1 |
commit: a2fcb167a9f67e659f27e7ca32b4480c59b7434f |
2 |
Author: Jory Pratt <anarchy <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jan 27 23:22:26 2021 +0000 |
4 |
Commit: Jory Pratt <anarchy <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jan 27 23:22:26 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=a2fcb167 |
7 |
|
8 |
sys-apps/policycoreutils: sync with ::gentoo |
9 |
|
10 |
Package-Manager: Portage-3.0.14, Repoman-3.0.2 |
11 |
Signed-off-by: Jory Pratt <anarchy <AT> gentoo.org> |
12 |
|
13 |
sys-apps/policycoreutils/Manifest | 5 +- |
14 |
...policycoreutils-2.7-0001-newrole-not-suid.patch | 13 -- |
15 |
...policycoreutils-3.1-0001-newrole-not-suid.patch | 11 ++ |
16 |
.../policycoreutils/policycoreutils-3.0.ebuild | 177 --------------------- |
17 |
...ls-2.9.ebuild => policycoreutils-3.1-r1.ebuild} | 31 ++-- |
18 |
5 files changed, 29 insertions(+), 208 deletions(-) |
19 |
|
20 |
diff --git a/sys-apps/policycoreutils/Manifest b/sys-apps/policycoreutils/Manifest |
21 |
index 86052aa..0065910 100644 |
22 |
--- a/sys-apps/policycoreutils/Manifest |
23 |
+++ b/sys-apps/policycoreutils/Manifest |
24 |
@@ -1,3 +1,2 @@ |
25 |
-DIST policycoreutils-2.9.tar.gz 2819360 BLAKE2B b0af912e3b4fb2c9598b10ce413c8ffb3f5972a4d5d59270cff40abe8d4e385e0664e24a4f533a95ad2d1657644f3368213f955ac63d9f8c46a661417b07c8b3 SHA512 d8356115671ba66de05f1c13193ab47fab69cc4d09603a92171ed40afafc084dd191591bf336b7d722de637378ad09622ebb6eca85c06063ca9ddd6db10e02a2 |
26 |
-DIST policycoreutils-3.0.tar.gz 2818089 BLAKE2B 6e4aa6d6eecf809efaefccbfa16c44050242d129f496594763aacbb9aaeca23d92b27d30a6f9ae0e49513adc0a1bd58499253eb9ffc003547387c04aa643b462 SHA512 d8d25db48c1caef69228e87d7ebb2c0f075e44e4ff6bf18a26af341d948b81375b33945128cd0410ffebc64ca478fd19a207295189c716c95e6a3c586e9f053d |
27 |
-DIST policycoreutils-extra-1.36.tar.bz2 8830 BLAKE2B 6d98e41ea379d3e95221a6e53d8a8b144e4e15ca5581381e76a529dbbaca304d5587b30419797c8c70cbd7c2b2588e5ecd62adcf97294e429950899c1c318346 SHA512 c6a18e6fb2d65f51dc55b88907f23241f2fbfc033d3d2888b109596d9ed31d509b2c93456727ea4d1f98544831afb15c449ff72d6aedf93b9e474b27817f7fb3 |
28 |
+DIST policycoreutils-3.1.tar.gz 2817914 BLAKE2B ef68bb5f9cf577164ead44803b6be2bd6401c9e923d2c775c7c8c47f0e803749feaec4247fec5cc1cb766314954402fd2506370bb397f746437ecfcf65b384f3 SHA512 0592f218563a99ba95d2cfd07fdc3761b61c1cc3c01a17ab89ad840169e1a7d4083521d5cacc72d1b76911d516bf592db7a3f90d9ef0cc11ceed007e4580e140 |
29 |
+DIST policycoreutils-extra-1.37.tar.bz2 8809 BLAKE2B a7f6122c2e27f54b018174e962bd7f4c14af04e09bbb5300bde6967ea7f2dc5cd03b5787919a4e7f5288bcbc6747922962b5bd3b588ab1e3a035fbff4910d8f5 SHA512 0a85cd7cf279256b5e1927f9dfdd89626a1c8b77b0aeb62b496e7e8d1dccbaa315e39f9308fb2df7270f0bc1c10787b19990e7365cad74b47b61e30394c8b23f |
30 |
|
31 |
