diff options
| author |   Sven Vermeulen <swift@gentoo.org> | 2013-07-20 21:33:04 +0000 |
|---|---|---|
| committer | Sven Vermeulen <swift@gentoo.org> | 2013-07-20 21:33:04 +0000 |
| commit | 4355bb728d551eba067a115bb8d3c7731787b376 (patch) | |
| tree | f6c0b49ea6e71282342df04efcae72954a7c13b0 /sec-policy/selinux-base-policy | |
| parent | Version bump (diff) | |
| download | historical-4355bb728d551eba067a115bb8d3c7731787b376.tar.gz historical-4355bb728d551eba067a115bb8d3c7731787b376.tar.bz2 historical-4355bb728d551eba067a115bb8d3c7731787b376.zip | |
release rev2
Package-Manager: portage-2.1.12.2/cvs/Linux x86_64
Manifest-Sign-Key: 0xCDBA2FDB
Diffstat (limited to 'sec-policy/selinux-base-policy')
4 files changed, 141 insertions, 8 deletions
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog index 57640801f26f..b09deb4ab2ba 100644 --- a/sec-policy/selinux-base-policy/ChangeLog +++ b/sec-policy/selinux-base-policy/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sec-policy/selinux-base-policy # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.133 2013/06/16 16:23:07 swift Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.134 2013/07/20 21:30:37 swift Exp $ + +*selinux-base-policy-2.20130424-r2 (20 Jul 2013) + + 20 Jul 2013; Sven Vermeulen <swift@gentoo.org> + +selinux-base-policy-2.20130424-r2.ebuild, selinux-base-policy-9999.ebuild: + release rev2 16 Jun 2013; Sven Vermeulen <swift@gentoo.org> selinux-base-policy-2.20130424-r1.ebuild: diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index d638de2b934e..fabf8b70c643 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -11,6 +11,7 @@ DIST patchbundle-selinux-base-policy-2.20120725-r7.tar.bz2 334263 SHA256 f96436d DIST patchbundle-selinux-base-policy-2.20120725-r8.tar.bz2 335267 SHA256 17e5534f966b46ef101e452082d8349636d38e1850cdf55cd7c268e14bdb0124 SHA512 f167e5691a3769d7eb66ddba6a000df860387a3df2cc581df60e924e51495fe94247acfbc9991cd815f05ade747f7806a67c965929fe12994e8b362ab4da15df WHIRLPOOL 533a98fc8860aa8e91d738c2e4d932f2c16dddf02966716649e78d74126bc949524653e0a5443ca6e1e073ae37265ca3b0e28f1ceea510b7adfd510cf3167ac4 DIST patchbundle-selinux-base-policy-2.20120725-r9.tar.bz2 426009 SHA256 7abc4939838f69ad26100dc5f43358c5d9465db78acb0d343f59d59a02160591 SHA512 819075bb38f5a05f8eb1bb76157f911be5b71bb02d4789369e09b134241a9f776e660d02cea1cd2f5aae7aa93cfbc25cd3abe42fb1f9e4ccd9fdff8e6a45babe WHIRLPOOL 4ba77ea6e18f090d1e8a9d382adf28378d54bc5a6e1477733b46a3eef337b8159d5bdf702264aa54b3cb0881f1756790da906806d6fa5382424de95aeb864cec DIST patchbundle-selinux-base-policy-2.20130424-r1.tar.bz2 249865 SHA256 a2f6d0ed3c02839cf71f7f3b75d52fd2182e1a929107e8c4dced0f5a4e01ddae SHA512 71f99b3f727be56c98c8e5129362dcdc01361cf3471107de79ce26cb908b059f24db23918b03b6ae52f5f7742a2d5f47e13f428fd1eb41e8c42e8e16b57415b6 WHIRLPOOL 39bd60b23eeda705d083ebc60f048fedb49e70b71b6a56173a656608d9c11adb060d47e66439d4fb53ab6670ffd79e1152586fbc0e6e2601b5e5b19fe06e2f83 +DIST patchbundle-selinux-base-policy-2.20130424-r2.tar.bz2 250772 SHA256 d7965b0c876a4b217cab35fcc4b709621d0e02ad21d7fed74fb588ea3125f06a SHA512 822f5c7905162e891989a43fd366f947bf1e34926d9eec6b2f2519348fa8430ae1c66914481973cac2ac128411dfa1ca9e3e9336c45bc1121fd8e83e9079ab14 WHIRLPOOL 1d213b77b87ad180da8bbda88aaf3e4bd7da14b397debc5df0696a7b6c28a72fceda600b1a62e17ada8dde8fcbace4e83f36e6b5a4da2cd11e38c92b46fb1a1d DIST refpolicy-2.20120725.tar.bz2 594120 SHA256 7cd46ed908a4001368e6509d93e306ec6c9af2bfa6b70db88c9eaaefe257c635 SHA512 9cbe27fe30460c018da2bb3d94f321d656a259bf4f2e7ce6c2b015d02b5801de8a68c765c154c30ba5abf4f986957c9f303fc95b453f53db4fc4040443512333 WHIRLPOOL 107c10e89e99a3c63f8a806989e869dffd5baca1b9e41e2b02b12067a796d11abc87ac41a9c44a44a61215ed36df127f79e045b00cfb67d3c5318a766ff78b89 DIST refpolicy-2.20130424.tar.bz2 649845 SHA256 6039ba854f244a39dc727cc7db25632f7b933bb271c803772d754d4354f5aef4 SHA512 82ab38bc3425eb4b7d50c42564ebc28603e32e6f3266da164502f0cdc3a2f6bfe457518297824cb78f6f94211f9823fbc7254bb9e1d9df1cc7f284d326299705 WHIRLPOOL ba7539261a072d33e34afb940a1899ccdb2493c3b11eea3b166b9eb565478fd93cf580d09ef016f799a5dd5a4452086a623f9b3f38fbfb9a812e6e31bcd68e25 EBUILD selinux-base-policy-2.20120725-r10.ebuild 3586 SHA256 564ffc8d5c4bfd60a8536f4b20b4c108214667c60dbeca576f248b32f5c458ed SHA512 9418fbba308556b6036877c7692d0bb20260745d0f6efe9b59ff4cd896a380df8c86ccfca77f051962c480d7ee0b153e752498c24c020b3fb7b83938583e1fcf WHIRLPOOL 7774af44be6ffcbf59adb11c94a03f6f91cf66a44a25647e5ba02738cfc53732d8838c62ce9d3cec668ecf07339fe96944d84aab47d1c541328c4c16e2d5cb55 @@ -21,13 +22,14 @@ EBUILD selinux-base-policy-2.20120725-r7.ebuild 3823 SHA256 fb9eb84a21543251a924 EBUILD selinux-base-policy-2.20120725-r8.ebuild 3807 SHA256 0c5f2ad8645ef1db0b5e8070e0d22745f241e67dc8e2b2ce975df9cc96d0d40f SHA512 8bed09b7afa36c19c07408ea918c9177dbd192df706388475285d66b7ba6d0b28e722cec1bf187dc500c12c6cbbed2502e5b047f79f0a2627854f0f857d7d62f WHIRLPOOL 1e5d4c004a959aa279fa7d30b42ead52663c60b8d51852542fb686ae4e42a69cef31dba3a9761c8cb9f1747b57bc51ed7ed07bec7840012166e7060d4e51ea7b EBUILD selinux-base-policy-2.20120725-r9.ebuild 3585 SHA256 0363110682e900cfde72c7b7297bc64c4261e5aab1c91b016d6ad5d66336c5f8 SHA512 9a3a5efaeef8718a23328b72c91e393156c772a34853dabf7ee858cf1824570c71136150c53422d4000a1d48b9811e79fc477867c7840e1c714caa7d0e9198f4 WHIRLPOOL d83c300cd37711761a2a1b27771eb0393c3b7a6aa89737b52e35b6691189f4ff2261ebada571c7b4f2458f83ceb57e21f85dee1c1129e68e18f9e88da9c78581 EBUILD selinux-base-policy-2.20130424-r1.ebuild 3834 SHA256 81911c283724800ea06562f0feaaecd0918b64b6f16c972a86ff1d340ab5431f SHA512 1b7b33d62f74942976afc3ffe0771d0996d6669192277675d0d6ace354f2aa598da0a84f92eb4b17b490c7b95ee261e3b3f725ccb86e2737724473a93caaac9f WHIRLPOOL ffe1a6b45da1f7ce3497040760845d7fec3f1961bd088c974a51393310250f96095e02358b381b8248ec76cbd684e16c3431bbc49bb6db7e1dd5f12d4aa0a9fc -EBUILD selinux-base-policy-9999.ebuild 3448 SHA256 ebf2a625d1d6e0de05c68063b4c7deb0943f9771a1bbf524afd3f5a4c571c3f4 SHA512 15a9ad63a7b186458786c5edb24e16c1f4d341975539a68aa8cde50e4a9426dd0e5756f5ded8e96b696d6d16bd4dbd09537bb7dd925ac4eefccf794020f7f7dc WHIRLPOOL b73c73510a5658fea75c43ffb84c58afc4c320ba65291e99eb30b3dd471f38c92325ec8781ee5ead1ee5b0b754eedb2414319d6557a37fbf6c7c13765d020877 -MISC ChangeLog 29961 SHA256 344721e0824e8f843a160cc31427dd7c8da97e438cc64e165c79496640e109cb SHA512 7e7b85fc82934f55815f0dfa17ff122e0ffc8b3d7ecf8c48eaed2af642dd158ffb9a0b4d92f6a8408edfdae8c3f61d618aecc981e6ec8f90eddb0f2b238f6325 WHIRLPOOL c9e11e72909de0f99234737f2d59eea79971a79d4ed824d1195ef1ab46d0e4a09e6e42de989e33858a480619b51be47010fdebc4d68dd4079c6412531cad360f +EBUILD selinux-base-policy-2.20130424-r2.ebuild 3844 SHA256 828502f27172dd356b9404958129b50f5e2f99ff86cf317fa34c313de6cd9d21 SHA512 10f75597495bd59cb8bcea904616436d54cb6979c505e07467c7a6c2fbe2d05eaa52cd89312a3425bca1889e394bf200d826ec6ab05c0c6eceb0e8564ab2e7df WHIRLPOOL 9d58382db2a654e87f06ebfb94cd9743faf35214e0d966179e2b66414812125621c1d1dec7992cf8edc51add838ac626bc9d99458b24c2d6455638a860679acb +EBUILD selinux-base-policy-9999.ebuild 3456 SHA256 af2b7bed584ea40d6a5fae8d16b301a38fbad2b1e170a9104081aeb69f124b10 SHA512 73519926a5556a0c53fefb5eca2a530a1924fbaf5583eb5ffa745aef2ec5f7a319b6e4dcd03902d551d2b286653145ff5c6beed3c00c5c891bacade2b5c6b3b4 WHIRLPOOL e6fe306db8eb6b637cc8e27e75413ee534da55483ad3fee5062168cba90e509292847b3d5bbe266e35fe9b007441571d452e97c45431cf9d5cba81a523080152 +MISC ChangeLog 30154 SHA256 0623dff45d019d4c48d8eeced05d3845020055bf312ae3429885c53b32806cbb SHA512 2677b401ca76ea330c00e42a7f350b7f188bf257f4100eeba5bf514b953fd775a6a370c0a2d815b1c6cd8b17c232b9f9f26c3c7a6bba26cf27ce3e651a4aa2dd WHIRLPOOL 6f79612318b539405a09607b3ffbcc3f4baee62c5338e007624083d13e427026cd58078647fcd83195078ab41ba977a15b3308fed5a266f8ad27e523b686ecd1 MISC metadata.xml 448 SHA256 4babd5e53785136aa79ee0737a89af1fc49c4fc144aba0f6163d6f85215f57e2 SHA512 7e747c9dbae3eaee62a284824a68039961264540e0633e617aaabaeef2e83f4623863d29ee26c2e4738ac706d3824914f530f8e2b990ac7f06aa8f6e4cae9964 WHIRLPOOL 733957f76ca89c6fdd08060a368048276247994db56cf8325e69b896a07dc5e576ca124f3190079b169ec078a2e69156d4b12e6c6cc94328248705779f357bc4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) -iEYEAREIAAYFAlG95jIACgkQXfqz7M26L9vbKwCfd+LC75SQya1qBbCrvuwNUO5x -1aQAn1yqi56mI5OSd2Zto6fWExK2GB3T -=fZ7T +iEYEAREIAAYFAlHrAbkACgkQXfqz7M26L9t07QCfZJxppEAexwEedMbzKG94L+t0 +posAnROfx3MIB1NwxN5quny6W7bJhTkR +=nkoa -----END PGP SIGNATURE----- diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r2.ebuild new file mode 100644 index 000000000000..91a003999c76 --- /dev/null +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r2.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r2.ebuild,v 1.1 2013/07/20 21:30:37 swift Exp $ +EAPI="4" + +inherit eutils + +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +DESCRIPTION="SELinux policy for core modules" + +IUSE="+unconfined" +BASEPOL="2.20130424-r2" + +RDEPEND=">=sec-policy/selinux-base-${PVR}" +PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" +DEPEND="" +SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 + http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2" +KEYWORDS="~amd64 ~x86" + +MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg" +LICENSE="GPL-2" +SLOT="0" +S="${WORKDIR}/" +PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2" + +# Code