From f1af93971b7490792d8541bc790e0d8c6d787059 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Fri, 6 Sep 2019 10:28:05 +0100
Subject: gentoo resync : 06.08.2019

---
 sys-libs/libselinux/Manifest                       |   4 +-
 ...Use-Python-distutils-to-install-SELinux-p.patch | 205 +++++++++++++++++++++
 sys-libs/libselinux/libselinux-2.9-r1.ebuild       | 157 ++++++++++++++++
 sys-libs/libselinux/libselinux-2.9.ebuild          |   4 +-
 4 files changed, 367 insertions(+), 3 deletions(-)
 create mode 100644 sys-libs/libselinux/files/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch
 create mode 100644 sys-libs/libselinux/libselinux-2.9-r1.ebuild

(limited to 'sys-libs/libselinux')

diff --git a/sys-libs/libselinux/Manifest b/sys-libs/libselinux/Manifest
index 448577b25480..a668cdec05f0 100644
--- a/sys-libs/libselinux/Manifest
+++ b/sys-libs/libselinux/Manifest
@@ -1,6 +1,8 @@
+AUX 0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch 8172 BLAKE2B 3c301b206a809311fd7eb1eb35b3925c064731146e35702b7dab5b47f41cb2a61723db7243d67caf4ce317f3b4ca2d1a999b0533e0185c44b2892e72d8cf8bb0 SHA512 287e82b5888f973bc3545b1777d9baa33965fb2bb3810834871b6843b163d11e4dacde9a7361088f715f70947e9087de89331b0b35dec1e37bddd523e5a12c1b
 DIST libselinux-2.8.tar.gz 187759 BLAKE2B 1e0e1a5aa2230fd6080e921efe871e97fa9412176b72a0c9721f60c6190459e508644fa3370f3b5f513f088428844c7c615cda4567990ddee91c13e1ee88f9ed SHA512 2f15d08888fbef9b0cf7bf01893b513edc6738974e2d0eab7e3f79cef9be79cf966742b0d2693b5d2ec7defddb5f4d6c6f6280be9d4158ed41f7a18d50b9f019
 DIST libselinux-2.9.tar.gz 211546 BLAKE2B 5b06b922690e48924865c98ed34ebfc1ce5e30e78dbeaccb6b9c931a35bed113c030f8f8575084429fe13b91aeafc73abaa24fe609a17ba54c8472d783f6ac61 SHA512 727b211d09f374d45aa3fa4dec7fd5463dfdcf5aaa47f7fcaccee51fb74896c3aa1a6f0bac9cdd47ebe4929effff13f66f5f70447b27b783dca5f7b1576d30d0
 EBUILD libselinux-2.8-r1.ebuild 4185 BLAKE2B 215867146c515772f63c579ac9d3cb5e65b6493da8bcc5abf641aa1fb5e63d966c4c59ac0ed1e27c92834983bce308fa8c032f4da395c1857bbb317e0cce20ff SHA512 979454cea09f81e3b63ff62672deebb8b3dce3192ff27c6abb3382058182994c9de90e8660b421d1c671b87366588163f6b507de24b7ee5a8db4b78d6bc4a289
-EBUILD libselinux-2.9.ebuild 4168 BLAKE2B 3d6730ec0aca0a71dd050ab16975e94a2f7489f138374a9d8ad0f05f63d0b8dec5612ef4b60d56568d8635ba4d2220b7af184976a717aa28fc92967478e87830 SHA512 be33345efd9c20f91fd20acd8389fde057c0381dda2b1bd9bf15b0a17ec9868cfd932e5af87f5e4c69214450d016e8b1d6e3327bd200495e1d80cebfd5f106ac
+EBUILD libselinux-2.9-r1.ebuild 4257 BLAKE2B fdebf286772e557341bc0be3a893cfd3fc9ef4681f4a586f977fdf4dbcaafc0923ea3085a106cfccbf793ba11bd2ce06e88ff133477e93908268cfb02da342d5 SHA512 37e8ad4cb92d059841232e7bcfe6170b7ae3a11d1daba18df540604912e6211d899bfce577908540eba0e6b80bbf000a3121f91eca089b0b8f7070f5aaad3f7c
+EBUILD libselinux-2.9.ebuild 4166 BLAKE2B 820eebc2087a9731775a43fe7d8b34b692369e11419867a66e68ecd78a61608c8716d43ef390d8e4d39360dfb97e0e317e3ed24c7ab6a7bd2db4f5928c5ed59d SHA512 d575fa59d838a18e827d489c9a9212128e5f9c07eaa90ecaecc3a24565b467220893074149818f907b87611ca02595ac175bb98f8d30bc12616f56b08f7fb11e
