diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /sys-apps/policycoreutils/files |
reinit the tree, so we can have metadata
Diffstat (limited to 'sys-apps/policycoreutils/files')
8 files changed, 243 insertions, 0 deletions
diff --git a/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch b/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch new file mode 100644 index 000000000000..52a34bd1f47b --- /dev/null +++ b/sys-apps/policycoreutils/files/0010-remove-sesandbox-support.patch @@ -0,0 +1,9 @@ +diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile +--- policycoreutils-2.4-rc2.orig/Makefile 2014-08-28 20:13:23.212622408 +0200 ++++ policycoreutils-2.4-rc2/Makefile 2014-08-28 20:14:24.136624808 +0200 +@@ -1,4 +1,4 @@ +-SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init sandbox secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll ++SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll + + INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) + diff --git a/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch b/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch new file mode 100644 index 000000000000..a3eeaed901d5 --- /dev/null +++ b/sys-apps/policycoreutils/files/0020-disable-autodetection-of-pam-and-audit.patch @@ -0,0 +1,108 @@ +diff -uNr policycoreutils-2.2.1.orig/newrole/Makefile policycoreutils-2.2.1/newrole/Makefile +--- policycoreutils-2.2.1.orig/newrole/Makefile 2013-11-04 21:37:27.197018032 +0100 ++++ policycoreutils-2.2.1/newrole/Makefile 2013-11-04 21:37:47.602018075 +0100 +@@ -4,8 +4,8 @@ + MANDIR ?= $(PREFIX)/share/man + ETCDIR ?= $(DESTDIR)/etc + LOCALEDIR = /usr/share/locale +-PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null) +-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null) ++PAMH ?= no ++AUDITH ?= no + # Enable capabilities to permit newrole to generate audit records. + # This will make newrole a setuid root program. + # The capabilities used are: CAP_AUDIT_WRITE. +@@ -24,7 +24,7 @@ + EXTRA_OBJS = + override CFLAGS += -DVERSION=\"$(VERSION)\" $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\"" + LDLIBS += -lselinux -L$(PREFIX)/lib +-ifeq ($(PAMH), /usr/include/security/pam_appl.h) ++ifeq ($(PAMH), yes) + override CFLAGS += -DUSE_PAM + EXTRA_OBJS += hashtab.o + LDLIBS += -lpam -lpam_misc +@@ -32,7 +32,7 @@ + override CFLAGS += -D_XOPEN_SOURCE=500 + LDLIBS += -lcrypt + endif +-ifeq ($(AUDITH), /usr/include/libaudit.h) ++ifeq ($(AUDITH), yes) + override CFLAGS += -DUSE_AUDIT + LDLIBS += -laudit + endif +@@ -49,7 +49,7 @@ + IS_SUID=y + endif + ifeq ($(IS_SUID),y) +- MODE := 4555 ++ MODE := 0555 + LDLIBS += -lcap-ng + else + MODE := 0555 +@@ -66,7 +66,7 @@ + test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1 + install -m $(MODE) newrole $(BINDIR) + install -m 644 newrole.1 $(MANDIR)/man1/ +-ifeq ($(PAMH), /usr/include/security/pam_appl.h) ++ifeq ($(PAMH), yes) + test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d + ifeq ($(LSPP_PRIV),y) + install -m 644 newrole-lspp.pamd $(ETCDIR)/pam.d/newrole +diff -uNr policycoreutils-2.2.1.orig/run_init/Makefile policycoreutils-2.2.1/run_init/Makefile +--- policycoreutils-2.2.1.orig/run_init/Makefile 2013-11-04 21:37:27.115018032 +0100 ++++ policycoreutils-2.2.1/run_init/Makefile 2013-11-04 21:37:47.603018075 +0100 +@@ -5,20 +5,20 @@ + MANDIR ?= $(PREFIX)/share/man + ETCDIR ?= $(DESTDIR)/etc + LOCALEDIR ?= /usr/share/locale +-PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null) +-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null) ++PAMH ?= no ++AUDITH ?= no + + CFLAGS ?