1 |
commit: 38210386c0dcc34c2320de9bc163fc123a1703c2 |
2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
3 |
AuthorDate: Tue Jan 10 19:34:55 2012 +0000 |
4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
5 |
CommitDate: Tue Jan 10 19:34:55 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=38210386 |
7 |
|
8 |
Bumping up to rev 11 |
9 |
|
10 |
--- |
11 |
sec-policy/selinux-apache/ChangeLog | 146 +++++++++++++++++ |
12 |
sec-policy/selinux-apache/metadata.xml | 6 + |
13 |
.../selinux-apache-2.20110726-r2.ebuild | 43 +++++ |
14 |
sec-policy/selinux-base-policy/ChangeLog | 7 +- |
15 |
.../selinux-base-policy-2.20110726-r11.ebuild | 164 ++++++++++++++++++++ |
16 |
sec-policy/selinux-dbus/ChangeLog | 102 ++++++++++++ |
17 |
sec-policy/selinux-dbus/metadata.xml | 6 + |
18 |
.../selinux-dbus/selinux-dbus-2.20110726-r2.ebuild | 14 ++ |
19 |
sec-policy/selinux-dracut/ChangeLog | 10 ++ |
20 |
sec-policy/selinux-dracut/metadata.xml | 6 + |
21 |
.../selinux-dracut-2.20110726.ebuild | 14 ++ |
22 |
sec-policy/selinux-mozilla/ChangeLog | 79 ++++++++++ |
23 |
sec-policy/selinux-mozilla/metadata.xml | 6 + |
24 |
.../selinux-mozilla-2.20110726-r5.ebuild | 13 ++ |
25 |
sec-policy/selinux-networkmanager/ChangeLog | 34 ++++ |
26 |
sec-policy/selinux-networkmanager/metadata.xml | 6 + |
27 |
.../selinux-networkmanager-2.20110726-r3.ebuild | 13 ++ |
28 |
17 files changed, 668 insertions(+), 1 deletions(-) |
29 |
|
30 |
diff --git a/sec-policy/selinux-apache/ChangeLog b/sec-policy/selinux-apache/ChangeLog |
31 |
new file mode 100644 |
32 |
index 0000000..2514aac |
33 |
--- /dev/null |
34 |
+++ b/sec-policy/selinux-apache/ChangeLog |
35 |
@@ -0,0 +1,146 @@ |
36 |
+# ChangeLog for sec-policy/selinux-apache |
37 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
38 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-apache/ChangeLog,v 1.29 2011/11/12 20:53:22 swift Exp $ |
39 |
+ |
40 |
+*selinux-apache-2.20110726-r2 (31 Dec 2011) |
41 |
+ |
42 |
+ 31 Dec 2011; <swift@g.o> +selinux-apache-2.20110726-r2.ebuild, |
43 |
+ +metadata.xml: |
44 |
+ Aggregated functions |
45 |
+ |
46 |
+ 12 Nov 2011; <swift@g.o> -selinux-apache-2.20101213-r1.ebuild: |
47 |
+ Removing old policies |
48 |
+ |
49 |
+ 23 Oct 2011; <swift@g.o> selinux-apache-2.20110726-r1.ebuild: |
50 |
+ Stabilization (tracker #384231) |
51 |
+ |
52 |
+*selinux-apache-2.20110726-r1 (28 Aug 2011) |
53 |
+ |
54 |
+ 28 Aug 2011; <swift@g.o> +selinux-apache-2.20110726-r1.ebuild: |
55 |
+ Updating policy builds to refpolicy 20110726 |
56 |
+ |
57 |
+ 04 Jun 2011; Anthony G. Basile <blueness@g.o> |
58 |
+ -selinux-apache-2.20090730.ebuild, -selinux-apache-2.20091215.ebuild, |
59 |
+ -selinux-apache-2.20101213.ebuild, -selinux-apache-20080525.ebuild: |
60 |
+ Removed deprecated policies |
61 |
+ |
62 |
+ 02 Jun 2011; Anthony G. Basile <blueness@g.o> |
63 |
+ selinux-apache-2.20101213-r1.ebuild: |
64 |
+ Stable amd64 x86 |
65 |
+ |
66 |
+*selinux-apache-2.20101213-r1 (05 Feb 2011) |
67 |
+*selinux-apache-2.20101213 (05 Feb 2011) |
68 |
+ |
69 |
+ 05 Feb 2011; Anthony G. Basile <blueness@g.o> |
70 |
+ +selinux-apache-2.20101213.ebuild, +selinux-apache-2.20101213-r1.ebuild: |
71 |
+ New upstream policy. |
72 |
+ |
73 |
+*selinux-apache-2.20091215 (16 Dec 2009) |
74 |
+ |
75 |
+ 16 Dec 2009; Chris PeBenito <pebenito@g.o> |
76 |
+ +selinux-apache-2.20091215.ebuild: |
77 |
+ New upstream release. |
78 |
+ |
79 |
+ 14 Aug 2009; Chris PeBenito <pebenito@g.o> |
80 |
+ -selinux-apache-20070329.ebuild, -selinux-apache-20070928.ebuild, |
81 |
+ selinux-apache-20080525.ebuild: |
82 |
+ Mark 20080525 stable, clear old ebuilds. |
83 |
+ |
84 |
+*selinux-apache-2.20090730 (03 Aug 2009) |
85 |
+ |
86 |
+ 03 Aug 2009; Chris PeBenito <pebenito@g.o> |
87 |
+ +selinux-apache-2.20090730.ebuild: |
88 |
+ New upstream release. |
89 |
+ |
90 |
+ 18 Jul 2009; Chris PeBenito <pebenito@g.o> |
91 |
+ selinux-apache-20070329.ebuild, selinux-apache-20070928.ebuild, |
92 |
+ selinux-apache-20080525.ebuild: |
93 |
+ Drop alpha, mips, ppc, sparc selinux support. |
94 |
+ |
95 |
+*selinux-apache-20080525 (25 May 2008) |
96 |
+ |
97 |
+ 25 May 2008; Chris PeBenito <pebenito@g.o> |
98 |
+ +selinux-apache-20080525.ebuild: |
99 |
+ New SVN snapshot. |
100 |
+ |
101 |
+ 16 Mar 2008; Chris PeBenito <pebenito@g.o> |
102 |
+ -selinux-apache-20040925.ebuild, -selinux-apache-20050211.ebuild, |
103 |
+ -selinux-apache-20061114.ebuild: |
104 |
+ Remove old ebuilds. |
105 |
+ |
106 |
+ 03 Feb 2008; Chris PeBenito <pebenito@g.o> |
107 |
+ selinux-apache-20070928.ebuild: |
108 |
+ Mark stable. |
109 |
+ |
110 |
+*selinux-apache-20070928 (26 Nov 2007) |
111 |
+ |
112 |
+ 26 Nov 2007; Chris PeBenito <pebenito@g.o> |
113 |
+ +selinux-apache-20070928.ebuild: |
114 |
+ New SVN snapshot. |
115 |
+ |
116 |
+ 29 Aug 2007; Christian Heim <phreak@g.o> metadata.xml: |
117 |
+ Removing kaiowas from metadata due to his retirement (see #61930 for |
118 |
+ reference). |
119 |
+ |
120 |
+ 04 Jun 2007; Chris PeBenito <pebenito@g.o> |
121 |
+ selinux-apache-20070329.ebuild: |
122 |
+ Mark stable. |
123 |
+ |
124 |
+*selinux-apache-20070329 (29 Mar 2007) |
125 |
+ |
126 |
+ 29 Mar 2007; Chris PeBenito <pebenito@g.o> |
127 |
+ +selinux-apache-20070329.ebuild: |
128 |
+ New SVN snapshot. |
129 |
+ |
130 |
+ 22 Feb 2007; Markus Ullmann <jokey@g.o> ChangeLog: |
131 |
+ Redigest for Manifest2 |
132 |
+ |
133 |
+*selinux-apache-20061114 (15 Nov 2006) |
134 |
+ |
135 |
+ 15 Nov 2006; Chris PeBenito <pebenito@g.o> |
136 |
+ +selinux-apache-20061114.ebuild: |
137 |
+ New SVN snapshot. |
138 |
+ |
139 |
+*selinux-apache-20061008 (09 Oct 2006) |
140 |
+ |
141 |
+ 09 Oct 2006; Chris PeBenito <pebenito@g.o> |
142 |
+ +selinux-apache-20061008.ebuild: |
143 |
+ First mainstream reference policy testing release. |
144 |
+ |
145 |
+ 24 Feb 2005; petre rodan <kaiowas@g.o> |
146 |
+ selinux-apache-20050211.ebuild: |
147 |
+ mark stable |
148 |
+ |
149 |
+*selinux-apache-20050211 (11 Feb 2005) |
150 |
+ |
151 |
+ 11 Feb 2005; petre rodan <kaiowas@g.o> |
152 |
+ -selinux-apache-20040704.ebuild, +selinux-apache-20050211.ebuild: |
153 |
+ added contexts needed by >=apache-2.0.52-r3 - bug 81365 |
154 |
+ |
155 |
+ 23 Nov 2004; petre rodan <kaiowas@g.o> |
156 |
+ selinux-apache-20040925.ebuild: |
157 |
+ mark stable |
158 |
+ |
159 |
+*selinux-apache-20040925 (23 Oct 2004) |
160 |
+ |
161 |
+ 23 Oct 2004; petre rodan <kaiowas@g.o> metadata.xml, |
162 |
+ +selinux-apache-20040925.ebuild: |
163 |
+ update needed by base-policy-20041023 |
164 |
+ |
165 |
+*selinux-apache-20040704 (04 Jul 2004) |
166 |
+ |
167 |
+ 04 Jul 2004; Chris PeBenito <pebenito@g.o> |
168 |
+ +selinux-apache-20040704.ebuild: |
169 |
+ Sysadmfile cleanup, and updates from #52730 and #55006. |
170 |
+ |
171 |
+*selinux-apache-20040426 (26 Apr 2004) |
172 |
+ |
173 |
+ 26 Apr 2004; Chris PeBenito <pebenito@g.o> |
174 |
+ +selinux-apache-20040426.ebuild: |
175 |
+ Fix for 2004.1 |
176 |
+ |
177 |
+*selinux-apache-20040103 (03 Jan 2004) |
178 |
+ |
179 |
+ 03 Jan 2004; Chris PeBenito <pebenito@g.o> : |
180 |
+ Initial commit. |
181 |
+ |
182 |
|
183 |
diff --git a/sec-policy/selinux-apache/metadata.xml b/sec-policy/selinux-apache/metadata.xml |
184 |
new file mode 100644 |
185 |
index 0000000..db28936 |
186 |
--- /dev/null |
187 |
+++ b/sec-policy/selinux-apache/metadata.xml |
188 |
@@ -0,0 +1,6 @@ |
189 |
+<?xml version="1.0" encoding="UTF-8"?> |
190 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
191 |
+<pkgmetadata> |
192 |
+ <herd>selinux</herd> |
193 |
+ <longdescription>Gentoo SELinux policy for apache</longdescription> |
194 |
+</pkgmetadata> |
195 |
|
196 |
diff --git a/sec-policy/selinux-apache/selinux-apache-2.20110726-r2.ebuild b/sec-policy/selinux-apache/selinux-apache-2.20110726-r2.ebuild |
197 |
new file mode 100644 |
198 |
index 0000000..bc8598f |
199 |
--- /dev/null |
200 |
+++ b/sec-policy/selinux-apache/selinux-apache-2.20110726-r2.ebuild |
201 |
@@ -0,0 +1,43 @@ |
202 |
+# Copyright 1999-2011 Gentoo Foundation |
203 |
+# Distributed under the terms of the GNU General Public License v2 |
204 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-apache/selinux-apache-2.20110726-r1.ebuild,v 1.2 2011/10/23 12:43:02 swift Exp $ |
205 |
+IUSE="kerberos" |
206 |
+MODS="apache" |
207 |
+BASEPOL="2.20110726-r11" |
208 |
+ |
209 |
+inherit selinux-policy-2 |
210 |
+ |
211 |
+DESCRIPTION="SELinux policy for Apache HTTPD" |
212 |
+DEPEND="${DEPEND} |
213 |
+ kerberos? ( sec-policy/selinux-kerberos )" |
214 |
+RDEPEND="${DEPEND}" |
215 |
+ |
216 |
+KEYWORDS="~amd64 ~x86" |
217 |
+S="${WORKDIR}/" |
218 |
+ |
219 |
+src_unpack() { |
220 |
+ selinux-policy-2_src_unpack |
221 |
+ if ! use kerberos ; then |
222 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted mcs mls"; |
223 |
+ for i in ${POLICY_TYPES}; do |
224 |
+ sed -i -e "/httpd_keytab_t/d" \ |
225 |
+ "${S}/${i}/apache.fc" |
226 |
+ done |
227 |
+ fi |
228 |
+} |
229 |
+ |
230 |
+pkg_postinst() { |
231 |
+ selinux-policy-2_pkg_postinst |
232 |
+ if use kerberos ; then |
233 |
+ einfo "If you decide to uninstall Kerberos, you should clear the" |
234 |
+ einfo "kerberos use flag here, and then emerge this module again." |
235 |
+ einfo "Failure to do so may result in policy compile errors in the" |
236 |
+ einfo "future." |
237 |
+ else |
238 |
+ einfo "If you install Kerberos later, you should set the kerberos" |
239 |
+ einfo "use flag here, and then emerge this module again in order to" |
240 |
+ einfo "get all of the relevant policy changes. Failure to do so may" |
241 |
+ einfo "result in errors authenticating against kerberos servers by" |
242 |
+ einfo "Apache." |
243 |
+ fi |
244 |
+} |
245 |
|
246 |
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog |
247 |
index 03a8dc0..25f7228 100644 |
248 |
--- a/sec-policy/selinux-base-policy/ChangeLog |
249 |
+++ b/sec-policy/selinux-base-policy/ChangeLog |
250 |
@@ -1,7 +1,12 @@ |
251 |
# ChangeLog for sec-policy/selinux-base-policy |
252 |
-# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
253 |
+# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 |
254 |
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.80 2011/07/11 01:59:36 blueness Exp $ |
255 |
|
256 |
+*selinux-base-policy-2.20110726-r11 (10 Jan 2012) |
257 |
+ |
258 |
+ 10 Jan 2012; <swift@g.o> +selinux-base-policy-2.20110726-r11.ebuild: |
259 |
+ Bumping to rev11 |
260 |
+ |
261 |
04 Sep 2011; <swift@g.o> selinux-base-policy-2.20110726-r4.ebuild: |
262 |
Add support for xdg types |
263 |
|
264 |
|
265 |
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r11.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r11.ebuild |
266 |
new file mode 100644 |
267 |
index 0000000..bce7d8b |
268 |
--- /dev/null |
269 |
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r11.ebuild |
270 |
@@ -0,0 +1,164 @@ |
271 |
+# Copyright 1999-2012 Gentoo Foundation |
272 |
+# Distributed under the terms of the GNU General Public License v2 |
273 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20101213-r18.ebuild,v 1.1 2011/07/10 02:30:17 blueness Exp $ |
274 |
+ |
275 |
+EAPI="4" |
276 |
+IUSE="+peer_perms +open_perms +ubac doc" |
277 |
+ |
278 |
+inherit eutils |
279 |
+ |
280 |
+DESCRIPTION="Gentoo base policy for SELinux" |
281 |
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" |
282 |
+SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 |
283 |
+ http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PF}.tar.bz2" |
284 |
+LICENSE="GPL-2" |
285 |
+SLOT="0" |
286 |
+ |
287 |
+KEYWORDS="~amd64 ~x86" |
288 |
+ |
289 |
+RDEPEND=">=sys-apps/policycoreutils-1.30.30 |
290 |
+ >=sys-fs/udev-151" |
291 |
+DEPEND="${RDEPEND} |
292 |
+ sys-devel/m4 |
293 |
+ >=sys-apps/checkpolicy-1.30.12" |
294 |
+ |
295 |
+S=${WORKDIR}/ |
296 |
+ |
297 |
+src_prepare() { |
298 |
+ # Apply the gentoo patches to the policy. These patches are only necessary |
299 |
+ # for base policies, or for interface changes on modules. |
300 |
+ EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ |
301 |
+ EPATCH_SUFFIX="patch" \ |
302 |
+ EPATCH_SOURCE="${WORKDIR}" \ |
303 |
+ EPATCH_FORCE="yes" \ |
304 |
+ epatch |
305 |
+ |
306 |
+ cd "${S}/refpolicy" |
307 |
+ # Fix bug 257111 - Correct the initial sid for cron-started jobs in the |
308 |
+ # system_r role |
309 |
+ sed -i -e 's:system_crond_t:system_cronjob_t:g' \ |
310 |
+ "${S}/refpolicy/config/appconfig-standard/default_contexts" |
311 |
+ sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ |
312 |
+ "${S}/refpolicy/config/appconfig-mls/default_contexts" |
313 |
+ sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ |
314 |
+ "${S}/refpolicy/config/appconfig-mcs/default_contexts" |
315 |
+} |
316 |
+ |
317 |
+src_configure() { |
318 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
319 |
+ |
320 |
+ # Update the SELinux refpolicy capabilities based on the users' USE flags. |
321 |
+ |
322 |
+ if ! use peer_perms; then |
323 |
+ sed -i -e '/network_peer_controls/d' \ |
324 |
+ "${S}/refpolicy/policy/policy_capabilities" |
325 |
+ fi |
326 |
+ |
327 |
+ if ! use open_perms; then |
328 |
+ sed -i -e '/open_perms/d' \ |
329 |
+ "${S}/refpolicy/policy/policy_capabilities" |
330 |
+ fi |
331 |
+ |
332 |
+ if ! use ubac; then |
333 |
+ sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ |
334 |
+ || die "Failed to disable User Based Access Control" |
335 |
+ fi |
336 |
+ |
337 |
+ echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" |
338 |
+ |
339 |
+ # Setup the policies based on the types delivered by the end user. |
340 |
+ # These types can be "targeted", "strict", "mcs" and "mls". |
341 |
+ for i in ${POLICY_TYPES}; do |
342 |
+ cp -a "${S}/refpolicy" "${S}/${i}" |
343 |
+ |
344 |
+ cd "${S}/${i}"; |
345 |
+ make conf || die "Make conf in ${i} failed" |
346 |
+ |
347 |
+ # Define what we see as "base" and what we want to remain modular. |
348 |
+ cp "${FILESDIR}/modules.conf" \ |
349 |
+ "${S}/${i}/policy/modules.conf" \ |
350 |
+ || die "failed to set up modules.conf" |
351 |
+ # In case of "targeted", we add the "unconfined" to the base policy |
352 |
+ if [[ "${i}" == "targeted" ]]; |
353 |
+ then |
354 |
+ echo "unconfined = base" >> "${S}/${i}/policy/modules.conf" |
355 |
+ fi |
356 |
+ |
357 |
+ sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ |
358 |
+ "${S}/${i}/build.conf" || die "build.conf setup failed." |
359 |
+ |
360 |
+ if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; |
361 |
+ then |
362 |
+ # MCS/MLS require additional settings |
363 |
+ sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ |
364 |
+ || die "failed to set type to mls" |
365 |
+ fi |
366 |
+ |
367 |
+ if [ "${i}" == "targeted" ]; then |
368 |
+ sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ |
369 |
+ "${S}/${i}/config/appconfig-standard/seusers" \ |
370 |
+ || die "targeted seusers setup failed." |
371 |
+ fi |
372 |
+ done |
373 |
+} |
374 |
+ |
375 |
+src_compile() { |
376 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
377 |
+ |
378 |
+ for i in ${POLICY_TYPES}; do |
379 |
+ cd "${S}/${i}" |
380 |
+ make base || die "${i} compile failed" |
381 |
+ if use doc; then |
382 |
+ make html || die |
383 |
+ fi |
384 |
+ done |
385 |
+} |
386 |
+ |
387 |
+src_install() { |
388 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
389 |
+ |
390 |
+ for i in ${POLICY_TYPES}; do |
391 |
+ cd "${S}/${i}" |
392 |
+ |
393 |
+ make DESTDIR="${D}" install \ |
394 |
+ || die "${i} install failed." |
395 |
+ |
396 |
+ make DESTDIR="${D}" install-headers \ |
397 |
+ || die "${i} headers install failed." |
398 |
+ |
399 |
+ echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" |
400 |
+ |
401 |
+ echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" |
402 |
+ |
403 |
+ # libsemanage won't make this on its own |
404 |
+ keepdir "/etc/selinux/${i}/policy" |
405 |
+ |
406 |
+ if use doc; then |
407 |
+ dohtml doc/html/*; |
408 |
+ fi |
409 |
+ done |
410 |
+ |
411 |
+ dodoc doc/Makefile.example doc/example.{te,fc,if} |
412 |
+ |
413 |
+ insinto /etc/selinux |
414 |
+ doins "${FILESDIR}/config" |
415 |
+} |
416 |
+ |
417 |
+pkg_preinst() { |
418 |
+ has_version "<${CATEGORY}/${PN}-2.20101213-r13" |
419 |
+ previous_less_than_r13=$? |
420 |
+} |
421 |
+ |
422 |
+pkg_postinst() { |
423 |
+ [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" |
424 |
+ |
425 |
+ for i in ${POLICY_TYPES}; do |
426 |
+ einfo "Inserting base module into ${i} module store." |
427 |
+ |
428 |
+ cd "${ROOT}/usr/share/selinux/${i}" |
429 |
+ semodule -s "${i}" -b base.pp || die "Could not load in new base policy" |
430 |
+ done |
431 |
+ elog "Updates on policies might require you to relabel files. If you, after" |
432 |
+ elog "installing new SELinux policies, get 'permission denied' errors," |
433 |
+ elog "relabelling your system using 'rlpkg -a -r' might resolve the issues." |
434 |
+} |
435 |
|
436 |
diff --git a/sec-policy/selinux-dbus/ChangeLog b/sec-policy/selinux-dbus/ChangeLog |
437 |
new file mode 100644 |
438 |
index 0000000..496c4c1 |
439 |
--- /dev/null |
440 |
+++ b/sec-policy/selinux-dbus/ChangeLog |
441 |
@@ -0,0 +1,102 @@ |
442 |
+# ChangeLog for sec-policy/selinux-dbus |
443 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
444 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dbus/ChangeLog,v 1.19 2011/11/27 18:12:40 swift Exp $ |
445 |
+ |
446 |
+*selinux-dbus-2.20110726-r2 (31 Dec 2011) |
447 |
+ |
448 |
+ 31 Dec 2011; <swift@g.o> +selinux-dbus-2.20110726-r2.ebuild, |
449 |
+ +metadata.xml: |
450 |
+ Dontaudit adding |
451 |
+ |
452 |
+ 27 Nov 2011; <swift@g.o> selinux-dbus-2.20110726-r1.ebuild: |
453 |
+ Stable on x86/amd64 |
454 |
+ |
455 |
+ 12 Nov 2011; <swift@g.o> -selinux-dbus-2.20101213.ebuild: |
456 |
+ Removing old policies |
457 |
+ |
458 |
+ 23 Oct 2011; <swift@g.o> selinux-dbus-2.20110726.ebuild: |
459 |
+ Stabilization (tracker #384231) |
460 |
+ |
461 |
+*selinux-dbus-2.20110726-r1 (23 Oct 2011) |
462 |
+ |
463 |
+ 23 Oct 2011; <swift@g.o> +selinux-dbus-2.20110726-r1.ebuild: |
464 |
+ Add support for XDG type |
465 |
+ |
466 |
+*selinux-dbus-2.20110726 (28 Aug 2011) |
467 |
+ |
468 |
+ 28 Aug 2011; <swift@g.o> +selinux-dbus-2.20110726.ebuild: |
469 |
+ Updating policy builds to refpolicy 20110726 |
470 |
+ |
471 |
+ 04 Jun 2011; Anthony G. Basile <blueness@g.o> |
472 |
+ -selinux-dbus-2.20090730.ebuild, -selinux-dbus-2.20091215.ebuild, |
473 |
+ -selinux-dbus-20080525.ebuild: |
474 |
+ Removed deprecated policies |
475 |
+ |
476 |
+ 02 Jun 2011; Anthony G. Basile <blueness@g.o> |
477 |
+ selinux-dbus-2.20101213.ebuild: |
478 |
+ Stable amd64 x86 |
479 |
+ |
480 |
+*selinux-dbus-2.20101213 (05 Feb 2011) |
481 |
+ |
482 |
+ 05 Feb 2011; Anthony G. Basile <blueness@g.o> |
483 |
+ +selinux-dbus-2.20101213.ebuild: |
484 |
+ New upstream policy. |
485 |
+ |
486 |
+*selinux-dbus-2.20091215 (16 Dec 2009) |
487 |
+ |
488 |
+ 16 Dec 2009; Chris PeBenito <pebenito@g.o> |
489 |
+ +selinux-dbus-2.20091215.ebuild: |
490 |
+ New upstream release. |
491 |
+ |
492 |
+ 14 Aug 2009; Chris PeBenito <pebenito@g.o> |
493 |
+ -selinux-dbus-20070329.ebuild, -selinux-dbus-20070928.ebuild, |
494 |
+ selinux-dbus-20080525.ebuild: |
495 |
+ Mark 20080525 stable, clear old ebuilds. |
496 |
+ |
497 |
+*selinux-dbus-2.20090730 (03 Aug 2009) |
498 |
+ |
499 |
+ 03 Aug 2009; Chris PeBenito <pebenito@g.o> |
500 |
+ +selinux-dbus-2.20090730.ebuild: |
501 |
+ New upstream release. |
502 |
+ |
503 |
+ 18 Jul 2009; Chris PeBenito <pebenito@g.o> |
504 |
+ selinux-dbus-20070329.ebuild, selinux-dbus-20070928.ebuild, |
505 |
+ selinux-dbus-20080525.ebuild: |
506 |
+ Drop alpha, mips, ppc, sparc selinux support. |
507 |
+ |
508 |
+*selinux-dbus-20080525 (25 May 2008) |
509 |
+ |
510 |
+ 25 May 2008; Chris PeBenito <pebenito@g.o> |
511 |
+ +selinux-dbus-20080525.ebuild: |
512 |
+ New SVN snapshot. |
513 |
+ |
514 |
+ 16 Mar 2008; Chris PeBenito <pebenito@g.o> |
515 |
+ -selinux-dbus-20061114.ebuild: |
516 |
+ Remove old ebuilds. |
517 |
+ |
518 |
+ 03 Feb 2008; Chris PeBenito <pebenito@g.o> |
519 |
+ selinux-dbus-20070928.ebuild: |
520 |
+ Mark stable. |
521 |
+ |
522 |
+*selinux-dbus-20070928 (26 Nov 2007) |
523 |
+ |
524 |
+ 26 Nov 2007; Chris PeBenito <pebenito@g.o> |
525 |
+ +selinux-dbus-20070928.ebuild: |
526 |
+ New SVN snapshot. |
527 |
+ |
528 |
+ 04 Jun 2007; Chris PeBenito <pebenito@g.o> |
529 |
+ selinux-dbus-20070329.ebuild: |
530 |
+ Mark stable. |
531 |
+ |
532 |
+*selinux-dbus-20070329 (29 Mar 2007) |
533 |
+ |
534 |
+ 29 Mar 2007; Chris PeBenito <pebenito@g.o> |
535 |
+ +selinux-dbus-20070329.ebuild: |
536 |
+ New SVN snapshot. |
537 |
+ |
538 |
+*selinux-dbus-20061114 (22 Nov 2006) |
539 |
+ |
540 |
+ 22 Nov 2006; Chris PeBenito <pebenito@g.o> +metadata.xml, |
541 |
+ +selinux-dbus-20061114.ebuild: |
542 |
+ Initial commit. |
543 |
+ |
544 |
|
545 |
diff --git a/sec-policy/selinux-dbus/metadata.xml b/sec-policy/selinux-dbus/metadata.xml |
546 |
new file mode 100644 |
547 |
index 0000000..6dd441f |
548 |
--- /dev/null |
549 |
+++ b/sec-policy/selinux-dbus/metadata.xml |
550 |
@@ -0,0 +1,6 @@ |
551 |
+<?xml version="1.0" encoding="UTF-8"?> |
552 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
553 |
+<pkgmetadata> |
554 |
+ <herd>selinux</herd> |
555 |
+ <longdescription>Gentoo SELinux policy for dbus</longdescription> |
556 |
+</pkgmetadata> |
557 |
|
558 |
diff --git a/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r2.ebuild b/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r2.ebuild |
559 |
new file mode 100644 |
560 |
index 0000000..604cf90 |
561 |
--- /dev/null |
562 |
+++ b/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r2.ebuild |
563 |
@@ -0,0 +1,14 @@ |
564 |
+# Copyright 1999-2011 Gentoo Foundation |
565 |
+# Distributed under the terms of the GNU General Public License v2 |
566 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r1.ebuild,v 1.2 2011/11/27 18:12:40 swift Exp $ |
567 |
+EAPI="4" |
568 |
+ |
569 |
+IUSE="" |
570 |
+MODS="dbus" |
571 |
+BASEPOL="2.20110726-r11" |
572 |
+ |
573 |
+inherit selinux-policy-2 |
574 |
+ |
575 |
+DESCRIPTION="SELinux policy for dbus" |
576 |
+ |
577 |
+KEYWORDS="~amd64 ~x86" |
578 |
|
579 |
diff --git a/sec-policy/selinux-dracut/ChangeLog b/sec-policy/selinux-dracut/ChangeLog |
580 |
new file mode 100644 |
581 |
index 0000000..7b3007c |
582 |
--- /dev/null |
583 |
+++ b/sec-policy/selinux-dracut/ChangeLog |
584 |
@@ -0,0 +1,10 @@ |
585 |
+# ChangeLog for sec-policy/selinux-dracut |
586 |
+# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 |
587 |
+# $Header: $ |
588 |
+ |
589 |
+*selinux-dracut-2.20110726 (03 Jan 2012) |
590 |
+ |
591 |
+ 03 Jan 2012; <swift@g.o> +selinux-dracut-2.20110726.ebuild, |
592 |
+ +metadata.xml: |
593 |
+ Initial policy for dracut |
594 |
+ |
595 |
|
596 |
diff --git a/sec-policy/selinux-dracut/metadata.xml b/sec-policy/selinux-dracut/metadata.xml |
597 |
new file mode 100644 |
598 |
index 0000000..60e5eff |
599 |
--- /dev/null |
600 |
+++ b/sec-policy/selinux-dracut/metadata.xml |
601 |
@@ -0,0 +1,6 @@ |
602 |
+<?xml version="1.0" encoding="UTF-8"?> |
603 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
604 |
+<pkgmetadata> |
605 |
+ <herd>selinux</herd> |
606 |
+ <longdescription>Gentoo SELinux policy for dracut</longdescription> |
607 |
+</pkgmetadata> |
608 |
|
609 |
diff --git a/sec-policy/selinux-dracut/selinux-dracut-2.20110726.ebuild b/sec-policy/selinux-dracut/selinux-dracut-2.20110726.ebuild |
610 |
new file mode 100644 |
611 |
index 0000000..f04a0c1 |
612 |
--- /dev/null |
613 |
+++ b/sec-policy/selinux-dracut/selinux-dracut-2.20110726.ebuild |
614 |
@@ -0,0 +1,14 @@ |
615 |
+# Copyright 1999-2012 Gentoo Foundation |
616 |
+# Distributed under the terms of the GNU General Public License v2 |
617 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r1.ebuild,v 1.2 2011/11/27 18:12:40 swift Exp $ |
618 |
+EAPI="4" |
619 |
+ |
620 |
+IUSE="" |
621 |
+MODS="dracut" |
622 |
+BASEPOL="2.20110726-r11" |
623 |
+ |
624 |
+inherit selinux-policy-2 |
625 |
+ |
626 |
+DESCRIPTION="SELinux policy for dracut" |
627 |
+ |
628 |
+KEYWORDS="~amd64 ~x86" |
629 |
|
630 |
diff --git a/sec-policy/selinux-mozilla/ChangeLog b/sec-policy/selinux-mozilla/ChangeLog |
631 |
new file mode 100644 |
632 |
index 0000000..0d70380 |
633 |
--- /dev/null |
634 |
+++ b/sec-policy/selinux-mozilla/ChangeLog |
635 |
@@ -0,0 +1,79 @@ |
636 |
+# ChangeLog for sec-policy/selinux-mozilla |
637 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
638 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mozilla/ChangeLog,v 1.13 2011/12/17 10:39:16 swift Exp $ |
639 |
+ |
640 |
+*selinux-mozilla-2.20110726-r5 (31 Dec 2011) |
641 |
+ |
642 |
+ 31 Dec 2011; <swift@g.o> +selinux-mozilla-2.20110726-r5.ebuild, |
643 |
+ +metadata.xml: |
644 |
+ Adding dontaudits |
645 |
+ |
646 |
+*selinux-mozilla-2.20110726-r4 (17 Dec 2011) |
647 |
+ |
648 |
+ 17 Dec 2011; <swift@g.o> +selinux-mozilla-2.20110726-r4.ebuild: |
649 |
+ Allow mozilla plugin to read its configuration files |
650 |
+ |
651 |
+ 27 Nov 2011; <swift@g.o> selinux-mozilla-2.20110726-r3.ebuild: |
652 |
+ Stable on amd64/x86 |
653 |
+ |
654 |
+ 12 Nov 2011; <swift@g.o> -files/fix-apps-mozilla-r2.patch, |
655 |
+ -files/fix-apps-mozilla-r3.patch, -files/fix-apps-mozilla-r4.patch, |
656 |
+ -selinux-mozilla-2.20101213-r2.ebuild, -selinux-mozilla-2.20101213-r3.ebuild, |
657 |
+ -selinux-mozilla-2.20101213-r4.ebuild, -selinux-mozilla-2.20110726-r1.ebuild, |
658 |
+ -files/fix-mozilla.patch: |
659 |
+ Removing old policies |
660 |
+ |
661 |
+ 23 Oct 2011; <swift@g.o> selinux-mozilla-2.20110726-r2.ebuild: |
662 |
+ Stabilization (tracker #384231) |
663 |
+ |
664 |
+*selinux-mozilla-2.20110726-r3 (23 Oct 2011) |
665 |
+ |
666 |
+ 23 Oct 2011; <swift@g.o> +selinux-mozilla-2.20110726-r3.ebuild: |
667 |
+ Add support for XDG type |
668 |
+ |
669 |
+*selinux-mozilla-2.20110726-r2 (17 Sep 2011) |
670 |
+ |
671 |
+ 17 Sep 2011; <swift@g.o> +selinux-mozilla-2.20110726-r2.ebuild: |
672 |
+ Add support for XDG types |
673 |
+ |
674 |
+*selinux-mozilla-2.20110726-r1 (28 Aug 2011) |
675 |
+ |
676 |
+ 28 Aug 2011; <swift@g.o> +selinux-mozilla-2.20110726-r1.ebuild: |
677 |
+ Updating policy builds to refpolicy 20110726 |
678 |
+ |
679 |
+*selinux-mozilla-2.20101213-r4 (07 Aug 2011) |
680 |
+ |
681 |
+ 07 Aug 2011; Anthony G. Basile <blueness@g.o> |
682 |
+ +files/fix-apps-mozilla-r4.patch, +selinux-mozilla-2.20101213-r4.ebuild: |
683 |
+ Allow mozilla to read ~/.local |
684 |
+ |
685 |
+*selinux-mozilla-2.20101213-r3 (10 Jul 2011) |
686 |
+ |
687 |
+ 10 Jul 2011; Anthony G. Basile <blueness@g.o> |
688 |
+ +files/fix-apps-mozilla-r3.patch, +selinux-mozilla-2.20101213-r3.ebuild: |
689 |
+ Support proxy plugins and tor |
690 |
+ |
691 |
+ 04 Jun 2011; Anthony G. Basile <blueness@g.o> |
692 |
+ -selinux-mozilla-2.20101213.ebuild, -selinux-mozilla-2.20101213-r1.ebuild: |
693 |
+ Removed deprecated policies |
694 |
+ |
695 |
+ 02 Jun 2011; Anthony G. Basile <blueness@g.o> |
696 |
+ selinux-mozilla-2.20101213-r2.ebuild: |
697 |
+ Stable amd64 x86 |
698 |
+ |
699 |
+*selinux-mozilla-2.20101213-r2 (20 May 2011) |
700 |
+ |
701 |
+ 20 May 2011; Anthony G. Basile <blueness@g.o> |
702 |
+ +files/fix-apps-mozilla-r2.patch, +selinux-mozilla-2.20101213-r2.ebuild: |
703 |
+ Remove obsolete privileges |
704 |
+ |
705 |
+ 05 Feb 2011; Anthony G. Basile <blueness@g.o> ChangeLog: |
706 |
+ Initial commit to portage. |
707 |
+ |
708 |
+*selinux-mozilla-2.20101213-r1 (22 Jan 2011) |
709 |
+ |
710 |
+ 22 Jan 2011; <swift@g.o> +selinux-mozilla-2.20101213-r1.ebuild, |
711 |
+ files/fix-mozilla.patch: |
712 |
+ Support binary firefox, add call to alsa interface and support tmp type |
713 |
+ for mozilla |
714 |
+ |
715 |
|
716 |
diff --git a/sec-policy/selinux-mozilla/metadata.xml b/sec-policy/selinux-mozilla/metadata.xml |
717 |
new file mode 100644 |
718 |
index 0000000..d718f1b |
719 |
--- /dev/null |
720 |
+++ b/sec-policy/selinux-mozilla/metadata.xml |
721 |
@@ -0,0 +1,6 @@ |
722 |
+<?xml version="1.0" encoding="UTF-8"?> |
723 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
724 |
+<pkgmetadata> |
725 |
+ <herd>selinux</herd> |
726 |
+ <longdescription>Gentoo SELinux policy for mozilla</longdescription> |
727 |
+</pkgmetadata> |
728 |
|
729 |
diff --git a/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r5.ebuild b/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r5.ebuild |
730 |
new file mode 100644 |
731 |
index 0000000..42d96e8 |
732 |
--- /dev/null |
733 |
+++ b/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r5.ebuild |
734 |
@@ -0,0 +1,13 @@ |
735 |
+# Copyright 1999-2011 Gentoo Foundation |
736 |
+# Distributed under the terms of the GNU General Public License v2 |
737 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r4.ebuild,v 1.1 2011/12/17 10:39:16 swift Exp $ |
738 |
+EAPI="4" |
739 |
+ |
740 |
+IUSE="" |
741 |
+MODS="mozilla" |
742 |
+BASEPOL="2.20110726-r11" |
743 |
+ |
744 |
+inherit selinux-policy-2 |
745 |
+ |
746 |
+DESCRIPTION="SELinux policy for mozilla" |
747 |
+KEYWORDS="~amd64 ~x86" |
748 |
|
749 |
diff --git a/sec-policy/selinux-networkmanager/ChangeLog b/sec-policy/selinux-networkmanager/ChangeLog |
750 |
new file mode 100644 |
751 |
index 0000000..a82652a |
752 |
--- /dev/null |
753 |
+++ b/sec-policy/selinux-networkmanager/ChangeLog |
754 |
@@ -0,0 +1,34 @@ |
755 |
+# ChangeLog for sec-policy/selinux-networkmanager |
756 |
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
757 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-networkmanager/ChangeLog,v 1.6 2011/12/04 19:02:19 swift Exp $ |
758 |
+ |
759 |
+*selinux-networkmanager-2.20110726-r3 (31 Dec 2011) |
760 |
+ |
761 |
+ 31 Dec 2011; <swift@g.o> +selinux-networkmanager-2.20110726-r3.ebuild, |
762 |
+ +metadata.xml: |
763 |
+ Adding dontaudits |
764 |
+ |
765 |
+*selinux-networkmanager-2.20110726-r2 (04 Dec 2011) |
766 |
+ |
767 |
+ 04 Dec 2011; <swift@g.o> +selinux-networkmanager-2.20110726-r2.ebuild: |
768 |
+ Mark wpa_cli as an interactive application |
769 |
+ |
770 |
+ 12 Nov 2011; <swift@g.o> -selinux-networkmanager-2.20101213.ebuild, |
771 |
+ -files/fix-networkmanager.patch: |
772 |
+ Removing old policies |
773 |
+ |
774 |
+ 23 Oct 2011; <swift@g.o> selinux-networkmanager-2.20110726-r1.ebuild: |
775 |
+ Stabilization (tracker #384231) |
776 |
+ |
777 |
+*selinux-networkmanager-2.20110726-r1 (28 Aug 2011) |
778 |
+ |
779 |
+ 28 Aug 2011; <swift@g.o> +selinux-networkmanager-2.20110726-r1.ebuild: |
780 |
+ Updating policy builds to refpolicy 20110726 |
781 |
+ |
782 |
+ 02 Jun 2011; Anthony G. Basile <blueness@g.o> |
783 |
+ selinux-networkmanager-2.20101213.ebuild: |
784 |
+ Stable amd64 x86 |
785 |
+ |
786 |
+ 05 Feb 2011; Anthony G. Basile <blueness@g.o> ChangeLog: |
787 |
+ Initial commit to portage. |
788 |
+ |
789 |
|
790 |
diff --git a/sec-policy/selinux-networkmanager/metadata.xml b/sec-policy/selinux-networkmanager/metadata.xml |
791 |
new file mode 100644 |
792 |
index 0000000..6670a2f |
793 |
--- /dev/null |
794 |
+++ b/sec-policy/selinux-networkmanager/metadata.xml |
795 |
@@ -0,0 +1,6 @@ |
796 |
+<?xml version="1.0" encoding="UTF-8"?> |
797 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
798 |
+<pkgmetadata> |
799 |
+ <herd>selinux</herd> |
800 |
+ <longdescription>Gentoo SELinux policy for networkmanager</longdescription> |
801 |
+</pkgmetadata> |
802 |
|
803 |
diff --git a/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r3.ebuild b/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r3.ebuild |
804 |
new file mode 100644 |
805 |
index 0000000..7513986 |
806 |
--- /dev/null |
807 |
+++ b/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r3.ebuild |
808 |
@@ -0,0 +1,13 @@ |
809 |
+# Copyright 1999-2011 Gentoo Foundation |
810 |
+# Distributed under the terms of the GNU General Public License v2 |
811 |
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r2.ebuild,v 1.1 2011/12/04 19:02:19 swift Exp $ |
812 |
+EAPI="4" |
813 |
+ |
814 |
+IUSE="" |
815 |
+MODS="networkmanager" |
816 |
+BASEPOL="2.20110726-r11" |
817 |
+ |
818 |
+inherit selinux-policy-2 |
819 |
+ |
820 |
+DESCRIPTION="SELinux policy for networkmanager" |
821 |
+KEYWORDS="~amd64 ~x86" |