 EBUILD libselinux-9999.ebuild 4170 BLAKE2B e23a62ba8d06085e9bc2b5ea42e84637a503b243332c78d0429d407a49a482dc966b669ff061dc9f58895efe54ec423f175312d9081c5ccbe2760cf0e529f434 SHA512 c100b626adec06317ecefe13954a846f4d8d7c537e48bd39c7945231d0f5041a9db63d543e341b2ef7fbe751049856c64a2f8a398d1ed6ea099b73a4935ed711
 MISC metadata.xml 676 BLAKE2B 530269a4d717ef305f4b15fe02c54e26f6acb9d73d6c7ac6ecd1f947712912f98120820a362e7cdc8e17019e88bc9c30162d54002bdea6facb2c41931e9c54f2 SHA512 7b33e0d113637a129a7894d8720feb9024d67466b86d475fbc3398f514b2ecc28c70dc759952376208d2022a00658eb120fc3561edbb9c7ecdc4404bed5f57a7
diff --git a/sys-libs/libselinux/files/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch b/sys-libs/libselinux/files/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch
new file mode 100644
index 000000000000..896876a00d6b
--- /dev/null
+++ b/sys-libs/libselinux/files/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch
@@ -0,0 +1,205 @@
+From 2efa06857575e4118e91ca250b6b92da68b130d5 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Fri, 7 Jun 2019 17:35:44 +0200
+Subject: [PATCH] libselinux: Use Python distutils to install SELinux python
+ bindings
+
+Follow officially documented way how to build C extension modules using
+distutils - https://docs.python.org/3.8/extending/building.html#building
+
+Fixes:
+
+- selinux python module fails to load when it's built using SWIG-4.0:
+
+>>> import selinux
+Traceback (most recent call last):
+  File "<stdin>", line 1, in <module>
+  File "/usr/lib64/python3.7/site-packages/selinux/__init__.py", line 13, in <module>
+    from . import _selinux
+ImportError: cannot import name '_selinux' from 'selinux' (/usr/lib64/python3.7/site-packages/selinux/__init__.py)
+
+SWIG-4.0 changed (again?) its behavior so that it uses: from . import _selinux
+which looks for _selinux module in the same directory as where __init__.py is -
+$(PYLIBDIR)/site-packages/selinux. But _selinux module is installed into
+$(PYLIBDIR)/site-packages/ since a9604c30a5e2f ("libselinux: Change the location
+of _selinux.so").
+
+- audit2why python module fails to build with Python 3.8
+
+cc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -DOVERRIDE_GETTID=0 -I../include -D_GNU_SOURCE -DDISABLE_RPM -DNO_ANDROID_BACKEND -DUSE_PCRE2 -DPCRE2_CODE_UNIT_WIDTH=8  -Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -L. -shared -o python-3.8audit2why.so python-3.8audit2why.lo -lselinux -l:libsepol.a  -Wl,-soname,audit2why.so,--version-script=audit2why.map,-z,defs
+/usr/bin/ld: python-3.8audit2why.lo: in function `finish':
+/builddir/build/BUILD/libselinux-2.9/src/audit2why.c:166: undefined reference to `PyArg_ParseTuple'
+/usr/bin/ld: python-3.8audit2why.lo: in function `_Py_INCREF':
+/usr/include/python3.8/object.h:449: undefined reference to `_Py_NoneStruct'
+/usr/bin/ld: /usr/include/python3.8/object.h:449: undefined reference to `_Py_NoneStruct'
+/usr/bin/ld: python-3.8audit2why.lo: in function `check_booleans':
+/builddir/build/BUILD/libselinux-2.9/src/audit2why.c:84: undefined reference to `PyExc_RuntimeError'
+...
+
+It's related to the following Python change
+https://docs.python.org/dev/whatsnew/3.8.html#debug-build-uses-the-same-abi-as-release-build
+
+Python distutils adds correct link options automatically.
+
+- selinux python module doesn't provide any Python metadata
+
+When selinux python module was built manually, it didn't provide any metadata.
+distutils takes care about that so that selinux Python module is visible for
+pip:
+
+$ pip3 list | grep selinux
+selinux              2.9
+
+Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
+---
+ libselinux/src/.gitignore |  2 +-
+ libselinux/src/Makefile   | 36 ++++++++----------------------------
+ libselinux/src/setup.py   | 24 ++++++++++++++++++++++++
+ 3 files changed, 33 insertions(+), 29 deletions(-)
+ create mode 100644 libselinux/src/setup.py
+
+diff --git libselinux/src/.gitignore libselinux/src/.gitignore
+index 4dcc3b3b..428afe5a 100644
+--- libselinux/src/.gitignore
++++ libselinux/src/.gitignore
+@@ -1,4 +1,4 @@
+ selinux.py
+-selinuxswig_wrap.c
++selinuxswig_python_wrap.c
+ selinuxswig_python_exception.i
+ selinuxswig_ruby_wrap.c
+diff --git libselinux/src/Makefile libselinux/src/Makefile
+index e9ed0383..2b1696a0 100644
+--- libselinux/src/Makefile
++++ libselinux/src/Makefile
+@@ -36,7 +36,7 @@ TARGET=libselinux.so
+ LIBPC=libselinux.pc
+ SWIGIF= selinuxswig_python.i selinuxswig_python_exception.i
+ SWIGRUBYIF= selinuxswig_ruby.i
+-SWIGCOUT= selinuxswig_wrap.c
++SWIGCOUT= selinuxswig_python_wrap.c
+ SWIGPYOUT= selinux.py
+ SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
+ SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT))
+@@ -55,7 +55,7 @@ ifeq ($(LIBSEPOLA),)
+         LDLIBS_LIBSEPOLA := -l:libsepol.a
+ endif
+ 
+-GENERATED=$(SWIGCOUT) $(SWIGRUBYCOUT) selinuxswig_python_exception.i
++GENERATED=$(SWIGCOUT) $(SWIGRUBYCOUT) $(SWIGCOUT) selinuxswig_python_exception.i
+ SRCS= $(filter-out $(GENERATED) audit2why.c, $(sort $(wildcard *.c)))
+ 
+ MAX_STACK_SIZE=32768
+@@ -125,25 +125,18 @@ DISABLE_FLAGS+= -DNO_ANDROID_BACKEND
+ SRCS:= $(filter-out label_backends_android.c, $(SRCS))
+ endif
+ 
+-SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./ $(DISABLE_FLAGS)
+-
+ SWIGRUBY = swig -Wall -ruby -o $(SWIGRUBYCOUT) -outdir ./ $(DISABLE_FLAGS)
+ 
+ all: $(LIBA) $(LIBSO) $(LIBPC)
+ 
+-pywrap: all $(SWIGFILES) $(AUDIT2WHYSO)
++pywrap: all selinuxswig_python_exception.i
++	CFLAGS="$(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) setup.py build_ext -I $(DESTDIR)$(INCLUDEDIR) -L $(DESTDIR)$(LIBDIR)
+ 
+ rubywrap: all $(SWIGRUBYSO)
+ 
+-$(SWIGLOBJ): $(SWIGCOUT)
+-	$(CC) $(CFLAGS) $(SWIG_CFLAGS) $(PYINC) -fPIC -DSHARED -c -o $@ $<
+-
+ $(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
