* [gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base: selinux-base-9999.ebuild ChangeLog metadata.xml
@ 2012-12-04 20:21 Sven Vermeulen (swift)
0 siblings, 0 replies; only message in thread
From: Sven Vermeulen (swift) @ 2012-12-04 20:21 UTC (permalink / raw
To: gentoo-commits
swift 12/12/04 20:21:53
Modified: selinux-base-9999.ebuild ChangeLog metadata.xml
Log:
Enable support for unconfined USE flag
(Portage version: 2.1.11.31/cvs/Linux x86_64, signed Manifest commit with key 0xCDBA2FDB)
Revision Changes Path
1.2 sec-policy/selinux-base/selinux-base-9999.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/selinux-base-9999.ebuild?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/selinux-base-9999.ebuild?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/selinux-base-9999.ebuild?r1=1.1&r2=1.2
Index: selinux-base-9999.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/selinux-base-9999.ebuild,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- selinux-base-9999.ebuild 13 Oct 2012 16:30:53 -0000 1.1
+++ selinux-base-9999.ebuild 4 Dec 2012 20:21:53 -0000 1.2
@@ -1,11 +1,11 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/selinux-base-9999.ebuild,v 1.1 2012/10/13 16:30:53 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/selinux-base-9999.ebuild,v 1.2 2012/12/04 20:21:53 swift Exp $
EAPI="4"
inherit eutils git-2
-IUSE="+peer_perms +open_perms +ubac doc"
+IUSE="+peer_perms +open_perms +ubac unconfined doc"
DESCRIPTION="Gentoo base policy for SELinux"
HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
@@ -63,13 +63,15 @@
echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf"
+ # Prepare initial configuration
+ cd "${S}/refpolicy";
+ make conf || die "Make conf failed"
+
# Setup the policies based on the types delivered by the end user.
# These types can be "targeted", "strict", "mcs" and "mls".
for i in ${POLICY_TYPES}; do
cp -a "${S}/refpolicy" "${S}/${i}"
-
cd "${S}/${i}";
- make conf || die "Make conf in ${i} failed"
#cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf"
sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf"
@@ -89,6 +91,12 @@
"${S}/${i}/config/appconfig-standard/seusers" \
|| die "targeted seusers setup failed."
fi
+
+ if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then
+ sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \
+ "${S}/${i}/config/appconfig-${i}/seusers" \
+ || die "policy seusers setup failed."
+ fi
done
}
1.15 sec-policy/selinux-base/ChangeLog
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/ChangeLog?rev=1.15&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/ChangeLog?rev=1.15&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/ChangeLog?r1=1.14&r2=1.15
Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/ChangeLog,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- ChangeLog 3 Dec 2012 08:52:45 -0000 1.14
+++ ChangeLog 4 Dec 2012 20:21:53 -0000 1.15
@@ -1,6 +1,9 @@
# ChangeLog for sec-policy/selinux-base
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/ChangeLog,v 1.14 2012/12/03 08:52:45 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/ChangeLog,v 1.15 2012/12/04 20:21:53 swift Exp $
+
+ 04 Dec 2012; <swift@gentoo.org> selinux-base-9999.ebuild, metadata.xml:
+ Add in support for unconfined USE flag and fix #445978
*selinux-base-2.20120725-r8 (03 Dec 2012)
1.2 sec-policy/selinux-base/metadata.xml
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/metadata.xml?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/metadata.xml?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base/metadata.xml?r1=1.1&r2=1.2
Index: metadata.xml
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/metadata.xml,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- metadata.xml 31 Mar 2012 12:29:14 -0000 1.1
+++ metadata.xml 4 Dec 2012 20:21:53 -0000 1.2
@@ -10,5 +10,6 @@
<flag name='peer_perms'>Enable the labeled networking peer permissions (SELinux policy capability).</flag>
<flag name='open_perms'>Enable the open permissions for file object classes (SELinux policy capability).</flag>
<flag name='ubac'>Enable User Based Access Control (UBAC) in the SELinux policy</flag>
+ <flag name='unconfined'>Enable support for the unconfined SELinux module</flag>
</use>
</pkgmetadata>
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-12-04 20:22 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-12-04 20:21 [gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base: selinux-base-9999.ebuild ChangeLog metadata.xml Sven Vermeulen (swift)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox