys-apps/apparmor/files/apparmor_unload.sh |
459 |
@@ -0,0 +1,2 @@ |
460 |
+#!/bin/sh |
461 |
+find "/etc/apparmor.d/" -maxdepth 1 -type f -exec apparmor_parser -R {} \; |
462 |
|
463 |
diff --git a/sys-apps/apparmor/files/stdio_filebuf.h b/sys-apps/apparmor/files/stdio_filebuf.h |
464 |
new file mode 100644 |
465 |
index 0000000..7e5625f |
466 |
--- /dev/null |
467 |
+++ b/sys-apps/apparmor/files/stdio_filebuf.h |
468 |
@@ -0,0 +1,163 @@ |
469 |
+// File descriptor layer for filebuf -*- C++ -*- |
470 |
+ |
471 |
+// Copyright (C) 2002-2018 Free Software Foundation, Inc. |
472 |
+// |
473 |
+// This file is part of the GNU ISO C++ Library. This library is free |
474 |
+// software; you can redistribute it and/or modify it under the |
475 |
+// terms of the GNU General Public License as published by the |
476 |
+// Free Software Foundation; either version 3, or (at your option) |
477 |
+// any later version. |
478 |
+ |
479 |
+// This library is distributed in the hope that it will be useful, |
480 |
+// but WITHOUT ANY WARRANTY; without even the implied warranty of |
481 |
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
482 |
+// GNU General Public License for more details. |
483 |
+ |
484 |
+// Under Section 7 of GPL version 3, you are granted additional |
485 |
+// permissions described in the GCC Runtime Library Exception, version |
486 |
+// 3.1, as published by the Free Software Foundation. |
487 |
+ |
488 |
+// You should have received a copy of the GNU General Public License and |
489 |
+// a copy of the GCC Runtime Library Exception along with this program; |
490 |
+// see the files COPYING3 and COPYING.RUNTIME respectively. If not, see |
491 |
+// <http://www.gnu.org/licenses/>. |
492 |
+ |
493 |
+/** @file ext/stdio_filebuf.h |
494 |
+ * This file is a GNU extension to the Standard C++ Library. |
495 |
+ */ |
496 |
+ |
497 |
+#pragma once |
498 |
+ |
499 |
+#include <fstream> |
500 |
+#include <cstdio> |
501 |
+ |
502 |
+namespace __gnu_cxx |
503 |
+{ |
504 |
+ /** |
505 |
+ * @brief Provides a layer of compatibility for C/POSIX. |
506 |
+ * @ingroup io |
507 |
+ * |
508 |
+ * This GNU extension provides extensions for working with standard C |
509 |
+ * FILE*'s and POSIX file descriptors. It must be instantiated by the |
510 |
+ * user with the type of character used in the file stream, e.g., |
511 |
+ * stdio_filebuf<char>. |
512 |
+ */ |
513 |
+ template<typename _CharT, typename _Traits = std::char_traits<_CharT> > |
514 |
+ class stdio_filebuf : public std::basic_filebuf<_CharT, _Traits> |
515 |
+ { |
516 |
+ public: |
517 |
+ // Types: |
518 |
+ typedef _CharT char_type; |
519 |
+ typedef _Traits traits_type; |
520 |
+ typedef typename traits_type::int_type int_type; |
521 |
+ typedef typename traits_type::pos_type pos_type; |
522 |
+ typedef typename traits_type::off_type off_type; |
523 |
+ typedef std::size_t size_t; |
524 |
+ |
525 |
+ public: |
526 |
+ /** |
527 |
+ * deferred initialization |
528 |
+ */ |
529 |
+ stdio_filebuf() : std::basic_filebuf<_CharT, _Traits>() {} |
530 |
+ |
531 |
+ /** |
532 |
+ * @param __fd An open file descriptor. |
533 |
+ * @param __mode Same meaning as in a standard filebuf. |
534 |
+ * @param __size Optimal or preferred size of internal buffer, |
535 |
+ * in chars. |
536 |
+ * |
537 |
+ * This constructor associates a file stream buffer with an open |
538 |
+ * POSIX file descriptor. The file descriptor will be automatically |
539 |
+ * closed when the stdio_filebuf is closed/destroyed. |
540 |
+ */ |
541 |
+ stdio_filebuf(int __fd, std::ios_base::openmode __mode, |
542 |
+ size_t __size = static_cast<size_t>(BUFSIZ)); |
543 |
+ |
544 |
+ /** |
545 |
+ * @param __f An open @c FILE*. |
546 |
+ * @param __mode Same meaning as in a standard filebuf. |