+ 	$(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $<
+ 
+-$(SWIGSO): $(SWIGLOBJ)
+-	$(CC) $(CFLAGS) $(LDFLAGS) -L. -shared -o $@ $< -lselinux $(PYLIBS)
+-
+ $(SWIGRUBYSO): $(SWIGRUBYLOBJ)
+ 	$(CC) $(CFLAGS) $(LDFLAGS) -L. -shared -o $@ $^ -lselinux $(RUBYLIBS)
+ 
+@@ -161,29 +154,15 @@ $(LIBPC): $(LIBPC).in ../VERSION
+ selinuxswig_python_exception.i: ../include/selinux/selinux.h
+ 	bash -e exception.sh > $@ || (rm -f $@ ; false)
+ 
+-$(AUDIT2WHYLOBJ): audit2why.c
+-	$(CC) $(filter-out -Werror, $(CFLAGS)) $(PYINC) -fPIC -DSHARED -c -o $@ $<
+-
+-$(AUDIT2WHYSO): $(AUDIT2WHYLOBJ) $(LIBSEPOLA)
+-	$(CC) $(CFLAGS) $(LDFLAGS) -L. -shared -o $@ $^ -lselinux $(LDLIBS_LIBSEPOLA) $(PYLIBS) -Wl,-soname,audit2why.so,--version-script=audit2why.map,-z,defs
+-
+ %.o:  %.c policy.h
+ 	$(CC) $(CFLAGS) $(TLSFLAGS) -c -o $@ $<
+ 
+ %.lo:  %.c policy.h
+ 	$(CC) $(CFLAGS) -fPIC -DSHARED -c -o $@ $<
+ 
+-$(SWIGCOUT): $(SWIGIF)
+-	$(SWIG) $<
+-
+-$(SWIGPYOUT): $(SWIGCOUT)
+-
+ $(SWIGRUBYCOUT): $(SWIGRUBYIF)
+ 	$(SWIGRUBY) $<
+ 
+-swigify: $(SWIGIF)
+-	$(SWIG) $<
+-
+ install: all 
+ 	test -d $(DESTDIR)$(LIBDIR) || install -m 755 -d $(DESTDIR)$(LIBDIR)
+ 	install -m 644 $(LIBA) $(DESTDIR)$(LIBDIR)
+@@ -194,10 +173,9 @@ install: all
+ 	ln -sf --relative $(DESTDIR)$(SHLIBDIR)/$(LIBSO) $(DESTDIR)$(LIBDIR)/$(TARGET)
+ 
+ install-pywrap: pywrap
+-	test -d $(DESTDIR)$(PYTHONLIBDIR)/selinux || install -m 755 -d $(DESTDIR)$(PYTHONLIBDIR)/selinux
+-	install -m 755 $(SWIGSO) $(DESTDIR)$(PYTHONLIBDIR)/_selinux$(PYCEXT)
+-	install -m 755 $(AUDIT2WHYSO) $(DESTDIR)$(PYTHONLIBDIR)/selinux/audit2why$(PYCEXT)
++	$(PYTHON) setup.py install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR)`
+ 	install -m 644 $(SWIGPYOUT) $(DESTDIR)$(PYTHONLIBDIR)/selinux/__init__.py
++	ln -sf --relative $(DESTDIR)$(PYTHONLIBDIR)/selinux/_selinux$(PYCEXT) $(DESTDIR)$(PYTHONLIBDIR)/_selinux$(PYCEXT)
+ 
+ install-rubywrap: rubywrap
+ 	test -d $(DESTDIR)$(RUBYINSTALL) || install -m 755 -d $(DESTDIR)$(RUBYINSTALL) 
+@@ -208,6 +186,8 @@ relabel:
+ 
+ clean-pywrap:
+ 	-rm -f $(SWIGLOBJ) $(SWIGSO) $(AUDIT2WHYLOBJ) $(AUDIT2WHYSO)
++	$(PYTHON) setup.py clean
++	-rm -rf build *~ \#* *pyc .#*
+ 
+ clean-rubywrap:
+ 	-rm -f $(SWIGRUBYLOBJ) $(SWIGRUBYSO)
+diff --git libselinux/src/setup.py libselinux/src/setup.py
+new file mode 100644
+index 00000000..4dc03f55
+--- /dev/null
++++ libselinux/src/setup.py
+@@ -0,0 +1,24 @@
++#!/usr/bin/python3
++
++from distutils.core import Extension, setup
++
++setup(
++    name="selinux",
++    version="2.9",
++    description="SELinux python 3 bindings",
++    author="SELinux Project",
++    author_email="selinux@vger.kernel.org",
++    ext_modules=[
++        Extension('selinux._selinux',
++                  sources=['selinuxswig_python.i'],
++                  include_dirs=['../include'],
++                  library_dirs=['.'],
++                  libraries=['selinux']),
++        Extension('selinux.audit2why',
++                  sources=['audit2why.c'],
++                  include_dirs=['../include'],
++                  library_dirs=['.'],
++                  libraries=['selinux'],
++                  extra_link_args=['-l:libsepol.a', '-Wl,--version-script=audit2why.map'])
++    ],
++)
+-- 
+2.21.0
+
diff --git a/sys-libs/libselinux/libselinux-2.9-r1.ebuild b/sys-libs/libselinux/libselinux-2.9-r1.ebuild
new file mode 100644
index 000000000000..0a941fc9a829
--- /dev/null
+++ b/sys-libs/libselinux/libselinux-2.9-r1.ebuild
@@ -0,0 +1,157 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+PYTHON_COMPAT=( python2_7 python3_5 python3_6 python3_7 )
+USE_RUBY="ruby24 ruby25"
+
+# No, I am not calling ruby-ng
+inherit multilib python-r1 toolchain-funcs multilib-minimal
+
+MY_P="${P//_/-}"
+SEPOL_VER="${PV}"
+MY_RELEASEDATE="20190315"
+
+DESCRIPTION="SELinux userland library"
+HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
+
+if [[ ${PV} == 9999 ]] ; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
+	S="${WORKDIR}/${MY_P}/${PN}"
+else
+	SRC_URI="https://github.com/SELinuxProject/selinux/releases/download/${MY_RELEASEDATE}/${MY_P}.tar.gz"
+	KEYWORDS="~amd64 ~arm ~arm64 ~mips ~x86"
+	S="${WORKDIR}/${MY_P}"
+fi
+
+LICENSE="public-domain"
+SLOT="0"
+IUSE="pcre2 python ruby static-libs ruby_targets_ruby24 ruby_targets_ruby25"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+
+RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}:=[${MULTILIB_USEDEP}]
+	!pcre2? ( >=dev-libs/libpcre-8.33-r1:=[static-libs?,${MULTILIB_USEDEP}] )
+	pcre2? ( dev-libs/libpcre2:=[static-libs?,${MULTILIB_USEDEP}] )
+	python? ( ${PYTHON_DEPS} )
+	ruby? (
+		ruby_targets_ruby24? ( dev-lang/ruby:2.4 )
+		ruby_targets_ruby25? ( dev-lang/ruby:2.5 )
+	)
+	elibc_musl? ( sys-libs/fts-standalone )"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	python? ( >=dev-lang/swig-2.0.9 )
+	ruby? ( >=dev-lang/swig-2.0.9 )"
+PATCHES=(
+	"${FILESDIR}/0001-libselinux-Use-Python-distutils-to-install-SELinux-p.patch"
+)
+
+src_prepare() {
+	default
+
+	multilib_copy_sources
+}
+
+multilib_src_compile() {
+	tc-export AR CC PKG_CONFIG RANLIB
+
+	emake \
+		LIBDIR="\$(PREFIX)/$(get_libdir)" \
+		SHLIBDIR="/$(get_libdir)" \
+		LDFLAGS="-fPIC ${LDFLAGS} -pthread" \
+		USE_PCRE2="$(usex pcre2 y n)" \
+		FTS_LDLIBS="$(usex elibc_musl '-lfts' '')" \
+		all
+
+	if multilib_is_native_abi && use python; then
+		building() {
+			emake \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				FTS_LDLIBS="$(usex elibc_musl '-lfts' '')" \
