1 |
commit: f92f6a99787e10d1713ab2b81892ece30573d474 |
2 |
Author: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Oct 26 05:50:25 2015 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Oct 26 05:51:15 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f92f6a99 |
7 |
|
8 |
sec-policy/selinux-base: Add selinux useflag to live ebuild |
9 |
|
10 |
Package-Manager: portage-2.2.20.1 |
11 |
|
12 |
sec-policy/selinux-base/selinux-base-9999.ebuild | 39 ++++++++++++------------ |
13 |
1 file changed, 20 insertions(+), 19 deletions(-) |
14 |
|
15 |
diff --git a/sec-policy/selinux-base/selinux-base-9999.ebuild b/sec-policy/selinux-base/selinux-base-9999.ebuild |
16 |
index c67def2..d86db33 100644 |
17 |
--- a/sec-policy/selinux-base/selinux-base-9999.ebuild |
18 |
+++ b/sec-policy/selinux-base/selinux-base-9999.ebuild |
19 |
@@ -20,7 +20,7 @@ else |
20 |
KEYWORDS="~amd64 ~x86" |
21 |
fi |
22 |
|
23 |
-IUSE="+peer_perms +open_perms +ubac +unconfined doc" |
24 |
+IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" |
25 |
|
26 |
DESCRIPTION="Gentoo base policy for SELinux" |
27 |
HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" |
28 |
@@ -36,10 +36,6 @@ DEPEND="${RDEPEND} |
29 |
|
30 |
S=${WORKDIR}/ |
31 |
|
32 |
-#src_unpack() { |
33 |
-# git-2_src_unpack |
34 |
-#} |
35 |
- |
36 |
src_prepare() { |
37 |
if [[ ${PV} != 9999* ]]; then |
38 |
# Apply the gentoo patches to the policy. These patches are only necessary |
39 |
@@ -64,12 +60,12 @@ src_configure() { |
40 |
|
41 |
if ! use peer_perms; then |
42 |
sed -i -e '/network_peer_controls/d' \ |
43 |
- "${S}/refpolicy/policy/policy_capabilities" |
44 |
+ "${S}/refpolicy/policy/policy_capabilities" || die |
45 |
fi |
46 |
|
47 |
if ! use open_perms; then |
48 |
sed -i -e '/open_perms/d' \ |
49 |
- "${S}/refpolicy/policy/policy_capabilities" |
50 |
+ "${S}/refpolicy/policy/policy_capabilities" || die |
51 |
fi |
52 |
|
53 |
if ! use ubac; then |
54 |
@@ -77,20 +73,25 @@ src_configure() { |
55 |
|| die "Failed to disable User Based Access Control" |
56 |
fi |
57 |
|
58 |
- echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" |
59 |
+ if use systemd; then |
60 |
+ sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ |
61 |
+ || die "Failed to enable SystemD" |
62 |
+ fi |
63 |
+ |
64 |
+ echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die |
65 |
|
66 |
# Prepare initial configuration |
67 |
- cd "${S}/refpolicy"; |
68 |
+ cd "${S}/refpolicy" || die |
69 |
make conf || die "Make conf failed" |
70 |
|
71 |
# Setup the policies based on the types delivered by the end user. |
72 |
# These types can be "targeted", "strict", "mcs" and "mls". |
73 |
for i in ${POLICY_TYPES}; do |
74 |
- cp -a "${S}/refpolicy" "${S}/${i}" |
75 |
- cd "${S}/${i}"; |
76 |
+ cp -a "${S}/refpolicy" "${S}/${i}" || die |
77 |
+ cd "${S}/${i}" || die |
78 |
|
79 |
#cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" |
80 |
- sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" |
81 |
+ sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die |
82 |
|
83 |
sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ |
84 |
"${S}/${i}/build.conf" || die "build.conf setup failed." |
85 |
@@ -120,10 +121,10 @@ src_compile() { |
86 |
[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
87 |
|
88 |
for i in ${POLICY_TYPES}; do |
89 |
- cd "${S}/${i}" |
90 |
- emake base || die "${i} compile failed" |
91 |
+ cd "${S}/${i}" || die |
92 |
+ emake base |
93 |
if use doc; then |
94 |
- make html || die |
95 |
+ emake html |
96 |
fi |
97 |
done |
98 |
} |
99 |
@@ -132,7 +133,7 @@ src_install() { |
100 |
[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
101 |
|
102 |
for i in ${POLICY_TYPES}; do |
103 |
- cd "${S}/${i}" |
104 |
+ cd "${S}/${i}" || die |
105 |
|
106 |
make DESTDIR="${D}" install \ |
107 |
|| die "${i} install failed." |
108 |
@@ -140,9 +141,9 @@ src_install() { |
109 |
make DESTDIR="${D}" install-headers \ |
110 |
|| die "${i} headers install failed." |
111 |
|
112 |
- echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" |
113 |
+ echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die |
114 |
|
115 |
- echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" |
116 |
+ echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die |
117 |
|
118 |
# libsemanage won't make this on its own |
119 |
keepdir "/etc/selinux/${i}/policy" |
120 |
@@ -164,5 +165,5 @@ src_install() { |
121 |
doins "${FILESDIR}/config" |
122 |
|
123 |
insinto /usr/share/portage/config/sets |
124 |
- doins "${FILESDIR}/selinux.conf" || die "failed to install selinux-rebuild portage set" |
125 |
+ doins "${FILESDIR}/selinux.conf" |
126 |
} |