1 |
commit: 25a69d7a8fc755476905c0ac23720fd166957f41 |
2 |
Author: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Sep 1 15:51:58 2016 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Sep 1 16:28:16 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=25a69d7a |
7 |
|
8 |
sys-libs/libsemanage: Drop old |
9 |
|
10 |
Package-Manager: portage-2.2.28 |
11 |
|
12 |
sys-libs/libsemanage/Manifest | 3 - |
13 |
...-Add-policy-binary-and-file_contexts.loca.patch | 318 --------------------- |
14 |
...-Add-file_contexts-and-seusers-to-the-sto.patch | 265 ----------------- |
15 |
...-save-homedir_template-in-the-policy-stor.patch | 54 ---- |
16 |
...age-store-users_extra-in-the-policy-store.patch | 57 ---- |
17 |
sys-libs/libsemanage/libsemanage-2.2-r2.ebuild | 91 ------ |
18 |
sys-libs/libsemanage/libsemanage-2.3-r4.ebuild | 104 ------- |
19 |
sys-libs/libsemanage/libsemanage-2.4-r1.ebuild | 127 -------- |
20 |
sys-libs/libsemanage/libsemanage-2.4-r2.ebuild | 132 --------- |
21 |
9 files changed, 1151 deletions(-) |
22 |
|
23 |
diff --git a/sys-libs/libsemanage/Manifest b/sys-libs/libsemanage/Manifest |
24 |
index 1f49a87..87c6ec0 100644 |
25 |
--- a/sys-libs/libsemanage/Manifest |
26 |
+++ b/sys-libs/libsemanage/Manifest |
27 |
@@ -1,4 +1 @@ |
28 |
-DIST libsemanage-2.2.tar.gz 138208 SHA256 11f60bfa0f1c6063cd9bd99ce0cb4acc9d6d9e9b8d7743d39e847bcd7803bd75 SHA512 09032b1b322fec7346164939ade118034812cb538ebc72121640d4ac5c89d2a66b59caa465027cfbebb590dee039a26d4345eafedf365d7f6ad0b5e90377d50f WHIRLPOOL 49170c5ee9ff57dcc4a15aa72386f37993f76436f0da25808c60dab2d03ba52932d0d4fa753c326900d83d2fae30f8bcf659251f17327783f2e2be3deb4842f4 |
29 |
-DIST libsemanage-2.3.tar.gz 138231 SHA256 03e09e35e611c286e446bef92b6023ef2623815996f5a53394bb02e49a312e4b SHA512 defe3bbdbe51abdaa13a39f693c33446d8a1a8509ac1eb25c7770da2df6487bcb0ca31259d02b4531d4c81db5e221e94e95bec97f6a1a155e1de2f65e6f0da34 WHIRLPOOL 943d4d300aa8ad49c411b10b41c0c3e751c46dbcbbe129bdd1d2e975e231c58391d6ecdee6b27699fff9f6e6facf5b48fc8d57c2ff68692694c7de430750fac9 |
30 |
-DIST libsemanage-2.4.tar.gz 151173 SHA256 1a4cace4ef16786531ec075c0e7b2f961e2fee5dc86c5f983a689058899a6484 SHA512 54f993253b22207b053daf4d34e72c65c72279866416089b6c0f047ef77bca3e307eac0ce6dfe40bd14e2e47e79841b358d5607501779f38d9b5f7c35f3b7729 WHIRLPOOL 7303c06515ed59b5756a87d08aff07671e51d26ce9fa452ca75643dd0ce4658571dc69d86434c943d691a4ab0d90cbdccdaa27e5aaec5fdf8057cf2d5d30631e |
31 |
DIST libsemanage-2.5.tar.gz 152884 SHA256 46e2f36254369b6e91d1eea0460c262b139361b055a3a67d3ceea2d8ef72e006 SHA512 cf644b77d8a24f76c630ece582df1b49a0c5f48f1c9f79b1caee0df10372008954406974472a072360dbe6de5ebc19b1b21bb247084d75b7186f61b32f33b8ec WHIRLPOOL 397b7fd2e9b2c00dbc2f58bdc023501dcd7ecf1212fef9ad7993b4763a041068416ef06552c0abf0beef8c69f4704933feca36951866c43d867181332971f6be |
32 |
|
33 |
diff --git a/sys-libs/libsemanage/files/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch b/sys-libs/libsemanage/files/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch |
34 |
deleted file mode 100644 |
35 |
index e5e821e..00000000 |
36 |
--- a/sys-libs/libsemanage/files/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch |
37 |
+++ /dev/null |
38 |
@@ -1,318 +0,0 @@ |
39 |
-From 9638af24a1e890d673549f0b25d854458e07032e Mon Sep 17 00:00:00 2001 |
40 |
-From: Yuli Khodorkovskiy <ykhodorkovskiy@××××××.com> |
41 |
-Date: Thu, 2 Jul 2015 09:27:36 -0400 |
42 |
-Subject: [PATCH] libsemanage: Add policy binary and file_contexts.local to the |
43 |
- store |
44 |
- |
45 |
-This patch writes policy.kern and file_contexts.local to the policy store as |
46 |
-well as /etc/selinux/. Additionally, policy.kern and file_contexts.local |
47 |
-are now parsed from the store rather than the final directory which was |
48 |
-the old behavior. This allows all policy related files to be kept in the |
49 |
-policy store. |
50 |
- |
51 |
-This patch also renames /var/lib/selinux/tmp to 'final' and changes |
52 |
-policy.kern in the store to longer be a symlink. |
53 |
- |
54 |
-Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@××××××.com> |
55 |
---- |
56 |
- libsemanage/src/booleans_policydb.c | 6 ++-- |
57 |
- libsemanage/src/direct_api.c | 33 +++++++++++++++---- |
58 |
- libsemanage/src/interfaces_policydb.c | 6 ++-- |
59 |
- libsemanage/src/nodes_policydb.c | 6 ++-- |
60 |
- libsemanage/src/ports_policydb.c | 6 ++-- |
61 |
- libsemanage/src/semanage_store.c | 55 ++++++++++++++++++++++++-------- |
62 |
- libsemanage/src/semanage_store.h | 5 +++ |
63 |
- libsemanage/src/users_base_policydb.c | 6 ++-- |
64 |
- libsemanage/utils/semanage_migrate_store | 3 +- |
65 |
- 9 files changed, 86 insertions(+), 40 deletions(-) |
66 |
- |
67 |
-diff --git a/libsemanage/src/booleans_policydb.c b/libsemanage/src/booleans_policydb.c |
68 |
-index 74af2a3..6869d6c 100644 |
69 |
---- a/libsemanage/src/booleans_policydb.c |
70 |
-+++ b/libsemanage/src/booleans_policydb.c |
71 |
-@@ -55,10 +55,8 @@ int bool_policydb_dbase_init(semanage_handle_t * handle, |
72 |
- { |
73 |
- |
74 |
- if (dbase_policydb_init(handle, |
75 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
76 |
-- SEMANAGE_KERNEL), |
77 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
78 |
-- SEMANAGE_KERNEL), |
79 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), |
80 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), |
81 |
- &SEMANAGE_BOOL_RTABLE, |
82 |
- &SEMANAGE_BOOL_POLICYDB_RTABLE, |
83 |
- &dconfig->dbase) < 0) |
84 |
-diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c |
85 |
-index d57f934..3c6b168 100644 |
86 |
---- a/libsemanage/src/direct_api.c |
87 |
-+++ b/libsemanage/src/direct_api.c |
88 |
-@@ -196,10 +196,8 @@ int semanage_direct_connect(semanage_handle_t * sh) |
89 |
- goto err; |
90 |
- |
91 |
- if (fcontext_file_dbase_init(sh, |
92 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
93 |
-- SEMANAGE_FC_LOCAL), |
94 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
95 |
-- SEMANAGE_FC_LOCAL), |
96 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_FC_LOCAL), |
97 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL), |
98 |
- semanage_fcontext_dbase_local(sh)) < 0) |
99 |
- goto err; |
100 |
- |
101 |
-@@ -1041,7 +1039,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
102 |
- size_t fc_buffer_len = 0; |
103 |
- const char *ofilename = NULL; |
104 |
- const char *path; |
105 |
-- int retval = -1, num_modinfos = 0, i; |
106 |
-+ int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0; |
107 |
- sepol_policydb_t *out = NULL; |
108 |
- struct cil_db *cildb = NULL; |
109 |
- semanage_module_info_t *modinfos = NULL; |
110 |
