From: "Jason Zaman (perfinion)" <perfinion@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base-policy: selinux-base-policy-2.20141203-r5.ebuild ChangeLog
Date: Wed, 15 Apr 2015 15:43:28 +0000 (UTC) [thread overview]
Message-ID: <20150415154328.8890E1607E@oystercatcher.gentoo.org> (raw)
perfinion 15/04/15 15:43:28
Modified: ChangeLog
Added: selinux-base-policy-2.20141203-r5.ebuild
Log:
Release of 2.20141203-r5
(Portage version: 2.2.14/cvs/Linux x86_64, signed Manifest commit with key 0x7EF137EC935B0EAF)
Revision Changes Path
1.171 sec-policy/selinux-base-policy/ChangeLog
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.171&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?rev=1.171&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog?r1=1.170&r2=1.171
Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v
retrieving revision 1.170
retrieving revision 1.171
diff -u -r1.170 -r1.171
--- ChangeLog 22 Mar 2015 14:17:10 -0000 1.170
+++ ChangeLog 15 Apr 2015 15:43:28 -0000 1.171
@@ -1,6 +1,12 @@
# ChangeLog for sec-policy/selinux-base-policy
# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.170 2015/03/22 14:17:10 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.171 2015/04/15 15:43:28 perfinion Exp $
+
+*selinux-base-policy-2.20141203-r5 (15 Apr 2015)
+
+ 15 Apr 2015; Jason Zaman <perfinion@gentoo.org>
+ +selinux-base-policy-2.20141203-r5.ebuild:
+ Release of 2.20141203-r5
22 Mar 2015; Sven Vermeulen <swift@gentoo.org>
selinux-base-policy-2.20141203-r3.ebuild:
1.1 sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r5.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r5.ebuild?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r5.ebuild?rev=1.1&content-type=text/plain
Index: selinux-base-policy-2.20141203-r5.ebuild
===================================================================
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r5.ebuild,v 1.1 2015/04/15 15:43:28 perfinion Exp $
EAPI="5"
inherit eutils
if [[ ${PV} == 9999* ]]; then
EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://git.overlays.gentoo.org/proj/hardened-refpolicy.git https://git.overlays.gentoo.org/gitroot/proj/hardened-refpolicy.git}"
EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}"
EGIT_SOURCEDIR="${WORKDIR}/refpolicy"
inherit git-2
KEYWORDS=""
else
SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2
http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
KEYWORDS="~amd64 ~x86"
fi
HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
DESCRIPTION="SELinux policy for core modules"
IUSE="+unconfined"
RDEPEND="=sec-policy/selinux-base-${PVR}"
PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
DEPEND=""
MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg"
LICENSE="GPL-2"
SLOT="0"
S="${WORKDIR}/"
# Code entirely copied from selinux-eclass (cannot inherit due to dependency on
# itself), when reworked reinclude it. Only postinstall (where -b base.pp is
# added) needs to remain then.
pkg_pretend() {
for i in ${POLICY_TYPES}; do
if [[ "${i}" == "targeted" ]] && ! use unconfined; then
die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory."
fi
done
}
src_prepare() {
local modfiles
if [[ ${PV} != 9999* ]]; then
# Patch the source with the base patchbundle
cd "${S}"
EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \
EPATCH_SUFFIX="patch" \
EPATCH_SOURCE="${WORKDIR}" \
EPATCH_FORCE="yes" \
epatch
fi
# Apply the additional patches refered to by the module ebuild.
# But first some magic to differentiate between bash arrays and strings
if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]];
then
cd "${S}/refpolicy/policy/modules"
for POLPATCH in "${POLICY_PATCH[@]}";
do
epatch "${POLPATCH}"
done
else
if [[ -n ${POLICY_PATCH} ]];
then
cd "${S}/refpolicy/policy/modules"
for POLPATCH in ${POLICY_PATCH};
do
epatch "${POLPATCH}"
done
fi
fi
# Calling user patches
epatch_user
# Collect only those files needed for this particular module
for i in ${MODS}; do
modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
done
for i in ${POLICY_TYPES}; do
mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
|| die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
cp ${modfiles} "${S}"/${i} \
|| die "Failed to copy the module files to ${S}/${i}"
done
}
src_compile() {
for i in ${POLICY_TYPES}; do
emake NAME=$i -C "${S}"/${i} || die "${i} compile failed"
done
}
src_install() {
local BASEDIR="/usr/share/selinux"
for i in ${POLICY_TYPES}; do
for j in ${MODS}; do
einfo "Installing ${i} ${j} policy package"
insinto ${BASEDIR}/${i}
doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
done
done
}
pkg_postinst() {
# Override the command from the eclass, we need to load in base as well here
local COMMAND
for i in ${MODS}; do
COMMAND="-i ${i}.pp ${COMMAND}"
done
for i in ${POLICY_TYPES}; do
einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}"
semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store"
done
# Relabel depending packages
local PKGSET="";
if [ -x /usr/bin/qdepends ] ; then
PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
elif [ -x /usr/bin/equery ] ; then
PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
fi
if [ -n "${PKGSET}" ] ; then
rlpkg ${PKGSET};
fi
}
next reply other threads:[~2015-04-15 15:47 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-15 15:43 Jason Zaman (perfinion) [this message]
-- strict thread matches above, loose matches on Subject: below --
2015-06-05 16:10 [gentoo-commits] gentoo-x86 commit in sec-policy/selinux-base-policy: selinux-base-policy-2.20141203-r5.ebuild ChangeLog Jason Zaman (perfinion)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150415154328.8890E1607E@oystercatcher.gentoo.org \
--to=perfinion@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox