diff options
| author |   Sven Vermeulen <swift@gentoo.org> | 2013-01-16 20:04:48 +0000 |
|---|---|---|
| committer | Sven Vermeulen <swift@gentoo.org> | 2013-01-16 20:04:48 +0000 |
| commit | 803e559f16272778805902191351cd7d00f945bb (patch) | |
| tree | 5fb4829465effb0af73e292bceb6bb0b27e6bd90 /sec-policy | |
| parent | eapi-5, fixed libsi includes #451522 (diff) | |
| download | historical-803e559f16272778805902191351cd7d00f945bb.tar.gz historical-803e559f16272778805902191351cd7d00f945bb.tar.bz2 historical-803e559f16272778805902191351cd7d00f945bb.zip | |
Bumping for bug #451128
Package-Manager: portage-2.1.11.31/cvs/Linux x86_64
Manifest-Sign-Key: 0xCDBA2FDB
Diffstat (limited to 'sec-policy')
| -rw-r--r-- | sec-policy/selinux-base-policy/ChangeLog | 8 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/Manifest | 10 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r10.ebuild | 114 | ||||
| -rw-r--r-- | sec-policy/selinux-base/ChangeLog | 8 | ||||
| -rw-r--r-- | sec-policy/selinux-base/Manifest | 10 | ||||
| -rw-r--r-- | sec-policy/selinux-base/selinux-base-2.20120725-r10.ebuild | 156 |
6 files changed, 296 insertions, 10 deletions
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog index 6d318a358b6f..5fdea9800d3c 100644 --- a/sec-policy/selinux-base-policy/ChangeLog +++ b/sec-policy/selinux-base-policy/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sec-policy/selinux-base-policy # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.121 2013/01/13 16:03:50 swift Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.122 2013/01/16 20:04:44 swift Exp $ + +*selinux-base-policy-2.20120725-r10 (16 Jan 2013) + + 16 Jan 2013; Sven Vermeulen <swift@gentoo.org> + +selinux-base-policy-2.20120725-r10.ebuild: + Bumping with fix for #451128 13 Jan 2013; Sven Vermeulen <swift@gentoo.org> selinux-base-policy-2.20120725-r9.ebuild: diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index 80314c04bb89..56754c32a3e7 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -3,22 +3,24 @@ Hash: SHA256 AUX config 631 SHA256 891ddc7cfd577a8591d65f6cb3398863ec338209b347ce9bfc125817b841860e SHA512 f3c4fece54e5786de94fc97c8e7678f9901c6963828d28b020c423458ac258480191f216522fed7658e7ad1c94fd25557efc524a4b75ec8837116c6a14c2328a WHIRLPOOL e9fe30b0e31dfc2f5f9059f843de3562ded62be8868770663cfb0e80494be17ca1536d522e82c10aec0b083e9bda9b5326f37c60b483681bf237517646e5c18a AUX modules.conf 739 SHA256 72837d02fc5d2bfe3afef1fc6cfb05cdc88d0dae594767aab385aa32262c9996 SHA512 a40d6eff9e3d5adc26aca5488a38075d13ba5a78fe9af93925bc5c4162331529d40c545759b687b812fac260e041b5e4c8d46ab2a2cdbecdf185318e677d6d1c WHIRLPOOL 0008d46f07e3bbe4295295b4587aac6afbb461c543caba7e79288bb32925802ffbe822c1ac3dfd2e873604b87fd414262989e9a42e2a94c1d1967d8f2986dbcf +DIST patchbundle-selinux-base-policy-2.20120725-r10.tar.bz2 425471 SHA256 778901d04eb033bd420142a49005b4b9257722887683584768e9bd46b6d25084 SHA512 728035070f12ef8feff091101a359eeb43525fd52c06ba77c4a530d959b234c70dc34353b326f927a55bf874f2550e25ca743be88c5a364d0942002366121062 WHIRLPOOL f694bd8a92708848de41b972dd4a5806cc603f2a1cf43f743cd3aee1af0f40412cdc0d520da47f06d4352bab5eefa236b4a06cb806075fad16772a2b49b3f700 DIST patchbundle-selinux-base-policy-2.20120725-r5.tar.bz2 46546 SHA256 ac46f21fd5be9588f7462b9ec41a9033f1c0347f46e01b6f9477fb381779ec92 SHA512 3ac3f06cdf7ff645d5b1db7430e9857eb2b55cc6e522ab96300e5120f390f905f3ce614973eb3fd03f0f28e25eebad53517c91b69bba191dc7ddc4e97a3f1756 WHIRLPOOL ed75b62a29a5c9aba2b4da87b2845609ce89ce288f245430bb7dc34504dfa84a7261e40c3f6b776af041d219ac6ba7ef501bdacda56488451b2cb6d8b5051b9e DIST patchbundle-selinux-base-policy-2.20120725-r7.tar.bz2 334263 SHA256 f96436d819f6905c8f604488d309795874eb0fa884933c706851b4021a8c158a SHA512 9a17101e2a623e171f9ae203b1892801873f60c64be5a06077b04c1c7edb7c0639f4943c67f9df5f5790fde9d7f1456cd06b849ecd5915ce849353d6069dac6e WHIRLPOOL cd0b8f412c4b64a561d563a1132f986254d9c7d895772d2977988a8c7fb8dd41c53b5d7f2a69d99db85916c00a6de9eb9a35231ca4bd8759c86a58891e070705 DIST patchbundle-selinux-base-policy-2.20120725-r8.tar.bz2 335267 SHA256 17e5534f966b46ef101e452082d8349636d38e1850cdf55cd7c268e14bdb0124 SHA512 f167e5691a3769d7eb66ddba6a000df860387a3df2cc581df60e924e51495fe94247acfbc9991cd815f05ade747f7806a67c965929fe12994e8b362ab4da15df WHIRLPOOL 533a98fc8860aa8e91d738c2e4d932f2c16dddf02966716649e78d74126bc949524653e0a5443ca6e1e073ae37265ca3b0e28f1ceea510b7adfd510cf3167ac4 DIST patchbundle-selinux-base-policy-2.20120725-r9.tar.bz2 426009 SHA256 7abc4939838f69ad26100dc5f43358c5d9465db78acb0d343f59d59a02160591 SHA512 819075bb38f5a05f8eb1bb76157f911be5b71bb02d4789369e09b134241a9f776e660d02cea1cd2f5aae7aa93cfbc25cd3abe42fb1f9e4ccd9fdff8e6a45babe WHIRLPOOL 4ba77ea6e18f090d1e8a9d382adf28378d54bc5a6e1477733b46a3eef337b8159d5bdf702264aa54b3cb0881f1756790da906806d6fa5382424de95aeb864cec DIST refpolicy-2.20120725.tar.bz2 594120 SHA256 7cd46ed908a4001368e6509d93e306ec6c9af2bfa6b70db88c9eaaefe257c635 SHA512 9cbe27fe30460c018da2bb3d94f321d656a259bf4f2e7ce6c2b015d02b5801de8a68c765c154c30ba5abf4f986957c9f303fc95b453f53db4fc4040443512333 WHIRLPOOL 107c10e89e99a3c63f8a806989e869dffd5baca1b9e41e2b02b12067a796d11abc87ac41a9c44a44a61215ed36df127f79e045b00cfb67d3c5318a766ff78b89 +EBUILD selinux-base-policy-2.20120725-r10.ebuild 3588 SHA256 29f758f258b9eb06b1510dfab214737bf252a83e1804b7a4c458377b0fea101e SHA512 e33b8457a79e2f75ffb6f30840356ceeaf653b3bbb837845d5f27bdd6e9e3566300dca9d46b3418a1502e71e4f7fa28f07b7334252abb034c7e25131047b8d55 WHIRLPOOL b52f1f83437dccb2673c76c85a4505f456611fe6eb45fafa9f56d712c4d57bd95cf0c539d81df9dac861a2b5089cc264657a7c888f3ca6b8fbdffa4ad1e883dc EBUILD selinux-base-policy-2.20120725-r5.ebuild 3821 SHA256 0cf134d0dcebd4139f808bad2627f1c16959ef4199d05a177a31a967bc1e85c9 SHA512 c5609321c8be53cea48b43f34b637dde6a0daaf38a3f87fea71066778c224ffd5d549c7db2d29e01b2dd792aa6b37424b04a2915cda7434e5e5ad9cda89eeb52 WHIRLPOOL 14a72df7dc83b2405b9c8d96e7f48332663d2ace1e851c8bbac7fb76a278f5f2f23ce615b924632135850ac809a1c4dba32e1bfcbe08ba12e8fd7caa478b8820 EBUILD selinux-base-policy-2.20120725-r7.ebuild 3823 SHA256 fb9eb84a21543251a9249e76fe84461381d2d1af00afd6cd1fcf18f4b89dbcbe SHA512 a1d4ec29c1331be33bf451cf2e180aae8f478c7738a6d653c0bda01f7744bc405cb7818deaf3280b040a241cc0fa99bb1386f527592fe664d2d6fef98fb04439 WHIRLPOOL 4e510ef48009684917b90057efae5b6dc2bcad6905b3b629d7679eb7ea94651f5f6efc8810cb13797e6a73a0f814791c2553717790a262b2bd3de45f39a0bd8d EBUILD selinux-base-policy-2.20120725-r8.ebuild 3807 SHA256 0c5f2ad8645ef1db0b5e8070e0d22745f241e67dc8e2b2ce975df9cc96d0d40f SHA512 8bed09b7afa36c19c07408ea918c9177dbd192df706388475285d66b7ba6d0b28e722cec1bf187dc500c12c6cbbed2502e5b047f79f0a2627854f0f857d7d62f WHIRLPOOL 1e5d4c004a959aa279fa7d30b42ead52663c60b8d51852542fb686ae4e42a69cef31dba3a9761c8cb9f1747b57bc51ed7ed07bec7840012166e7060d4e51ea7b EBUILD selinux-base-policy-2.20120725-r9.ebuild 3585 SHA256 0363110682e900cfde72c7b7297bc64c4261e5aab1c91b016d6ad5d66336c5f8 SHA512 9a3a5efaeef8718a23328b72c91e393156c772a34853dabf7ee858cf1824570c71136150c53422d4000a1d48b9811e79fc477867c7840e1c714caa7d0e9198f4 WHIRLPOOL d83c300cd37711761a2a1b27771eb0393c3b7a6aa89737b52e35b6691189f4ff2261ebada571c7b4f2458f83ceb57e21f85dee1c1129e68e18f9e88da9c78581 EBUILD selinux-base-policy-9999.ebuild 3206 SHA256 409a5385bfd12b6cb93b17030cd50ef20f2d99a3131146abf289c579deec83d6 SHA512 8227694374745fe8c9a5939e94230bace8b16fbb3eba2d3c5d5028fcb3bc1ad1341e997403e7f6657479ba85201ba780157a6d8b23c899beb47fcccec1ac2e98 WHIRLPOOL bffc5e7cf0b9ad9a1bc24560807b445e1857ac327c131fb71780470b4abed80e1a6232c51ef1241b87009e5afe10b88491cc46c4d7cf1421c21c0b9d06dc39b1 -MISC ChangeLog 27936 SHA256 c38c696887dd1fab634a769b33638545b439afac8844d7b41e92fd14ce5defca SHA512 b9bffb38119cf6a00f80b632fb7ced8a6059fd8a82462544810a4a7dac3fd84b240e7ee927dcce07d2ad1ac491a6f904a43246e47488d7176b1a3a8cdc6645da WHIRLPOOL ed53eb9089d6e1465881c51012e5e3cd6de586de0937ba4790a35ca07f2675cd6d9a894b61e14ad81674d94ddf835b308c5b92f21438db0ef1087172305472cd +MISC ChangeLog 28114 SHA256 f30d621e5cd05fb48028e5735743a343beb07c236f201dcc540dc7811f2f13c7 SHA512 fe5469ef03692d47f25599568113184874e69c24d0227ee01ec873b358ee347357243ff353f0c5a763e95478bf04771e94324c39016a13b1b2be4e21b43b55c9 WHIRLPOOL 29fe337fae6f2cdf1d03f572ea08913a3b5dc8e3d4e704060a6a567dfebe7a1e66e7cdc9b9a37fdc312dcde9159c3b1cba7302099daa4c8bf4354fa2b18e82ae MISC metadata.xml 448 SHA256 4babd5e53785136aa79ee0737a89af1fc49c4fc144aba0f6163d6f85215f57e2 SHA512 7e747c9dbae3eaee62a284824a68039961264540e0633e617aaabaeef2e83f4623863d29ee26c2e4738ac706d3824914f530f8e2b990ac7f06aa8f6e4cae9964 WHIRLPOOL 733957f76ca89c6fdd08060a368048276247994db56cf8325e69b896a07dc5e576ca124f3190079b169ec078a2e69156d4b12e6c6cc94328248705779f357bc4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) -iEYEAREIAAYFAlDy2w8ACgkQXfqz7M26L9stcgCgjyxIl8d3qNO3LBokYgunIuI/ -ZDgAnAj2Kj//mGjv8Xc3AW+/aO/fHe3m -=loA/ +iEYEAREIAAYFAlD3B7QACgkQXfqz7M26L9vtSACfcvqNRY7q+D50ovoBNu3mZ8+V +N20An06YuE1aaOgY7B7gZJf1r2rhpRha +=L3w8 -----END PGP SIGNATURE----- diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r10.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r10.ebuild new file mode 100644 index 000000000000..c198b43abeb1 --- /dev/null +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r10.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r10.ebuild,v 1.1 2013/01/16 20:04:44 swift Exp $ +EAPI="4" + +inherit eutils + +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +DESCRIPTION="SELinux policy for core modules" + +IUSE="unconfined" +BASEPOL="${PVR}" + +RDEPEND=">=sec-policy/selinux-base-${PVR} + unconfined? ( sec-policy/selinux-unconfined )" +DEPEND="" +SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 + http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2" +KEYWORDS="~amd64 ~x86" + +MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg" +LICENSE="GPL-2" +SLOT="0" +S="${WORKDIR}/" +PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2" + +# Code entirely copied from selinux-eclass (cannot inherit due to dependency on +# itself), when reworked reinclude it. Only postinstall (where -b base.pp is +# added) needs to remain then. + +src_prepare() { + local modfiles + + # Patch the sources with the base patchbundle + if [[ -n ${BASEPOL} ]]; + then + cd "${S}" + EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ + EPATCH_SUFFIX="patch" \ + EPATCH_SOURCE="${WORKDIR}" \ + EPATCH_FORCE="yes" \ + epatch + fi + + # Apply the additional patches refered to by the module ebuild. + # But first some magic to differentiate between bash arrays and strings + if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]]; + then + cd "${S}/refpolicy/policy/modules" + for POLPATCH in "${POLICY_PATCH[@]}"; + do + epatch "${POLPATCH}" + done + else + if [[ -n ${POLICY_PATCH} ]]; + then + cd "${S}/refpolicy/policy/modules" + for POLPATCH in ${POLICY_PATCH}; + do + epatch "${POLPATCH}" + done + fi + fi + + # Collect only those files needed for this particular module + for i in ${MODS}; do + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" + done + + for i in ${POLICY_TYPES}; do + mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" + cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ + || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" + + cp ${modfiles} "${S}"/${i} \ + || die "Failed to copy the module files to ${S}/${i}" + done +} + +src_compile() { + for i in ${POLICY_TYPES}; do + # Parallel builds are broken, so we need to force -j1 here + emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed" + done +} + +src_install() { + local BASEDIR="/usr/share/selinux" + + for i in ${POLICY_TYPES}; do + for j in ${MODS}; do + einfo "Installing ${i} ${j} policy package" + insinto ${BASEDIR}/${i} + doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" + done + done +} + +pkg_postinst() { + # Override the command from the eclass, we need to load in base as well here + local COMMAND + for i in ${MODS}; do + COMMAND="-i ${i}.pp ${COMMAND}" + done + + for i in ${POLICY_TYPES}; do + einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" + + cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}" + + semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store" + done +} diff --git a/sec-policy/selinux-base/ChangeLog b/sec-policy/selinux-base/ChangeLog index 23cd0c7fbe0a..521b2980b05a 100644 --- a/sec-policy/selinux-base/ChangeLog +++ b/sec-policy/selinux-base/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sec-policy/selinux-base # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/ChangeLog,v 1.22 2013/01/13 16:03:52 swift Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/ChangeLog,v 1.23 2013/01/16 20:03:43 swift Exp $ + +*selinux-base-2.20120725-r10 (16 Jan 2013) + + 16 Jan 2013; Sven Vermeulen <swift@gentoo.org> + +selinux-base-2.20120725-r10.ebuild: + Bumping with fix for #451128 13 Jan 2013; Sven Vermeulen <swift@gentoo.org> selinux-base-2.20120725-r9.ebuild: diff --git a/sec-policy/selinux-base/Manifest b/sec-policy/selinux-base/Manifest index 929a88a3c1ea..7a1e2a25d534 100644 --- a/sec-policy/selinux-base/Manifest +++ b/sec-policy/selinux-base/Manifest @@ -2,22 +2,24 @@ Hash: SHA256 AUX config 631 SHA256 891ddc7cfd577a8591d65f6cb3398863ec338209b347ce9bfc125817b841860e SHA512 f3c4fece54e5786de94fc97c8e7678f9901c6963828d28b020c423458ac258480191f216522fed7658e7ad1c94fd25557efc524a4b75ec8837116c6a14c2328a WHIRLPOOL e9fe30b0e31dfc2f5f9059f843de3562ded62be8868770663cfb0e80494be17ca1536d522e82c10aec0b083e9bda9b5326f37c60b483681bf237517646e5c18a +DIST patchbundle-selinux-base-policy-2.20120725-r10.tar.bz2 425471 SHA256 778901d04eb033bd420142a49005b4b9257722887683584768e9bd46b6d25084 SHA512 728035070f12ef8feff091101a359eeb43525fd52c06ba77c4a530d959b234c70dc34353b326f927a55bf874f2550e25ca743be88c5a364d0942002366121062 WHIRLPOOL f694bd8a92708848de41b972dd4a5806cc603f2a1cf43f743cd3aee1af0f40412cdc0d520da47f06d4352bab5eefa236b4a06cb806075fad16772a2b49b3f700 DIST patchbundle-selinux-base-policy-2.20120725-r5.tar.bz2 46546 SHA256 ac46f21fd5be9588f7462b9ec41a9033f1c0347f46e01b6f9477fb381779ec92 SHA512 3ac3f06cdf7ff645d5b1db7430e9857eb2b55cc6e522ab96300e5120f390f905f3ce614973eb3fd03f0f28e25eebad53517c91b69bba191dc7ddc4e97a3f1756 WHIRLPOOL ed75b62a29a5c9aba2b4da87b2845609ce89ce288f245430bb7dc34504dfa84a7261e40c3f6b776af041d219ac6ba7ef501bdacda56488451b2cb6d8b5051b9e DIST patchbundle-selinux-base-policy-2.20120725-r7.tar.bz2 334263 SHA256 f96436d819f6905c8f604488d309795874eb0fa884933c706851b4021a8c158a SHA512 9a17101e2a623e171f9ae203b1892801873f60c64be5a06077b04c1c7edb7c0639f4943c67f9df5f5790fde9d7f1456cd06b849ecd5915ce849353d6069dac6e WHIRLPOOL cd0b8f412c4b64a561d563a1132f986254d9c7d895772d2977988a8c7fb8dd41c53b5d7f2a69d99db85916c00a6de9eb9a35231ca4bd8759c86a58891e070705 DIST patchbundle-selinux-base-policy-2.20120725-r8.tar.bz2 335267 SHA256 17e5534f966b46ef101e452082d8349636d38e1850cdf55cd7c268e14bdb0124 SHA512 f167e5691a3769d7eb66ddba6a000df860387a3df2cc581df60e924e51495fe94247acfbc9991cd815f05ade747f7806a67c965929fe12994e8b362ab4da15df WHIRLPOOL 533a98fc8860aa8e91d738c2e4d932f2c16dddf02966716649e78d74126bc949524653e0a5443ca6e1e073ae37265ca3b0e28f1ceea510b7adfd510cf3167ac4 DIST patchbundle-selinux-base-policy-2.20120725-r9.tar.bz2 426009 SHA256 7abc4939838f69ad26100dc5f43358c5d9465db78acb0d343f59d59a02160591 SHA512 819075bb38f5a05f8eb1bb76157f911be5b71bb02d4789369e09b134241a9f776e660d02cea1cd2f5aae7aa93cfbc25cd3abe42fb1f9e4ccd9fdff8e6a45babe WHIRLPOOL 4ba77ea6e18f090d1e8a9d382adf28378d54bc5a6e1477733b46a3eef337b8159d5bdf702264aa54b3cb0881f1756790da906806d6fa5382424de95aeb864cec DIST refpolicy-2.20120725.tar.bz2 594120 SHA256 7cd46ed908a4001368e6509d93e306ec6c9af2bfa6b70db88c9eaaefe257c635 SHA512 9cbe27fe30460c018da2bb3d94f321d656a259bf4f2e7ce6c2b015d02b5801de8a68c765c154c30ba5abf4f986957c9f303fc95b453f53db4fc4040443512333 WHIRLPOOL 107c10e89e99a3c63f8a806989e869dffd5baca1b9e41e2b02b12067a796d11abc87ac41a9c44a44a61215ed36df127f79e045b00cfb67d3c5318a766ff78b89 +EBUILD selinux-base-2.20120725-r10.ebuild 4455 SHA256 c4687a4b1a78541b3bf23417a2c54170be2e951c9e54572c3fd917d84de9d351 SHA512 46143044aaefa5964c65c7960f3384c03d2b30f90989a9aa57f6393e30ded5b9d19c3eae88b4585cafbd158f7912edfc1a8495f00c46c603172ffcc003be5330 WHIRLPOOL 289ef7bb61891c347239c5dcd7dbb618ebe5f8ea3f0b4ff2ce5828280c38404dfe1ed2ff41dd1c28a091149c73a880b7b057d611cf1bcfcd92f5c7d28a5dfd6c EBUILD selinux-base-2.20120725-r5.ebuild 4172 SHA256 f3c0f93115e49debdbf2ddb9b94153ff6ce2752fa88db37d38daa63a85cdc97b SHA512 63a9e420c90fc1edfeb018d3da6f64a989dda360cf07b95d848ff48178bbdea69c6399f161fe01435c6fda8ec02f713ad43cbee8b0587b4d719789c8d548c67d WHIRLPOOL 6153c96895d7a3f96d1656da52eebf0be6996f97daa8f36141f0a8f90f7a082c3fea7437f9826d81c617708d5bb21ae2dcae06e9e9bf90bbc6a5e834f7aec3a2 EBUILD selinux-base-2.20120725-r7.ebuild 4174 SHA256 e7b94afe300457fd8295584d2e397e4f62732aa99cc5f5053944e785f067b614 SHA512 548c1b40af94ea34d473a34c6d17ba3c7bb52ba18e03b56b47f6a05d18b0ac55258f1fd1c2e68994c667113c840b0227f85beafebc4f6541bdcf3ea5d16a3806 WHIRLPOOL 1a4b367062999ab4a5f50e3268e74be700255f214c2f6b0a3980e43e6416df5a2a7a23f2716647f6ee24eb7f4a01b8b7db9e12f5e15c84759df2d709e9ca5142 EBUILD selinux-base-2.20120725-r8.ebuild 4168 SHA256 56b1379b8849ee4c610aff727467fe477e89619d6af7172a6098f3a544d69609 SHA512 1138a9216299eac2d0bdd8cf3e5041613bafd878f1e4172d97e972099f981fa3633534abef1c85c0d678e65618fca2aa2e7307c43bfb9979ac1f8e1f65450eea WHIRLPOOL 65f4abb795749d0bd090a7cf52cc305eca349fd1287af1d963b29f571d6e5d97ee90bf3ef0b748e7e223a9f672fd27007ae0ba8e3f07488f0ecdbf8b9452eb12 EBUILD selinux-base-2.20120725-r9.ebuild 4452 SHA256 5bae3574a7be5837858a354c3587ca475bd209ef59e15b48dc2060a4e4194bee SHA512 07aa6e752df0b5c24ade53494b1b04d724011dd5e5c219a31e819bc1b465de6537b4791dd49a16b8b65a84a80b0b2ec567708dd163e27278a7706cfa7584c005 WHIRLPOOL c35df4248120889a6b0ee84bb1eaeed8bac3d7ea4873dc79de5cd31185abf98479cfa96b2ef01c725e26ccede4599b53330c6d35e508630f258b9146b0708a53 EBUILD selinux-base-9999.ebuild 4135 SHA256 63bbaab93d1c2d996fc23f6803e3446fd6fe9a626d7fbabe512fdb7a1e1cddb8 SHA512 08d13441df7565fc6686ee15c9ce706e8d51399247ba41f146d354de02fe4a6df03c4a7a1f9b998bb6e6c1616071c525aa36071af77f765e882725fab103270d WHIRLPOOL b727ecffe4c92f1bd40bc0f0c3e97462dc88b611b4963e2b469611544297e3389fe2ca75278d6b4a859e99a36d98f1c808b777b73f115b0cc868881cb9f9421d -MISC ChangeLog 4097 SHA256 c57a48b15d0c6a6dd8f1f66d91cdb115458aeceabb80e15b576f888e236d1edc SHA512 d23bacf97c2e6eabd10c4d061ddcd8302c529640476cacec10736c498bd53720e16afba04288506ea6bbc4c7968994630c22ac9c92bbf195a881788af684728b WHIRLPOOL d7d73c4be44f807f288303099d1a86c0316a8f55cdc8cb975ae34e14482121453d2490835d9e486d227fb0b652a71f2ed9fa4a29f93d7fe0d6b58423173ad4a9 +MISC ChangeLog 4261 SHA256 07ec861eaf4ff0630afe03e98db6c5ce20cc78eb0387033cc88b7b7b6fa8c449 SHA512 93f99fa1afbd59abace6852ee8b2485d780ef7321afea60d0f45dffa726c8f3653974930463f5f1ae7e5b24b0bf4b587d2b1cec97f8b897477a65dccd12f302d WHIRLPOOL d5d548df3a46c4fe3f06d13e9524d0f994043d34ad7f2125734234a0d8584132f94cf14c059a9da5284399a5e85cec75ddf611c8577a99658237f3d819f1af37 MISC metadata.xml 753 SHA256 2542c8e9c994b3b2699d601ba980a8daef2288b5ad199867764f607978ddee67 SHA512 d5e803494fe0831fdddada0f1f464c941d93896afa19d9d1005daa8a4ebea7b20f905e6d0d89dd10ff1aceaee0c7c41c190f16b68bf4466c0f75d3a6110b8df0 WHIRLPOOL cd2535802ffacbdae1ff1787aa203311330202cb08df488dae59b178b102b818766d2320fe62de3cf7710047e8cafa6a41963381655d9fd5fb4c75a232decd52 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) -iEYEAREIAAYFAlDy2w8ACgkQXfqz7M26L9sCFgCfbYfxoY9H+OaZhcZQmm6aAdTY -fdsAnjQ9Di7WtKh4TcShb/1BWLumgi73 -=An4r +iEYEAREIAAYFAlD3B3sACgkQXfqz7M26L9u76gCggpx6Ylm2/kRxLHuuLv366l+s +q8IAnA4YPDBzqABZN0ktJTJNRVOOR1yd +=OG7n -----END PGP SIGNATURE----- diff --git a/sec-policy/selinux-base/selinux-base-2.20120725-r10.ebuild b/sec-policy/selinux-base/selinux-base-2.20120725-r10.ebuild new file mode 100644 index 000000000000..513fd6f1510a --- /dev/null +++ b/sec-policy/selinux-base/selinux-base-2.20120725-r10.ebuild @@ -0,0 +1,156 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/selinux-base-2.20120725-r10.ebuild,v 1.1 2013/01/16 20:03:43 swift Exp $ +EAPI="4" + +inherit eutils + +IUSE="+peer_perms +open_perms +ubac unconfined doc" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 + http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" +LICENSE="GPL-2" +SLOT="0" + +KEYWORDS="~amd64 ~x86" + +RDEPEND=">=sys-apps/policycoreutils-2.1.10 + virtual/udev + !<=sec-policy/selinux-base-policy-2.20120725" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-2.1.8" + +S=${WORKDIR}/ + +src_prepare() { + # Apply the gentoo patches to the policy. These patches are only necessary + # for base policies, or for interface changes on modules. + EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ + EPATCH_SUFFIX="patch" \ + EPATCH_SOURCE="${WORKDIR}" \ + EPATCH_FORCE="yes" \ + epatch + + cd "${S}/refpolicy" + # Fix bug 257111 - Correct the initial sid for cron-started jobs in the + # system_r role + sed -i -e 's:system_crond_t:system_cronjob_t:g' \ + "${S}/refpolicy/config/appconfig-standard/default_contexts" + sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ + "${S}/refpolicy/config/appconfig-mls/default_contexts" + sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ + "${S}/refpolicy/config/appconfig-mcs/default_contexts" +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" + + # Prepare initial configuration + cd "${S}/refpolicy"; + make conf || die "Make conf failed" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" + cd "${S}/${i}"; + + #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + + if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-${i}/seusers" \ + || die "policy seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" + make base || die "${i} compile failed" + if use doc; then + make html || die + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" + + make DESTDIR="${D}" install \ + || die "${i} install failed." + + make DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + dohtml doc/html/*; + fi + + insinto /usr/share/selinux/devel; + doins doc/policy.xml; + + done + + dodoc doc/Makefile.example doc/example.{te,fc,if} + + insinto /etc/selinux + doins "${FILESDIR}/config" +} + +pkg_preinst() { + has_version "<${CATEGORY}/${PN}-2.20101213-r13" + previous_less_than_r13=$? +} |