Fix python 3 and audit2allow support, needed for bugs #408179 and #415091

Package-Manager: portage-2.1.10.49/cvs/Linux x86_64
author: Sven Vermeulen <swift@gentoo.org> 2012-06-25 20:08:44 +0000
committer: Sven Vermeulen <swift@gentoo.org> 2012-06-25 20:08:44 +0000
commit: ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69 (patch)
tree: 75a16c6c8807f4a1fb5a0e58dbf0fa0c75a1bb6c /sys-apps/policycoreutils
parent: Fix python 3 and audit2allow support, needed for bugs #408179 and #415091 (diff)
download: historical-ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69.tar.gz
historical-ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69.tar.bz2
historical-ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69.zip
4 files changed, 261 insertions, 2 deletions
diff --git a/sys-apps/policycoreutils/ChangeLog b/sys-apps/policycoreutils/ChangeLog
index f60509685a83..2539e79123bb 100644
--- a/sys-apps/policycoreutils/ChangeLog
+++ b/sys-apps/policycoreutils/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-apps/policycoreutils
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/ChangeLog,v 1.99 2012/05/13 12:53:07 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/ChangeLog,v 1.100 2012/06/25 20:08:44 swift Exp $
+
+*policycoreutils-2.1.10-r3 (25 Jun 2012)
+
+  25 Jun 2012; <swift@gentoo.org>
+  +files/policycoreutils-extra-1.21-fix-python3.patch,
+  +policycoreutils-2.1.10-r3.ebuild:
+  Improve support for python3, fixes bug #416301
 
   13 May 2012; <swift@gentoo.org> -policycoreutils-2.1.0-r1.ebuild,
   -policycoreutils-2.1.0-r2.ebuild:
diff --git a/sys-apps/policycoreutils/Manifest b/sys-apps/policycoreutils/Manifest
index 6188f18aed26..97eb982b85ec 100644
--- a/sys-apps/policycoreutils/Manifest
+++ b/sys-apps/policycoreutils/Manifest
@@ -1,3 +1,5 @@
+AUX policycoreutils-extra-1.21-fix-python3.patch 3839 RMD160 23914ec14751350a3435d5202f3bae4d00f40ea6 SHA1 ca30ab174cc7de954292b04c22b63fceeae52002 SHA256 9ecd1fa99b9e5b28ba3b91c18d6cc783e00e489fe22424e4c8a6f9fd8fcfc703
+DIST patchbundle-policycoreutils-2.1.10-gentoo-r1.tar.gz 25209 RMD160 5112afe558bfbfe799bd9421c4c7fe63875508df SHA1 15d40685bfd483e88f592ce3efa70cd8c36220c9 SHA256 c9b18667ba525bb2df566debced62482b61fc8e728631402b507db9a4de5ebda
 DIST policycoreutils-2.0.85-python3.tar.gz 19750 RMD160 ae5daef8bf9083964e37b101a6168dc6ce5b8bb2 SHA1 61c058cb39ef9f13dd54af844a033ac724de743c SHA256 4bc78bfd39ce43a010c4e1de3d7f4ff45fcfc7bac4bc70e28c9bdb681053fe4e
 DIST policycoreutils-2.1.10-fix-makefile-pam-audit.patch.gz 1088 RMD160 36bc994b418270c2b3e8fedb49df70497e16e6f6 SHA1 4df7ad9a76823e12a891939f919702664d69d0a9 SHA256 9e3de8820a7f34133413c0a1b0987d20e69daf6ceb1e95da5ec70f759d85092d
 DIST policycoreutils-2.1.10-fix-nodbus_or_libcg.patch.gz 766 RMD160 bfb40ff7332331a2c3cc4a892aaad82f28d655f2 SHA1 96e9f1f1354b02c7019e11c3b4416157a85c2395 SHA256 2b98e73f02f5b0116b70b8ffd04925ede0c7939284c7453d9089cecce5094343
@@ -6,6 +8,7 @@ DIST policycoreutils-2.1.10-sesandbox.patch.gz 5002 RMD160 ee14d38a6edd497fc1ba9
 DIST policycoreutils-2.1.10.tar.gz 907554 RMD160 ba7d2902f5c44ac1d2c3efbe18ae46fed4e285e9 SHA1 72aa099ee9e84ae30e868e45c76de8a25379dd3b SHA256 8bbbc36b7d375edff891503932da93e37553f0dd7bdceded7ce9a45c80bec3d1
 DIST policycoreutils-extra-1.21.tar.bz2 12864 RMD160 28e5d0f52a69e0cb9c0d2e8088e828cbac951732 SHA1 7866b24ddab5a48c95fd51b88ad1eb4af0d9572e SHA256 c2d3627e2a10f83f5de997e9db75c40830e7f3520b558807346c9bd9c49769bb
 EBUILD policycoreutils-2.1.10-r1.ebuild 5571 RMD160 833f37c7a4bb55fcc75f31d1328036a37f926c40 SHA1 bed6de45013b068872ff4ec90670c61637cef1d8 SHA256 6090d24eb5bbfabe2a1417887cf745fa98d82d8ec3f990c32fc392ad526c525c
+EBUILD policycoreutils-2.1.10-r3.ebuild 4344 RMD160 9f65f5dde8c68cbbac6e8d061666b7f8ff1660c8 SHA1 ebb2399efbb108111712b141181f1901484b9fe3 SHA256 8d4ce734acc17697398d327e9a0b09e096f5b539bcc0426bf0664920cab30c99
 EBUILD policycoreutils-2.1.10.ebuild 5447 RMD160 90408345980f6ff554c7ad445368efda229653be SHA1 fd01d605548d24d579768b4ae3bfecd460d0cd27 SHA256 b49f69109ab7c1fcd21092f842f611b550eab401711fb21fa75d1ab7ee676e6a
-MISC ChangeLog 16004 RMD160 5e56e0c773a58f055c08085dfdae1becc9c792d8 SHA1 b47b6a93fba14473277f0d8cecc5cf65c844a2d2 SHA256 86a43fc3ab03ea295f08cb14aca88f9cfe767fd13a38eeaf1f6ce886183e182b
+MISC ChangeLog 16223 RMD160 1f38cc804a7b8e6dc4a9ccd6e5ead57eb8763a5f SHA1 74d1e6a2dfc474f8b507768ba1538e1cff842504 SHA256 d77c730ce2ae812032a754ae716623c654e1d768c232172337cd312309552cfe
 MISC metadata.xml 959 RMD160 b7d949dec19e45f8b1b1c74cbef0d65ddd152825 SHA1 0e96fcb229f9e63a34a5a555a6672640fe72e99a SHA256 6683014987dd67dfbeb80ad329550fc20a0b09f5eaa7828054be62fff6aee391
diff --git a/sys-apps/policycoreutils/files/policycoreutils-extra-1.21-fix-python3.patch b/sys-apps/policycoreutils/files/policycoreutils-extra-1.21-fix-python3.patch
new file mode 100644
index 000000000000..66979abc05fb
--- /dev/null
+++ b/sys-apps/policycoreutils/files/policycoreutils-extra-1.21-fix-python3.patch
@@ -0,0 +1,108 @@
+diff -ur policycoreutils-extra.orig/scripts/rlpkg policycoreutils-extra/scripts/rlpkg
+--- policycoreutils-extra.orig/scripts/rlpkg	2012-05-01 16:01:43.321023704 +0200
++++ policycoreutils-extra/scripts/rlpkg	2012-05-01 16:01:53.192023725 +0200
+@@ -86,7 +86,7 @@
+ 		t = portage.db["/"]["vartree"].dbapi.match(search_key)
+ 	# catch the "amgigous package" Exception
+ 	except ValueError as e:
+-		if type(e[0]) == types.ListType:
++		if type(e[0]) == list:
+ 			t = []
+ 			for cp in e[0]:
+ 				t += portage.db["/"]["vartree"].dbapi.match(cp)
+@@ -112,7 +112,7 @@
+ 
+ def find_xattr_mounts():
+ 	"""Find mounted xattr filesystems"""
+-	print("Relabeling filesystem types: "+" ".join(xattrfs))
++	print(("Relabeling filesystem types: "+" ".join(xattrfs)))
+ 	mounts=open("/etc/mtab", "r")
+ 
+ 	fs_matches=[]
+@@ -158,29 +158,29 @@
+ 
+ 		(ret,context) = selinux.getfilecon(filename)
+ 		if ret < 0:
+-			print("Error getting context of "+filename)
++			print(("Error getting context of "+filename))
+ 			continue
+ 
+ 		ctx = string.split(context,":")
+ 
+ 		if len(ctx) < 3:
+-			print("Debug: getfilecon on \""+filename+"\" returned a context of \""+context+"\" which split incorrectly ("+ctx+").")
++			print(("Debug: getfilecon on \""+filename+"\" returned a context of \""+context+"\" which split incorrectly ("+ctx+")."))
+ 			continue
+ 
+ 		if ctx[2] in textrel_ok_relabelfrom:
+ 			if verbose:
+-				print("Relabeling "+filename+" to "+textrel_type+".")
++				print(("Relabeling "+filename+" to "+textrel_type+"."))
+ 			ctx[2] = textrel_type
+ 			if selinux.setfilecon(filename,string.join(ctx,":")) < 0:
+-				print("Failed to relabel "+filename)
++				print(("Failed to relabel "+filename))
+ 		elif ctx[2] == textrel_type:
+ 			if verbose:
+-				print("Skipping "+filename+" because it is already "+textrel_type+".")
++				print(("Skipping "+filename+" because it is already "+textrel_type+"."))
+ 		else:
+-			print("Not relabeling "+filename+" because it is "+ctx[2]+".")
++			print(("Not relabeling "+filename+" because it is "+ctx[2]+"."))
+ 			notok += 1
+ 
+-	print("%(a)d libraries with text relocations, %(b)d not relabeled." % {"a":textrel_libs, "b":notok})
++	print(("%(a)d libraries with text relocations, %(b)d not relabeled." % {"a":textrel_libs, "b":notok}))
+ 
+ 	if notok > 0:
+ 		print("\nSome files were not relabeled!  This is not necessarily bad,")
+@@ -197,10 +197,10 @@
+ 
+ 	textrel_bins = 0
+ 	for line in tb.stdout.readline():
+-		print("PIE executable "+line.split()[1]+" has text relocations!")
++		print(("PIE executable "+line.split()[1]+" has text relocations!"))
+ 		textrel_bins += 1
+ 
+-	print("%d binaries with text relocations detected." % (textrel_bins))
++	print(("%d binaries with text relocations detected." % (textrel_bins)))
+ 
+ 	if textrel_bins > 0:
+ 		print("\nPIE binaries with text relocations have been detected!")
+@@ -234,8 +234,8 @@
+ 	childin = os.popen(string.join(cmdline),'w')
+ 
+ 	for i in pkglist:
+-		print("Relabeling: "+i.get_cpv())
+-		for j in i.get_contents().keys():
++		print(("Relabeling: "+i.get_cpv()))
++		for j in list(i.get_contents().keys()):
+ 			childin.write(j+'\n')
+ 
+ 	rc = childin.close()
+@@ -245,14 +245,14 @@
+ 	if rc == None:
+ 		rc = 0
+ 	else:
+-		print("Error relabeling: %d" % (rc))
++		print(("Error relabeling: %d" % (rc)))
+ 
+ 	return rc
+ 
+ def usage(message=""):
+ 	pgmname = os.path.basename(sys.argv[0])
+ 
+-	print("Usage: %s [OPTIONS] {<pkg1> [<pkg2> ...]}" % (pgmname))
++	print(("Usage: %s [OPTIONS] {<pkg1> [<pkg2> ...]}" % (pgmname)))
+ 	print("\n\
+   -a, --all	 Relabel the entire filesystem instead of individual packages.\n\
+   -r, --reset	 Force reset of context if the file's selinux identity is\n\
+@@ -266,7 +266,7 @@
+ \"policycoreutils\" or \">=sys-apps/policycoreutils-1.30\".\n\
+ ")
+ 	if message != "":
+-		print(pgmname+": "+message)
++		print((pgmname+": "+message))
+ 		sys.exit(1)
+ 	else:
+ 		sys.exit(0)
diff --git a/sys-apps/policycoreutils/policycoreutils-2.1.10-r3.ebuild b/sys-apps/policycoreutils/policycoreutils-2.1.10-r3.ebuild
new file mode 100644
index 000000000000..bcd83cabda00
--- /dev/null
+++ b/sys-apps/policycoreutils/policycoreutils-2.1.10-r3.ebuild
@@ -0,0 +1,141 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/policycoreutils-2.1.10-r3.ebuild,v 1.1 2012/06/25 20:08:44 swift Exp $
+
+EAPI="4"
+PYTHON_DEPEND="*"
+PYTHON_USE_WITH="xml"
+SUPPORT_PYTHON_ABIS="1"
+RESTRICT_PYTHON_ABIS="*-jython"
+
+inherit multilib python toolchain-funcs eutils
+
+EXTRAS_VER="1.21"
+SEMNG_VER="2.1.6"
+SELNX_VER="2.1.9"
+SEPOL_VER="2.1.4"
+
+IUSE="audit pam dbus sesandbox"
+
+DESCRIPTION="SELinux core utilities"
+HOMEPAGE="http://userspace.selinuxproject.org"
+SRC_URI="http://userspace.selinuxproject.org/releases/20120216/${P}.tar.gz
+	http://dev.gentoo.org/~swift/patches/policycoreutils/patchbundle-${P}-gentoo-r1.tar.gz
+	mirror://gentoo/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+COMMON_DEPS=">=sys-libs/libselinux-${SELNX_VER}[python]
+	>=sys-libs/glibc-2.4
+	>=sys-libs/libcap-1.10-r10
+	>=sys-libs/libsemanage-${SEMNG_VER}[python]
+	sys-libs/libcap-ng
+	>=sys-libs/libsepol-${SEPOL_VER}
+	sys-devel/gettext
+	dev-python/ipy
+	sesandbox? ( dev-libs/libcgroup )
+	dbus? (
+		sys-apps/dbus
+		dev-libs/dbus-glib
+	)
+	audit? ( >=sys-process/audit-1.5.1 )
+	pam? ( sys-libs/pam )"
+
+### libcgroup -> seunshare
+### dbus -> restorecond
+
+# pax-utils for scanelf used by rlpkg
+RDEPEND="${COMMON_DEPS}
+	dev-python/sepolgen
+	app-misc/pax-utils"
+
+DEPEND="${COMMON_DEPS}"
+
+S2=${WORKDIR}/policycoreutils-extra
+
+src_prepare() {
+	# rlpkg is more useful than fixfiles
+	sed -i -e '/^all/s/fixfiles//' "${S}/scripts/Makefile" \
+		|| die "fixfiles sed 1 failed"
+	sed -i -e '/fixfiles/d' "${S}/scripts/Makefile" \
+		|| die "fixfiles sed 2 failed"
+
+	EPATCH_MULTI_MSG="Applying policycoreutils patches ... " \
+	EPATCH_SUFFIX="patch" \
+	EPATCH_SOURCE="${WORKDIR}/gentoo-patches" \
+	EPATCH_FORCE="yes" \
+	epatch
+
+	# Overwrite gl.po, id.po and et.po with valid PO file
+	cp "${S}/po/sq.po" "${S}/po/gl.po" || die "failed to copy ${S}/po/sq.po to gl.po"
+	cp "${S}/po/sq.po" "${S}/po/id.po" || die "failed to copy ${S}/po/sq.po to id.po"
+	cp "${S}/po/sq.po" "${S}/po/et.po" || die "failed to copy ${S}/po/sq.po to et.po"
+	# Fixes for Python 3 support in the extras
+	cd "${S2}";
+	epatch "${FILESDIR}/policycoreutils-extra-1.21-fix-python3.patch"
+}
+
+src_compile() {
+	local use_audit="n";
+	local use_pam="n";
+	local use_dbus="n";
+	local use_sesandbox="n";
+
+	use audit && use_audit="y";
+	use pam && use_pam="y";
+	use dbus && use_dbus="y";
+	use sesandbox && use_sesandbox="y";
+
+	python_copy_sources semanage sandbox
+	building() {
+		einfo "Compiling policycoreutils"
+		emake -C "${S}" AUDIT_LOG_PRIVS="y" AUDITH="${use_audit}" PAMH="${use_pam}" INOTIFYH="${use_dbus}" SESANDBOX="${use_sesandbox}" CC="$(tc-getCC)" PYLIBVER="python$(python_get_version)" || die
+		einfo "Compiling policycoreutils-extra "
+		emake -C "${S2}" AUDIT_LOG_PRIVS="y" AUDITH="${use_audit}" PAMH="${use_pam}" INOTIFYH="${use_dbus}" SESANDBOX="${use_sesandbox}" CC="$(tc-getCC)" PYLIBVER="python$(python_get_version)" || die
+	}
+	python_execute_function -s --source-dir semanage building
+}
+
+src_install() {
+	local use_audit="n";
+	local use_pam="n";
+	local use_dbus="n";
+	local use_sesandbox="n";
+
+	use audit && use_audit="y";
+	use pam && use_pam="y";
+	use dbus && use_dbus="y";
+	use sesandbox && use_sesandbox="y";
+
+	# Python scripts are present in many places. There are no extension modules.
+	installation() {
+		einfo "Installing policycoreutils"
+		emake -C "${S}" DESTDIR="${T}/images/${PYTHON_ABI}" AUDITH="${use_audit}" PAMH="${use_pam}" INOTIFYH="${use_dbus}" SESANDBOX="${use_sesandbox}" AUDIT_LOG_PRIV="y" PYLIBVER="python$(python_get_version)" install || return 1
+
+		einfo "Installing policycoreutils-extra"
+		emake -C "${S2}" DESTDIR="${T}/images/${PYTHON_ABI}" SHLIBDIR="${D}$(get_libdir)/rc" install || return 1
+	}
+	python_execute_function installation
+	python_merge_intermediate_installation_images "${T}/images"
+
+	# remove redhat-style init script
+	rm -fR "${D}/etc/rc.d"
+
+	# compatibility symlinks
+	dosym /sbin/setfiles /usr/sbin/setfiles
+	dosym /$(get_libdir)/rc/runscript_selinux.so /$(get_libdir)/rcscripts/runscript_selinux.so
+
+	# location for permissive definitions
+	dodir /var/lib/selinux
+	keepdir /var/lib/selinux
+}
+
+pkg_postinst() {
+	python_mod_optimize seobject.py
+}
+
+pkg_postrm() {
+	python_mod_cleanup seobject.py
+}
author	Sven Vermeulen <swift@gentoo.org>	2012-06-25 20:08:44 +0000
committer	Sven Vermeulen <swift@gentoo.org>	2012-06-25 20:08:44 +0000
commit	ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69 (patch)
tree	75a16c6c8807f4a1fb5a0e58dbf0fa0c75a1bb6c /sys-apps/policycoreutils
parent	Fix python 3 and audit2allow support, needed for bugs #408179 and #415091 (diff)
download	historical-ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69.tar.gz historical-ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69.tar.bz2 historical-ef7cb71a709f4d40f6d5c7c0ea741d63071d3e69.zip