diff --git a/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch b/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch |
32 |
deleted file mode 100644 |
33 |
index 6049bbe..0000000 |
34 |
--- a/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch |
35 |
+++ /dev/null |
36 |
@@ -1,13 +0,0 @@ |
37 |
-diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile |
38 |
-index bdefbb8..9cff135 100644 |
39 |
---- policycoreutils/newrole/Makefile |
40 |
-+++ policycoreutils/newrole/Makefile |
41 |
-@@ -49,7 +49,7 @@ ifeq ($(NAMESPACE_PRIV),y) |
42 |
- IS_SUID=y |
43 |
- endif |
44 |
- ifeq ($(IS_SUID),y) |
45 |
-- MODE := 4555 |
46 |
-+ MODE := 0555 |
47 |
- override LDLIBS += -lcap-ng |
48 |
- else |
49 |
- MODE := 0555 |
50 |
|
51 |
diff --git a/sys-apps/policycoreutils/files/policycoreutils-3.1-0001-newrole-not-suid.patch b/sys-apps/policycoreutils/files/policycoreutils-3.1-0001-newrole-not-suid.patch |
52 |
new file mode 100644 |
53 |
index 0000000..360a490 |
54 |
--- /dev/null |
55 |
+++ b/sys-apps/policycoreutils/files/policycoreutils-3.1-0001-newrole-not-suid.patch |
56 |
@@ -0,0 +1,11 @@ |
57 |
+--- a/newrole/Makefile |
58 |
++++ b/newrole/Makefile |
59 |
+@@ -50,7 +50,7 @@ ifeq ($(NAMESPACE_PRIV),y) |
60 |
+ IS_SUID=y |
61 |
+ endif |
62 |
+ ifeq ($(IS_SUID),y) |
63 |
+- MODE := 4555 |
64 |
++ MODE := 0555 |
65 |
+ override LDLIBS += -lcap-ng |
66 |
+ else |
67 |
+ MODE := 0555 |
68 |
|
69 |
diff --git a/sys-apps/policycoreutils/policycoreutils-3.0.ebuild b/sys-apps/policycoreutils/policycoreutils-3.0.ebuild |
70 |
deleted file mode 100644 |
71 |
index 3903858..0000000 |
72 |
--- a/sys-apps/policycoreutils/policycoreutils-3.0.ebuild |
73 |
+++ /dev/null |
74 |
@@ -1,177 +0,0 @@ |
75 |
-# Copyright 1999-2019 Gentoo Authors |
76 |
-# Distributed under the terms of the GNU General Public License v2 |
77 |
- |
78 |
-EAPI="6" |
79 |
-PYTHON_COMPAT=( python{3_5,3_6,3_7} ) |
80 |
-PYTHON_REQ_USE="xml" |
81 |
- |
82 |
-inherit multilib python-r1 toolchain-funcs bash-completion-r1 |
83 |
- |
84 |
-MY_P="${P//_/-}" |
85 |
- |
86 |
-MY_RELEASEDATE="20191204" |
87 |
-EXTRAS_VER="1.36" |
88 |
-SEMNG_VER="${PV}" |
89 |
-SELNX_VER="${PV}" |
90 |
-SEPOL_VER="${PV}" |
91 |
- |
92 |
-IUSE="audit pam dbus" |
93 |
-REQUIRED_USE="${PYTHON_REQUIRED_USE}" |
94 |
- |
95 |
-DESCRIPTION="SELinux core utilities" |
96 |
-HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" |
97 |
- |
98 |
-if [[ ${PV} == 9999 ]]; then |
99 |
- inherit git-r3 |
100 |
- EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" |
101 |
- SRC_URI="https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2" |
102 |
- S1="${WORKDIR}/${MY_P}/${PN}" |
103 |
- S2="${WORKDIR}/policycoreutils-extra" |
104 |
- S="${S1}" |
105 |
-else |
106 |
- SRC_URI="https://github.com/SELinuxProject/selinux/releases/download/${MY_RELEASEDATE}/${MY_P}.tar.gz |
107 |
- https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2" |
108 |
- KEYWORDS="~amd64 ~arm64 ~mips ~x86" |
109 |
- S1="${WORKDIR}/${MY_P}" |
110 |
- S2="${WORKDIR}/policycoreutils-extra" |
111 |
- S="${S1}" |
112 |
-fi |
113 |
- |
114 |
-LICENSE="GPL-2" |
115 |
-SLOT="0" |
116 |
- |
117 |
-DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}] |
118 |
- >=sys-libs/libcap-1.10-r10:= |
119 |
- >=sys-libs/libsemanage-${SEMNG_VER}:=[python,${PYTHON_USEDEP}] |
120 |
- sys-libs/libcap-ng:= |
121 |
- >=sys-libs/libsepol-${SEPOL_VER}:= |
122 |
- >=app-admin/setools-4.2.0[${PYTHON_USEDEP}] |
123 |
- sys-devel/gettext |
124 |
- dev-python/ipy[${PYTHON_USEDEP}] |
125 |
- dbus? ( |
126 |
- sys-apps/dbus |
127 |
- dev-libs/dbus-glib:= |
128 |
- ) |
129 |
- audit? ( >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}] ) |
130 |
- pam? ( sys-libs/pam:= ) |
131 |
- ${PYTHON_DEPS}" |
132 |
- |
133 |
-### libcgroup -> seunshare |
134 |
-### dbus -> restorecond |
135 |
- |
136 |
-# pax-utils for scanelf used by rlpkg |
137 |
-RDEPEND="${DEPEND} |
138 |
- app-misc/pax-utils |
139 |
- !<sys-apps/openrc-0.14" |
140 |
- |
141 |
-PDEPEND="sys-apps/semodule-utils |
142 |
- sys-apps/selinux-python" |
143 |
- |
144 |
-src_unpack() { |
145 |
- # Override default one because we need the SRC_URI ones even in case of 9999 ebuilds |
146 |
- default |
147 |
- if [[ ${PV} == 9999 ]] ; then |
148 |
- git-r3_src_unpack |
149 |
- fi |
150 |
-} |
151 |
- |
152 |
-src_prepare() { |
153 |
- S="${S1}" |
154 |
- cd "${S}" || die "Failed to switch to ${S}" |
155 |
- if [[ ${PV} != 9999 ]] ; then |
156 |
- # If needed for live ebuilds please use /etc/portage/patches |
157 |
- eapply "${FILESDIR}/policycoreutils-2.7-0001-newrole-not-suid.patch" |
158 |
- eapply "${FILESDIR}/${PN}-2.7-musl.patch" |
159 |
- fi |
160 |
- |
161 |
- # rlpkg is more useful than fixfiles |
162 |
- sed -i -e '/^all/s/fixfiles//' "${S}/scripts/Makefile" \ |
163 |
- || die "fixfiles sed 1 failed" |
164 |
- sed -i -e '/fixfiles/d' "${S}/scripts/Makefile" \ |
165 |
- || die "fixfiles sed 2 failed" |
166 |
- |
167 |
- eapply_user |
168 |
- |
169 |
- sed -i 's/-Werror//g' "${S1}"/*/Makefile || die "Failed to remove Werror" |
170 |
- |
171 |
- python_copy_sources |
172 |
- # Our extra code is outside the regular directory, so set it to the extra |
173 |
- # directory. We really should optimize this as it is ugly, but the extra |
174 |
- # code is needed for Gentoo at the same time that policycoreutils is present |
175 |
- # (so we cannot use an additional package for now). |
176 |
- S="${S2}" |
177 |
- python_copy_sources |
178 |
-} |
179 |
- |
180 |
-src_compile() { |
181 |
- building() { |
182 |
- emake -C "${BUILD_DIR}" \ |
183 |
- AUDIT_LOG_PRIVS="y" \ |
184 |
- AUDITH="$(usex audit y n)" \ |
185 |
- PAMH="$(usex pam y n)" \ |
186 |
- INOTIFYH="$(usex dbus y n)" \ |
187 |
- SESANDBOX="n" \ |
188 |
- CC="$(tc-getCC)" \ |
