| 1 |
swift |
1.1 |
# Copyright 1999-2012 Gentoo Foundation
|
| 2 |
|
|
# Distributed under the terms of the GNU General Public License v2
|
| 3 |
floppym |
1.3 |
# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/policycoreutils-2.1.10.ebuild,v 1.2 2012/04/29 10:08:04 swift Exp $
|
| 4 |
swift |
1.1 |
|
| 5 |
|
|
EAPI="3"
|
| 6 |
|
|
PYTHON_DEPEND="*"
|
| 7 |
|
|
PYTHON_USE_WITH="xml"
|
| 8 |
|
|
SUPPORT_PYTHON_ABIS="1"
|
| 9 |
floppym |
1.3 |
RESTRICT_PYTHON_ABIS="*-jython *-pypy-*"
|
| 10 |
swift |
1.1 |
|
| 11 |
|
|
inherit multilib python toolchain-funcs eutils
|
| 12 |
|
|
|
| 13 |
|
|
EXTRAS_VER="1.21"
|
| 14 |
|
|
SEMNG_VER="2.1.6"
|
| 15 |
|
|
SELNX_VER="2.1.9"
|
| 16 |
|
|
SEPOL_VER="2.1.4"
|
| 17 |
|
|
|
| 18 |
swift |
1.2 |
IUSE="audit pam dbus"
|
| 19 |
swift |
1.1 |
|
| 20 |
|
|
DESCRIPTION="SELinux core utilities"
|
| 21 |
|
|
HOMEPAGE="http://userspace.selinuxproject.org"
|
| 22 |
|
|
SRC_URI="http://userspace.selinuxproject.org/releases/20120216/${P}.tar.gz
|
| 23 |
|
|
http://dev.gentoo.org/~swift/patches/policycoreutils/policycoreutils-2.1.10-sesandbox.patch.gz
|
| 24 |
|
|
http://dev.gentoo.org/~swift/patches/policycoreutils/policycoreutils-2.1.10-fix-makefile-pam-audit.patch.gz
|
| 25 |
|
|
http://dev.gentoo.org/~swift/patches/policycoreutils/policycoreutils-2.1.10-fix-seunshare.patch.gz
|
| 26 |
|
|
http://dev.gentoo.org/~swift/patches/policycoreutils/policycoreutils-2.1.10-fix-nodbus_or_libcg.patch.gz
|
| 27 |
|
|
mirror://gentoo/policycoreutils-extra-${EXTRAS_VER}.tar.bz2
|
| 28 |
|
|
mirror://gentoo/policycoreutils-2.0.85-python3.tar.gz"
|
| 29 |
|
|
|
| 30 |
|
|
LICENSE="GPL-2"
|
| 31 |
|
|
SLOT="0"
|
| 32 |
swift |
1.2 |
KEYWORDS="amd64 x86"
|
| 33 |
swift |
1.1 |
|
| 34 |
|
|
COMMON_DEPS=">=sys-libs/libselinux-${SELNX_VER}[python]
|
| 35 |
|
|
>=sys-libs/glibc-2.4
|
| 36 |
|
|
>=sys-libs/libcap-1.10-r10
|
| 37 |
|
|
>=sys-libs/libsemanage-${SEMNG_VER}[python]
|
| 38 |
|
|
sys-libs/libcap-ng
|
| 39 |
|
|
>=sys-libs/libsepol-${SEPOL_VER}
|
| 40 |
|
|
sys-devel/gettext
|
| 41 |
|
|
dbus? (
|
| 42 |
|
|
sys-apps/dbus
|
| 43 |
|
|
dev-libs/dbus-glib
|
| 44 |
|
|
)
|
| 45 |
|
|
audit? ( >=sys-process/audit-1.5.1 )
|
| 46 |
|
|
pam? ( sys-libs/pam )"
|
| 47 |
|
|
|
| 48 |
|
|
### libcgroup -> seunshare
|
| 49 |
|
|
### dbus -> restorecond
|
| 50 |
|
|
|
| 51 |
|
|
# pax-utils for scanelf used by rlpkg
|
| 52 |
|
|
RDEPEND="${COMMON_DEPS}
|
| 53 |
|
|
dev-python/sepolgen
|
| 54 |
|
|
app-misc/pax-utils"
|
| 55 |
|
|
|
| 56 |
|
|
DEPEND="${COMMON_DEPS}"
|
| 57 |
|
|
|
| 58 |
|
|
S2=${WORKDIR}/policycoreutils-extra
|
| 59 |
|
|
|
| 60 |
|
|
src_prepare() {
|
| 61 |
|
|
# rlpkg is more useful than fixfiles
|
| 62 |
|
|
sed -i -e '/^all/s/fixfiles//' "${S}/scripts/Makefile" \
|
| 63 |
|
|
|| die "fixfiles sed 1 failed"
|
| 64 |
|
|
sed -i -e '/fixfiles/d' "${S}/scripts/Makefile" \
|
| 65 |
|
|
|| die "fixfiles sed 2 failed"
|
| 66 |
|
|
# We currently do not support MCS, so the sandbox code in policycoreutils
|
| 67 |
|
|
# is not usable yet. However, work for MCS is on the way and a reported
|
| 68 |
|
|
# vulnerability (bug #374897) might go by unnoticed if we ignore it now.
|
| 69 |
|
|
# As such, we will
|
| 70 |
|
|
# - prepare support for switching name from "sandbox" to "sesandbox"
|
| 71 |
|
|
epatch "${DISTDIR}/policycoreutils-2.1.10-sesandbox.patch.gz"
|
| 72 |
|
|
# Disable auto-detection of PAM and audit related stuff and override
|
| 73 |
|
|
epatch "${DISTDIR}/policycoreutils-2.1.10-fix-makefile-pam-audit.patch.gz"
|
| 74 |
|
|
# - Fix build failure on seunshare
|
| 75 |
|
|
epatch "${DISTDIR}/policycoreutils-2.1.10-fix-seunshare.patch.gz"
|
| 76 |
|
|
# - Make sandbox & dbus-depending stuff (restorecond) USE-triggered
|
| 77 |
|
|
epatch "${DISTDIR}/policycoreutils-2.1.10-fix-nodbus_or_libcg.patch.gz"
|
| 78 |
|
|
# Overwrite gl.po, id.po and et.po with valid PO file
|
| 79 |
|
|
cp "${S}/po/sq.po" "${S}/po/gl.po" || die "failed to copy ${S}/po/sq.po to gl.po"
|
| 80 |
|
|
cp "${S}/po/sq.po" "${S}/po/id.po" || die "failed to copy ${S}/po/sq.po to id.po"
|
| 81 |
|
|
cp "${S}/po/sq.po" "${S}/po/et.po" || die "failed to copy ${S}/po/sq.po to et.po"
|
| 82 |
|
|
# Fixed scripts for Python 3 support
|
| 83 |
|
|
cp "${WORKDIR}/seobject.py" "${S}/semanage/seobject.py" || die "failed to copy seobject.py"
|
| 84 |
|
|
cp "${WORKDIR}/semanage" "${S}/semanage/semanage" || die "failed to copy semanage"
|
| 85 |
|
|
cp "${WORKDIR}/chcat" "${S}/scripts/chcat" || die "failed to copy chcat"
|
| 86 |
|
|
cp "${WORKDIR}/audit2allow" "${S}/audit2allow/audit2allow" || die "failed to copy audit2allow"
|
| 87 |
|
|
}
|
| 88 |
|
|
|
| 89 |
|
|
src_compile() {
|
| 90 |
|
|
local use_audit="n";
|
| 91 |
|
|
local use_pam="n";
|
| 92 |
|
|
local use_dbus="n";
|
| 93 |
|
|
local use_sesandbox="n";
|
| 94 |
|
|
|
| 95 |
|
|
use audit && use_audit="y";
|
| 96 |
|
|
use pam && use_pam="y";
|
| 97 |
|
|
use dbus && use_dbus="y";
|
| 98 |
|
|
|
| 99 |
|
|
python_copy_sources semanage sandbox
|
| 100 |
|
|
building() {
|
| 101 |
|
|
einfo "Compiling policycoreutils"
|
| 102 |
|
|
emake -C "${S}" AUDIT_LOG_PRIVS="y" AUDITH="${use_audit}" PAMH="${use_pam}" INOTIFYH="${use_dbus}" SESANDBOX="${use_sesandbox}" CC="$(tc-getCC)" PYLIBVER="python$(python_get_version)" || die
|
| 103 |
|
|
einfo "Compiling policycoreutils-extra "
|
| 104 |
|
|
emake -C "${S2}" AUDIT_LOG_PRIVS="y" AUDITH="${use_audit}" PAMH="${use_pam}" INOTIFYH="${use_dbus}" SESANDBOX="${use_sesandbox}" CC="$(tc-getCC)" PYLIBVER="python$(python_get_version)" || die
|
| 105 |
|
|
}
|
| 106 |
|
|
python_execute_function -s --source-dir semanage building
|
| 107 |
|
|
}
|
| 108 |
|
|
|
| 109 |
|
|
src_install() {
|
| 110 |
|
|
local use_audit="n";
|
| 111 |
|
|
local use_pam="n";
|
| 112 |
|
|
local use_dbus="n";
|
| 113 |
|
|
local use_sesandbox="n";
|
| 114 |
|
|
|
| 115 |
|
|
use audit && use_audit="y";
|
| 116 |
|
|
use pam && use_pam="y";
|
| 117 |
|
|
use dbus && use_dbus="y";
|
| 118 |
|
|
|
| 119 |
|
|
# Python scripts are present in many places. There are no extension modules.
|
| 120 |
|
|
installation() {
|
| 121 |
|
|
einfo "Installing policycoreutils"
|
| 122 |
|
|
emake -C "${S}" DESTDIR="${T}/images/${PYTHON_ABI}" AUDITH="${use_audit}" PAMH="${use_pam}" INOTIFYH="${use_dbus}" SESANDBOX="${use_sesandbox}" AUDIT_LOG_PRIV="y" PYLIBVER="python$(python_get_version)" install || return 1
|
| 123 |
|
|
|
| 124 |
|
|
einfo "Installing policycoreutils-extra"
|
| 125 |
|
|
emake -C "${S2}" DESTDIR="${T}/images/${PYTHON_ABI}" SHLIBDIR="${D}$(get_libdir)/rc" install || return 1
|
| 126 |
|
|
}
|
| 127 |
|
|
python_execute_function installation
|
| 128 |
|
|
python_merge_intermediate_installation_images "${T}/images"
|
| 129 |
|
|
|
| 130 |
|
|
# remove redhat-style init script
|
| 131 |
|
|
rm -fR "${D}/etc/rc.d"
|
| 132 |
|
|
|
| 133 |
|
|
# compatibility symlinks
|
| 134 |
|
|
dosym /sbin/setfiles /usr/sbin/setfiles
|
| 135 |
|
|
dosym /$(get_libdir)/rc/runscript_selinux.so /$(get_libdir)/rcscripts/runscript_selinux.so
|
| 136 |
|
|
|
| 137 |
|
|
# location for permissive definitions
|
| 138 |
|
|
dodir /var/lib/selinux
|
| 139 |
|
|
keepdir /var/lib/selinux
|
| 140 |
|
|
}
|
| 141 |
|
|
|
| 142 |
|
|
pkg_postinst() {
|
| 143 |
|
|
python_mod_optimize seobject.py
|
| 144 |
|
|
}
|
| 145 |
|
|
|
| 146 |
|
|
pkg_postrm() {
|
| 147 |
|
|
python_mod_cleanup seobject.py
|
| 148 |
|
|
}
|
Parent Directory
| 
Revision Log