Re: [gentoo-hardened] Update on selinux-policy-2 eclass

[Peter Volkov <pva@gentoo.org>]

В Срд, 03/08/2011 в 15:29 +0200, Sven Vermeulen пишет:
> > 4. [ -n "${POLICY_PATCH}" ]
> > generally it's better to use bash tests [[ ]] and avoid quotation.
> 
> For POLICY_PATCH, I'll keep the quotation(s) because it can contain multiple
> patches (space-separated).

If you use [[ -n ${POLICY_PATCH} ]] then quotation is not needed even in
case it contains multiple values. E.g. here:
if [[ -n "${POLICY_PATCH}" ]];

quotation is not required - bash will understand this correctly.

BTW,
		for POLPATCH in "${POLICY_PATCH}";
		do
			cd "${S}/refpolicy/policy/modules"
			epatch "${POLPATCH}"
		done

It looks like quotation is not necessary around "${POLICY_PATCH}"?
Independently of how many values has "${POLICY_PATCH}" values for cycle
will iterate only once.

Also it looks like it's better use bash array for POLICY_PATCH. This way
you'll allow path to patch to have spaces and still correct iteration.
For example take a look at PATCHES variable in base.eclass. It has code
that allows you to make such changes in eclass backward compatible. But
still it's better to use arrays so probably it's good idea for eclass
just die in case user uses POLICY_PATCH as a variable and not as a bash
array:

POLICY_PATCH=( "${FILESDIR}/mypatch.patch" "${FILESDIR}/patches_folder/"
)

[[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]] ||
die
for x in "${POLICY_PATCH[@]}"; do
            epatch "${x}"
done

> > 8. 
> > selinux-policy-2_src_compile() {
> > 	for i in ${POLICY_TYPES}; do
> > 		make NAME=$i -C "${S}"/${i} || die "${i} compile failed"
> > Is parallel build unsupported here? May be emake?
> 
> emake fails here

It's good idea to document this within comments above and use emake -j1.

--
Peter.