189 |
- LIBDIR="\$(PREFIX)/$(get_libdir)" |
190 |
- } |
191 |
- S="${S1}" # Regular policycoreutils |
192 |
- python_foreach_impl building |
193 |
- S="${S2}" # Extra set |
194 |
- python_foreach_impl building |
195 |
-} |
196 |
- |
197 |
-src_install() { |
198 |
- # Python scripts are present in many places. There are no extension modules. |
199 |
- installation-policycoreutils() { |
200 |
- einfo "Installing policycoreutils" |
201 |
- emake -C "${BUILD_DIR}" DESTDIR="${D}" \ |
202 |
- AUDIT_LOG_PRIVS="y" \ |
203 |
- AUDITH="$(usex audit y n)" \ |
204 |
- PAMH="$(usex pam y n)" \ |
205 |
- INOTIFYH="$(usex dbus y n)" \ |
206 |
- SESANDBOX="n" \ |
207 |
- CC="$(tc-getCC)" \ |
208 |
- LIBDIR="\$(PREFIX)/$(get_libdir)" \ |
209 |
- install |
210 |
- python_optimize |
211 |
- } |
212 |
- |
213 |
- installation-extras() { |
214 |
- einfo "Installing policycoreutils-extra" |
215 |
- emake -C "${BUILD_DIR}" \ |
216 |
- DESTDIR="${D}" \ |
217 |
- install |
218 |
- python_optimize |
219 |
- } |
220 |
- |
221 |
- S="${S1}" # policycoreutils |
222 |
- python_foreach_impl installation-policycoreutils |
223 |
- S="${S2}" # extras |
224 |
- python_foreach_impl installation-extras |
225 |
- S="${S1}" # back for later |
226 |
- |
227 |
- # remove redhat-style init script |
228 |
- rm -fR "${D}/etc/rc.d" || die |
229 |
- |
230 |
- # compatibility symlinks |
231 |
- dosym /sbin/setfiles /usr/sbin/setfiles |
232 |
- bashcomp_alias setsebool getsebool |
233 |
- |
234 |
- # location for policy definitions |
235 |
- dodir /var/lib/selinux |
236 |
- keepdir /var/lib/selinux |
237 |
- |
238 |
- # Set version-specific scripts |
239 |
- for pyscript in rlpkg; do |
240 |
- python_replicate_script "${ED}/usr/sbin/${pyscript}" |
241 |
- done |
242 |
-} |
243 |
- |
244 |
-pkg_postinst() { |
245 |
- for POLICY_TYPE in ${POLICY_TYPES} ; do |
246 |
- # There have been some changes to the policy store, rebuilding now. |
247 |
- # https://marc.info/?l=selinux&m=143757277819717&w=2 |
248 |
- einfo "Rebuilding store ${POLICY_TYPE} (without re-loading)." |
249 |
- semodule -s "${POLICY_TYPE}" -n -B || die "Failed to rebuild policy store ${POLICY_TYPE}" |
250 |
- done |
251 |
-} |
252 |
|
253 |
diff --git a/sys-apps/policycoreutils/policycoreutils-2.9.ebuild b/sys-apps/policycoreutils/policycoreutils-3.1-r1.ebuild |
254 |
similarity index 89% |
255 |
rename from sys-apps/policycoreutils/policycoreutils-2.9.ebuild |
256 |
rename to sys-apps/policycoreutils/policycoreutils-3.1-r1.ebuild |
257 |
index 7ab9455..0028c1c 100644 |
258 |
--- a/sys-apps/policycoreutils/policycoreutils-2.9.ebuild |
259 |
+++ b/sys-apps/policycoreutils/policycoreutils-3.1-r1.ebuild |
260 |
@@ -1,21 +1,21 @@ |
261 |
-# Copyright 1999-2019 Gentoo Authors |
262 |
+# Copyright 1999-2021 Gentoo Authors |
263 |
# Distributed under the terms of the GNU General Public License v2 |
264 |