-@@ -1143,8 +1141,20 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
111 |
- modified |= dontaudit_modified; |
112 |
- modified |= preserve_tunables_modified; |
113 |
- |
114 |
-+ /* This is for systems that have already migrated with an older version |
115 |
-+ * of semanage_migrate_store. The older version did not copy policy.kern so |
116 |
-+ * the policy binary must be rebuilt here. |
117 |
-+ */ |
118 |
-+ if (!sh->do_rebuild && !modified) { |
119 |
-+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL); |
120 |
-+ |
121 |
-+ if (access(path, F_OK) != 0) { |
122 |
-+ missing_policy_kern = 1; |
123 |
-+ } |
124 |
-+ } |
125 |
-+ |
126 |
- /* If there were policy changes, or explicitly requested, rebuild the policy */ |
127 |
-- if (sh->do_rebuild || modified) { |
128 |
-+ if (sh->do_rebuild || modified || missing_policy_kern) { |
129 |
- /* =================== Module expansion =============== */ |
130 |
- |
131 |
- retval = semanage_get_active_modules(sh, &modinfos, &num_modinfos); |
132 |
-@@ -1302,6 +1312,17 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
133 |
- if (retval < 0) |
134 |
- goto cleanup; |
135 |
- |
136 |
-+ retval = semanage_copy_policydb(sh); |
137 |
-+ if (retval < 0) |
138 |
-+ goto cleanup; |
139 |
-+ |
140 |
-+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); |
141 |
-+ if (access(path, F_OK) == 0) { |
142 |
-+ retval = semanage_copy_fc_local(sh); |
143 |
-+ if (retval < 0) |
144 |
-+ goto cleanup; |
145 |
-+ } |
146 |
-+ |
147 |
- /* run genhomedircon if its enabled, this should be the last operation |
148 |
- * which requires the out policydb */ |
149 |
- if (!sh->conf->disable_genhomedircon) { |
150 |
-diff --git a/libsemanage/src/interfaces_policydb.c b/libsemanage/src/interfaces_policydb.c |
151 |
-index 6a42eed..552ce7d 100644 |
152 |
---- a/libsemanage/src/interfaces_policydb.c |
153 |
-+++ b/libsemanage/src/interfaces_policydb.c |
154 |
-@@ -51,10 +51,8 @@ int iface_policydb_dbase_init(semanage_handle_t * handle, |
155 |
- { |
156 |
- |
157 |
- if (dbase_policydb_init(handle, |
158 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
159 |
-- SEMANAGE_KERNEL), |
160 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
161 |
-- SEMANAGE_KERNEL), |
162 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), |
163 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), |
164 |
- &SEMANAGE_IFACE_RTABLE, |
165 |
- &SEMANAGE_IFACE_POLICYDB_RTABLE, |
166 |
- &dconfig->dbase) < 0) |
167 |
-diff --git a/libsemanage/src/nodes_policydb.c b/libsemanage/src/nodes_policydb.c |
168 |
-index 56012fb..7224f00 100644 |
169 |
---- a/libsemanage/src/nodes_policydb.c |
170 |
-+++ b/libsemanage/src/nodes_policydb.c |
171 |
-@@ -50,10 +50,8 @@ int node_policydb_dbase_init(semanage_handle_t * handle, |
172 |
- { |
173 |
- |
174 |
- if (dbase_policydb_init(handle, |
175 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
176 |
-- SEMANAGE_KERNEL), |
177 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
178 |
-- SEMANAGE_KERNEL), |
179 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), |
180 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), |
181 |
- &SEMANAGE_NODE_RTABLE, |
182 |
- &SEMANAGE_NODE_POLICYDB_RTABLE, |
183 |
- &dconfig->dbase) < 0) |
184 |
-diff --git a/libsemanage/src/ports_policydb.c b/libsemanage/src/ports_policydb.c |
185 |
-index b9600f0..37d7deb 100644 |
186 |
---- a/libsemanage/src/ports_policydb.c |
187 |
-+++ b/libsemanage/src/ports_policydb.c |
188 |
-@@ -50,10 +50,8 @@ int port_policydb_dbase_init(semanage_handle_t * handle, |
189 |
- { |
190 |
- |
191 |
- if (dbase_policydb_init(handle, |
192 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
193 |
-- SEMANAGE_KERNEL), |
194 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
195 |
-- SEMANAGE_KERNEL), |
196 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), |
197 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), |
198 |
- &SEMANAGE_PORT_RTABLE, |
199 |
- &SEMANAGE_PORT_POLICYDB_RTABLE, |
200 |
- &dconfig->dbase) < 0) |
201 |
-diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c |
202 |
-index 6051691..2856aaf 100644 |
203 |
---- a/libsemanage/src/semanage_store.c |
204 |
-+++ b/libsemanage/src/semanage_store.c |
205 |
-@@ -110,10 +110,12 @@ static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = { |
206 |
- "/disable_dontaudit", |
207 |
- "/preserve_tunables", |
208 |
- "/modules/disabled", |
209 |
-+ "/policy.kern", |
210 |
-+ "/file_contexts.local" |
211 |
- }; |
212 |
- |
213 |
- static char const * const semanage_final_prefix[SEMANAGE_FINAL_NUM] = { |
214 |
-- "/tmp", |
215 |
-+ "/final", |
216 |
- "", |
217 |
- }; |
218 |
- |
219 |
-@@ -943,9 +945,7 @@ int semanage_make_final(semanage_handle_t *sh) |
220 |
- goto cleanup; |
221 |
- } |
222 |
- |
223 |
-- /* Copy in exported databases. |
224 |
-- * i = 1 to avoid copying the top level directory. |
225 |
-- */ |
226 |
-+ // Build final directory structure |
227 |
- int i; |
228 |
- for (i = 1; i < SEMANAGE_FINAL_PATH_NUM; i++) { |
229 |
- if (strlen(semanage_final_path(SEMANAGE_FINAL_TMP, i)) >= sizeof(fn)) { |
230 |
-@@ -959,12 +959,6 @@ int semanage_make_final(semanage_handle_t *sh) |
231 |
- status = -1; |
232 |
- goto cleanup; |
233 |
- } |
234 |
-- |
235 |
-- semanage_copy_file( |
236 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, i), |
237 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, i), |
238 |
-- sh->conf->file_mode); |
239 |
-- /* ignore errors, these files may not exist */ |
240 |
- } |
241 |
- |
242 |
- cleanup: |
243 |
-@@ -2019,8 +2013,7 @@ int semanage_read_policydb(semanage_handle_t * sh, sepol_policydb_t * in) |
244 |
- FILE *infile = NULL; |
245 |
- |
246 |
- if ((kernel_filename = |
247 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
248 |
-- SEMANAGE_KERNEL)) == NULL) { |
249 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL)) == NULL) { |
250 |
- goto cleanup; |
251 |
- } |
252 |
- if ((infile = fopen(kernel_filename, "r")) == NULL) { |
253 |
-@@ -2061,7 +2054,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out) |
254 |
- FILE *outfile = NULL; |
255 |
- |
256 |
- if ((kernel_filename = |
257 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL)) == NULL) { |
258 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL)) == NULL) { |
259 |
- goto cleanup; |
260 |
- } |
261 |
- if ((outfile = fopen(kernel_filename, "wb")) == NULL) { |
262 |
-@@ -2921,3 +2914,39 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, |
263 |
- |
264 |
- return 0; |
265 |
- } |
266 |
-+ |
267 |
-+int semanage_copy_policydb(semanage_handle_t *sh) |
268 |
-+{ |
269 |
-+ const char *src = NULL; |
270 |
-+ const char *dst = NULL; |
271 |
-+ int rc = -1; |
272 |
-+ |
273 |
-+ src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL); |
274 |
-+ dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL); |
275 |
-+ |
276 |
-+ rc = semanage_copy_file(src, dst, sh->conf->file_mode); |
277 |
-+ if (rc != 0) { |
278 |
-+ goto cleanup; |
279 |
-+ } |
280 |
-+ |
281 |
-+cleanup: |
282 |
-+ return rc; |
283 |
-+} |
284 |
-+ |
285 |
-+int semanage_copy_fc_local(semanage_handle_t *sh) |
286 |
-+{ |
287 |
-+ const char *src = NULL; |
288 |
-+ const char *dst = NULL; |
289 |
-+ int rc = -1; |
290 |
-+ |
291 |
-+ src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); |
292 |
-+ dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL); |
293 |
-+ |
294 |
-+ rc = semanage_copy_file(src, dst, sh->conf->file_mode); |
295 |
-+ if (rc != 0) { |
296 |
-+ goto cleanup; |
297 |
-+ } |
298 |
-+ |
299 |
-+cleanup: |
300 |
-+ return rc; |
301 |
-+} |
302 |
-diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h |
303 |
-index 62c7079..ade43f2 100644 |
304 |
---- a/libsemanage/src/semanage_store.h |
305 |
-+++ b/libsemanage/src/semanage_store.h |
306 |
-@@ -55,6 +55,8 @@ enum semanage_sandbox_defs { |
307 |
- SEMANAGE_DISABLE_DONTAUDIT, |
308 |
- SEMANAGE_PRESERVE_TUNABLES, |
309 |
- SEMANAGE_MODULES_DISABLED, |
310 |
-+ SEMANAGE_STORE_KERNEL, |
311 |
-+ SEMANAGE_STORE_FC_LOCAL, |
312 |
- SEMANAGE_STORE_NUM_PATHS |
313 |
- }; |
314 |
- |
315 |
-@@ -148,4 +150,7 @@ int semanage_nc_sort(semanage_handle_t * sh, |
316 |
- size_t buf_len, |
317 |
- char **sorted_buf, size_t * sorted_buf_len); |
318 |
- |
319 |
-+int semanage_copy_policydb(semanage_handle_t *sh); |
320 |
-+int semanage_copy_fc_local(semanage_handle_t *sh); |
321 |
-+ |
322 |
- #endif |
323 |
-diff --git a/libsemanage/src/users_base_policydb.c b/libsemanage/src/users_base_policydb.c |
324 |
-index 0a6ab9c..b42279c 100644 |
325 |
---- a/libsemanage/src/users_base_policydb.c |
326 |
-+++ b/libsemanage/src/users_base_policydb.c |
327 |
-@@ -50,10 +50,8 @@ int user_base_policydb_dbase_init(semanage_handle_t * handle, |
328 |
- { |
329 |
- |
330 |
- if (dbase_policydb_init(handle, |
331 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
332 |
-- SEMANAGE_KERNEL), |
333 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
334 |
-- SEMANAGE_KERNEL), |
335 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), |
336 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), |
337 |
- &SEMANAGE_USER_BASE_RTABLE, |
338 |
- &SEMANAGE_USER_BASE_POLICYDB_RTABLE, |
339 |
- &dconfig->dbase) < 0) |
340 |
-diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store |
341 |
-index 2f85e9c..b170eda 100755 |
342 |
---- a/libsemanage/utils/semanage_migrate_store |
343 |
-+++ b/libsemanage/utils/semanage_migrate_store |
344 |
-@@ -243,7 +243,8 @@ if __name__ == "__main__": |
345 |
- "users.local", |
346 |
- "users_extra.local", |
347 |
- "disable_dontaudit", |
348 |
-- "preserve_tunables" ] |
349 |
-+ "preserve_tunables", |
350 |
-+ "policy.kern" ] |
351 |
- |
352 |
- |
353 |
- create_dir(newroot_path(), 0o755) |
354 |
--- |
355 |
-2.4.6 |
356 |
- |
357 |
|
358 |
diff --git a/sys-libs/libsemanage/files/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch b/sys-libs/libsemanage/files/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch |
359 |
deleted file mode 100644 |
360 |
index 24e9778..00000000 |
361 |
--- a/sys-libs/libsemanage/files/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch |
362 |
+++ /dev/null |
363 |
@@ -1,265 +0,0 @@ |
364 |
-From d56c2b434e99f60612c1290e82021ecbcbfaf5e6 Mon Sep 17 00:00:00 2001 |
365 |
-From: Yuli Khodorkovskiy <ykhodorkovskiy@××××××.com> |
366 |
-Date: Tue, 21 Jul 2015 15:08:15 -0400 |
367 |
-Subject: [PATCH] libsemanage: Add file_contexts and seusers to the store |
368 |
- |
369 |
-This patch writes file_contexts and seusers to the policy store as well as |
370 |
-/etc/selinux/. Additionally, file_contexts and seusers are now parsed from the |
371 |
-store rather than the final directory which was the old behavior. This allows |
372 |
-all policy related files to be kept in the policy store. |
373 |
- |
374 |
-Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@××××××.com> |
375 |
---- |
376 |
- libsemanage/src/direct_api.c | 69 +++++++++++++++++++++++++------- |
377 |
- libsemanage/src/semanage_store.c | 49 ++++------------------- |
378 |
- libsemanage/src/semanage_store.h | 5 ++- |
379 |
- libsemanage/utils/semanage_migrate_store | 3 +- |
380 |
- 4 files changed, 66 insertions(+), 60 deletions(-) |
381 |
- |
382 |
-diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c |
383 |
-index 3c6b168..b11f2ba 100644 |
384 |
---- a/libsemanage/src/direct_api.c |
385 |
-+++ b/libsemanage/src/direct_api.c |
386 |
-@@ -248,18 +248,14 @@ int semanage_direct_connect(semanage_handle_t * sh) |
387 |
- goto err; |
388 |
- |
389 |
- if (fcontext_file_dbase_init(sh, |
390 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
391 |
-- SEMANAGE_FC), |
392 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
393 |
-- SEMANAGE_FC), |
394 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_FC), |
395 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), |
396 |
- semanage_fcontext_dbase_policy(sh)) < 0) |
397 |
- goto err; |
398 |
- |
399 |
- if (seuser_file_dbase_init(sh, |
400 |
-- semanage_final_path(SEMANAGE_FINAL_SELINUX, |
401 |
-- SEMANAGE_SEUSERS), |
402 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
403 |
-- SEMANAGE_SEUSERS), |
404 |
-+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_SEUSERS), |
405 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS), |
406 |
- semanage_seuser_dbase_policy(sh)) < 0) |
407 |
- goto err; |
408 |
- |
409 |
-@@ -602,7 +598,7 @@ static int semanage_direct_update_seuser(semanage_handle_t * sh, cil_db_t *cildb |
410 |
- } |
411 |
- |
412 |
- if (size > 0) { |
413 |
-- ofilename = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_SEUSERS); |
414 |
-+ ofilename = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS); |
415 |
- if (ofilename == NULL) { |
416 |
- return -1; |
417 |
- } |
418 |
-@@ -1039,7 +1035,8 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
419 |
- size_t fc_buffer_len = 0; |
420 |
- const char *ofilename = NULL; |
421 |
- const char *path; |
422 |
-- int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0; |
423 |
-+ int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0, |
424 |
-+ missing_seusers = 0, missing_fc = 0, missing = 0; |
425 |
- sepol_policydb_t *out = NULL; |
426 |
- struct cil_db *cildb = NULL; |
427 |
- semanage_module_info_t *modinfos = NULL; |
428 |
