diff options
| author |   Sven Vermeulen <swift@gentoo.org> | 2013-05-06 14:48:44 +0000 |
|---|---|---|
| committer | Sven Vermeulen <swift@gentoo.org> | 2013-05-06 14:48:44 +0000 |
| commit | e6cecf704d1ab7374bfad9c953b9f1016e3badf4 (patch) | |
| tree | 0e66814319952dbcb32a349bce2cee740efcb0c4 /sec-policy/selinux-base-policy | |
| parent | removed old (unavailable) versions of spotify (diff) | |
| download | historical-e6cecf704d1ab7374bfad9c953b9f1016e3badf4.tar.gz historical-e6cecf704d1ab7374bfad9c953b9f1016e3badf4.tar.bz2 historical-e6cecf704d1ab7374bfad9c953b9f1016e3badf4.zip | |
Push out 20130424 policies
Package-Manager: portage-2.1.11.62/cvs/Linux x86_64
Manifest-Sign-Key: 0xCDBA2FDB
Diffstat (limited to 'sec-policy/selinux-base-policy')
| -rw-r--r-- | sec-policy/selinux-base-policy/ChangeLog | 8 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/Manifest | 11 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild | 122 |
3 files changed, 136 insertions, 5 deletions
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog index 362f441b49b9..8f8a8ff5a200 100644 --- a/sec-policy/selinux-base-policy/ChangeLog +++ b/sec-policy/selinux-base-policy/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sec-policy/selinux-base-policy # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.130 2013/03/29 10:59:47 swift Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.131 2013/05/06 14:46:54 swift Exp $ + +*selinux-base-policy-2.20130424-r1 (06 May 2013) + + 06 May 2013; Sven Vermeulen <swift@gentoo.org> + +selinux-base-policy-2.20130424-r1.ebuild: + Adding 20130424 release 29 Mar 2013; Sven Vermeulen <swift@gentoo.org> selinux-base-policy-9999.ebuild: diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index 13cc037b12b6..508ea74db7d6 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -10,7 +10,9 @@ DIST patchbundle-selinux-base-policy-2.20120725-r5.tar.bz2 46546 SHA256 ac46f21f DIST patchbundle-selinux-base-policy-2.20120725-r7.tar.bz2 334263 SHA256 f96436d819f6905c8f604488d309795874eb0fa884933c706851b4021a8c158a SHA512 9a17101e2a623e171f9ae203b1892801873f60c64be5a06077b04c1c7edb7c0639f4943c67f9df5f5790fde9d7f1456cd06b849ecd5915ce849353d6069dac6e WHIRLPOOL cd0b8f412c4b64a561d563a1132f986254d9c7d895772d2977988a8c7fb8dd41c53b5d7f2a69d99db85916c00a6de9eb9a35231ca4bd8759c86a58891e070705 DIST patchbundle-selinux-base-policy-2.20120725-r8.tar.bz2 335267 SHA256 17e5534f966b46ef101e452082d8349636d38e1850cdf55cd7c268e14bdb0124 SHA512 f167e5691a3769d7eb66ddba6a000df860387a3df2cc581df60e924e51495fe94247acfbc9991cd815f05ade747f7806a67c965929fe12994e8b362ab4da15df WHIRLPOOL 533a98fc8860aa8e91d738c2e4d932f2c16dddf02966716649e78d74126bc949524653e0a5443ca6e1e073ae37265ca3b0e28f1ceea510b7adfd510cf3167ac4 DIST patchbundle-selinux-base-policy-2.20120725-r9.tar.bz2 426009 SHA256 7abc4939838f69ad26100dc5f43358c5d9465db78acb0d343f59d59a02160591 SHA512 819075bb38f5a05f8eb1bb76157f911be5b71bb02d4789369e09b134241a9f776e660d02cea1cd2f5aae7aa93cfbc25cd3abe42fb1f9e4ccd9fdff8e6a45babe WHIRLPOOL 4ba77ea6e18f090d1e8a9d382adf28378d54bc5a6e1477733b46a3eef337b8159d5bdf702264aa54b3cb0881f1756790da906806d6fa5382424de95aeb864cec +DIST patchbundle-selinux-base-policy-2.20130424-r1.tar.bz2 249865 SHA256 a2f6d0ed3c02839cf71f7f3b75d52fd2182e1a929107e8c4dced0f5a4e01ddae SHA512 71f99b3f727be56c98c8e5129362dcdc01361cf3471107de79ce26cb908b059f24db23918b03b6ae52f5f7742a2d5f47e13f428fd1eb41e8c42e8e16b57415b6 WHIRLPOOL 39bd60b23eeda705d083ebc60f048fedb49e70b71b6a56173a656608d9c11adb060d47e66439d4fb53ab6670ffd79e1152586fbc0e6e2601b5e5b19fe06e2f83 DIST refpolicy-2.20120725.tar.bz2 594120 SHA256 7cd46ed908a4001368e6509d93e306ec6c9af2bfa6b70db88c9eaaefe257c635 SHA512 9cbe27fe30460c018da2bb3d94f321d656a259bf4f2e7ce6c2b015d02b5801de8a68c765c154c30ba5abf4f986957c9f303fc95b453f53db4fc4040443512333 WHIRLPOOL 107c10e89e99a3c63f8a806989e869dffd5baca1b9e41e2b02b12067a796d11abc87ac41a9c44a44a61215ed36df127f79e045b00cfb67d3c5318a766ff78b89 +DIST refpolicy-2.20130424.tar.bz2 649845 SHA256 6039ba854f244a39dc727cc7db25632f7b933bb271c803772d754d4354f5aef4 SHA512 82ab38bc3425eb4b7d50c42564ebc28603e32e6f3266da164502f0cdc3a2f6bfe457518297824cb78f6f94211f9823fbc7254bb9e1d9df1cc7f284d326299705 WHIRLPOOL ba7539261a072d33e34afb940a1899ccdb2493c3b11eea3b166b9eb565478fd93cf580d09ef016f799a5dd5a4452086a623f9b3f38fbfb9a812e6e31bcd68e25 EBUILD selinux-base-policy-2.20120725-r10.ebuild 3586 SHA256 564ffc8d5c4bfd60a8536f4b20b4c108214667c60dbeca576f248b32f5c458ed SHA512 9418fbba308556b6036877c7692d0bb20260745d0f6efe9b59ff4cd896a380df8c86ccfca77f051962c480d7ee0b153e752498c24c020b3fb7b83938583e1fcf WHIRLPOOL 7774af44be6ffcbf59adb11c94a03f6f91cf66a44a25647e5ba02738cfc53732d8838c62ce9d3cec668ecf07339fe96944d84aab47d1c541328c4c16e2d5cb55 EBUILD selinux-base-policy-2.20120725-r11.ebuild 3586 SHA256 5cf1b1612ba79547c90c9cf6355c5f1940f8d4a5ba5ccbd44e1694666df8698d SHA512 5511cf2eea0f909bcbd0642aa5685bcf939f7e1014e7bda0622685b9770f4c0d53736b64c25c1fed8d401c0675ca0c7d8d02b3a53584884f954f030733b0e23c WHIRLPOOL 15caf733478ec2431462e3533c641f5dcc9d2fa04962f0206d27208c1b829558340469960eac190b18b0f6afecb5840e945e40cbe72101db46d393eff624f3be EBUILD selinux-base-policy-2.20120725-r12.ebuild 3798 SHA256 d3430425a33fffe42e7086ad0f32dbb103c1febfec147b553d26fa0906e00c3e SHA512 2508bba60605174937c3d48e6ef35660d2667c88f3b27d2f3a300405591b0f583d8893ed203020c40c98b8192ad54fdaf5ce0129db9433d668dd8175d927ce20 WHIRLPOOL bbe8300e011063fdfbcbbabcfdf5eed95ce1c2df9355257f2b4be136c0e8ed041795c32471dcb80047b28d28c90b907c8db5e8df5bb6145b1da5b024a679bc2a @@ -18,13 +20,14 @@ EBUILD selinux-base-policy-2.20120725-r5.ebuild 3821 SHA256 0cf134d0dcebd4139f80 EBUILD selinux-base-policy-2.20120725-r7.ebuild 3823 SHA256 fb9eb84a21543251a9249e76fe84461381d2d1af00afd6cd1fcf18f4b89dbcbe SHA512 a1d4ec29c1331be33bf451cf2e180aae8f478c7738a6d653c0bda01f7744bc405cb7818deaf3280b040a241cc0fa99bb1386f527592fe664d2d6fef98fb04439 WHIRLPOOL 4e510ef48009684917b90057efae5b6dc2bcad6905b3b629d7679eb7ea94651f5f6efc8810cb13797e6a73a0f814791c2553717790a262b2bd3de45f39a0bd8d EBUILD selinux-base-policy-2.20120725-r8.ebuild 3807 SHA256 0c5f2ad8645ef1db0b5e8070e0d22745f241e67dc8e2b2ce975df9cc96d0d40f SHA512 8bed09b7afa36c19c07408ea918c9177dbd192df706388475285d66b7ba6d0b28e722cec1bf187dc500c12c6cbbed2502e5b047f79f0a2627854f0f857d7d62f WHIRLPOOL 1e5d4c004a959aa279fa7d30b42ead52663c60b8d51852542fb686ae4e42a69cef31dba3a9761c8cb9f1747b57bc51ed7ed07bec7840012166e7060d4e51ea7b EBUILD selinux-base-policy-2.20120725-r9.ebuild 3585 SHA256 0363110682e900cfde72c7b7297bc64c4261e5aab1c91b016d6ad5d66336c5f8 SHA512 9a3a5efaeef8718a23328b72c91e393156c772a34853dabf7ee858cf1824570c71136150c53422d4000a1d48b9811e79fc477867c7840e1c714caa7d0e9198f4 WHIRLPOOL d83c300cd37711761a2a1b27771eb0393c3b7a6aa89737b52e35b6691189f4ff2261ebada571c7b4f2458f83ceb57e21f85dee1c1129e68e18f9e88da9c78581 +EBUILD selinux-base-policy-2.20130424-r1.ebuild 3798 SHA256 85c0b408b8cc0cc087f3ee103ccf54f60d18542e161d3a65bd774e68951b10d2 SHA512 43ef12db370a28ee9589cc1c054291fd20448ffdccdc3f32d5de71d28c65fbffe3caccb7444f857fa66edd7c0ebb8618c5aa12dc111de56591342e40d2fdd961 WHIRLPOOL 11aa2801da74244679b586dadeb6af4ac56e3a558cd8129d720bf15f0a1c17cbb272ccb73fb5f7b4ae05f685f844896c7f03900314eeeac09a53a2918f21872e EBUILD selinux-base-policy-9999.ebuild 3410 SHA256 7ab8c354baacf3263abc42e36351cc474242f8a0286134072acabebecfd07076 SHA512 2804d26d5f1dc6a2ecf16b68b2596f57fa8fcc641b6e921a34ad4a2195b8eda0de2045f1b9038bd740aea7b0d0b5a3958093eb4a388b64d7c8e08e1ff3ead0b5 WHIRLPOOL 8d229e9c9dea04cd5695ef5f762e12dee85f71ecdfb76b1fe3c194e7caeb1fc7db7231adeb897b52c26c8e04f8da95c78686a4418a2968e8ced887f82190deb2 -MISC ChangeLog 29432 SHA256 8cc15816475bfb7c4cf50ccecb2474f47182ea70b27f34a0b8b9fbda7f09f170 SHA512 abcf8809b06bb7e0507e3f630d6516176aca0ea35553c21685b42e4f9aa27f79e91f7c164297528b8ad860b246a0f716d7a88f6709ec9b3c682ddfa5ae170e60 WHIRLPOOL 4dd0cab2fee746a2f0deef2126d1888612222e98b70a0417fe04887da1e1c91b53f1f9e61ac03e012f80f2556bfbbc138b11a5d912c44d32bcda9710d5e66790 +MISC ChangeLog 29603 SHA256 0757d5e856f6ad7321b8ac12214df4d965b03cf617b4ae13c9b62f005811d7ab SHA512 e097b52bb9cd0c7b28108fe2839b3f08b76e25f148d8f2de90aef115e51df7f1709e6e742217c503abc67bd373184002a215ddee14b462a25225cd43806c5cd4 WHIRLPOOL 4f0c7bb5f931eaa055e9503215f14dfe4932ff59d565ca5d5515a56f9d0b2a24821ab18fcd62c397f5d3fbe15794d21551fc023ccd91bbd9abe8d47eb9f587b6 MISC metadata.xml 448 SHA256 4babd5e53785136aa79ee0737a89af1fc49c4fc144aba0f6163d6f85215f57e2 SHA512 7e747c9dbae3eaee62a284824a68039961264540e0633e617aaabaeef2e83f4623863d29ee26c2e4738ac706d3824914f530f8e2b990ac7f06aa8f6e4cae9964 WHIRLPOOL 733957f76ca89c6fdd08060a368048276247994db56cf8325e69b896a07dc5e576ca124f3190079b169ec078a2e69156d4b12e6c6cc94328248705779f357bc4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) -iEYEAREIAAYFAlFVc8YACgkQXfqz7M26L9u/5gCfRDixP6JdBGqXePkDmWXpEAZH -b4QAni0OZgKcdqzN/jcIQGhU9DQoZLon -=c+KY +iEYEAREIAAYFAlGHwmsACgkQXfqz7M26L9vkNgCcCS3nrzl4g5/1Kw63FHs4CLPT +Z5YAnjrFEMcMgW53oC76UqEGGaPJn9TG +=oJzZ -----END PGP SIGNATURE----- diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild new file mode 100644 index 000000000000..26274f5c132a --- /dev/null +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild @@ -0,0 +1,122 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild,v 1.1 2013/05/06 14:46:54 swift Exp $ +EAPI="4" + +inherit eutils + +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +DESCRIPTION="SELinux policy for core modules" + +IUSE="+unconfined" +BASEPOL="2.20130424-r1" + +RDEPEND=">=sec-policy/selinux-base-${PVR}" +PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" +DEPEND="" +SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 + http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2" +KEYWORDS="~amd64 ~x86" + +MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg" +LICENSE="GPL-2" +SLOT="0" +S="${WORKDIR}/" +PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2" + +# Code entirely copied from selinux-eclass (cannot inherit due to dependency on +# itself), when reworked reinclude it. Only postinstall (where -b base.pp is +# added) needs to remain then. + +pkg_pretend() { + for i in ${POLICY_TYPES}; do + if [[ "${i}" == "targeted" ]] && ! use unconfined; then + die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." + fi + done +} + +src_prepare() { + local modfiles + + # Patch the sources with the base patchbundle + if [[ -n ${BASEPOL} ]]; + then + cd "${S}" + EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ + EPATCH_SUFFIX="patch" \ + EPATCH_SOURCE="${WORKDIR}" \ + EPATCH_FORCE="yes" \ + epatch + fi + + # Apply the additional patches refered to by the module ebuild. + # But first some magic to differentiate between bash arrays and strings + if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]]; + then + cd "${S}/refpolicy/policy/modules" + for POLPATCH in "${POLICY_PATCH[@]}"; + do + epatch "${POLPATCH}" + done + else + if [[ -n ${POLICY_PATCH} ]]; + then + cd "${S}/refpolicy/policy/modules" + for POLPATCH in ${POLICY_PATCH}; + do + epatch "${POLPATCH}" + done + fi + fi + + # Collect only those files needed for this particular module + for i in ${MODS}; do + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" + done + + for i in ${POLICY_TYPES}; do + mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" + cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ + || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" + + cp ${modfiles} "${S}"/${i} \ + || die "Failed to copy the module files to ${S}/${i}" + done +} + +src_compile() { + for i in ${POLICY_TYPES}; do + # Parallel builds are broken, so we need to force -j1 here + emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed" + done +} + +src_install() { + local BASEDIR="/usr/share/selinux" + + for i in ${POLICY_TYPES}; do + for j in ${MODS}; do + einfo "Installing ${i} ${j} policy package" + insinto ${BASEDIR}/${i} + doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" + done + done +} + +pkg_postinst() { + # Override the command from the eclass, we need to load in base as well here + local COMMAND + for i in ${MODS}; do + COMMAND="-i ${i}.pp ${COMMAND}" + done + + for i in ${POLICY_TYPES}; do + einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" + + cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}" + + semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store" + done +} |