From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 5D4E5138330 for ; Wed, 31 Aug 2016 16:38:50 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AE3F9E0B3A; Wed, 31 Aug 2016 16:38:48 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B739EE0B36 for ; Wed, 31 Aug 2016 16:38:47 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id B34AC34087F for ; Wed, 31 Aug 2016 16:38:46 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id EB3B92471 for ; Wed, 31 Aug 2016 16:38:44 +0000 (UTC) From: "Jason Zaman" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" Message-ID: <1472657906.f51d21f62c9f44d637796ab5d5fab793f871cb2e.perfinion@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: / X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: .travis.yml X-VCS-Directories: / X-VCS-Committer: perfinion X-VCS-Committer-Name: Jason Zaman X-VCS-Revision: f51d21f62c9f44d637796ab5d5fab793f871cb2e X-VCS-Branch: master Date: Wed, 31 Aug 2016 16:38:44 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 96a0d95d-8eb9-4803-b659-81d9931dc0bc X-Archives-Hash: d53b376307b9dec79135828047ea6e7f commit: f51d21f62c9f44d637796ab5d5fab793f871cb2e Author: Nicolas Iooss m4x org> AuthorDate: Sat Aug 27 15:08:57 2016 +0000 Commit: Jason Zaman gentoo org> CommitDate: Wed Aug 31 15:38:26 2016 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f51d21f6 Make Travis-CI build without using sudo This makes migrating to container-based infrastructure much easier (all that is needed is adding "sudo: false" in the file). Moreover installing the toolchain in a user directory fixes issues when using the Trusty Beta environment: this toolchain broke the already-installed Ubuntu packages (with for example policy version issues between setfiles and checkpolicy). As the packaged tools (version 2.2) are much slower than the latest toolchain release on Trusty, it is better to keep using the latest release. As libcap-ng-dev package is not (yet? [1]) whitelisted in Travis-CI container infrastructure, drop this package and do not build policycoreutils/sandbox. Do not build policycoreutils/restorecond too as it requires glib to be installed. While at it, set the language as "generic" instead of "python". [1] https://github.com/travis-ci/apt-package-whitelist/issues/1096 Signed-off-by: Nicolas Iooss m4x.org> .travis.yml | 44 +++++++++++++++++++++++++++++++++----------- 1 file changed, 33 insertions(+), 11 deletions(-) diff --git a/.travis.yml b/.travis.yml index 7c6301d..3f9d678 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,6 @@ # Derived from Nicolas Iooss: https://github.com/fishilico/selinux-refpolicy-patched/blob/travis-upstream/.travis.yml -language: python -python: - - "2.7" +language: generic # for T in standard mls mcs ; do for D in arch debian gentoo ; do for I in n y ; do for M in y n ; do for S in n y ; do # echo " - TYPE=$T DISTRO=$D DIRECT_INITRC=$I MONOLITHIC=$M SYSTEMD=$S" ; done ; done ; done ; done ; done @@ -32,16 +30,31 @@ env: - TYPE=mls DISTRO=gentoo DIRECT_INITRC=y MONOLITHIC=n SYSTEMD=n - TYPE=mls DISTRO=gentoo DIRECT_INITRC=y MONOLITHIC=n SYSTEMD=y -before_install: +# Uncomment to use Travis-CI container infrastructure (https://docs.travis-ci.com/user/ci-environment/) +#sudo: false + +# Uncomment these two lines to use Travis-CI Trusty Beta environment +#sudo: required +#dist: trusty + +addons: + apt: + packages: + # Install SELinux userspace utilities dependencies + - bison + - flex + - gettext + - libaudit-dev + - libbz2-dev + - libustr-dev + - libpcre3-dev + - swig + +install: - lsb_release -a - bison -V - flex -V - - sudo apt-get update -qq - - # Install SELinux userspace utilities dependencies - - sudo apt-get install -qq libaudit-dev libcap-ng-dev libustr-dev libpcre3-dev swig -install: # Download current SELinux userspace tools and libraries - curl -sS -L https://github.com/SELinuxProject/selinux/archive/20160223.tar.gz | tar xz - mv selinux-20160223 selinux-src @@ -56,10 +69,19 @@ install: # Drop sepolicy to break setools dependence (sepolicy isn't used anyway) - sed -i -e 's/sepolicy//' selinux-src/policycoreutils/Makefile - # Compile and install SELinux toolchain + # Drop restorecond to break glib dependence + - sed -i -e 's/ restorecond//' selinux-src/policycoreutils/Makefile + + # Drop sandbox to break libcap-ng dependence + - sed -i -e 's/ sandbox//' selinux-src/policycoreutils/Makefile + + # Compile and install SELinux toolchain into ~/selinux # On Ubuntu 12.04, default CFLAGS make the build fail in libsepol/cil with: # error: declaration of 'index' shadows a global declarationo - - sudo make CFLAGS="-O2 -pipe -fPIC -Wall" -C selinux-src install + - make "DESTDIR=$HOME/selinux" CFLAGS="-O2 -pipe -fPIC -Wall -I$HOME/selinux/usr/include" -C selinux-src install + + # Use TEST_TOOLCHAIN variable to tell refpolicy Makefile about the installed location + - export TEST_TOOLCHAIN="$HOME/selinux" # Drop build.conf settings to listen to env vars - sed -r -i -e '/(DIRECT_INITRC|MONOLITHIC|TYPE|DISTRO|SYSTEMD)/d' build.conf