547 |
+ * @param __size Optimal or preferred size of internal buffer, |
548 |
+ * in chars. Defaults to system's @c BUFSIZ. |
549 |
+ * |
550 |
+ * This constructor associates a file stream buffer with an open |
551 |
+ * C @c FILE*. The @c FILE* will not be automatically closed when the |
552 |
+ * stdio_filebuf is closed/destroyed. |
553 |
+ */ |
554 |
+ stdio_filebuf(std::FILE* __f, std::ios_base::openmode __mode, |
555 |
+ size_t __size = static_cast<size_t>(BUFSIZ)); |
556 |
+ |
557 |
+ /** |
558 |
+ * Closes the external data stream if the file descriptor constructor |
559 |
+ * was used. |
560 |
+ */ |
561 |
+ virtual |
562 |
+ ~stdio_filebuf(); |
563 |
+ |
564 |
+#if __cplusplus >= 201103L |
565 |
+ stdio_filebuf(stdio_filebuf&&) = default; |
566 |
+ stdio_filebuf& operator=(stdio_filebuf&&) = default; |
567 |
+ |
568 |
+ void |
569 |
+ swap(stdio_filebuf& __fb) |
570 |
+ { std::basic_filebuf<_CharT, _Traits>::swap(__fb); } |
571 |
+#endif |
572 |
+ |
573 |
+ /** |
574 |
+ * @return The underlying file descriptor. |
575 |
+ * |
576 |
+ * Once associated with an external data stream, this function can be |
577 |
+ * used to access the underlying POSIX file descriptor. Note that |
578 |
+ * there is no way for the library to track what you do with the |
579 |
+ * descriptor, so be careful. |
580 |
+ */ |
581 |
+ int |
582 |
+ fd() { return this->_M_file.fd(); } |
583 |
+ |
584 |
+ /** |
585 |
+ * @return The underlying FILE*. |
586 |
+ * |
587 |
+ * This function can be used to access the underlying "C" file pointer. |
588 |
+ * Note that there is no way for the library to track what you do |
589 |
+ * with the file, so be careful. |
590 |
+ */ |
591 |
+ std::FILE* |
592 |
+ file() { return this->_M_file.file(); } |
593 |
+ }; |
594 |
+ |
595 |
+ template<typename _CharT, typename _Traits> |
596 |
+ stdio_filebuf<_CharT, _Traits>::~stdio_filebuf() |
597 |
+ { } |
598 |
+ |
599 |
+ template<typename _CharT, typename _Traits> |
600 |
+ stdio_filebuf<_CharT, _Traits>:: |
601 |
+ stdio_filebuf(int __fd, std::ios_base::openmode __mode, size_t __size) |
602 |
+ { |
603 |
+ this->_M_file.sys_open(__fd, __mode); |
604 |
+ if (this->is_open()) |
605 |
+ { |
606 |
+ this->_M_mode = __mode; |
607 |
+ this->_M_buf_size = __size; |
608 |
+ this->_M_allocate_internal_buffer(); |
609 |
+ this->_M_reading = false; |
610 |
+ this->_M_writing = false; |
611 |
+ this->_M_set_buffer(-1); |
612 |
+ } |
613 |
+ } |
614 |
+ |
615 |
+ template<typename _CharT, typename _Traits> |
616 |
+ stdio_filebuf<_CharT, _Traits>:: |
617 |
+ stdio_filebuf(std::FILE* __f, std::ios_base::openmode __mode, |
618 |
+ size_t __size) |
619 |
+ { |
620 |
+ this->_M_file.sys_open(__f, __mode); |
621 |
+ if (this->is_open()) |
622 |
+ { |
623 |
+ this->_M_mode = __mode; |
624 |
+ this->_M_buf_size = __size; |
625 |
+ this->_M_allocate_internal_buffer(); |
626 |
+ this->_M_reading = false; |
627 |
+ this->_M_writing = false; |
628 |
+ this->_M_set_buffer(-1); |
629 |
+ } |
630 |
+ } |
631 |
+} |
632 |
|
633 |
diff --git a/sys-apps/apparmor/metadata.xml b/sys-apps/apparmor/metadata.xml |
634 |
new file mode 100644 |
635 |
index 0000000..42d1e8f |
636 |
--- /dev/null |
637 |
+++ b/sys-apps/apparmor/metadata.xml |
638 |
@@ -0,0 +1,14 @@ |
639 |
+<?xml version="1.0" encoding="UTF-8"?> |
640 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
641 |
+<pkgmetadata> |
642 |
+ <maintainer type="person"> |
643 |
+ <email>kensington@g.o</email> |
644 |
+ </maintainer> |
645 |
+ <maintainer type="project"> |
646 |
+ <email>hardened@g.o</email> |
647 |
+ <name>Gentoo Hardened</name> |
648 |
+ </maintainer> |
649 |
+ <upstream> |
650 |
+ <remote-id type="launchpad">apparmor</remote-id> |
651 |
+ </upstream> |
652 |
+</pkgmetadata> |