+				pywrap
+		}
+		python_foreach_impl building
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		building() {
+			einfo "Calling rubywrap for ${1}"
+			# Clean up .lo file to force rebuild
+			rm -f src/selinuxswig_ruby_wrap.lo || die
+			emake \
+				RUBY=${1} \
+				LDFLAGS="-fPIC ${LDFLAGS} -lpthread" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				FTS_LDLIBS="$(usex elibc_musl '-lfts' '')" \
+				rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			building ${RUBYTARGET}
+		done
+	fi
+}
+
+multilib_src_install() {
+	emake DESTDIR="${D}" \
+		LIBDIR="\$(PREFIX)/$(get_libdir)" \
+		SHLIBDIR="/$(get_libdir)" \
+		USE_PCRE2="$(usex pcre2 y n)" \
+		install
+
+	if multilib_is_native_abi && use python; then
+		installation() {
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="/$(get_libdir)" \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-pywrap
+			python_optimize # bug 531638
+		}
+		python_foreach_impl installation
+	fi
+
+	if multilib_is_native_abi && use ruby; then
+		installation() {
+			einfo "Calling install-rubywrap for ${1}"
+			# Forcing (re)build here as otherwise the resulting SO file is used for all ruby versions
+			rm src/selinuxswig_ruby_wrap.lo
+			emake DESTDIR="${D}" \
+				LIBDIR="\$(PREFIX)/$(get_libdir)" \
+				SHLIBDIR="/$(get_libdir)" \
+				RUBY=${1} \
+				USE_PCRE2="$(usex pcre2 y n)" \
+				install-rubywrap
+		}
+		for RUBYTARGET in ${USE_RUBY}; do
+			use ruby_targets_${RUBYTARGET} || continue
+
+			installation ${RUBYTARGET}
+		done
+	fi
+
+	use static-libs || rm "${D}"/usr/lib*/*.a || die
+}
+
+pkg_postinst() {
+	# Fix bug 473502
+	for POLTYPE in ${POLICY_TYPES};
+	do
+		mkdir -p /etc/selinux/${POLTYPE}/contexts/files || die
+		touch /etc/selinux/${POLTYPE}/contexts/files/file_contexts.local || die
+		# Fix bug 516608
+		for EXPRFILE in file_contexts file_contexts.homedirs file_contexts.local ; do
+			if [[ -f "/etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE}" ]]; then
+				sefcontext_compile /etc/selinux/${POLTYPE}/contexts/files/${EXPRFILE} \
+				|| die "Failed to recompile contexts"
+			fi
+		done
+	done
+}
diff --git a/sys-libs/libselinux/libselinux-2.9.ebuild b/sys-libs/libselinux/libselinux-2.9.ebuild
index 8c1c79a1faec..01eb86ea822f 100644
--- a/sys-libs/libselinux/libselinux-2.9.ebuild
+++ b/sys-libs/libselinux/libselinux-2.9.ebuild
@@ -41,8 +41,8 @@ RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}:=[${MULTILIB_USEDEP}]
 	elibc_musl? ( sys-libs/fts-standalone )"
 DEPEND="${RDEPEND}
 	virtual/pkgconfig
-	python? ( >=dev-lang/swig-2.0.9 )
-	ruby? ( >=dev-lang/swig-2.0.9 )"
+	python? ( <dev-lang/swig-4_pre )
+	ruby? ( <dev-lang/swig-4_pre )"
 
 src_prepare() {
 	eapply_user
-- 
cgit v1.2.3