1 |
commit: a9ea7cf573617d9926390d64c38cb40cd6dc31f6 |
2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
3 |
AuthorDate: Fri Dec 30 19:49:50 2011 +0000 |
4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
5 |
CommitDate: Fri Dec 30 19:49:50 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=a9ea7cf5 |
7 |
|
8 |
Pushing out rev10 |
9 |
|
10 |
--- |
11 |
sec-policy/selinux-bacula/ChangeLog | 10 + |
12 |
sec-policy/selinux-bacula/metadata.xml | 6 + |
13 |
.../selinux-bacula-2.20110726.ebuild | 14 ++ |
14 |
.../selinux-base-policy-2.20110726-r10.ebuild | 164 +++++++++++++++ |
15 |
sec-policy/selinux-fail2ban/ChangeLog | 33 +++ |
16 |
sec-policy/selinux-fail2ban/metadata.xml | 6 + |
17 |
.../selinux-fail2ban-2.20110726-r2.ebuild | 14 ++ |
18 |
sec-policy/selinux-oddjob/ChangeLog | 10 + |
19 |
sec-policy/selinux-oddjob/metadata.xml | 6 + |
20 |
.../selinux-oddjob-2.20110726.ebuild | 14 ++ |
21 |
sec-policy/selinux-postfix/ChangeLog | 214 ++++++++++++++++++++ |
22 |
sec-policy/selinux-postfix/metadata.xml | 6 + |
23 |
.../selinux-postfix-2.20110726-r2.ebuild | 13 ++ |
24 |
13 files changed, 510 insertions(+), 0 deletions(-) |
25 |
|
26 |
diff --git a/sec-policy/selinux-bacula/ChangeLog b/sec-policy/selinux-bacula/ChangeLog |
27 |
new file mode 100644 |
28 |
index 0000000..a63dc9a |
29 |
--- /dev/null |
30 |
+++ b/sec-policy/selinux-bacula/ChangeLog |
31 |
@@ -0,0 +1,10 @@ |
32 |
+# ChangeLog for sec-policy/selinux-bacula |
33 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
34 |
+# $Header: $ |
35 |
+ |
36 |
+*selinux-bacula-2.20110726 (28 Dec 2011) |
37 |
+ |
38 |
+ 28 Dec 2011; <swift@g.o> +selinux-bacula-2.20110726.ebuild, |
39 |
+ +metadata.xml: |
40 |
+ Initial policy for Bacula, thanks to Stan Sander |
41 |
+ |
42 |
|
43 |
diff --git a/sec-policy/selinux-bacula/metadata.xml b/sec-policy/selinux-bacula/metadata.xml |
44 |
new file mode 100644 |
45 |
index 0000000..bcbdae6 |
46 |
--- /dev/null |
47 |
+++ b/sec-policy/selinux-bacula/metadata.xml |
48 |
@@ -0,0 +1,6 @@ |
49 |
+<?xml version="1.0" encoding="UTF-8"?> |
50 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
51 |
+<pkgmetadata> |
52 |
+ <herd>selinux</herd> |
53 |
+ <longdescription>Gentoo SELinux policy for bacula</longdescription> |
54 |
+</pkgmetadata> |
55 |
|
56 |
diff --git a/sec-policy/selinux-bacula/selinux-bacula-2.20110726.ebuild b/sec-policy/selinux-bacula/selinux-bacula-2.20110726.ebuild |
57 |
new file mode 100644 |
58 |
index 0000000..a85df11 |
59 |
--- /dev/null |
60 |
+++ b/sec-policy/selinux-bacula/selinux-bacula-2.20110726.ebuild |
61 |
@@ -0,0 +1,14 @@ |
62 |
+# Copyright 1999-2011 Gentoo Foundation |
63 |
+# Distributed under the terms of the GNU General Public License v2 |
64 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r1.ebuild,v 1.1 2011/12/17 10:39:15 swift Exp $ |
65 |
+EAPI="4" |
66 |
+ |
67 |
+IUSE="" |
68 |
+MODS="bacula" |
69 |
+BASEPOL="2.20110726-r10" |
70 |
+ |
71 |
+inherit selinux-policy-2 |
72 |
+ |
73 |
+DESCRIPTION="SELinux policy for bacula" |
74 |
+ |
75 |
+KEYWORDS="~amd64 ~x86" |
76 |
|
77 |
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r10.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r10.ebuild |
78 |
new file mode 100644 |
79 |
index 0000000..3e0f7a5 |
80 |
--- /dev/null |
81 |
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r10.ebuild |
82 |
@@ -0,0 +1,164 @@ |
83 |
+# Copyright 1999-2011 Gentoo Foundation |
84 |
+# Distributed under the terms of the GNU General Public License v2 |
85 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r18.ebuild,v 1.1 2011/07/10 02:30:17 blueness Exp $ |
86 |
+ |
87 |
+EAPI="4" |
88 |
+IUSE="+peer_perms +open_perms +ubac doc" |
89 |
+ |
90 |
+inherit eutils |
91 |
+ |
92 |
+DESCRIPTION="Gentoo base policy for SELinux" |
93 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" |
94 |
+SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 |
95 |
+ http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PF}.tar.bz2" |
96 |
+LICENSE="GPL-2" |
97 |
+SLOT="0" |
98 |
+ |
99 |
+KEYWORDS="~amd64 ~x86" |
100 |
+ |
101 |
+RDEPEND=">=sys-apps/policycoreutils-1.30.30 |
102 |
+ >=sys-fs/udev-151" |
103 |
+DEPEND="${RDEPEND} |
104 |
+ sys-devel/m4 |
105 |
+ >=sys-apps/checkpolicy-1.30.12" |
106 |
+ |
107 |
+S=${WORKDIR}/ |
108 |
+ |
109 |
+src_prepare() { |
110 |
+ # Apply the gentoo patches to the policy. These patches are only necessary |
111 |
+ # for base policies, or for interface changes on modules. |
112 |
+ EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ |
113 |
+ EPATCH_SUFFIX="patch" \ |
114 |
+ EPATCH_SOURCE="${WORKDIR}" \ |
115 |
+ EPATCH_FORCE="yes" \ |
116 |
+ epatch |
117 |
+ |
118 |
+ cd "${S}/refpolicy" |
119 |
+ # Fix bug 257111 - Correct the initial sid for cron-started jobs in the |
120 |
+ # system_r role |
121 |
+ sed -i -e 's:system_crond_t:system_cronjob_t:g' \ |
122 |
+ "${S}/refpolicy/config/appconfig-standard/default_contexts" |
123 |
+ sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ |
124 |
+ "${S}/refpolicy/config/appconfig-mls/default_contexts" |
125 |
+ sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ |
126 |
+ "${S}/refpolicy/config/appconfig-mcs/default_contexts" |
127 |
+} |
128 |
+ |
129 |
+src_configure() { |
130 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
131 |
+ |
132 |
+ # Update the SELinux refpolicy capabilities based on the users' USE flags. |
133 |
+ |
134 |
+ if ! use peer_perms; then |
135 |
+ sed -i -e '/network_peer_controls/d' \ |
136 |
+ "${S}/refpolicy/policy/policy_capabilities" |
137 |
+ fi |
138 |
+ |
139 |
+ if ! use open_perms; then |
140 |
+ sed -i -e '/open_perms/d' \ |
141 |
+ "${S}/refpolicy/policy/policy_capabilities" |
142 |
+ fi |
143 |
+ |
144 |
+ if ! use ubac; then |
145 |
+ sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ |
146 |
+ || die "Failed to disable User Based Access Control" |
147 |
+ fi |
148 |
+ |
149 |
+ echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" |
150 |
+ |
151 |
+ # Setup the policies based on the types delivered by the end user. |
152 |
+ # These types can be "targeted", "strict", "mcs" and "mls". |
153 |
+ for i in ${POLICY_TYPES}; do |
154 |
+ cp -a "${S}/refpolicy" "${S}/${i}" |
155 |
+ |
156 |
+ cd "${S}/${i}"; |
157 |
+ make conf || die "Make conf in ${i} failed" |
158 |
+ |
159 |
+ # Define what we see as "base" and what we want to remain modular. |
160 |
+ cp "${FILESDIR}/modules.conf" \ |
161 |
+ "${S}/${i}/policy/modules.conf" \ |
162 |
+ || die "failed to set up modules.conf" |
163 |
+ # In case of "targeted", we add the "unconfined" to the base policy |
164 |
+ if [[ "${i}" == "targeted" ]]; |
165 |
+ then |
166 |
+ echo "unconfined = base" >> "${S}/${i}/policy/modules.conf" |
167 |
+ fi |
168 |
+ |
169 |
+ sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ |
170 |
+ "${S}/${i}/build.conf" || die "build.conf setup failed." |
171 |
+ |
172 |
+ if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; |
173 |
+ then |
174 |
+ # MCS/MLS require additional settings |
175 |
+ sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ |
176 |
+ || die "failed to set type to mls" |
177 |
+ fi |
178 |
+ |
179 |
+ if [ "${i}" == "targeted" ]; then |
180 |
+ sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ |
181 |
+ "${S}/${i}/config/appconfig-standard/seusers" \ |
182 |
+ || die "targeted seusers setup failed." |
183 |
+ fi |
184 |
+ done |
185 |
+} |
186 |
+ |
187 |
+src_compile() { |
188 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
189 |
+ |
190 |
+ for i in ${POLICY_TYPES}; do |
191 |
+ cd "${S}/${i}" |
192 |
+ make base || die "${i} compile failed" |
193 |
+ if use doc; then |
194 |
+ make html || die |
195 |
+ fi |
196 |
+ done |
197 |
+} |
198 |
+ |
199 |
+src_install() { |
200 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
201 |
+ |
202 |
+ for i in ${POLICY_TYPES}; do |
203 |
+ cd "${S}/${i}" |
204 |
+ |
205 |
+ make DESTDIR="${D}" install \ |
206 |
+ || die "${i} install failed." |
207 |
+ |
208 |
+ make DESTDIR="${D}" install-headers \ |
209 |
+ || die "${i} headers install failed." |
210 |
+ |
211 |
+ echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" |
212 |
+ |
213 |
+ echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" |
214 |
+ |
215 |
+ # libsemanage won't make this on its own |
216 |
+ keepdir "/etc/selinux/${i}/policy" |
217 |
+ |
218 |
+ if use doc; then |
219 |
+ dohtml doc/html/*; |
220 |
+ fi |
221 |
+ done |
222 |
+ |
223 |
+ dodoc doc/Makefile.example doc/example.{te,fc,if} |
224 |
+ |
225 |
+ insinto /etc/selinux |
226 |
+ doins "${FILESDIR}/config" |
227 |
+} |
228 |
+ |
229 |
+pkg_preinst() { |
230 |
+ has_version "<${CATEGORY}/${PN}-2.20101213-r13" |
231 |
+ previous_less_than_r13=$? |
232 |
+} |
233 |
+ |
234 |
+pkg_postinst() { |
235 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
236 |
+ |
237 |
+ for i in ${POLICY_TYPES}; do |
238 |
+ einfo "Inserting base module into ${i} module store." |
239 |
+ |
240 |
+ cd "${ROOT}/usr/share/selinux/${i}" |
241 |
+ semodule -s "${i}" -b base.pp || die "Could not load in new base policy" |
242 |
+ done |
243 |
+ elog "Updates on policies might require you to relabel files. If you, after" |
244 |
+ elog "installing new SELinux policies, get 'permission denied' errors," |
245 |
+ elog "relabelling your system using 'rlpkg -a -r' might resolve the issues." |
246 |
+} |
247 |
|
248 |
diff --git a/sec-policy/selinux-fail2ban/ChangeLog b/sec-policy/selinux-fail2ban/ChangeLog |
249 |
new file mode 100644 |
250 |
index 0000000..7364c28 |
251 |
--- /dev/null |
252 |
+++ b/sec-policy/selinux-fail2ban/ChangeLog |
253 |
@@ -0,0 +1,33 @@ |
254 |
+# ChangeLog for sec-policy/selinux-fail2ban |
255 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
256 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-fail2ban/ChangeLog,v 1.6 2011/12/17 10:39:15 swift Exp $ |
257 |
+ |
258 |
+*selinux-fail2ban-2.20110726-r2 (28 Dec 2011) |
259 |
+ |
260 |
+ 28 Dec 2011; <swift@g.o> +selinux-fail2ban-2.20110726-r2.ebuild, |
261 |
+ +metadata.xml: |
262 |
+ Add in support for FAM |
263 |
+ |
264 |
+*selinux-fail2ban-2.20110726-r1 (17 Dec 2011) |
265 |
+ |
266 |
+ 17 Dec 2011; <swift@g.o> +selinux-fail2ban-2.20110726-r1.ebuild: |
267 |
+ Do not audit write attempts to /usr |
268 |
+ |
269 |
+ 12 Nov 2011; <swift@g.o> -selinux-fail2ban-2.20101213.ebuild: |
270 |
+ Removing old policies |
271 |
+ |
272 |
+ 23 Oct 2011; <swift@g.o> selinux-fail2ban-2.20110726.ebuild: |
273 |
+ Stabilization (tracker #384231) |
274 |
+ |
275 |
+*selinux-fail2ban-2.20110726 (28 Aug 2011) |
276 |
+ |
277 |
+ 28 Aug 2011; <swift@g.o> +selinux-fail2ban-2.20110726.ebuild: |
278 |
+ Updating policy builds to refpolicy 20110726 |
279 |
+ |
280 |
+ 02 Jun 2011; Anthony G. Basile <blueness@g.o> |
281 |
+ selinux-fail2ban-2.20101213.ebuild: |
282 |
+ Stable amd64 x86 |
283 |
+ |
284 |
+ 05 Feb 2011; Anthony G. Basile <blueness@g.o> ChangeLog: |
285 |
+ Initial commit to portage. |
286 |
+ |
287 |
|
288 |
diff --git a/sec-policy/selinux-fail2ban/metadata.xml b/sec-policy/selinux-fail2ban/metadata.xml |
289 |
new file mode 100644 |
290 |
index 0000000..6d215bf |
291 |
--- /dev/null |
292 |
+++ b/sec-policy/selinux-fail2ban/metadata.xml |
293 |
@@ -0,0 +1,6 @@ |
294 |
+<?xml version="1.0" encoding="UTF-8"?> |
295 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
296 |
+<pkgmetadata> |
297 |
+ <herd>selinux</herd> |
298 |
+ <longdescription>Gentoo SELinux policy for fail2ban</longdescription> |
299 |
+</pkgmetadata> |
300 |
|
301 |
diff --git a/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r2.ebuild b/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r2.ebuild |
302 |
new file mode 100644 |
303 |
index 0000000..1ddfe56 |
304 |
--- /dev/null |
305 |
+++ b/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r2.ebuild |
306 |
@@ -0,0 +1,14 @@ |
307 |
+# Copyright 1999-2011 Gentoo Foundation |
308 |
+# Distributed under the terms of the GNU General Public License v2 |
309 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r1.ebuild,v 1.1 2011/12/17 10:39:15 swift Exp $ |
310 |
+EAPI="4" |
311 |
+ |
312 |
+IUSE="" |
313 |
+MODS="fail2ban" |
314 |
+BASEPOL="2.20110726-r10" |
315 |
+ |
316 |
+inherit selinux-policy-2 |
317 |
+ |
318 |
+DESCRIPTION="SELinux policy for fail2ban" |
319 |
+ |
320 |
+KEYWORDS="~amd64 ~x86" |
321 |
|
322 |
diff --git a/sec-policy/selinux-oddjob/ChangeLog b/sec-policy/selinux-oddjob/ChangeLog |
323 |
new file mode 100644 |
324 |
index 0000000..960e139 |
325 |
--- /dev/null |
326 |
+++ b/sec-policy/selinux-oddjob/ChangeLog |
327 |
@@ -0,0 +1,10 @@ |
328 |
+# ChangeLog for sec-policy/selinux-oddjob |
329 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
330 |
+# $Header: $ |
331 |
+ |
332 |
+*selinux-oddjob-2.20110726 (28 Dec 2011) |
333 |
+ |
334 |
+ 28 Dec 2011; <swift@g.o> +selinux-oddjob-2.20110726.ebuild, |
335 |
+ +metadata.xml: |
336 |
+ Support oddjob (needed for PAM helpers) |
337 |
+ |
338 |
|
339 |
diff --git a/sec-policy/selinux-oddjob/metadata.xml b/sec-policy/selinux-oddjob/metadata.xml |
340 |
new file mode 100644 |
341 |
index 0000000..1a90c82 |
342 |
--- /dev/null |
343 |
+++ b/sec-policy/selinux-oddjob/metadata.xml |
344 |
@@ -0,0 +1,6 @@ |
345 |
+<?xml version="1.0" encoding="UTF-8"?> |
346 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
347 |
+<pkgmetadata> |
348 |
+ <herd>selinux</herd> |
349 |
+ <longdescription>Gentoo SELinux policy for oddjob (helpers for PAM)</longdescription> |
350 |
+</pkgmetadata> |
351 |
|
352 |
diff --git a/sec-policy/selinux-oddjob/selinux-oddjob-2.20110726.ebuild b/sec-policy/selinux-oddjob/selinux-oddjob-2.20110726.ebuild |
353 |
new file mode 100644 |
354 |
index 0000000..a95e610 |
355 |
--- /dev/null |
356 |
+++ b/sec-policy/selinux-oddjob/selinux-oddjob-2.20110726.ebuild |
357 |
@@ -0,0 +1,14 @@ |
358 |
+# Copyright 1999-2011 Gentoo Foundation |
359 |
+# Distributed under the terms of the GNU General Public License v2 |
360 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r1.ebuild,v 1.1 2011/12/17 10:39:15 swift Exp $ |
361 |
+EAPI="4" |
362 |
+ |
363 |
+IUSE="" |
364 |
+MODS="oddjob" |
365 |
+BASEPOL="2.20110726-r10" |
366 |
+ |
367 |
+inherit selinux-policy-2 |
368 |
+ |
369 |
+DESCRIPTION="SELinux policy for oddjob" |
370 |
+ |
371 |
+KEYWORDS="~amd64 ~x86" |
372 |
|
373 |
diff --git a/sec-policy/selinux-postfix/ChangeLog b/sec-policy/selinux-postfix/ChangeLog |
374 |
new file mode 100644 |
375 |
index 0000000..f54f1ad |
376 |
--- /dev/null |
377 |
+++ b/sec-policy/selinux-postfix/ChangeLog |
378 |
@@ -0,0 +1,214 @@ |
379 |
+# ChangeLog for sec-policy/selinux-postfix |
380 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
381 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/ChangeLog,v 1.38 2011/11/12 20:53:31 swift Exp $ |
382 |
+ |
383 |
+*selinux-postfix-2.20110726-r2 (28 Dec 2011) |
384 |
+ |
385 |
+ 28 Dec 2011; <swift@g.o> +selinux-postfix-2.20110726-r2.ebuild, |
386 |
+ +metadata.xml: |
387 |
+ Allow startup to create necessary directories, spool, etc. |
388 |
+ |
389 |
+ 12 Nov 2011; <swift@g.o> -files/fix-services-postfix-r1.patch, |
390 |
+ -files/fix-services-postfix-r2.patch, -files/fix-services-postfix-r3.patch, |
391 |
+ -selinux-postfix-2.20101213-r3.ebuild: |
392 |
+ Removing old policies |
393 |
+ |
394 |
+ 23 Oct 2011; <swift@g.o> selinux-postfix-2.20110726-r1.ebuild: |
395 |
+ Stabilization (tracker #384231) |
396 |
+ |
397 |
+*selinux-postfix-2.20110726-r1 (28 Aug 2011) |
398 |
+ |
399 |
+ 28 Aug 2011; <swift@g.o> +selinux-postfix-2.20110726-r1.ebuild: |
400 |
+ Updating policy builds to refpolicy 20110726 |
401 |
+ |
402 |
+ 04 Jun 2011; Anthony G. Basile <blueness@g.o> |
403 |
+ -selinux-postfix-2.20090730.ebuild, -selinux-postfix-2.20091215.ebuild, |
404 |
+ -selinux-postfix-2.20101213.ebuild, -selinux-postfix-2.20101213-r1.ebuild, |
405 |
+ -selinux-postfix-2.20101213-r2.ebuild, -selinux-postfix-20080525.ebuild: |
406 |
+ Removed deprecated policies |
407 |
+ |
408 |
+ 02 Jun 2011; Anthony G. Basile <blueness@g.o> |
409 |
+ selinux-postfix-2.20101213-r3.ebuild: |
410 |
+ Stable amd64 x86 |
411 |
+ |
412 |
+*selinux-postfix-2.20101213-r3 (16 Apr 2011) |
413 |
+*selinux-postfix-2.20101213-r2 (16 Apr 2011) |
414 |
+ |
415 |
+ 16 Apr 2011; Anthony G. Basile <blueness@g.o> |
416 |
+ +files/fix-services-postfix-r2.patch, |
417 |
+ +selinux-postfix-2.20101213-r2.ebuild, |
418 |
+ +files/fix-services-postfix-r3.patch, |
419 |
+ +selinux-postfix-2.20101213-r3.ebuild: |
420 |
+ Allow postfix admin through sysadm (-r2) and postfix_smtpd_t to mysql |
421 |
+ (-r3) |
422 |
+ |
423 |
+*selinux-postfix-2.20101213-r1 (07 Mar 2011) |
424 |
+ |
425 |
+ 07 Mar 2011; Anthony G. Basile <blueness@g.o> |
426 |
+ +files/fix-services-postfix-r1.patch, |
427 |
+ +selinux-postfix-2.20101213-r1.ebuild: |
428 |
+ Fix filecontexts |
429 |
+ |
430 |
+*selinux-postfix-2.20101213 (05 Feb 2011) |
431 |
+ |
432 |
+ 05 Feb 2011; Anthony G. Basile <blueness@g.o> |
433 |
+ +selinux-postfix-2.20101213.ebuild: |
434 |
+ New upstream policy. |
435 |
+ |
436 |
+*selinux-postfix-2.20091215 (16 Dec 2009) |
437 |
+ |
438 |
+ 16 Dec 2009; Chris PeBenito <pebenito@g.o> |
439 |
+ +selinux-postfix-2.20091215.ebuild: |
440 |
+ New upstream release. |
441 |
+ |
442 |
+ 14 Aug 2009; Chris PeBenito <pebenito@g.o> |
443 |
+ -selinux-postfix-20070329.ebuild, -selinux-postfix-20070928.ebuild, |
444 |
+ selinux-postfix-20080525.ebuild: |
445 |
+ Mark 20080525 stable, clear old ebuilds. |
446 |
+ |
447 |
+*selinux-postfix-2.20090730 (03 Aug 2009) |
448 |
+ |
449 |
+ 03 Aug 2009; Chris PeBenito <pebenito@g.o> |
450 |
+ +selinux-postfix-2.20090730.ebuild: |
451 |
+ New upstream release. |
452 |
+ |
453 |
+ 18 Jul 2009; Chris PeBenito <pebenito@g.o> |
454 |
+ selinux-postfix-20070329.ebuild, selinux-postfix-20070928.ebuild, |
455 |
+ selinux-postfix-20080525.ebuild: |
456 |
+ Drop alpha, mips, ppc, sparc selinux support. |
457 |
+ |
458 |
+*selinux-postfix-20080525 (25 May 2008) |
459 |
+ |
460 |
+ 25 May 2008; Chris PeBenito <pebenito@g.o> |
461 |
+ +selinux-postfix-20080525.ebuild: |
462 |
+ New SVN snapshot. |
463 |
+ |
464 |
+ 16 Mar 2008; Chris PeBenito <pebenito@g.o> |
465 |
+ -selinux-postfix-20050626.ebuild, -selinux-postfix-20050918.ebuild, |
466 |
+ -selinux-postfix-20051023.ebuild, -selinux-postfix-20051122.ebuild, |
467 |
+ -selinux-postfix-20061114.ebuild: |
468 |
+ Remove old ebuilds. |
469 |
+ |
470 |
+ 03 Feb 2008; Chris PeBenito <pebenito@g.o> |
471 |
+ selinux-postfix-20070928.ebuild: |
472 |
+ Mark stable. |
473 |
+ |
474 |
+*selinux-postfix-20070928 (26 Nov 2007) |
475 |
+ |
476 |
+ 26 Nov 2007; Chris PeBenito <pebenito@g.o> |
477 |
+ +selinux-postfix-20070928.ebuild: |
478 |
+ New SVN snapshot. |
479 |
+ |
480 |
+ 04 Jun 2007; Chris PeBenito <pebenito@g.o> |
481 |
+ selinux-postfix-20070329.ebuild: |
482 |
+ Mark stable. |
483 |
+ |
484 |
+*selinux-postfix-20070329 (29 Mar 2007) |
485 |
+ |
486 |
+ 29 Mar 2007; Chris PeBenito <pebenito@g.o> |
487 |
+ +selinux-postfix-20070329.ebuild: |
488 |
+ New SVN snapshot. |
489 |
+ |
490 |
+ 22 Feb 2007; Markus Ullmann <jokey@g.o> ChangeLog: |
491 |
+ Redigest for Manifest2 |
492 |
+ |
493 |
+*selinux-postfix-20061114 (15 Nov 2006) |
494 |
+ |
495 |
+ 15 Nov 2006; Chris PeBenito <pebenito@g.o> |
496 |
+ +selinux-postfix-20061114.ebuild: |
497 |
+ New SVN snapshot. |
498 |
+ |
499 |
+*selinux-postfix-20061008 (10 Oct 2006) |
500 |
+ |
501 |
+ 10 Oct 2006; Chris PeBenito <pebenito@g.o> |
502 |
+ +selinux-postfix-20061008.ebuild: |
503 |
+ First mainstream reference policy testing release. |
504 |
+ |
505 |
+*selinux-postfix-20051122 (28 Nov 2005) |
506 |
+ |
507 |
+ 28 Nov 2005; petre rodan <kaiowas@g.o> |
508 |
+ selinux-postfix-20051023.ebuild, +selinux-postfix-20051122.ebuild: |
509 |
+ marked stable on amd64 mips ppc sparc x86, merge with upstream |
510 |
+ |
511 |
+*selinux-postfix-20051023 (24 Oct 2005) |
512 |
+ |
513 |
+ 24 Oct 2005; petre rodan <kaiowas@g.o> |
514 |
+ +selinux-postfix-20051023.ebuild: |
515 |
+ merge with upstream |
516 |
+ |
517 |
+ 18 Oct 2005; petre rodan <kaiowas@g.o> |
518 |
+ selinux-postfix-20050918.ebuild: |
519 |
+ mark stable |
520 |
+ |
521 |
+*selinux-postfix-20050918 (18 Sep 2005) |
522 |
+ |
523 |
+ 18 Sep 2005; petre rodan <kaiowas@g.o> |
524 |
+ -selinux-postfix-20050417.ebuild, +selinux-postfix-20050918.ebuild: |
525 |
+ merge with upstream, added mips arch |
526 |
+ |
527 |
+ 26 Jun 2005; petre rodan <kaiowas@g.o> |
528 |
+ selinux-postfix-20050626.ebuild: |
529 |
+ mark stable |
530 |
+ |
531 |
+*selinux-postfix-20050626 (26 Jun 2005) |
532 |
+ |
533 |
+ 26 Jun 2005; petre rodan <kaiowas@g.o> |
534 |
+ -selinux-postfix-20050219.ebuild, +selinux-postfix-20050626.ebuild: |
535 |
+ added name_connect rules |
536 |
+ |
537 |
+ 23 Apr 2005; petre rodan <kaiowas@g.o> |
538 |
+ -selinux-postfix-20041211.ebuild, selinux-postfix-20050417.ebuild: |
539 |
+ mark stable |
540 |
+ |
541 |
+*selinux-postfix-20050417 (16 Apr 2005) |
542 |
+ |
543 |
+ 16 Apr 2005; petre rodan <kaiowas@g.o> |
544 |
+ +selinux-postfix-20050417.ebuild: |
545 |
+ fix for bug #89321 |
546 |
+ |
547 |
+ 23 Mar 2005; petre rodan <kaiowas@g.o> |
548 |
+ selinux-postfix-20050219.ebuild: |
549 |
+ mark stable |
550 |
+ |
551 |
+*selinux-postfix-20050219 (25 Feb 2005) |
552 |
+ |
553 |
+ 25 Feb 2005; petre rodan <kaiowas@g.o> |
554 |
+ +selinux-postfix-20050219.ebuild: |
555 |
+ merge with upstream policy |
556 |
+ |
557 |
+*selinux-postfix-20041211 (12 Dec 2004) |
558 |
+ |
559 |
+ 12 Dec 2004; petre rodan <kaiowas@g.o> |
560 |
+ -selinux-postfix-20040427.ebuild, -selinux-postfix-20041021.ebuild, |
561 |
+ -selinux-postfix-20041109.ebuild, -selinux-postfix-20041120.ebuild, |
562 |
+ +selinux-postfix-20041211.ebuild: |
563 |
+ removed old builds, small merge with upstream policy |
564 |
+ |
565 |
+ 23 Nov 2004; petre rodan <kaiowas@g.o> |
566 |
+ selinux-postfix-20041120.ebuild: |
567 |
+ mark stable |
568 |
+ |
569 |
+*selinux-postfix-20041120 (22 Nov 2004) |
570 |
+ |
571 |
+ 22 Nov 2004; petre rodan <kaiowas@g.o> |
572 |
+ +selinux-postfix-20041120.ebuild: |
573 |
+ merge with nsa policy |
574 |
+ |
575 |
+*selinux-postfix-20041109 (13 Nov 2004) |
576 |
+ |
577 |
+ 13 Nov 2004; petre rodan <kaiowas@g.o> |
578 |
+ +selinux-postfix-20041109.ebuild: |
579 |
+ merge with nsa policy |
580 |
+ |
581 |
+*selinux-postfix-20041021 (27 Oct 2004) |
582 |
+ |
583 |
+ 27 Oct 2004; petre rodan <kaiowas@g.o> |
584 |
+ +selinux-postfix-20041021.ebuild: |
585 |
+ merge with nsa policy |
586 |
+ |
587 |
+*selinux-postfix-20040427 (27 Apr 2004) |
588 |
+ |
589 |
+ 27 Apr 2004; Chris PeBenito <pebenito@g.o> +metadata.xml, |
590 |
+ +selinux-postfix-20040427.ebuild: |
591 |
+ Initial commit. |
592 |
+ |
593 |
|
594 |
diff --git a/sec-policy/selinux-postfix/metadata.xml b/sec-policy/selinux-postfix/metadata.xml |
595 |
new file mode 100644 |
596 |
index 0000000..6cad3d5 |
597 |
--- /dev/null |
598 |
+++ b/sec-policy/selinux-postfix/metadata.xml |
599 |
@@ -0,0 +1,6 @@ |
600 |
+<?xml version="1.0" encoding="UTF-8"?> |
601 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
602 |
+<pkgmetadata> |
603 |
+ <herd>selinux</herd> |
604 |
+ <longdescription>Gentoo SELinux policy for postfix</longdescription> |
605 |
+</pkgmetadata> |
606 |
|
607 |
diff --git a/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r2.ebuild b/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r2.ebuild |
608 |
new file mode 100644 |
609 |
index 0000000..ff44da0 |
610 |
--- /dev/null |
611 |
+++ b/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r2.ebuild |
612 |
@@ -0,0 +1,13 @@ |
613 |
+# Copyright 1999-2011 Gentoo Foundation |
614 |
+# Distributed under the terms of the GNU General Public License v2 |
615 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r1.ebuild,v 1.2 2011/10/23 12:42:52 swift Exp $ |
616 |
+EAPI="4" |
617 |
+ |
618 |
+IUSE="" |
619 |
+MODS="postfix" |
620 |
+BASEPOL="2.20110726-r10" |
621 |
+ |
622 |
+inherit selinux-policy-2 |
623 |
+ |
624 |
+DESCRIPTION="SELinux policy for postfix" |
625 |
+KEYWORDS="~amd64 ~x86" |