reinit the tree, so we can have metadata

author: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
commit: 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree: ba5f07bf3f9d22d82e54a462313f5d244036c768 /sys-apps/policycoreutils/files
8 files changed, 243 insertions, 0 deletions
diff --git a/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch b/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch
new file mode 100644
index 000000000000..52a34bd1f47b
--- /dev/null
+++ b/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch
@@ -0,0 +1,9 @@
+diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile
+--- policycoreutils-2.4-rc2.orig/Makefile	2014-08-28 20:13:23.212622408 +0200
++++ policycoreutils-2.4-rc2/Makefile	2014-08-28 20:14:24.136624808 +0200
+@@ -1,4 +1,4 @@
+-SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
++SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
+ 
+ INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
+ 
diff --git a/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch b/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch
new file mode 100644
index 000000000000..a3eeaed901d5
--- /dev/null
+++ b/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch
@@ -0,0 +1,108 @@
+diff -uNr policycoreutils-2.2.1.orig/newrole/Makefile policycoreutils-2.2.1/newrole/Makefile
+--- policycoreutils-2.2.1.orig/newrole/Makefile	2013-11-04 21:37:27.197018032 +0100
++++ policycoreutils-2.2.1/newrole/Makefile	2013-11-04 21:37:47.602018075 +0100
+@@ -4,8 +4,8 @@
+ MANDIR ?= $(PREFIX)/share/man
+ ETCDIR ?= $(DESTDIR)/etc
+ LOCALEDIR = /usr/share/locale
+-PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
+-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
++PAMH ?= no
++AUDITH ?= no
+ # Enable capabilities to permit newrole to generate audit records.
+ # This will make newrole a setuid root program.
+ # The capabilities used are: CAP_AUDIT_WRITE.
+@@ -24,7 +24,7 @@
+ EXTRA_OBJS =
+ override CFLAGS += -DVERSION=\"$(VERSION)\" $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
+ LDLIBS += -lselinux -L$(PREFIX)/lib
+-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
++ifeq ($(PAMH), yes)
+ 	override CFLAGS += -DUSE_PAM
+ 	EXTRA_OBJS += hashtab.o
+ 	LDLIBS += -lpam -lpam_misc
+@@ -32,7 +32,7 @@
+ 	override CFLAGS += -D_XOPEN_SOURCE=500
+ 	LDLIBS += -lcrypt
+ endif
+-ifeq ($(AUDITH), /usr/include/libaudit.h)
++ifeq ($(AUDITH), yes)
+ 	override CFLAGS += -DUSE_AUDIT
+ 	LDLIBS += -laudit
+ endif
+@@ -49,7 +49,7 @@
+ 	IS_SUID=y
+ endif
+ ifeq ($(IS_SUID),y)
+-	MODE := 4555
++	MODE := 0555
+ 	LDLIBS += -lcap-ng
+ else
+ 	MODE := 0555
+@@ -66,7 +66,7 @@
+ 	test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1
+ 	install -m $(MODE) newrole $(BINDIR)
+ 	install -m 644 newrole.1 $(MANDIR)/man1/
+-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
++ifeq ($(PAMH), yes)
+ 	test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d
+ ifeq ($(LSPP_PRIV),y)
+ 	install -m 644 newrole-lspp.pamd $(ETCDIR)/pam.d/newrole
+diff -uNr policycoreutils-2.2.1.orig/run_init/Makefile policycoreutils-2.2.1/run_init/Makefile
+--- policycoreutils-2.2.1.orig/run_init/Makefile	2013-11-04 21:37:27.115018032 +0100
++++ policycoreutils-2.2.1/run_init/Makefile	2013-11-04 21:37:47.603018075 +0100
+@@ -5,20 +5,20 @@
+ MANDIR ?= $(PREFIX)/share/man
+ ETCDIR ?= $(DESTDIR)/etc
+ LOCALEDIR ?= /usr/share/locale
+-PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
+-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
++PAMH ?= no
++AUDITH ?= no
+ 
+ CFLAGS ?= -Werror -Wall -W
+ override CFLAGS += -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
+ LDLIBS += -lselinux -L$(PREFIX)/lib
+-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
++ifeq ($(PAMH), yes)
+ 	override CFLAGS += -DUSE_PAM
+ 	LDLIBS += -lpam -lpam_misc
+ else
+ 	override CFLAGS += -D_XOPEN_SOURCE=500
+ 	LDLIBS += -lcrypt
+ endif
+-ifeq ($(AUDITH), /usr/include/libaudit.h)
++ifeq ($(AUDITH), yes)
+ 	override CFLAGS += -DUSE_AUDIT
+ 	LDLIBS += -laudit
+ endif
+@@ -38,7 +38,7 @@
+ 	install -m 755 open_init_pty $(SBINDIR)
+ 	install -m 644 run_init.8 $(MANDIR)/man8/
+ 	install -m 644 open_init_pty.8 $(MANDIR)/man8/
+-ifeq ($(PAMH), /usr/include/security/pam_appl.h)
++ifeq ($(PAMH), yes)
+ 	install -m 644 run_init.pamd $(ETCDIR)/pam.d/run_init
+ endif
+ 
+diff -uNr policycoreutils-2.2.1.orig/setfiles/Makefile policycoreutils-2.2.1/setfiles/Makefile
+--- policycoreutils-2.2.1.orig/setfiles/Makefile	2013-11-04 21:37:27.198018032 +0100
++++ policycoreutils-2.2.1/setfiles/Makefile	2013-11-04 21:37:47.603018075 +0100
+@@ -3,7 +3,7 @@
+ SBINDIR ?= $(DESTDIR)/sbin
+ MANDIR = $(PREFIX)/share/man
+ LIBDIR ?= $(PREFIX)/lib
+-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
++AUDITH ?= no
+ 
+ PROGRESS_STEP=$(shell grep "^\#define STAR_COUNT" restore.h | awk -S '{ print $$3 }')
+ ABORT_ON_ERRORS=$(shell grep "^\#define ABORT_ON_ERRORS" setfiles.c | awk -S '{ print $$3 }')
+@@ -12,7 +12,7 @@
+ override CFLAGS += -I$(PREFIX)/include
+ LDLIBS = -lselinux -lsepol -L$(LIBDIR)
+ 
+-ifeq ($(AUDITH), /usr/include/libaudit.h)
++ifeq ($(AUDITH), yes)
+ 	override CFLAGS += -DUSE_AUDIT
+ 	LDLIBS += -laudit
+ endif
diff --git a/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch b/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch
new file mode 100644
index 000000000000..6a31e255a952
--- /dev/null
+++ b/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch
@@ -0,0 +1,14 @@
+diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile
+--- policycoreutils-2.4-rc2.orig/Makefile	2014-08-28 20:22:45.230644554 +0200
++++ policycoreutils-2.4-rc2/Makefile	2014-08-28 20:27:08.642654934 +0200
+@@ -1,8 +1,8 @@
+ SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
+ 
+-INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null)
++INOTIFYH ?= no
+ 
+-ifeq (${INOTIFYH}, /usr/include/sys/inotify.h)
++ifeq (${INOTIFYH}, yes)
+ 	SUBDIRS += restorecond
+ endif
+ 
diff --git a/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch b/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch
new file mode 100644
index 000000000000..7d438983bb7e
--- /dev/null
+++ b/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch
@@ -0,0 +1,11 @@
+diff -uNr policycoreutils-2.2.1.orig/load_policy/Makefile policycoreutils-2.2.1/load_policy/Makefile
+--- policycoreutils-2.2.1.orig/load_policy/Makefile	2013-11-04 21:41:28.289018546 +0100
++++ policycoreutils-2.2.1/load_policy/Makefile	2013-11-04 21:43:31.118018808 +0100
+@@ -19,7 +19,6 @@
+ 	test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
+ 	install -m 644 load_policy.8 $(MANDIR)/man8/
+ 	-mkdir -p $(USRSBINDIR)
+-	-ln -sf $(SBINDIR)/load_policy $(USRSBINDIR)/load_policy 
+ 
+ clean:
+ 	-rm -f $(TARGETS) *.o 
diff --git a/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch b/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch
new file mode 100644
index 000000000000..68033c705cd5
--- /dev/null
+++ b/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch
@@ -0,0 +1,64 @@
+diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile
+--- policycoreutils-2.4-rc2.orig/Makefile	2014-08-28 20:31:19.563664821 +0200
++++ policycoreutils-2.4-rc2/Makefile	2014-08-28 20:32:25.900667435 +0200
+@@ -1,4 +1,4 @@
+-SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll
++SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll mcstrans
+ 
+ INOTIFYH ?= n
+ 
+diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/src/Makefile policycoreutils-2.4-rc2/mcstrans/src/Makefile
+--- policycoreutils-2.4-rc2.orig/mcstrans/src/Makefile	2014-08-28 20:31:19.562664821 +0200
++++ policycoreutils-2.4-rc2/mcstrans/src/Makefile	2014-08-28 20:33:39.345670329 +0200
+@@ -1,23 +1,10 @@
+ ARCH = $(shell uname -i)
+-ifeq "$(ARCH)" "x86_64"
+-	# In case of 64 bit system, use these lines
+-	LIBDIR=/usr/lib64
+-else 
+-ifeq "$(ARCH)" "i686"
+-	# In case of 32 bit system, use these lines
+-	LIBDIR=/usr/lib
+-else
+-ifeq "$(ARCH)" "i386"
+-	# In case of 32 bit system, use these lines
+-	LIBDIR=/usr/lib
+-endif
+-endif
+-endif
+ # Installation directories.