= -Werror -Wall -W + override CFLAGS += -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\"" + LDLIBS += -lselinux -L$(PREFIX)/lib +-ifeq ($(PAMH), /usr/include/security/pam_appl.h) ++ifeq ($(PAMH), yes) + override CFLAGS += -DUSE_PAM + LDLIBS += -lpam -lpam_misc + else + override CFLAGS += -D_XOPEN_SOURCE=500 + LDLIBS += -lcrypt + endif +-ifeq ($(AUDITH), /usr/include/libaudit.h) ++ifeq ($(AUDITH), yes) + override CFLAGS += -DUSE_AUDIT + LDLIBS += -laudit + endif +@@ -38,7 +38,7 @@ + install -m 755 open_init_pty $(SBINDIR) + install -m 644 run_init.8 $(MANDIR)/man8/ + install -m 644 open_init_pty.8 $(MANDIR)/man8/ +-ifeq ($(PAMH), /usr/include/security/pam_appl.h) ++ifeq ($(PAMH), yes) + install -m 644 run_init.pamd $(ETCDIR)/pam.d/run_init + endif + +diff -uNr policycoreutils-2.2.1.orig/setfiles/Makefile policycoreutils-2.2.1/setfiles/Makefile +--- policycoreutils-2.2.1.orig/setfiles/Makefile 2013-11-04 21:37:27.198018032 +0100 ++++ policycoreutils-2.2.1/setfiles/Makefile 2013-11-04 21:37:47.603018075 +0100 +@@ -3,7 +3,7 @@ + SBINDIR ?= $(DESTDIR)/sbin + MANDIR = $(PREFIX)/share/man + LIBDIR ?= $(PREFIX)/lib +-AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null) ++AUDITH ?= no + + PROGRESS_STEP=$(shell grep "^\#define STAR_COUNT" restore.h | awk -S '{ print $$3 }') + ABORT_ON_ERRORS=$(shell grep "^\#define ABORT_ON_ERRORS" setfiles.c | awk -S '{ print $$3 }') +@@ -12,7 +12,7 @@ + override CFLAGS += -I$(PREFIX)/include + LDLIBS = -lselinux -lsepol -L$(LIBDIR) + +-ifeq ($(AUDITH), /usr/include/libaudit.h) ++ifeq ($(AUDITH), yes) + override CFLAGS += -DUSE_AUDIT + LDLIBS += -laudit + endif diff --git a/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch b/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch new file mode 100644 index 000000000000..6a31e255a952 --- /dev/null +++ b/sys-apps/policycoreutils/files/0030-make-inotify-check-use-flag-triggered.patch @@ -0,0 +1,14 @@ +diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile +--- policycoreutils-2.4-rc2.orig/Makefile 2014-08-28 20:22:45.230644554 +0200 ++++ policycoreutils-2.4-rc2/Makefile 2014-08-28 20:27:08.642654934 +0200 +@@ -1,8 +1,8 @@ + SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll + +-INOTIFYH = $(shell ls /usr/include/sys/inotify.h 2>/dev/null) ++INOTIFYH ?= no + +-ifeq (${INOTIFYH}, /usr/include/sys/inotify.h) ++ifeq (${INOTIFYH}, yes) + SUBDIRS += restorecond + endif + diff --git a/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch b/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch new file mode 100644 index 000000000000..7d438983bb7e --- /dev/null +++ b/sys-apps/policycoreutils/files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch @@ -0,0 +1,11 @@ +diff -uNr policycoreutils-2.2.1.orig/load_policy/Makefile policycoreutils-2.2.1/load_policy/Makefile +--- policycoreutils-2.2.1.orig/load_policy/Makefile 2013-11-04 21:41:28.289018546 +0100 ++++ policycoreutils-2.2.1/load_policy/Makefile 2013-11-04 21:43:31.118018808 +0100 +@@ -19,7 +19,6 @@ + test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8 + install -m 644 load_policy.8 $(MANDIR)/man8/ + -mkdir -p $(USRSBINDIR) +- -ln -sf $(SBINDIR)/load_policy $(USRSBINDIR)/load_policy + + clean: + -rm -f $(TARGETS) *.o diff --git a/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch b/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch new file mode 100644 index 000000000000..68033c705cd5 --- /dev/null +++ b/sys-apps/policycoreutils/files/0110-build-mcstrans-bug-472912.patch @@ -0,0 +1,64 @@ +diff -uNr policycoreutils-2.4-rc2.orig/Makefile policycoreutils-2.4-rc2/Makefile +--- policycoreutils-2.4-rc2.orig/Makefile 2014-08-28 20:31:19.563664821 +0200 ++++ policycoreutils-2.4-rc2/Makefile 2014-08-28 20:32:25.900667435 +0200 +@@ -1,4 +1,4 @@ +-SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll ++SUBDIRS = sepolicy setfiles semanage load_policy newrole run_init secon audit2allow sestatus semodule_package semodule semodule_link semodule_expand semodule_deps sepolgen-ifgen setsebool scripts po man gui hll mcstrans + + INOTIFYH ?