From: "Jason Zaman" <perfinion@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sec-policy/selinux-base-policy/
Date: Sat, 9 Jun 2018 05:09:44 +0000 (UTC) [thread overview]
Message-ID: <1528518424.8f88bc159a81c30c0d49aad62cfe63df5a0d9815.perfinion@gentoo> (raw)
commit: 8f88bc159a81c30c0d49aad62cfe63df5a0d9815
Author: Jason Zaman <perfinion <AT> gentoo <DOT> org>
AuthorDate: Sat Jun 9 04:07:41 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jun 9 04:27:04 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f88bc15
sec-policy/selinux-base-policy: Fix policy load when cross compiling
Package-Manager: Portage-2.3.40, Repoman-2.3.9
.../selinux-base-policy-2.20180114-r2.ebuild | 34 ++++++++++++++--------
.../selinux-base-policy-9999.ebuild | 34 ++++++++++++++--------
2 files changed, 44 insertions(+), 24 deletions(-)
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild
index ffcbe80f607..b2976ccee54 100644
--- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild
@@ -22,6 +22,7 @@ IUSE="systemd +unconfined"
PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]"
+RDEPEND="$DEPEND"
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg"
LICENSE="GPL-2"
@@ -74,7 +75,7 @@ src_prepare() {
src_compile() {
for i in ${POLICY_TYPES}; do
- emake NAME=$i -C "${S}"/${i} || die "${i} compile failed"
+ emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed"
done
}
@@ -91,6 +92,12 @@ src_install() {
}
pkg_postinst() {
+ # Set root path and don't load policy into the kernel when cross compiling
+ local root_opts=""
+ if [[ "${ROOT%/}" != "" ]]; then
+ root_opts="-p ${ROOT%/} -n"
+ fi
+
# Override the command from the eclass, we need to load in base as well here
local COMMAND="-i base.pp"
if has_version "<sys-apps/policycoreutils-2.5"; then
@@ -104,19 +111,22 @@ pkg_postinst() {
for i in ${POLICY_TYPES}; do
einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
- cd /usr/share/selinux/${i}
+ cd "${ROOT%/}/usr/share/selinux/${i}"
- semodule -s ${i} ${COMMAND}
+ semodule ${root_opts} -s ${i} ${COMMAND}
done
- # Relabel depending packages
- local PKGSET="";
- if [[ -x /usr/bin/qdepends ]] ; then
- PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- elif [[ -x /usr/bin/equery ]] ; then
- PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- fi
- if [[ -n "${PKGSET}" ]] ; then
- rlpkg ${PKGSET};
+ # Don't relabel when cross compiling
+ if [[ "${ROOT%/}" == "" ]]; then
+ # Relabel depending packages
+ local PKGSET="";
+ if [[ -x /usr/bin/qdepends ]] ; then
+ PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ elif [[ -x /usr/bin/equery ]] ; then
+ PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ fi
+ if [[ -n "${PKGSET}" ]] ; then
+ rlpkg ${PKGSET};
+ fi
fi
}
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild
index ffcbe80f607..b2976ccee54 100644
--- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild
@@ -22,6 +22,7 @@ IUSE="systemd +unconfined"
PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]"
+RDEPEND="$DEPEND"
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg"
LICENSE="GPL-2"
@@ -74,7 +75,7 @@ src_prepare() {
src_compile() {
for i in ${POLICY_TYPES}; do
- emake NAME=$i -C "${S}"/${i} || die "${i} compile failed"
+ emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed"
done
}
@@ -91,6 +92,12 @@ src_install() {
}
pkg_postinst() {
+ # Set root path and don't load policy into the kernel when cross compiling
+ local root_opts=""
+ if [[ "${ROOT%/}" != "" ]]; then
+ root_opts="-p ${ROOT%/} -n"
+ fi
+
# Override the command from the eclass, we need to load in base as well here
local COMMAND="-i base.pp"
if has_version "<sys-apps/policycoreutils-2.5"; then
@@ -104,19 +111,22 @@ pkg_postinst() {
for i in ${POLICY_TYPES}; do
einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
- cd /usr/share/selinux/${i}
+ cd "${ROOT%/}/usr/share/selinux/${i}"
- semodule -s ${i} ${COMMAND}
+ semodule ${root_opts} -s ${i} ${COMMAND}
done
- # Relabel depending packages
- local PKGSET="";
- if [[ -x /usr/bin/qdepends ]] ; then
- PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- elif [[ -x /usr/bin/equery ]] ; then
- PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
- fi
- if [[ -n "${PKGSET}" ]] ; then
- rlpkg ${PKGSET};
+ # Don't relabel when cross compiling
+ if [[ "${ROOT%/}" == "" ]]; then
+ # Relabel depending packages
+ local PKGSET="";
+ if [[ -x /usr/bin/qdepends ]] ; then
+ PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ elif [[ -x /usr/bin/equery ]] ; then
+ PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+ fi
+ if [[ -n "${PKGSET}" ]] ; then
+ rlpkg ${PKGSET};
+ fi
fi
}
next reply other threads:[~2018-06-09 5:09 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-09 5:09 Jason Zaman [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-07-19 19:50 [gentoo-commits] repo/gentoo:master commit in: sec-policy/selinux-base-policy/ Jakov Smolić
2022-11-09 19:50 Arthur Zamarin
2022-01-09 5:46 Jason Zaman
2022-01-01 22:44 Jason Zaman
2021-02-02 4:14 Jason Zaman
2019-12-21 14:11 Jason Zaman
2019-04-20 8:24 Jason Zaman
2018-07-12 15:30 Jason Zaman
2018-02-18 17:16 Patrice Clement
2018-02-04 14:23 Jason Zaman
2018-01-09 17:58 Jason Zaman
2017-08-27 14:58 Jason Zaman
2016-12-11 20:01 Jason Zaman
2016-06-05 9:00 Sven Vermeulen
2016-06-04 8:49 Jason Zaman
2016-03-23 22:37 Jason Zaman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1528518424.8f88bc159a81c30c0d49aad62cfe63df5a0d9815.perfinion@gentoo \
--to=perfinion@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox