[gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base-policy: ChangeLog selinux-base-policy-2.20130424-r1.ebuild

[gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base-policy: ChangeLog selinux-base-policy-2.20130424-r1.ebuild

[Sven Vermeulen (swift)]

swift       13/06/16 16:23:07

  Modified:             ChangeLog selinux-base-policy-2.20130424-r1.ebuild
  Log:
  Stabilizing 20130424 policies
  
  (Portage version: 2.1.12.2/cvs/Linux x86_64, signed Manifest commit with key 0xCDBA2FDB)

Revision  Changes    Path
1.133                sec-policy/selinux-base-policy/ChangeLog

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.133&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.133&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?r1=1.132&r2=1.133

Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v
retrieving revision 1.132
retrieving revision 1.133
diff -u -r1.132 -r1.133
--- ChangeLog	7 May 2013 09:22:57 -0000	1.132
+++ ChangeLog	16 Jun 2013 16:23:07 -0000	1.133
@@ -1,6 +1,10 @@
 # ChangeLog for sec-policy/selinux-base-policy
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.132 2013/05/07 09:22:57 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.133 2013/06/16 16:23:07 swift Exp $
+
+  16 Jun 2013; Sven Vermeulen <swift@gentoo.org>
+  selinux-base-policy-2.20130424-r1.ebuild:
+  Stabilize 20130424 policies
 
   07 May 2013; Sven Vermeulen <swift@gentoo.org>
   selinux-base-policy-2.20130424-r1.ebuild, selinux-base-policy-9999.ebuild:



1.3                  sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild?rev=1.3&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild?rev=1.3&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild?r1=1.2&r2=1.3

Index: selinux-base-policy-2.20130424-r1.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- selinux-base-policy-2.20130424-r1.ebuild	7 May 2013 09:22:57 -0000	1.2
+++ selinux-base-policy-2.20130424-r1.ebuild	16 Jun 2013 16:23:07 -0000	1.3
@@ -1,6 +1,6 @@
 # Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild,v 1.2 2013/05/07 09:22:57 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild,v 1.3 2013/06/16 16:23:07 swift Exp $
 EAPI="4"
 
 inherit eutils
@@ -16,7 +16,7 @@
 DEPEND=""
 SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2
 		http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="amd64 x86"
 
 MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg"
 LICENSE="GPL-2"

[gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base-policy: ChangeLog selinux-base-policy-2.20130424-r1.ebuild

[Sven Vermeulen (swift)]

swift       13/05/06 14:46:54

  Modified:             ChangeLog
  Added:                selinux-base-policy-2.20130424-r1.ebuild
  Log:
  Push out 20130424 policies
  
  (Portage version: 2.1.11.62/cvs/Linux x86_64, signed Manifest commit with key 0xCDBA2FDB)

Revision  Changes    Path
1.131                sec-policy/selinux-base-policy/ChangeLog

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.131&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.131&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?r1=1.130&r2=1.131

Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -r1.130 -r1.131
--- ChangeLog	29 Mar 2013 10:59:47 -0000	1.130
+++ ChangeLog	6 May 2013 14:46:54 -0000	1.131
@@ -1,6 +1,12 @@
 # ChangeLog for sec-policy/selinux-base-policy
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.130 2013/03/29 10:59:47 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.131 2013/05/06 14:46:54 swift Exp $
+
+*selinux-base-policy-2.20130424-r1 (06 May 2013)
+
+  06 May 2013; Sven Vermeulen <swift@gentoo.org>
+  +selinux-base-policy-2.20130424-r1.ebuild:
+  Adding 20130424 release
 
   29 Mar 2013; Sven Vermeulen <swift@gentoo.org>
   selinux-base-policy-9999.ebuild:



1.1                  sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild?rev=1.1&content-type=text/plain

Index: selinux-base-policy-2.20130424-r1.ebuild
===================================================================
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20130424-r1.ebuild,v 1.1 2013/05/06 14:46:54 swift Exp $
EAPI="4"

inherit eutils

HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
DESCRIPTION="SELinux policy for core modules"

IUSE="+unconfined"
BASEPOL="2.20130424-r1"

RDEPEND=">=sec-policy/selinux-base-${PVR}"
PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
DEPEND=""
SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2
		http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2"
KEYWORDS="~amd64 ~x86"

MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg"
LICENSE="GPL-2"
SLOT="0"
S="${WORKDIR}/"
PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2"

# Code entirely copied from selinux-eclass (cannot inherit due to dependency on
# itself), when reworked reinclude it. Only postinstall (where -b base.pp is
# added) needs to remain then.

pkg_pretend() {
	for i in ${POLICY_TYPES}; do
		if [[ "${i}" == "targeted" ]] && ! use unconfined; then
			die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory."
		fi
	done
}

src_prepare() {
	local modfiles

	# Patch the sources with the base patchbundle
	if [[ -n ${BASEPOL} ]];
	then
		cd "${S}"
		EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \
		EPATCH_SUFFIX="patch" \
		EPATCH_SOURCE="${WORKDIR}" \
		EPATCH_FORCE="yes" \
		epatch
	fi

	# Apply the additional patches refered to by the module ebuild.
	# But first some magic to differentiate between bash arrays and strings
	if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]];
	then
		cd "${S}/refpolicy/policy/modules"
		for POLPATCH in "${POLICY_PATCH[@]}";
		do
			epatch "${POLPATCH}"
		done
	else
		if [[ -n ${POLICY_PATCH} ]];
		then
			cd "${S}/refpolicy/policy/modules"
			for POLPATCH in ${POLICY_PATCH};
			do
				epatch "${POLPATCH}"
			done
		fi
	fi

	# Collect only those files needed for this particular module
	for i in ${MODS}; do
		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
	done

	for i in ${POLICY_TYPES}; do
		mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
		cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
			|| die "Failed to copy Makefile.example to ${S}/${i}/Makefile"

		cp ${modfiles} "${S}"/${i} \
			|| die "Failed to copy the module files to ${S}/${i}"
	done
}

src_compile() {
	for i in ${POLICY_TYPES}; do
		# Parallel builds are broken, so we need to force -j1 here
		emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed"
	done
}

src_install() {
	local BASEDIR="/usr/share/selinux"

	for i in ${POLICY_TYPES}; do
		for j in ${MODS}; do
			einfo "Installing ${i} ${j} policy package"
			insinto ${BASEDIR}/${i}
			doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
		done
	done
}

pkg_postinst() {
	# Override the command from the eclass, we need to load in base as well here
	local COMMAND
	for i in ${MODS}; do
		COMMAND="-i ${i}.pp ${COMMAND}"
	done

	for i in ${POLICY_TYPES}; do
		einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"

		cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}"

		semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store"
	done
}