= n + +diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/src/Makefile policycoreutils-2.4-rc2/mcstrans/src/Makefile +--- policycoreutils-2.4-rc2.orig/mcstrans/src/Makefile 2014-08-28 20:31:19.562664821 +0200 ++++ policycoreutils-2.4-rc2/mcstrans/src/Makefile 2014-08-28 20:33:39.345670329 +0200 +@@ -1,23 +1,10 @@ + ARCH = $(shell uname -i) +-ifeq "$(ARCH)" "x86_64" +- # In case of 64 bit system, use these lines +- LIBDIR=/usr/lib64 +-else +-ifeq "$(ARCH)" "i686" +- # In case of 32 bit system, use these lines +- LIBDIR=/usr/lib +-else +-ifeq "$(ARCH)" "i386" +- # In case of 32 bit system, use these lines +- LIBDIR=/usr/lib +-endif +-endif +-endif + # Installation directories. + PREFIX ?= $(DESTDIR)/usr + SBINDIR ?= $(DESTDIR)/sbin + INITDIR ?= $(DESTDIR)/etc/rc.d/init.d + SYSTEMDDIR ?= $(DESTDIR)/usr/lib/systemd ++LIBDIR ?= $(PREFIX)/lib + + PROG_SRC=mcstrans.c mcscolor.c mcstransd.c mls_level.c + PROG_OBJS= $(patsubst %.c,%.o,$(PROG_SRC)) +diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/utils/Makefile policycoreutils-2.4-rc2/mcstrans/utils/Makefile +--- policycoreutils-2.4-rc2.orig/mcstrans/utils/Makefile 2014-08-28 20:31:19.556664821 +0200 ++++ policycoreutils-2.4-rc2/mcstrans/utils/Makefile 2014-08-28 20:34:14.145671701 +0200 +@@ -3,22 +3,7 @@ + BINDIR ?= $(PREFIX)/sbin + + ARCH = $(shell uname -i) +-ifeq "$(ARCH)" "x86_64" +- # In case of 64 bit system, use these lines +- LIBDIR=/usr/lib64 +-else +-ifeq "$(ARCH)" "i686" +- # In case of 32 bit system, use these lines +- LIBDIR=/usr/lib +-else +-ifeq "$(ARCH)" "i386" +- # In case of 32 bit system, use these lines +- LIBDIR=/usr/lib +-endif +-endif +-endif +- +- ++LIBDIR ?= $(PREFIX)/lib + CFLAGS ?= -Wall + override CFLAGS += -I../src -D_GNU_SOURCE + LDLIBS += -L../src ../src/mcstrans.o ../src/mls_level.o -lselinux -lpcre $(LIBDIR)/libsepol.a diff --git a/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch b/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch new file mode 100644 index 000000000000..cf50664264e1 --- /dev/null +++ b/sys-apps/policycoreutils/files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch @@ -0,0 +1,11 @@ +diff -uNr policycoreutils-2.4-rc2.orig/mcstrans/src/mcscolor.c policycoreutils-2.4-rc2/mcstrans/src/mcscolor.c +--- policycoreutils-2.4-rc2.orig/mcstrans/src/mcscolor.c 2014-08-28 21:26:25.125795076 +0200 ++++ policycoreutils-2.4-rc2/mcstrans/src/mcscolor.c 2014-08-28 21:27:03.509796589 +0200 +@@ -11,6 +11,7 @@ + #include <syslog.h> + #include <selinux/selinux.h> + #include <selinux/context.h> ++#include <selinux/av_permissions.h> + #include "mcstrans.h" + + /* Define data structures */ diff --git a/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch b/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch new file mode 100644 index 000000000000..6049bbe282af --- /dev/null +++ b/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch @@ -0,0 +1,13 @@ +diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile +index bdefbb8..9cff135 100644 +--- policycoreutils/newrole/Makefile ++++ policycoreutils/newrole/Makefile +@@ -49,7 +49,7 @@ ifeq ($(NAMESPACE_PRIV),y) + IS_SUID=y + endif + ifeq ($(IS_SUID),y) +- MODE := 4555 ++ MODE := 0555 + override LDLIBS += -lcap-ng + else + MODE := 0555 diff --git a/sys-apps/policycoreutils/files/policycoreutils-2.7_rc1-0001-newrole-not-suid.patch b/sys-apps/policycoreutils/files/policycoreutils-2.7_rc1-0001-newrole-not-suid.patch new file mode 100644 index 000000000000..d4aa531063ff --- /dev/null +++ b/sys-apps/policycoreutils/files/policycoreutils-2.7_rc1-0001-newrole-not-suid.patch @@ -0,0 +1,13 @@ +diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile +index bdefbb8..9cff135 100644 +--- policycoreutils/newrole/Makefile ++++ policycoreutils/newrole/Makefile +@@ -49,7 +49,7 @@ ifeq ($(NAMESPACE_PRIV),y) + IS_SUID=y + endif + ifeq ($(IS_SUID),y) +- MODE := 4555 ++ MODE := 0555 + LDLIBS += -lcap-ng + else + MODE := 0555 |