summaryrefslogtreecommitdiff
path: root/sec-policy/selinux-base-policy
diff options
context:
space:
mode:
Diffstat (limited to 'sec-policy/selinux-base-policy')
-rw-r--r--sec-policy/selinux-base-policy/Manifest10
-rw-r--r--sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild122
-rw-r--r--sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r1.ebuild (renamed from sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r2.ebuild)38
-rw-r--r--sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild2
4 files changed, 29 insertions, 143 deletions
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest
index fa6727d8de79..629bec77919c 100644
--- a/sec-policy/selinux-base-policy/Manifest
+++ b/sec-policy/selinux-base-policy/Manifest
@@ -1,14 +1,12 @@
-DIST patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 314854 BLAKE2B 483d04f364195eb8627153647118eb23812a610db63a40d50819b42c19fc20ffd0a36cd5c1959a764eab2109bd2e5317f74fd3a5cc1c7ddd17d8c85be05579a5 SHA512 1358db158945b82e0e41907e3919a6888564b4f15ad765f0fe2dc7bf284485c18d11c5502d598268e33b2163a6fa0be2a4029a8e9f774abfd4377031ee9afd32
-DIST patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 324834 BLAKE2B ecc3b0425987aa648b3dd52977a6e1fd987e605fe302c3b6d8742d3eac9a1c89697de1f97331e9863b132bb95814ae7577e161a024cdda297fb84458aa9417fd SHA512 62ec2e70397d06d464e95305a4c0699cc07063d879d986a74442955fb8076a00cbe4a4f7a3cda46876cbf2ad38189be06f0c05ce9698aadafa6e9f02a8daf668
DIST patchbundle-selinux-base-policy-2.20180114-r1.tar.bz2 285245 BLAKE2B 32ff8fa3330aa1e17d6a2fc3c267e9c66d5f540fe4b7d1da8961cdc8e3c4a86e157db66e144c9cef13d52b85aa8a242e89ccf6e9c3ef455a7133bc448586d70f SHA512 5d5ce77b42e183d0b0241567bbe718622ab388cf9538193730c999da832f3ea7e4e9306f2b96cfbcfad01e6fcc834cf1d43b7b388a5a50242dd7f5ef3e252b42
DIST patchbundle-selinux-base-policy-2.20180114-r2.tar.bz2 293604 BLAKE2B 4b301021a646431fe3a4431815ef66231e3436c7c5a4b02c4d52492a603ab58b54bfdbd589161779c4331f26f56ef6eac4c6f7d8dbc489410e41f7e3cedecff7 SHA512 bfb8e0fc852bc91c38ecdfb51823f5fa89f7e9021eae108648fa8b574cf8303d28cb74b0a6b6c0745576113e419e1f232131c3166a6da9b431aebd3de642f75d
DIST patchbundle-selinux-base-policy-2.20180114-r3.tar.bz2 302345 BLAKE2B b175c5564b44aa4256018e25fbe8ec1bf16bdb0b6a01486bd7afbc5c6332b555838838759fea4859f767211097748bb5e62139264b2f4b792b2dec854d3b7031 SHA512 1586857f6403527470a19e534217805e19460695a854c3630fda80b26cd8e1e5d6f1a327c6d56b3ffa7260858d0c1ae393ea427e9ac0239163e914edc97f1c07
-DIST refpolicy-2.20170805.tar.bz2 740430 BLAKE2B 0597f51fceb5ca88b3506aa16cbd2d7f3df3a1d9c6afdf4cc5fc7eca25fa19c5810889f90ed1ee0abef401d41384558abb69f6638caf50341f71d075fa99e561 SHA512 dbb6809b028ae75296ad26d5997cc21d835c49555a0e37957cb39b36b144af6e817320073a29247448eba1876ab9e29d3956ff4456f1542b66ba38af459ec586
+DIST patchbundle-selinux-base-policy-2.20180701-r1.tar.bz2 315378 BLAKE2B eeeb0b04c023c40289b6d964aefd1773d2b5d6912f1dffebf9509e6dcdbb39b17e722ee4483fb2b11193d4b987a85f90c7dc7e61cef3cf982fc2ba368d4900ef SHA512 a8b049120f1c420f9bfb55aba9ed0157ff7896ace402cd1b77b01d1ea52b67e49d915f1c00de83ff4d59b1cf8b8aa1f39b50ba312d842ed4850e75fcc7f5be42
DIST refpolicy-2.20180114.tar.bz2 743725 BLAKE2B f64fc08dd68033a1762e147a0f205d8d1b71853017cefe4252ca4ca67029d457f28d81a82ae4e78c01e6c2131e9329d0e5634afee12fb4b291685e7563d59107 SHA512 9acb15d1d84670b25d1fc310e048348f707aa22ea184828e677946817aeb6ee2c590233195ead13aa91c7096544d6d29dfb6e98297120ef9464fc6107ffc9ce7
-EBUILD selinux-base-policy-2.20170805-r2.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282