-@@ -1151,10 +1148,26 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
429 |
- if (access(path, F_OK) != 0) { |
430 |
- missing_policy_kern = 1; |
431 |
- } |
432 |
-+ |
433 |
-+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC); |
434 |
-+ |
435 |
-+ if (access(path, F_OK) != 0) { |
436 |
-+ missing_fc = 1; |
437 |
-+ } |
438 |
-+ |
439 |
-+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS); |
440 |
-+ |
441 |
-+ if (access(path, F_OK) != 0) { |
442 |
-+ missing_seusers = 1; |
443 |
-+ } |
444 |
- } |
445 |
- |
446 |
-+ missing |= missing_policy_kern; |
447 |
-+ missing |= missing_fc; |
448 |
-+ missing |= missing_seusers; |
449 |
-+ |
450 |
- /* If there were policy changes, or explicitly requested, rebuild the policy */ |
451 |
-- if (sh->do_rebuild || modified || missing_policy_kern) { |
452 |
-+ if (sh->do_rebuild || modified || missing) { |
453 |
- /* =================== Module expansion =============== */ |
454 |
- |
455 |
- retval = semanage_get_active_modules(sh, &modinfos, &num_modinfos); |
456 |
-@@ -1312,15 +1325,41 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
457 |
- if (retval < 0) |
458 |
- goto cleanup; |
459 |
- |
460 |
-- retval = semanage_copy_policydb(sh); |
461 |
-- if (retval < 0) |
462 |
-+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), |
463 |
-+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL), |
464 |
-+ sh->conf->file_mode); |
465 |
-+ if (retval < 0) { |
466 |
- goto cleanup; |
467 |
-+ } |
468 |
- |
469 |
- path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); |
470 |
- if (access(path, F_OK) == 0) { |
471 |
-- retval = semanage_copy_fc_local(sh); |
472 |
-- if (retval < 0) |
473 |
-+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL), |
474 |
-+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL), |
475 |
-+ sh->conf->file_mode); |
476 |
-+ if (retval < 0) { |
477 |
- goto cleanup; |
478 |
-+ } |
479 |
-+ } |
480 |
-+ |
481 |
-+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC); |
482 |
-+ if (access(path, F_OK) == 0) { |
483 |
-+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), |
484 |
-+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC), |
485 |
-+ sh->conf->file_mode); |
486 |
-+ if (retval < 0) { |
487 |
-+ goto cleanup; |
488 |
-+ } |
489 |
-+ } |
490 |
-+ |
491 |
-+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS); |
492 |
-+ if (access(path, F_OK) == 0) { |
493 |
-+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS), |
494 |
-+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_SEUSERS), |
495 |
-+ sh->conf->file_mode); |
496 |
-+ if (retval < 0) { |
497 |
-+ goto cleanup; |
498 |
-+ } |
499 |
- } |
500 |
- |
501 |
- /* run genhomedircon if its enabled, this should be the last operation |
502 |
-diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c |
503 |
-index 2856aaf..fa0876f 100644 |
504 |
---- a/libsemanage/src/semanage_store.c |
505 |
-+++ b/libsemanage/src/semanage_store.c |
506 |
-@@ -111,7 +111,9 @@ static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = { |
507 |
- "/preserve_tunables", |
508 |
- "/modules/disabled", |
509 |
- "/policy.kern", |
510 |
-- "/file_contexts.local" |
511 |
-+ "/file_contexts.local", |
512 |
-+ "/file_contexts", |
513 |
-+ "/seusers" |
514 |
- }; |
515 |
- |
516 |
- static char const * const semanage_final_prefix[SEMANAGE_FINAL_NUM] = { |
517 |
-@@ -666,7 +668,7 @@ static int semanage_filename_select(const struct dirent *d) |
518 |
- |
519 |
- /* Copies a file from src to dst. If dst already exists then |
520 |
- * overwrite it. Returns 0 on success, -1 on error. */ |
521 |
--static int semanage_copy_file(const char *src, const char *dst, mode_t mode) |
522 |
-+int semanage_copy_file(const char *src, const char *dst, mode_t mode) |
523 |
- { |
524 |
- int in, out, retval = 0, amount_read, n, errsv = errno; |
525 |
- char tmp[PATH_MAX]; |
526 |
-@@ -1425,11 +1427,11 @@ int semanage_split_fc(semanage_handle_t * sh) |
527 |
- goto cleanup; |
528 |
- } |
529 |
- |
530 |
-- fc = open(semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC), |
531 |
-+ fc = open(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), |
532 |
- O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); |
533 |
- if (fc < 0) { |
534 |
- ERR(sh, "Could not open %s for writing.", |
535 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC)); |
536 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC)); |
537 |
- goto cleanup; |
538 |
- } |
539 |
- hd = open(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL), |
540 |
-@@ -1454,8 +1456,7 @@ int semanage_split_fc(semanage_handle_t * sh) |
541 |
- } else { |
542 |
- if (write(fc, buf, strlen(buf)) < 0) { |
543 |
- ERR(sh, "Write to %s failed.", |
544 |
-- semanage_final_path(SEMANAGE_FINAL_TMP, |
545 |
-- SEMANAGE_FC)); |
546 |
-+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC)); |
547 |
- goto cleanup; |
548 |
- } |
549 |
- } |
550 |
-@@ -2914,39 +2915,3 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, |
551 |
- |
552 |
- return 0; |
553 |
- } |
554 |
-- |
555 |
--int semanage_copy_policydb(semanage_handle_t *sh) |
556 |
--{ |
557 |
-- const char *src = NULL; |
558 |
-- const char *dst = NULL; |
559 |
-- int rc = -1; |
560 |
-- |
561 |
-- src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL); |
562 |
-- dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL); |
563 |
-- |
564 |
-- rc = semanage_copy_file(src, dst, sh->conf->file_mode); |
565 |
-- if (rc != 0) { |
566 |
-- goto cleanup; |
567 |
-- } |
568 |
-- |
569 |
--cleanup: |
570 |
-- return rc; |
571 |
--} |
572 |
-- |
573 |
--int semanage_copy_fc_local(semanage_handle_t *sh) |
574 |
--{ |
575 |
-- const char *src = NULL; |
576 |
-- const char *dst = NULL; |
577 |
-- int rc = -1; |
578 |
-- |
579 |
-- src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); |
580 |
-- dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL); |
581 |
-- |
582 |
-- rc = semanage_copy_file(src, dst, sh->conf->file_mode); |
583 |
-- if (rc != 0) { |
584 |
-- goto cleanup; |
585 |
-- } |
586 |
-- |
587 |
--cleanup: |
588 |
-- return rc; |
589 |
--} |
590 |
-diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h |
591 |
-index ade43f2..acb6e3f 100644 |
592 |
---- a/libsemanage/src/semanage_store.h |
593 |
-+++ b/libsemanage/src/semanage_store.h |
594 |
-@@ -57,6 +57,8 @@ enum semanage_sandbox_defs { |
595 |
- SEMANAGE_MODULES_DISABLED, |
596 |
- SEMANAGE_STORE_KERNEL, |
597 |
- SEMANAGE_STORE_FC_LOCAL, |
598 |
-+ SEMANAGE_STORE_FC, |
599 |
-+ SEMANAGE_STORE_SEUSERS, |
600 |
- SEMANAGE_STORE_NUM_PATHS |
601 |
- }; |
602 |
- |
603 |
-@@ -150,7 +152,6 @@ int semanage_nc_sort(semanage_handle_t * sh, |
604 |
- size_t buf_len, |
605 |
- char **sorted_buf, size_t * sorted_buf_len); |
606 |
- |
607 |
--int semanage_copy_policydb(semanage_handle_t *sh); |
608 |
--int semanage_copy_fc_local(semanage_handle_t *sh); |
609 |
-+int semanage_copy_file(const char *src, const char *dst, mode_t mode); |
610 |
- |
611 |
- #endif |
612 |
-diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store |
613 |
-index b170eda..6443002 100755 |
614 |
---- a/libsemanage/utils/semanage_migrate_store |
615 |
-+++ b/libsemanage/utils/semanage_migrate_store |
616 |
-@@ -244,7 +244,8 @@ if __name__ == "__main__": |
617 |
- "users_extra.local", |
618 |
- "disable_dontaudit", |
619 |
- "preserve_tunables", |
620 |
-- "policy.kern" ] |
621 |
-+ "policy.kern", |
622 |
-+ "file_contexts"] |
623 |
- |
624 |
- |
625 |
- create_dir(newroot_path(), 0o755) |
626 |
--- |
627 |
-2.4.6 |
628 |
- |
629 |
|
630 |
diff --git a/sys-libs/libsemanage/files/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch b/sys-libs/libsemanage/files/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch |
631 |
deleted file mode 100644 |
632 |
index 3bc1370..00000000 |
633 |
--- a/sys-libs/libsemanage/files/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch |
634 |
+++ /dev/null |
635 |
@@ -1,54 +0,0 @@ |
636 |
-From 75dd8c062d1f6f0e0a7a9f1856c0957b423e8a02 Mon Sep 17 00:00:00 2001 |
637 |
-From: Steve Lawrence <slawrence@××××××.com> |
638 |
-Date: Thu, 3 Sep 2015 09:28:08 -0400 |
639 |
-Subject: [PATCH 1/3] libsemanage: save homedir_template in the policy store |
640 |
- for genhomedircon |
641 |
- |
642 |
-We don't currently store homedir_template in the policy store, which |
643 |
-means genhomedircon only has a template file to use if the |
644 |
-homedir_template was generated from the file contexts in the same |
645 |
-transaction. But homedir_template isn't always generated, as in the |
646 |
-case with setsebool -P. In this and other cases, genhomedircon will not |
647 |
-have a template file resulting in an empty file_contexts.homedir file. |
648 |
- |
649 |
-This commit changes this so that homedir_template is always stored in |
650 |
-the policy store so it can be used by genhomedircon regardless of how |
651 |
-policy was built. Also add the homedir_template file to the migration |
652 |
-script. |
653 |
- |
654 |
-Signed-off by: Steve Lawrence <slawrence@××××××.com> |
655 |
-Acked-by: Stephen Smalley <sds@×××××××××.gov> |
656 |
---- |
657 |
- libsemanage/src/direct_api.c | 1 - |
658 |
- libsemanage/utils/semanage_migrate_store | 3 ++- |
659 |
- 2 files changed, 2 insertions(+), 2 deletions(-) |
660 |
- |
661 |
-diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c |
662 |
-index 90a7b22..6e49cae 100644 |
663 |
---- a/libsemanage/src/direct_api.c |
664 |
-+++ b/libsemanage/src/direct_api.c |
665 |
-@@ -1415,7 +1415,6 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
666 |
- |
667 |
- /* remove files that are automatically generated and no longer needed */ |
668 |
- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); |
669 |
-- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL)); |
670 |
- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA)); |
671 |
- |
672 |
- if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) { |
673 |
-diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store |
674 |
-index 539f469..297c71b 100755 |
675 |
---- a/libsemanage/utils/semanage_migrate_store |
676 |
-+++ b/libsemanage/utils/semanage_migrate_store |
677 |
-@@ -251,7 +251,8 @@ if __name__ == "__main__": |
678 |
- "disable_dontaudit", |
679 |
- "preserve_tunables", |
680 |
- "policy.kern", |
681 |
-- "file_contexts"] |
682 |
-+ "file_contexts", |
683 |
-+ "homedir_template"] |
684 |
- |
685 |
- |
686 |
- create_dir(newroot_path(), 0o755) |
687 |
--- |
688 |
-2.4.6 |
689 |
- |
690 |
|
691 |
diff --git a/sys-libs/libsemanage/files/0005-libsemanage-store-users_extra-in-the-policy-store.patch b/sys-libs/libsemanage/files/0005-libsemanage-store-users_extra-in-the-policy-store.patch |
692 |
deleted file mode 100644 |
693 |
index 1aca2ad..00000000 |
694 |
--- a/sys-libs/libsemanage/files/0005-libsemanage-store-users_extra-in-the-policy-store.patch |
695 |
+++ /dev/null |
696 |
@@ -1,57 +0,0 @@ |
697 |
-From dbc639a35af71eec1a1b386b74a822d794bb59df Mon Sep 17 00:00:00 2001 |
698 |
-From: Steve Lawrence <slawrence@××××××.com> |
699 |
-Date: Thu, 3 Sep 2015 13:07:36 -0400 |
700 |
-Subject: [PATCH 2/3] libsemanage: store users_extra in the policy store |
701 |
- |
702 |
-users_extra is needed by genhomedircon and when listing seusers, so it |
703 |
-must be kept in the policy store. Also move the FC_TMPL unlink() closer |
704 |
-to where the FC_TMPL is created; not a functional change, but eaiser to |
705 |
-follow. |
706 |
- |
707 |
-Signed-off-by: Steve Lawrence <slawrence@××××××.com> |
708 |
-Acked-by: Stephen Smalley <sds@×××××××××.gov> |
709 |
---- |
710 |
- libsemanage/src/direct_api.c | 7 +++---- |
711 |
- libsemanage/utils/semanage_migrate_store | 1 + |
712 |
- 2 files changed, 4 insertions(+), 4 deletions(-) |
713 |
- |
714 |
-diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c |
715 |
-index 6e49cae..68dd0d1 100644 |
716 |
---- a/libsemanage/src/direct_api.c |
717 |
-+++ b/libsemanage/src/direct_api.c |
718 |
-@@ -1272,6 +1272,9 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
719 |
- if (retval < 0) |
720 |
- goto cleanup; |
721 |
- |
722 |
-+ /* remove FC_TMPL now that it is now longer needed */ |
723 |
-+ unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); |
724 |
-+ |
725 |
- pfcontexts->dtable->drop_cache(pfcontexts->dbase); |
726 |
- |
727 |
- /* SEUsers */ |
728 |
-@@ -1413,10 +1416,6 @@ static int semanage_direct_commit(semanage_handle_t * sh) |
729 |
- sepol_policydb_free(out); |
730 |
- out = NULL; |
731 |
- |
732 |
-- /* remove files that are automatically generated and no longer needed */ |
733 |
-- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); |
734 |
-- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA)); |
735 |
-- |
736 |
- if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) { |
737 |
- retval = semanage_install_sandbox(sh); |
738 |
- } |
739 |
-diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store |
740 |
-index 297c71b..b5eefaa 100755 |
741 |
---- a/libsemanage/utils/semanage_migrate_store |
742 |
-+++ b/libsemanage/utils/semanage_migrate_store |
743 |
-@@ -247,6 +247,7 @@ if __name__ == "__main__": |
744 |
- "file_contexts.local", |
745 |
- "seusers", |
746 |
- "users.local", |
747 |
-+ "users_extra", |
748 |
- "users_extra.local", |
749 |
- "disable_dontaudit", |
750 |
- "preserve_tunables", |
751 |
--- |
752 |
-2.4.6 |
753 |
- |
754 |
|
755 |
diff --git a/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild b/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild |
756 |
deleted file mode 100644 |
757 |
index 2d6bc07..00000000 |
758 |
--- a/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild |
759 |
+++ /dev/null |
760 |
@@ -1,91 +0,0 @@ |
761 |
-# Copyright 1999-2015 Gentoo Foundation |
762 |
-# Distributed under the terms of the GNU General Public License v2 |
763 |
-# $Id$ |
764 |
- |
765 |
-EAPI="5" |
766 |
-PYTHON_COMPAT=( python2_7 python3_3 ) |
767 |
- |
768 |
-inherit multilib python-r1 toolchain-funcs eutils multilib-minimal |
769 |
- |
770 |
-SEPOL_VER="2.2" |
771 |
-SELNX_VER="2.2.2-r1" |
772 |
- |
773 |
-DESCRIPTION="SELinux kernel and policy management library" |
774 |
-HOMEPAGE="http://userspace.selinuxproject.org" |
775 |
-SRC_URI="http://userspace.selinuxproject.org/releases/20131030/${P}.tar.gz" |
776 |
- |
777 |
-LICENSE="GPL-2" |
778 |
-SLOT="0" |
779 |
-KEYWORDS="amd64 x86" |
780 |
-IUSE="python" |
781 |
- |
782 |
-RDEPEND=">=sys-libs/libsepol-${SEPOL_VER} |
783 |
- >=sys-libs/libselinux-${SELNX_VER} |
784 |
- dev-libs/ustr |
785 |
- sys-process/audit" |
786 |
-DEPEND="${RDEPEND} |
787 |
- sys-devel/bison |
788 |
- sys-devel/flex |
789 |
- python? ( |
790 |
- >=dev-lang/swig-2.0.4-r1 |
791 |
- virtual/pkgconfig |
792 |
- ${PYTHON_DEPS} |
793 |
- )" |
794 |
- |
795 |
-# tests are not meant to be run outside of the |
796 |
-# full SELinux userland repo |
797 |
-RESTRICT="test" |
798 |
- |
799 |
-src_prepare() { |
800 |
- echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" |
801 |
- echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" |
802 |
- echo "# or debugging of policy." >> "${S}/src/semanage.conf" |
803 |
- echo "save-linked=false" >> "${S}/src/semanage.conf" |
804 |
- echo >> "${S}/src/semanage.conf" |
805 |
- echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" |
806 |
- echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" |
807 |
- echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" |
808 |
- echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" |
809 |
- echo "# would catch." >> "${S}/src/semanage.conf" |
810 |
- echo "expand-check=1" >> "${S}/src/semanage.conf" |
811 |
- echo >> "${S}/src/semanage.conf" |
812 |
- echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" |
813 |
- echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" |
814 |
- echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" |
815 |
- echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" |
816 |
- echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" |
817 |
- echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" |
818 |
- echo >> "${S}/src/semanage.conf" |
819 |
- echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" |
820 |
- echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" |
821 |
- echo "bzip-small=true" >> "${S}/src/semanage.conf" |
822 |
- |
823 |
- epatch_user |
824 |
- |
825 |
- multilib_copy_sources |
826 |
-} |
827 |
- |
828 |
-multilib_src_compile() { |
829 |
- emake AR="$(tc-getAR)" CC="$(tc-getCC)" all || die |
830 |
- |
831 |
- if multilib_is_native_abi && use python; then |
832 |
- building() { |
833 |
- python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH |
834 |
- emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" |
835 |
- } |
836 |
- python_foreach_impl building swigify |
837 |
- python_foreach_impl building pywrap |
838 |
- fi |
839 |
-} |
840 |
- |
841 |
-multilib_src_install() { |
842 |
- LIBDIR="\$(PREFIX)/$(get_libdir)" SHLIBDIR="\$(PREFIX)/$(get_libdir)" \ |
843 |
- emake DESTDIR="${D}" install |
844 |
- |
845 |
- if multilib_is_native_abi && use python; then |
846 |
- installation() { |
847 |
- emake DESTDIR="${D}" install-pywrap |
848 |
- } |
849 |
- python_foreach_impl installation |
850 |
- fi |
851 |
-} |
852 |
|
853 |
diff --git a/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild b/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild |
854 |
deleted file mode 100644 |
855 |
index 3e52b94..00000000 |
856 |
--- a/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild |
857 |
+++ /dev/null |
858 |
@@ -1,104 +0,0 @@ |
859 |
-# Copyright 1999-2015 Gentoo Foundation |
860 |
-# Distributed under the terms of the GNU General Public License v2 |
861 |
-# $Id$ |
862 |
- |
863 |
-EAPI="5" |
864 |
-PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) |
865 |
- |
866 |
-inherit multilib python-r1 toolchain-funcs eutils multilib-minimal |
867 |
- |
868 |
-MY_P="${P//_/-}" |
869 |
- |
870 |
-SEPOL_VER="2.3" |
871 |
-SELNX_VER="2.3" |
872 |
- |
873 |
-DESCRIPTION="SELinux kernel and policy management library" |
874 |
-HOMEPAGE="http://userspace.selinuxproject.org" |
875 |
-SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20140506/${MY_P}.tar.gz" |
876 |
- |
877 |
-LICENSE="GPL-2" |
878 |
-SLOT="0" |
879 |
-KEYWORDS="amd64 x86" |
880 |
-IUSE="python" |
881 |
- |
882 |
-RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] |
883 |
- >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] |
884 |
- >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] |
885 |
- >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] |
886 |
- " |
887 |
-DEPEND="${RDEPEND} |
888 |
- sys-devel/bison |
889 |
- sys-devel/flex |
890 |
- python? ( |
891 |
- >=dev-lang/swig-2.0.4-r1 |
892 |
- virtual/pkgconfig |
893 |
- ${PYTHON_DEPS} |
894 |
- )" |
895 |
- |
896 |
-# tests are not meant to be run outside of the |
897 |
-# full SELinux userland repo |
898 |
-RESTRICT="test" |
899 |
- |
900 |
-S="${WORKDIR}/${MY_P}" |
901 |
- |
902 |
-src_prepare() { |
903 |
- echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" |
904 |
- echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" |
905 |
- echo "# or debugging of policy." >> "${S}/src/semanage.conf" |
906 |
- echo "save-linked=false" >> "${S}/src/semanage.conf" |
907 |
- echo >> "${S}/src/semanage.conf" |
908 |
- echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" |
909 |
- echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" |
910 |
- echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" |
911 |
- echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" |
912 |
- echo "# would catch." >> "${S}/src/semanage.conf" |
913 |
- echo "expand-check=1" >> "${S}/src/semanage.conf" |
914 |
- echo >> "${S}/src/semanage.conf" |
915 |
- echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" |
916 |
- echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" |
917 |
- echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" |
918 |
- echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" |
919 |
- echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" |
920 |
- echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" |
921 |
- echo >> "${S}/src/semanage.conf" |
922 |
- echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" |
923 |
- echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" |
924 |
- echo "bzip-small=true" >> "${S}/src/semanage.conf" |
925 |
- |
926 |
- epatch_user |
927 |
- |
928 |
- multilib_copy_sources |
929 |
-} |
930 |
- |
931 |
-multilib_src_compile() { |
932 |
- emake \ |
933 |
- AR="$(tc-getAR)" \ |
934 |
- CC="$(tc-getCC)" \ |
935 |
- LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ |
936 |
- all |
937 |
- |
938 |
- if multilib_is_native_abi && use python; then |
939 |
- building_py() { |
940 |
- python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH |
941 |
- emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" |
942 |
- python_optimize # bug 531638 |
943 |
- } |
944 |
- python_foreach_impl building_py swigify |
945 |
- python_foreach_impl building_py pywrap |
946 |
- fi |
947 |
-} |
948 |
- |
949 |
-multilib_src_install() { |
950 |
- emake \ |
951 |
- LIBDIR="${ED}/usr/$(get_libdir)" \ |
952 |
- SHLIBDIR="${ED}/usr/$(get_libdir)" \ |
953 |
- DESTDIR="${ED}" install |
954 |
- |
955 |
- if multilib_is_native_abi && use python; then |
956 |
- installation_py() { |
957 |
- emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ |
958 |
- SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap |
959 |
- } |
960 |
- python_foreach_impl installation_py |
961 |
- fi |
962 |
-} |
963 |
|
964 |
diff --git a/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild b/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild |
965 |
deleted file mode 100644 |
966 |
index f28af4c..00000000 |
967 |
--- a/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild |
968 |
+++ /dev/null |
969 |
@@ -1,127 +0,0 @@ |
970 |
-# Copyright 1999-2015 Gentoo Foundation |
971 |
-# Distributed under the terms of the GNU General Public License v2 |
972 |
-# $Id$ |
973 |
- |
974 |
-EAPI="5" |
975 |
-PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) |
976 |
- |
977 |
-inherit multilib python-r1 toolchain-funcs eutils multilib-minimal |
978 |
- |
979 |
-MY_P="${P//_/-}" |
980 |
- |
981 |
-SEPOL_VER="${PV}" |
982 |
-SELNX_VER="${PV}" |
983 |
- |
984 |
-DESCRIPTION="SELinux kernel and policy management library" |
985 |
-HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" |
986 |
-SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" |
987 |
- |
988 |
-LICENSE="GPL-2" |
989 |
-SLOT="0" |
990 |
-KEYWORDS="amd64 x86" |
991 |
-IUSE="python" |
992 |
- |
993 |
-RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] |
994 |
- >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] |
995 |
- >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] |
996 |
- >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] |
997 |
- " |
998 |
-DEPEND="${RDEPEND} |
999 |
- sys-devel/bison |
1000 |
- sys-devel/flex |
1001 |
- python? ( |
1002 |
- >=dev-lang/swig-2.0.4-r1 |
1003 |
- virtual/pkgconfig |
1004 |
- ${PYTHON_DEPS} |
1005 |
- )" |
1006 |
- |
1007 |
-# tests are not meant to be run outside of the |
1008 |
-# full SELinux userland repo |
1009 |
-RESTRICT="test" |
1010 |
- |
1011 |
-S="${WORKDIR}/${MY_P}" |
1012 |
- |
1013 |
-src_prepare() { |
1014 |
- echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" |
1015 |
- echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" |
1016 |
- echo "# or debugging of policy." >> "${S}/src/semanage.conf" |
1017 |
- echo "save-linked=false" >> "${S}/src/semanage.conf" |
1018 |
- echo >> "${S}/src/semanage.conf" |
1019 |
- echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" |
1020 |
- echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" |
1021 |
- echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" |
1022 |
- echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" |
1023 |
- echo "# would catch." >> "${S}/src/semanage.conf" |
1024 |
- echo "expand-check=1" >> "${S}/src/semanage.conf" |
1025 |
- echo >> "${S}/src/semanage.conf" |
1026 |
- echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" |
1027 |
- echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" |
1028 |
- echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" |
1029 |
- echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" |
1030 |
- echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" |
1031 |
- echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" |
1032 |
- echo >> "${S}/src/semanage.conf" |
1033 |
- echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" |
1034 |
- echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" |
1035 |
- echo "bzip-small=true" >> "${S}/src/semanage.conf" |
1036 |
- |
1037 |
- epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" |
1038 |
- |
1039 |
- epatch_user |
1040 |
- |
1041 |
- multilib_copy_sources |
1042 |
-} |
1043 |
- |
1044 |
-multilib_src_compile() { |
1045 |
- emake \ |
1046 |
- AR="$(tc-getAR)" \ |
1047 |
- CC="$(tc-getCC)" \ |
1048 |
- LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ |
1049 |
- all |
1050 |
- |
1051 |
- if multilib_is_native_abi && use python; then |
1052 |
- building_py() { |
1053 |
- python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH |
1054 |
- emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" |
1055 |
- } |
1056 |
- python_foreach_impl building_py swigify |
1057 |
- python_foreach_impl building_py pywrap |
1058 |
- fi |
1059 |
-} |
1060 |
- |
1061 |
-multilib_src_install() { |
1062 |
- emake \ |
1063 |
- LIBDIR="${ED}/usr/$(get_libdir)" \ |
1064 |
- SHLIBDIR="${ED}/usr/$(get_libdir)" \ |
1065 |
- DESTDIR="${ED}" install |
1066 |
- |
1067 |
- if multilib_is_native_abi && use python; then |
1068 |
- installation_py() { |
1069 |
- emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ |
1070 |
- SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap |
1071 |
- python_optimize # bug 531638 |
1072 |
- } |
1073 |
- python_foreach_impl installation_py |
1074 |
- fi |
1075 |
-} |
1076 |
- |
1077 |
-pkg_postinst() { |
1078 |
- # Migrate the SELinux semanage configuration store if not done already |
1079 |
- local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' /etc/selinux/config); |
1080 |
- if [ -n "${selinuxtype}" ] && [ ! -d /var/lib/selinux/${mcs}/active ] ; then |
1081 |
- ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" |
1082 |
- ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." |
1083 |
- ewarn "If there are any issues, it can be done manually by running:" |
1084 |
- ewarn "/usr/libexec/selinux/semanage_migrate_store" |
1085 |
- ewarn "For more information, please see" |
1086 |
- ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" |
1087 |
- fi |
1088 |
- |
1089 |
- # Run the store migration without rebuilds |
1090 |
- for POLICY_TYPE in ${POLICY_TYPES} ; do |
1091 |
- if [ ! -d "${ROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then |
1092 |
- einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." |
1093 |
- /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" |
1094 |
- fi |
1095 |
- done |
1096 |
-} |
1097 |
|
1098 |
diff --git a/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild b/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild |
1099 |
deleted file mode 100644 |
1100 |
index 9e0890f..00000000 |
1101 |
--- a/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild |
1102 |
+++ /dev/null |
1103 |
@@ -1,132 +0,0 @@ |
1104 |
-# Copyright 1999-2015 Gentoo Foundation |
1105 |
-# Distributed under the terms of the GNU General Public License v2 |
1106 |
-# $Id$ |
1107 |
- |
1108 |
-EAPI="5" |
1109 |
-PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) |
1110 |
- |
1111 |
-inherit multilib python-r1 toolchain-funcs eutils multilib-minimal |
1112 |
- |
1113 |
-MY_P="${P//_/-}" |
1114 |
- |
1115 |
-SEPOL_VER="${PV}" |
1116 |
-SELNX_VER="${PV}" |
1117 |
- |
1118 |
-DESCRIPTION="SELinux kernel and policy management library" |
1119 |
-HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" |
1120 |
-SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" |
1121 |
- |
1122 |
-LICENSE="GPL-2" |
1123 |
-SLOT="0" |
1124 |
-KEYWORDS="amd64 ~arm ~arm64 ~mips x86" |
1125 |
-IUSE="python" |
1126 |
- |
1127 |
-RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] |
1128 |
- >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] |
1129 |
- >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] |
1130 |
- >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] |
1131 |
- " |
1132 |
-DEPEND="${RDEPEND} |
1133 |
- sys-devel/bison |
1134 |
- sys-devel/flex |
1135 |
- python? ( |
1136 |
- >=dev-lang/swig-2.0.4-r1 |
1137 |
- virtual/pkgconfig |
1138 |
- ${PYTHON_DEPS} |
1139 |
- )" |
1140 |
- |
1141 |
-# tests are not meant to be run outside of the |
1142 |
-# full SELinux userland repo |
1143 |
-RESTRICT="test" |
1144 |
- |
1145 |
-S="${WORKDIR}/${MY_P}" |
1146 |
- |
1147 |
-src_prepare() { |
1148 |
- echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" |
1149 |
- echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" |
1150 |
- echo "# or debugging of policy." >> "${S}/src/semanage.conf" |
1151 |
- echo "save-linked=false" >> "${S}/src/semanage.conf" |
1152 |
- echo >> "${S}/src/semanage.conf" |
1153 |
- echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" |
1154 |
- echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" |
1155 |
- echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" |
1156 |
- echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" |
1157 |
- echo "# would catch." >> "${S}/src/semanage.conf" |
1158 |
- echo "expand-check=1" >> "${S}/src/semanage.conf" |
1159 |
- echo >> "${S}/src/semanage.conf" |
1160 |
- echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" |
1161 |
- echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" |
1162 |
- echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" |
1163 |
- echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" |
1164 |
- echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" |
1165 |
- echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" |
1166 |
- echo >> "${S}/src/semanage.conf" |
1167 |
- echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" |
1168 |
- echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" |
1169 |
- echo "bzip-small=true" >> "${S}/src/semanage.conf" |
1170 |
- |
1171 |
- epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" \ |
1172 |
- "${FILESDIR}/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch" \ |
1173 |
- "${FILESDIR}/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch" \ |
1174 |
- "${FILESDIR}/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch" \ |
1175 |
- "${FILESDIR}/0005-libsemanage-store-users_extra-in-the-policy-store.patch" |
1176 |
- epatch "${FILESDIR}"/${PN}-2.4-build-paths.patch |
1177 |
- |
1178 |
- epatch_user |
1179 |
- |
1180 |
- multilib_copy_sources |
1181 |
-} |
1182 |
- |
1183 |
-multilib_src_compile() { |
1184 |
- emake \ |
1185 |
- AR="$(tc-getAR)" \ |
1186 |
- CC="$(tc-getCC)" \ |
1187 |
- LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ |
1188 |
- all |
1189 |
- |
1190 |
- if multilib_is_native_abi && use python; then |
1191 |
- building_py() { |
1192 |
- python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH |
1193 |
- emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" |
1194 |
- } |
1195 |
- python_foreach_impl building_py swigify |
1196 |
- python_foreach_impl building_py pywrap |
1197 |
- fi |
1198 |
-} |
1199 |
- |
1200 |
-multilib_src_install() { |
1201 |
- emake \ |
1202 |
- LIBDIR="${ED}/usr/$(get_libdir)" \ |
1203 |
- SHLIBDIR="${ED}/usr/$(get_libdir)" \ |
1204 |
- DESTDIR="${ED}" install |
1205 |
- |
1206 |
- if multilib_is_native_abi && use python; then |
1207 |
- installation_py() { |
1208 |
- emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ |
1209 |
- SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap |
1210 |
- python_optimize # bug 531638 |
1211 |
- } |
1212 |
- python_foreach_impl installation_py |
1213 |
- fi |
1214 |
-} |
1215 |
- |
1216 |
-pkg_postinst() { |
1217 |
- # Migrate the SELinux semanage configuration store if not done already |
1218 |
- local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' "${EROOT}"/etc/selinux/config 2>/dev/null) |
1219 |
- if [ -n "${selinuxtype}" ] && [ ! -d "${EROOT}"/var/lib/selinux/${mcs}/active ] ; then |
1220 |
- ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" |
1221 |
- ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." |
1222 |
- ewarn "If there are any issues, it can be done manually by running:" |
1223 |
- ewarn "/usr/libexec/selinux/semanage_migrate_store" |
1224 |
- ewarn "For more information, please see" |
1225 |
- ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" |
1226 |
- fi |
1227 |
- |
1228 |
- # Run the store migration without rebuilds |
1229 |
- for POLICY_TYPE in ${POLICY_TYPES} ; do |
1230 |
- if [ ! -d "${EROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then |
1231 |
- einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." |
1232 |
- /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" |
1233 |
- fi |
1234 |
- done |
1235 |
-} |