|
265 |
-EAPI="6" |
266 |
-PYTHON_COMPAT=( python{3_5,3_6} ) |
267 |
+EAPI="7" |
268 |
+PYTHON_COMPAT=( python{3_6,3_7,3_8} ) |
269 |
PYTHON_REQ_USE="xml" |
270 |
|
271 |
inherit multilib python-r1 toolchain-funcs bash-completion-r1 |
272 |
|
273 |
MY_P="${P//_/-}" |
274 |
|
275 |
-MY_RELEASEDATE="20190315" |
276 |
-EXTRAS_VER="1.36" |
277 |
+MY_RELEASEDATE="20200710" |
278 |
+EXTRAS_VER="1.37" |
279 |
SEMNG_VER="${PV}" |
280 |
SELNX_VER="${PV}" |
281 |
SEPOL_VER="${PV}" |
282 |
|
283 |
-IUSE="audit pam dbus" |
284 |
+IUSE="audit dbus pam split-usr" |
285 |
REQUIRED_USE="${PYTHON_REQUIRED_USE}" |
286 |
|
287 |
DESCRIPTION="SELinux core utilities" |
288 |
@@ -42,11 +42,10 @@ SLOT="0" |
289 |
|
290 |
DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}] |
291 |
>=sys-libs/libcap-1.10-r10:= |
292 |
- >=sys-libs/libsemanage-${SEMNG_VER}:=[python,${PYTHON_USEDEP}] |
293 |
+ >=sys-libs/libsemanage-${SEMNG_VER}:=[python(+),${PYTHON_USEDEP}] |
294 |
sys-libs/libcap-ng:= |
295 |
>=sys-libs/libsepol-${SEPOL_VER}:= |
296 |
>=app-admin/setools-4.2.0[${PYTHON_USEDEP}] |
297 |
- sys-devel/gettext |
298 |
dev-python/ipy[${PYTHON_USEDEP}] |
299 |
dbus? ( |
300 |
sys-apps/dbus |
301 |
@@ -54,17 +53,18 @@ DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}] |
302 |
) |
303 |
audit? ( >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}] ) |
304 |
pam? ( sys-libs/pam:= ) |
305 |
- ${PYTHON_DEPS} |
306 |
- !<sec-policy/selinux-base-policy-2.20151208-r6" |
307 |
-# 2.20151208-r6 and higher has support for new setfiles |
308 |
+ ${PYTHON_DEPS}" |
309 |
+ |
310 |
+# Avoid dependency loop in the cross-compile case, bug #755173 |
311 |
+# (Still exists in native) |
312 |
+BDEPEND="sys-devel/gettext" |
313 |
|
314 |
### libcgroup -> seunshare |
315 |
### dbus -> restorecond |
316 |
|
317 |
# pax-utils for scanelf used by rlpkg |
318 |
RDEPEND="${DEPEND} |
319 |
- app-misc/pax-utils |
320 |
- !<sys-apps/openrc-0.14" |
321 |
+ app-misc/pax-utils" |
322 |
|
323 |
PDEPEND="sys-apps/semodule-utils |
324 |
sys-apps/selinux-python" |
325 |
@@ -82,7 +82,7 @@ src_prepare() { |
326 |
cd "${S}" || die "Failed to switch to ${S}" |
327 |
if [[ ${PV} != 9999 ]] ; then |
328 |
# If needed for live ebuilds please use /etc/portage/patches |
329 |
- eapply "${FILESDIR}/policycoreutils-2.7-0001-newrole-not-suid.patch" |
330 |
+ eapply "${FILESDIR}/policycoreutils-3.1-0001-newrole-not-suid.patch" |
331 |
eapply "${FILESDIR}/${PN}-2.7-musl.patch" |
332 |
fi |
333 |
|
334 |
@@ -156,7 +156,8 @@ src_install() { |
335 |
rm -fR "${D}/etc/rc.d" || die |
336 |
|
337 |
# compatibility symlinks |
338 |
- dosym /sbin/setfiles /usr/sbin/setfiles |
339 |
+ use split-usr && dosym ../../sbin/setfiles /usr/sbin/setfiles |
340 |
+ |
341 |
bashcomp_alias setsebool getsebool |
342 |
|
343 |
# location for policy definitions |