entirely copied from selinux-eclass (cannot inherit due to dependency on +# itself), when reworked reinclude it. Only postinstall (where -b base.pp is +# added) needs to remain then. + +pkg_pretend() { + for i in ${POLICY_TYPES}; do + if [[ "${i}" == "targeted" ]] && ! use unconfined; then + die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." + fi + done +} + +src_prepare() { + local modfiles + + # Patch the sources with the base patchbundle + if [[ -n ${BASEPOL} ]]; + then + cd "${S}" + EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ + EPATCH_SUFFIX="patch" \ + EPATCH_SOURCE="${WORKDIR}" \ + EPATCH_FORCE="yes" \ + epatch + fi + + # Apply the additional patches refered to by the module ebuild. + # But first some magic to differentiate between bash arrays and strings + if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]]; + then + cd "${S}/refpolicy/policy/modules" + for POLPATCH in "${POLICY_PATCH[@]}"; + do + epatch "${POLPATCH}" + done + else + if [[ -n ${POLICY_PATCH} ]]; + then + cd "${S}/refpolicy/policy/modules" + for POLPATCH in ${POLICY_PATCH}; + do + epatch "${POLPATCH}" + done + fi + fi + + # Calling user patches + epatch_user + + # Collect only those files needed for this particular module + for i in ${MODS}; do + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" + done + + for i in ${POLICY_TYPES}; do + mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" + cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ + || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" + + cp ${modfiles} "${S}"/${i} \ + || die "Failed to copy the module files to ${S}/${i}" + done +} + +src_compile() { + for i in ${POLICY_TYPES}; do + # Parallel builds are broken, so we need to force -j1 here + emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed" + done +} + +src_install() { + local BASEDIR="/usr/share/selinux" + + for i in ${POLICY_TYPES}; do + for j in ${MODS}; do + einfo "Installing ${i} ${j} policy package" + insinto ${BASEDIR}/${i} + doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" + done + done +} + +pkg_postinst() { + # Override the command from the eclass, we need to load in base as well here + local COMMAND + for i in ${MODS}; do + COMMAND="-i ${i}.pp ${COMMAND}" + done + + for i in ${POLICY_TYPES}; do + einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" + + cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}" + + semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store" + done +} diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild index f65d8dcb0dc8..ca15abf27742 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild,v 1.6 2013/05/07 09:22:57 swift Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild,v 1.7 2013/07/20 21:30:37 swift Exp $ EAPI="4" inherit eutils git-2 @@ -18,7 +18,7 @@ EGIT_REPO_URI="git://git.overlays.gentoo.org/proj/hardened-refpolicy.git" EGIT_SOURCEDIR="${WORKDIR}/refpolicy" KEYWORDS="" -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg" +MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg" LICENSE="GPL-2" SLOT="0" S="${WORKDIR}/" |