+ PREFIX  ?= $(DESTDIR)/usr
+ SBINDIR ?= $(DESTDIR)/sbin
+ INITDIR ?= $(DESTDIR)/etc/rc.d/init.d
+ SYSTEMDDIR ?= $(DESTDIR)/usr/lib/systemd
++LIBDIR ?= $(PREFIX)/lib
+ 
+ PROG_SRC=mcstrans.c  mcscolor.c  mcstransd.c  mls_level.c
+ PROG_OBJS= $(patsubst %.c,%.o,$(PROG_SRC))
+diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/utils/Makefile policycoreutils-2.4-rc2/mcstrans/utils/Makefile
+--- policycoreutils-2.4-rc2.orig/mcstrans/utils/Makefile	2014-08-28 20:31:19.556664821 +0200
++++ policycoreutils-2.4-rc2/mcstrans/utils/Makefile	2014-08-28 20:34:14.145671701 +0200
+@@ -3,22 +3,7 @@
+ BINDIR ?= $(PREFIX)/sbin
+ 
+ ARCH = $(shell uname -i)
+-ifeq "$(ARCH)" "x86_64"
+-        # In case of 64 bit system, use these lines
+-        LIBDIR=/usr/lib64
+-else
+-ifeq "$(ARCH)" "i686"
+-        # In case of 32 bit system, use these lines
+-        LIBDIR=/usr/lib
+-else
+-ifeq "$(ARCH)" "i386"
+-        # In case of 32 bit system, use these lines
+-        LIBDIR=/usr/lib
+-endif
+-endif
+-endif
+-
+-
++LIBDIR ?= $(PREFIX)/lib
+ CFLAGS ?= -Wall
+ override CFLAGS += -I../src -D_GNU_SOURCE
+ LDLIBS += -L../src ../src/mcstrans.o ../src/mls_level.o -lselinux -lpcre $(LIBDIR)/libsepol.a
diff --git a/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch b/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch
new file mode 100644
index 000000000000..cf50664264e1
--- /dev/null
+++ b/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch
@@ -0,0 +1,11 @@
+diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/src/mcscolor.c policycoreutils-2.4-rc2/mcstrans/src/mcscolor.c
+--- policycoreutils-2.4-rc2.orig/mcstrans/src/mcscolor.c	2014-08-28 21:26:25.125795076 +0200
++++ policycoreutils-2.4-rc2/mcstrans/src/mcscolor.c	2014-08-28 21:27:03.509796589 +0200
+@@ -11,6 +11,7 @@
+ #include <syslog.h>
+ #include <selinux/selinux.h>
+ #include <selinux/context.h>
++#include <selinux/av_permissions.h>
+ #include "mcstrans.h"
+ 
+ /* Define data structures */
diff --git a/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch b/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch
new file mode 100644
index 000000000000..6049bbe282af
--- /dev/null
+++ b/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch
@@ -0,0 +1,13 @@
+diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile
+index bdefbb8..9cff135 100644
+--- policycoreutils/newrole/Makefile
++++ policycoreutils/newrole/Makefile
+@@ -49,7 +49,7 @@ ifeq ($(NAMESPACE_PRIV),y)
+ 	IS_SUID=y
+ endif
+ ifeq ($(IS_SUID),y)
+-	MODE := 4555
++	MODE := 0555
+ 	override LDLIBS += -lcap-ng
+ else
+ 	MODE := 0555
diff --git a/sys-apps/policycoreutils/files/policycoreutils-2.7_rc1-0001-newrole-not-suid.patch b/sys-apps/policycoreutils/files/policycoreutils-2.7_rc1-0001-newrole-not-suid.patch
new file mode 100644
index 000000000000..d4aa531063ff
--- /dev/null
+++ b/sys-apps/policycoreutils/files/policycoreutils-2.7_rc1-0001-newrole-not-suid.patch
@@ -0,0 +1,13 @@
+diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile
+index bdefbb8..9cff135 100644
+--- policycoreutils/newrole/Makefile
++++ policycoreutils/newrole/Makefile
+@@ -49,7 +49,7 @@ ifeq ($(NAMESPACE_PRIV),y)
+ 	IS_SUID=y
+ endif
+ ifeq ($(IS_SUID),y)
+-	MODE := 4555
++	MODE := 0555
+ 	LDLIBS += -lcap-ng
+ else
+ 	MODE := 0555
author	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
commit	4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree	ba5f07bf3f9d22d82e54a462313f5d244036c768 /sys-apps/policycoreutils/files