sec-policy/selinux-base-policy/selinux-base-policy-20080525-r1.ebuild

# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-20080525-r1.ebuild,v 1.1 2009/09/14 19:28:57 pebenito Exp $

IUSE=""

inherit eutils

DESCRIPTION="Gentoo base policy for SELinux"
HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"

KEYWORDS="~amd64 ~x86"

RDEPEND=">=sys-apps/policycoreutils-1.30.30"
DEPEND="${RDEPEND}
        sys-devel/m4
        >=sys-apps/checkpolicy-1.30.12"

S=${WORKDIR}/

src_unpack() {
        [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
        MOD_CONF_VER="20080525"

        unpack ${A}

#       cd "${S}/refpolicy"
#       epatch ${FILESDIR}/${PN}-${PV}.diff

        echo "fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);" \
                >> "${S}/refpolicy/policy/modules/kernel/filesystem.te"

        for i in ${POLICY_TYPES}; do
                cp -a "${S}/refpolicy" "${S}/${i}"

                cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \
                        "${S}/${i}/policy/modules.conf" \
                        || die "failed to set up modules.conf"
                sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \
                        -e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \
                        || die "build.conf setup failed."

                echo "DISTRO = gentoo" >> "${S}/${i}/build.conf"

                if [ "${i}" == "targeted" ]; then
                        sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \
                        "${S}/${i}/config/appconfig-standard/seusers" \
                        || die "targeted seusers setup failed."

                        # add compat
                        sed -i -e '/user_u/s/user_r/user_r system_r/' "${S}/${i}/policy/users" \
                                || die "targeted user compat failed."
                fi
        done
}

src_compile() {
        [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"

        for i in ${POLICY_TYPES}; do
                cd "${S}/${i}"

                make base || die "${i} compile failed"
        done
}

src_install() {
        [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"

        for i in ${POLICY_TYPES}; do
                cd "${S}/${i}"

                make DESTDIR="${D}" install \
                        || die "${i} install failed."

                make DESTDIR="${D}" install-headers \
                        || die "${i} headers install failed."

                echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type"

                echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types"

                # libsemanage won't make this on its own
                keepdir "/etc/selinux/${i}/policy"
        done

        dodoc doc/Makefile.example doc/example.{te,fc,if}

        insinto /etc/selinux
        doins "${FILESDIR}/config"
}

pkg_postinst() {
        [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"

        if has "loadpolicy" $FEATURES ; then
                for i in ${POLICY_TYPES}; do
                        einfo "Inserting base module into ${i} module store."

                        cd "/usr/share/selinux/${i}"
                        semodule -s "${i}" -b base.pp
                done
        else
                echo
                echo
                eerror "Policy has not been loaded.  It is strongly suggested"
                eerror "that the policy be loaded before continuing!!"
                echo
                einfo "Automatic policy loading can be enabled by adding"
                einfo "\"loadpolicy\" to the FEATURES in make.conf."
                echo
                echo
                ebeep 4
                epause 4
        fi
}
1	# Copyright 1999-2009 Gentoo Foundation
2	# Distributed under the terms of the GNU General Public License v2
3	# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-20080525-r1.ebuild,v 1.1 2009/09/14 19:28:57 pebenito Exp $
4
5	IUSE=""
6
7	inherit eutils
8
9	DESCRIPTION="Gentoo base policy for SELinux"
10	HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
11	SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2"
12	LICENSE="GPL-2"
13	SLOT="0"
14
15	KEYWORDS="~amd64 ~x86"
16
17	RDEPEND=">=sys-apps/policycoreutils-1.30.30"
18	DEPEND="${RDEPEND}
19	sys-devel/m4
20	>=sys-apps/checkpolicy-1.30.12"
21
22	S=${WORKDIR}/
23
24	src_unpack() {
25	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
26	MOD_CONF_VER="20080525"
27
28	unpack ${A}
29
30	# cd "${S}/refpolicy"
31	# epatch ${FILESDIR}/${PN}-${PV}.diff
32
33	echo "fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);" \
34	>> "${S}/refpolicy/policy/modules/kernel/filesystem.te"
35
36	for i in ${POLICY_TYPES}; do
37	cp -a "${S}/refpolicy" "${S}/${i}"
38
39	cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \
40	"${S}/${i}/policy/modules.conf" \
41	\|\| die "failed to set up modules.conf"
42	sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \
43	-e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \
44	\|\| die "build.conf setup failed."
45
46	echo "DISTRO = gentoo" >> "${S}/${i}/build.conf"
47
48	if [ "${i}" == "targeted" ]; then
49	sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \
50	"${S}/${i}/config/appconfig-standard/seusers" \
51	\|\| die "targeted seusers setup failed."
52
53	# add compat
54	sed -i -e '/user_u/s/user_r/user_r system_r/' "${S}/${i}/policy/users" \
55	\|\| die "targeted user compat failed."
56	fi
57	done
58	}
59
60	src_compile() {
61	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
62
63	for i in ${POLICY_TYPES}; do
64	cd "${S}/${i}"
65
66	make base \|\| die "${i} compile failed"
67	done
68	}
69
70	src_install() {
71	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
72
73	for i in ${POLICY_TYPES}; do
74	cd "${S}/${i}"
75
76	make DESTDIR="${D}" install \
77	\|\| die "${i} install failed."
78
79	make DESTDIR="${D}" install-headers \
80	\|\| die "${i} headers install failed."
81
82	echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type"
83
84	echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types"
85
86	# libsemanage won't make this on its own
87	keepdir "/etc/selinux/${i}/policy"
88	done
89
90	dodoc doc/Makefile.example doc/example.{te,fc,if}
91
92	insinto /etc/selinux
93	doins "${FILESDIR}/config"
94	}
95
96	pkg_postinst() {
97	[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
98
99	if has "loadpolicy" $FEATURES ; then
100	for i in ${POLICY_TYPES}; do
101	einfo "Inserting base module into ${i} module store."
102
103	cd "/usr/share/selinux/${i}"
104	semodule -s "${i}" -b base.pp
105	done
106	else
107	echo
108	echo
109	eerror "Policy has not been loaded. It is strongly suggested"
110	eerror "that the policy be loaded before continuing!!"
111	echo
112	einfo "Automatic policy loading can be enabled by adding"
113	einfo "\"loadpolicy\" to the FEATURES in make.conf."
114	echo
115	echo
116	ebeep 4
117	epause 4
118	fi
119	}