diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2020-02-29 18:01:47 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2020-02-29 18:01:47 +0000 |
commit | ceeeb463cc1eef97fd62eaee8bf2196ba04bc384 (patch) | |
tree | 9f47ee47c31a0f13f9496879cd88a1042550aa81 /sec-policy/selinux-base-policy | |
parent | 53cba99042fa967e2a93da9f8db806fe2d035543 (diff) |
gentoo (leap year) resync : 29.02.2020
Diffstat (limited to 'sec-policy/selinux-base-policy')
6 files changed, 0 insertions, 662 deletions
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index d8a0b1b1b421..bb934ada255f 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -1,19 +1,7 @@ -DIST patchbundle-selinux-base-policy-2.20180114-r1.tar.bz2 285245 BLAKE2B 32ff8fa3330aa1e17d6a2fc3c267e9c66d5f540fe4b7d1da8961cdc8e3c4a86e157db66e144c9cef13d52b85aa8a242e89ccf6e9c3ef455a7133bc448586d70f SHA512 5d5ce77b42e183d0b0241567bbe718622ab388cf9538193730c999da832f3ea7e4e9306f2b96cfbcfad01e6fcc834cf1d43b7b388a5a50242dd7f5ef3e252b42 -DIST patchbundle-selinux-base-policy-2.20180114-r2.tar.bz2 293604 BLAKE2B 4b301021a646431fe3a4431815ef66231e3436c7c5a4b02c4d52492a603ab58b54bfdbd589161779c4331f26f56ef6eac4c6f7d8dbc489410e41f7e3cedecff7 SHA512 bfb8e0fc852bc91c38ecdfb51823f5fa89f7e9021eae108648fa8b574cf8303d28cb74b0a6b6c0745576113e419e1f232131c3166a6da9b431aebd3de642f75d -DIST patchbundle-selinux-base-policy-2.20180114-r3.tar.bz2 302345 BLAKE2B b175c5564b44aa4256018e25fbe8ec1bf16bdb0b6a01486bd7afbc5c6332b555838838759fea4859f767211097748bb5e62139264b2f4b792b2dec854d3b7031 SHA512 1586857f6403527470a19e534217805e19460695a854c3630fda80b26cd8e1e5d6f1a327c6d56b3ffa7260858d0c1ae393ea427e9ac0239163e914edc97f1c07 -DIST patchbundle-selinux-base-policy-2.20180701-r1.tar.bz2 315378 BLAKE2B eeeb0b04c023c40289b6d964aefd1773d2b5d6912f1dffebf9509e6dcdbb39b17e722ee4483fb2b11193d4b987a85f90c7dc7e61cef3cf982fc2ba368d4900ef SHA512 a8b049120f1c420f9bfb55aba9ed0157ff7896ace402cd1b77b01d1ea52b67e49d915f1c00de83ff4d59b1cf8b8aa1f39b50ba312d842ed4850e75fcc7f5be42 -DIST patchbundle-selinux-base-policy-2.20180701-r2.tar.bz2 320881 BLAKE2B 12382c64ff8d2acef97ae50b0285061b7f018df0d94034670696b6f19003ee9c9c4f66c711e744696e47145857fcbd577a7762fa807921b40a5366e473901687 SHA512 29453f9deb90b7f982d5a6a3161d79a8171d58d20c0e0de523347d4f1296ad3d4ed970ada0823692e8def4f21756d727628bd919802ec2b1c39087ce5d0811b0 DIST patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 426390 BLAKE2B 33e05e03e1e087f0bf460930f074108af5fa05688f7681ba3545530d21174be7d29e9035a7bc37e9acdbe3468680891f9865ad83188eb0f8fb9b9012252d6a1e SHA512 f2855a340f4ae7ba6c4cf0ec9445de7ca20f9fc0f11783992340ca2f073bbbf2d4999190f46f3910213dd1555e9578b3609284af6a7712b401053216c004ff7e DIST patchbundle-selinux-base-policy-2.20190609-r1.tar.bz2 407664 BLAKE2B e6b6b56f990389365c062522582e2177bc3b70040c99948efad25737e69178f9f72149cc443cb9edacfdd1aa6bc29f637cc61939f66e5cc3841f83298b33c41e SHA512 16195b51bb414ac82821f93756b3b5d0ec206b7035a50379c1f796082d9c53b11369e15086e1e26521808944266364470c43dcfdd1818ba079fda1613b7ef9bd -DIST refpolicy-2.20180114.tar.bz2 743725 BLAKE2B f64fc08dd68033a1762e147a0f205d8d1b71853017cefe4252ca4ca67029d457f28d81a82ae4e78c01e6c2131e9329d0e5634afee12fb4b291685e7563d59107 SHA512 9acb15d1d84670b25d1fc310e048348f707aa22ea184828e677946817aeb6ee2c590233195ead13aa91c7096544d6d29dfb6e98297120ef9464fc6107ffc9ce7 -DIST refpolicy-2.20180701.tar.bz2 753050 BLAKE2B 7069a1b9b9bef25950e62bb50ac09f4a9d5ef6fd0acc667d321da396c3935939348534458df129f7bc81687dca240b4c4fc120d1f46d452665d335c9f023da8c SHA512 9dd5a1e10da5d25fea96cc25efb682f8ac866e835a1d940b161c1ce944cac9a90a5836b03c14311acad6bf9acd9a78003f36e050d35d8edb43606575523857b5 DIST refpolicy-2.20190201.tar.bz2 552750 BLAKE2B d3cbdf5c5f8480cd36173d8cfbd2f55a6ad4a9f2176883dcc19eece6059114ca8700d07f8bd318d0430da253bb9e4e6a6e03f7a7db8a7964c95b00452aaab040 SHA512 c6568b679ad1a7c5c566b55291e86ce3784ee609c0091e5d465d41055724d950180780c7eedb3413351101b9182db51c7bce1816db1a9a17b3257861363efc6e DIST refpolicy-2.20190609.tar.bz2 555882 BLAKE2B abc45d9c906e0c880b7c47b0fb8e33f4a277c73244e20e8a95c44452db817241110127a5f8a3347cfbf5e30bf91f9dd4e5dd826426eb88b383fdbff5963f5fcd SHA512 f05ca08d31e62b7bf7203d7b243cce9ba87dd68d13b30067b99a44d5007449078fa82d591faa88c2955d370a346e69faedc850c02bd77c5624a8c746a13467f3 -EBUILD selinux-base-policy-2.20180114-r1.ebuild 3536 BLAKE2B fab3ef4470b2a7e531b896b5d4214f2ec5e2adbb0e8bca01b66a67004aecab2d6191a064ec26fa25c0464ac77bea8ac75d04d89e815254d47224fea7d3f9da53 SHA512 1fba6e64a8aeed606183b6af585a0336913c20d186c5de7f7f7c5470811df25742c9bd99a509c30728076f976bc40f03f76478c725735fbb46400c08652932d0 -EBUILD selinux-base-policy-2.20180114-r2.ebuild 3868 BLAKE2B 14102d355d299ea51ab0faf0e946cbf66a132b83684d68fbe46af1e3af44ed2720f6743dfc7ce40e4f454c72d0ab4db686b3fcde0018be690e7cc513bdf11b08 SHA512 fde0c6cd5380f11f7120e9b8833539a97d694718635e4e795c7f06efcdc5c51fe19f9f2cd9614281b50ec78a0e4e26936c867d376b22a3134f4ab2c9fe34bab3 -EBUILD selinux-base-policy-2.20180114-r3.ebuild 3870 BLAKE2B fa66f8133138d5ac7cbc9b72b7a0a4480c45c478c73dc01a7548062809c10991dec750959872659e974c1cd41109ad80c22b7ff21e8d19578e3f07d936597175 SHA512 4c5fd88fce4e660e4d75389e25d7cce745b612b5442667fc3d60826f84aeb3ab77519f70449397c5153c2006d0b1ab409abf008949f0b0a7de31dd7c84179b72 -EBUILD selinux-base-policy-2.20180701-r1.ebuild 3876 BLAKE2B 886b6e7bb11fa59cb32be59661ab021c835558b376cf90c1893c2dba57c650926c6f2c3907147d5ede00ef5e9d2439226ee85d69a60e1aea0d083b7cfce2e34f SHA512 4d3fa8afc75f629b0bffec8ef74326a7d234e182180faab49105f722a94799b19d928ce2ab5884ae32982a79fe8e711696227e1f607eaadf796e074482ff5f40 -EBUILD selinux-base-policy-2.20180701-r2.ebuild 3878 BLAKE2B 4a38dc3bc45ba2362a8a62b812efb7179be9afd9c13daf2cac04a90d7cdd6d7f3117c86ed4564dc87bb79a17f7059a68a3ab7c24ec25683bc66dfc4e5e4dbf70 SHA512 944630188aea33453b77daba5d5ebce110efd1503aa7d6cd9059eb84d47cd19fff2de7708da57d5517570da183cd55b470530a98053b1eced766d668d35a1792 EBUILD selinux-base-policy-2.20190201-r1.ebuild 3876 BLAKE2B 3fdf86914afa4ea4851b7a61011589e4f1fb2c20775ee260bdce26c3197ab9b1ad97c871a58c1ff7704f9ca23609def48f802167f1238773f9a2c4daab0e2b07 SHA512 03f531f3ce9d7646b9101a159cb96a091011a5a9215491ecc7fcadf7412814e30abb285de3939c7f0584232b540f61b9a1e3ebefbf228f5713da5de9ed9a553f EBUILD selinux-base-policy-2.20190609-r1.ebuild 3818 BLAKE2B 78071157fd3f922bbd200d84027dfaefa39b66a0b294753027694183fec9adb45fa5faab31784432255cf12d767a01e2217a2e04950105e7a60d0a01d200f75f SHA512 a76925a23a78c805f3b21263dd80d3569deb10b82d8d86a67a617d83090984300447249bbf313999657bea180c58d833474b20b3e57c650abb4fd8365d9fde5a EBUILD selinux-base-policy-9999.ebuild 3818 BLAKE2B e5c0dbf7326cfb52fb95951c7ec7ad29a09c0604f2106198c63d182923157933590c97f70b993b77810e83d67dc667d8cf12d46450f3548629abfd3fe0a88d6b SHA512 ed99b8042b5b16247d4cd2bc02d8f3a6ee13a3fd1ca16d5500b6ba3df56d9d20d1cbd82add3e280c4cd4c27216ec794690af645e14ed6e0af0cf9a70aa983a95 diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r1.ebuild deleted file mode 100644 index df6143b7d93f..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r1.ebuild +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp - done - done -} - -pkg_postinst() { - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd /usr/share/selinux/${i} - - semodule -s ${i} ${COMMAND} - done - - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild deleted file mode 100644 index 3a81feba60c1..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" -RDEPEND="$DEPEND" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp - done - done -} - -pkg_postinst() { - # Set root path and don't load policy into the kernel when cross compiling - local root_opts="" - if [[ "${ROOT%/}" != "" ]]; then - root_opts="-p ${ROOT%/} -n" - fi - - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd "${ROOT%/}/usr/share/selinux/${i}" - - semodule ${root_opts} -s ${i} ${COMMAND} - done - - # Don't relabel when cross compiling - if [[ "${ROOT%/}" == "" ]]; then - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r3.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r3.ebuild deleted file mode 100644 index 0a9c31702c14..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r3.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" -RDEPEND="$DEPEND" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp - done - done -} - -pkg_postinst() { - # Set root path and don't load policy into the kernel when cross compiling - local root_opts="" - if [[ "${ROOT%/}" != "" ]]; then - root_opts="-p ${ROOT%/} -n" - fi - - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd "${ROOT%/}/usr/share/selinux/${i}" - - semodule ${root_opts} -s ${i} ${COMMAND} - done - - # Don't relabel when cross compiling - if [[ "${ROOT%/}" == "" ]]; then - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r1.ebuild deleted file mode 100644 index 1e6cc589b6d2..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r1.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" -RDEPEND="$DEPEND" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp - done - done -} - -pkg_postinst() { - # Set root path and don't load policy into the kernel when cross compiling - local root_opts="" - if [[ "${ROOT%/}" != "" ]]; then - root_opts="-p ${ROOT%/} -n" - fi - - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd "${ROOT%/}/usr/share/selinux/${i}" - - semodule ${root_opts} -s ${i} ${COMMAND} - done - - # Don't relabel when cross compiling - if [[ "${ROOT%/}" == "" ]]; then - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi - fi -} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r2.ebuild deleted file mode 100644 index 7b6afaf3e213..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r2.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" -RDEPEND="$DEPEND" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_setup() { - if use systemd; then - MODS="${MODS} systemd" - fi -} - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp - done - done -} - -pkg_postinst() { - # Set root path and don't load policy into the kernel when cross compiling - local root_opts="" - if [[ "${ROOT%/}" != "" ]]; then - root_opts="-p ${ROOT%/} -n" - fi - - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd "${ROOT%/}/usr/share/selinux/${i}" - - semodule ${root_opts} -s ${i} ${COMMAND} - done - - # Don't relabel when cross compiling - if [[ "${ROOT%/}" == "" ]]; then - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi - fi -} |