-EBUILD selinux-base-policy-2.20170805-r3.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282
+DIST refpolicy-2.20180701.tar.bz2 753050 BLAKE2B 7069a1b9b9bef25950e62bb50ac09f4a9d5ef6fd0acc667d321da396c3935939348534458df129f7bc81687dca240b4c4fc120d1f46d452665d335c9f023da8c SHA512 9dd5a1e10da5d25fea96cc25efb682f8ac866e835a1d940b161c1ce944cac9a90a5836b03c14311acad6bf9acd9a78003f36e050d35d8edb43606575523857b5
EBUILD selinux-base-policy-2.20180114-r1.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282
EBUILD selinux-base-policy-2.20180114-r2.ebuild 3935 BLAKE2B 41ffc6a7ed124e125f198aaaad62eb37b334056d9609800ef5e92902da0dd106fa0c73e77216f2c831a478db2602d4303dc50ebbbedaf355078780d1d11b19e4 SHA512 28d121da52cc3a99f0e232159e172d88f8d4e5556107a9a260c897ed53f806b6b24ce21a17b9f429743e930f6ed405baaa6d751bfc8f70589239a0bf02f64496
EBUILD selinux-base-policy-2.20180114-r3.ebuild 3937 BLAKE2B 9d2f4297edd38a837f6299f0fc1a1424e391ac5fa7f1c77f187e049545a0e4cdc3bffbdeb7b86f6bde30af093b813f4a8bd3ce85b8a25a4ab514bc8a5464e010 SHA512 6a7a3ac43cfc10aedd4cce05190c34877075da8ec699adb0ebfe15e94bcc5e026b7f0876cb7fb7f18f657a511f9906db1c8e6323d019f25679bfe778767a7591
-EBUILD selinux-base-policy-9999.ebuild 3937 BLAKE2B 9d2f4297edd38a837f6299f0fc1a1424e391ac5fa7f1c77f187e049545a0e4cdc3bffbdeb7b86f6bde30af093b813f4a8bd3ce85b8a25a4ab514bc8a5464e010 SHA512 6a7a3ac43cfc10aedd4cce05190c34877075da8ec699adb0ebfe15e94bcc5e026b7f0876cb7fb7f18f657a511f9906db1c8e6323d019f25679bfe778767a7591
+EBUILD selinux-base-policy-2.20180701-r1.ebuild 3945 BLAKE2B 47f89b64fc441cff562f35b04c80d2c3da1ba5bc93b9f39e074f91cb30de8f93eba5b5306e62d7804c8519e380f0b3bf96ed2f172f07520d5093663f38404d17 SHA512 5ebc07f14d215ad2bbfe3e168915e0a6b5d5ff020d1078e2a4f1a5d1c8b0b61db804fc8af166f863e088dd1a3c887b5afa11ee92cbd5ae8cbfe57039831c2173
+EBUILD selinux-base-policy-9999.ebuild 3945 BLAKE2B 47f89b64fc441cff562f35b04c80d2c3da1ba5bc93b9f39e074f91cb30de8f93eba5b5306e62d7804c8519e380f0b3bf96ed2f172f07520d5093663f38404d17 SHA512 5ebc07f14d215ad2bbfe3e168915e0a6b5d5ff020d1078e2a4f1a5d1c8b0b61db804fc8af166f863e088dd1a3c887b5afa11ee92cbd5ae8cbfe57039831c2173
MISC metadata.xml 534 BLAKE2B 1bb289204431150ae974c9fd677926faf72e75def3294b9df405a048e398ac3b6147de8483512487edaeea378e1dbd32df0675acb7fa50326c48382603c5dbfe SHA512 d8340bec9d0ec0feb396b17b53a6d53e3caa7ddd1efdc5e5de07baf86592ad0526d08fc08908295cf18a915eef1c7429c72970d56967162b2390eed6f28c822a
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild
deleted file mode 100644
index a72df4c245a4..000000000000
--- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild
+++ /dev/null
@@ -1,122 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-if [[ ${PV} == 9999* ]]; then
- EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}"
- EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}"
- EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy"
-
- inherit git-r3
-else
- SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2
- https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
- KEYWORDS="amd64 -arm ~arm64 ~mips x86"
-fi
-
-HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux"
-DESCRIPTION="SELinux policy for core modules"
-
-IUSE="systemd +unconfined"
-
-PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
-DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]"
-
-MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg"
-LICENSE="GPL-2"
-SLOT="0"
-S="${WORKDIR}/"
-
-# Code entirely copied from selinux-eclass (cannot inherit due to dependency on
-# itself), when reworked reinclude it. Only postinstall (where -b base.pp is
-# added) needs to remain then.
-
-pkg_setup() {
- if use systemd; then
- MODS="${MODS} systemd"
- fi
-}
-
-pkg_pretend() {
- for i in ${POLICY_TYPES}; do
- if [[ "${i}" == "targeted" ]] && ! use unconfined; then
- die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory."
- fi
- done
-}
-
-src_prepare() {
- local modfiles
-
- if [[ ${PV} != 9999* ]]; then
- einfo "Applying SELinux policy updates ... "
- eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch"
- fi
-
- eapply_user
-
- # Collect only those files needed for this particular module
- for i in ${MODS}; do
- modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
- modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
- done
-
- for i in ${POLICY_TYPES}; do
- mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
- cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
- || die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
-
- cp ${modfiles} "${S}"/${i} \
- || die "Failed to copy the module files to ${S}/${i}"
- done
-}
-
-src_compile() {
- for i in ${POLICY_TYPES}; do
- emake NAME=$i -C "${S}"/${i} || die "${i} compile failed"
- done
-}
-
-src_install() {
- local BASEDIR="/usr/share/selinux"
-
- for i in ${POLICY_TYPES}; do
- for j in ${MODS}; do
- einfo "Installing ${i} ${j} policy package"
- insinto ${BASEDIR}/${i}
- doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
- done
- done
-}
-
-pkg_postinst() {
- # Override the command from the eclass, we need to load in base as well here
- local COMMAND="-i base.pp"
- if has_version "<sys-apps/policycoreutils-2.5"; then
- COMMAND="-b base.pp"
- fi
-
- for i in ${MODS}; do
- COMMAND="${COMMAND} -i ${i}.pp"
- done
-
- for i in ${POLICY_TYPES}; do
- einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
-
- cd /usr/share/selinux/${i}
-
- semodule -s ${i} ${COMMAND}
- done
-
- # Relabel depending packages
- local PKGSET="";
- if [[ -x /usr/bin/qdepends ]] ; then
- PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- elif [[ -x /usr/bin/equery ]] ; then
- PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- fi
- if [[ -n "${PKGSET}" ]] ; then
- rlpkg ${PKGSET};
- fi
-}
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r1.ebuild
index a72df4c245a4..f68a3519c796 100644
--- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r2.ebuild
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180701-r1.ebuild
@@ -10,9 +10,9 @@ if [[ ${PV} == 9999* ]]; then
inherit git-r3
else
- SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2
+ SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2
https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
- KEYWORDS="amd64 -arm ~arm64 ~mips x86"
+ KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86"
fi
HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux"
@@ -22,6 +22,7 @@ IUSE="systemd +unconfined"
PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]"
+RDEPEND="$DEPEND"
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg"
LICENSE="GPL-2"
@@ -74,7 +75,7 @@ src_prepare() {
src_compile() {
for i in ${POLICY_TYPES}; do
- emake NAME=$i -C "${S}"/${i} || die "${i} compile failed"
+ emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed"
done
}
@@ -91,6 +92,12 @@ src_install() {
}
pkg_postinst() {
+ # Set root path and don't load policy into the kernel when cross compiling
+ local root_opts=""
+ if [[ "${ROOT%/}" != "" ]]; then
+ root_opts="-p ${ROOT%/} -n"
+ fi
+
# Override the command from the eclass, we need to load in base as well here
local COMMAND="-i base.pp"
if has_version "<sys-apps/policycoreutils-2.5"; then
@@ -104,19 +111,22 @@ pkg_postinst() {
for i in ${POLICY_TYPES}; do
einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
- cd /usr/share/selinux/${i}
+ cd "${ROOT%/}/usr/share/selinux/${i}"
- semodule -s ${i} ${COMMAND}
+ semodule ${root_opts} -s ${i} ${COMMAND}
done
- # Relabel depending packages
- local PKGSET="";
- if [[ -x /usr/bin/qdepends ]] ; then
- PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- elif [[ -x /usr/bin/equery ]] ; then
- PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- fi
- if [[ -n "${PKGSET}" ]] ; then
- rlpkg ${PKGSET};
+ # Don't relabel when cross compiling
+ if [[ "${ROOT%/}" == "" ]]; then
+ # Relabel depending packages
+ local PKGSET="";
+ if [[ -x /usr/bin/qdepends ]] ; then
+ PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ elif [[ -x /usr/bin/equery ]] ; then
+ PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ fi
+ if [[ -n "${PKGSET}" ]] ; then
+ rlpkg ${PKGSET};
+ fi
fi
}
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild
index b2976ccee54b..f68a3519c796 100644
--- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild
@@ -10,7 +10,7 @@ if [[ ${PV} == 9999* ]]; then
inherit git-r3
else
- SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2
+ SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2
https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86"
fi