blob: b889f2b52e2a435f3ee286088ae9f9b47a489adb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/policycoreutils-1.22.ebuild,v 1.6 2005/12/15 21:52:54 pebenito Exp $
IUSE="build nls pam"
inherit eutils
EXTRAS_VER="1.12"
SEPOL_VER="1.6"
DESCRIPTION="SELinux core utilities"
HOMEPAGE="http://www.nsa.gov/selinux"
SRC_URI="http://www.nsa.gov/selinux/archives/${P}.tgz
mirror://gentoo/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="x86 ppc sparc amd64 mips"
RDEPEND=">=sys-libs/libselinux-${PV}
=sys-libs/libsepol-${SEPOL_VER}*
!build? ( pam? ( sys-libs/pam ) )
build? ( sys-apps/baselayout )"
DEPEND="${RDEPEND}
!build? ( nls? ( sys-devel/gettext ) )"
S2=${WORKDIR}/policycoreutils-extra
throw_pam_warning() {
# this is an extremely important message that needs to be seen
# thus it being shown at the beginning and end of the ebuild
if ! useq pam; then
eerror "PAM is disabled. This is not a supported config for"
eerror "general use. Disabling PAM decreases security with"
eerror "respect to SELinux protection of authentication."
eerror "It also requires policy changes."
ebeep 4
epause 4
fi
}
pkg_setup() {
throw_pam_warning
}
src_unpack() {
unpack ${A}
cd ${S}
epatch ${FILESDIR}/policycoreutils-1.22-genhomedircon-quiet.diff
# fixfiles is extremely dangerous
sed -i -e '/^all/s/fixfiles//' ${S}/scripts/Makefile \
|| die "fixfiles sed 1 failed"
sed -i -e '/fixfiles/d' ${S}/scripts/Makefile \
|| die "fixfiles sed 2 failed"
if ! useq pam; then
# disable pam
sed -i -e s/-lpam/-lcrypt/ -e s/-lpam_misc// -e s/-DUSE_PAM// \
${S}/run_init/Makefile || die "PAM sed 1 failed"
sed -i -e s/-lpam/-lcrypt/ -e s/-lpam_misc// -e s/-DUSE_PAM// \
${S}/newrole/Makefile || die "PAM sed 2 failed"
sed -i -e s/-lpam/-lcrypt/ -e s/-lpam_misc// -e s/-DUSE_PAM// \
${S2}/src/Makefile || die "PAM sed 3 failed"
fi
if ! useq nls; then
# disable locale stuff
sed -i -e s/-DUSE_NLS// ${S}/run_init/Makefile \
|| die "NLS sed 1 failed"
sed -i -e s/-DUSE_NLS// ${S}/newrole/Makefile \
|| die "NLS sed 2 failed"
sed -i -e s/-DUSE_NLS// ${S}/load_policy/Makefile \
|| die "NLS sed 3 failed"
sed -i -e 's/ po //' ${S}/Makefile \
|| die "NLS sed 4 failed"
fi
# fix up to accept Gentoo CFLAGS
local SUBDIRS="`cd ${S} && find -type d | cut -d/ -f2`"
for i in ${SUBDIRS}; do
sed -i -e "s:-Wall:-Wall ${CFLAGS}:g" ${S}/${i}/Makefile \
|| die "${i} Makefile CFLAGS fix failed."
done
}
src_compile() {
if useq build; then
einfo "Compiling setfiles"
emake -C ${S}/setfiles || die
else
einfo "Compiling policycoreutils"
emake -C ${S} || die
einfo "Compiling policycoreutils-extra"
emake -C ${S2} || die
fi
}
src_install() {
if useq build; then
dosbin ${S}/setfiles/setfiles
else
einfo "Installing policycoreutils"
make DESTDIR="${D}" -C ${S} install || die
einfo "Installing policycoreutils-extra"
make DESTDIR="${D}" -C ${S2} install || die
fi
useq pam || rm -fR ${D}/etc/pam.d
}
pkg_postinst() {
if useq build; then
# need to ensure these
mkdir -p ${ROOT}/selinux
touch ${ROOT}/selinux/.keep
mkdir -p ${ROOT}/sys
touch ${ROOT}/sys/.keep
mkdir -p ${ROOT}/dev/pts
touch ${ROOT}/dev/pts/.keep
chmod 0666 ${ROOT}/dev/{ptmx,tty}
fi
throw_pam_warning
}
|