/[gentoo-x86]/sec-policy/selinux-base-policy/selinux-base-policy-2.20091215.ebuild
Gentoo

Contents of /sec-policy/selinux-base-policy/selinux-base-policy-2.20091215.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.2 - (show annotations) (download)
Sat Nov 12 20:53:21 2011 UTC (3 years, 6 months ago) by swift
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +1 -1 lines
FILE REMOVED
Removing the SELinux 2.20101213 policies

(Portage version: 2.1.10.11/cvs/Linux x86_64)

1 # Copyright 1999-2009 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20091215.ebuild,v 1.1 2009/12/16 02:53:36 pebenito Exp $
4
5 EAPI="1"
6 IUSE="+peer_perms open_perms"
7
8 inherit eutils
9
10 DESCRIPTION="Gentoo base policy for SELinux"
11 HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
12 SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2"
13 LICENSE="GPL-2"
14 SLOT="0"
15
16 KEYWORDS="~amd64 ~x86"
17
18 RDEPEND=">=sys-apps/policycoreutils-1.30.30"
19 DEPEND="${RDEPEND}
20 sys-devel/m4
21 >=sys-apps/checkpolicy-1.30.12"
22
23 S=${WORKDIR}/
24
25 src_unpack() {
26 [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
27 MOD_CONF_VER="20090730"
28
29 unpack ${A}
30
31 # cd "${S}/refpolicy"
32 # epatch ${FILESDIR}/${PN}-${PV}.diff
33
34 if ! use peer_perms; then
35 sed -i -e '/network_peer_controls/d' \
36 "${S}/refpolicy/policy/policy_capabilities"
37 fi
38
39 if ! use open_perms; then
40 sed -i -e '/open_perms/d' \
41 "${S}/refpolicy/policy/policy_capabilities"
42 fi
43
44 for i in ${POLICY_TYPES}; do
45 cp -a "${S}/refpolicy" "${S}/${i}"
46
47 cp "${FILESDIR}/modules.conf.${i}.${MOD_CONF_VER}" \
48 "${S}/${i}/policy/modules.conf" \
49 || die "failed to set up modules.conf"
50 sed -i -e '/^QUIET/s/n/y/' -e '/^MONOLITHIC/s/y/n/' \
51 -e "/^NAME/s/refpolicy/$i/" "${S}/${i}/build.conf" \
52 || die "build.conf setup failed."
53
54 echo "DISTRO = gentoo" >> "${S}/${i}/build.conf"
55
56 if [ "${i}" == "targeted" ]; then
57 sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \
58 "${S}/${i}/config/appconfig-standard/seusers" \
59 || die "targeted seusers setup failed."
60 fi
61 done
62 }
63
64 src_compile() {
65 [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
66
67 for i in ${POLICY_TYPES}; do
68 cd "${S}/${i}"
69
70 make base || die "${i} compile failed"
71 done
72 }
73
74 src_install() {
75 [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
76
77 for i in ${POLICY_TYPES}; do
78 cd "${S}/${i}"
79
80 make DESTDIR="${D}" install \
81 || die "${i} install failed."
82
83 make DESTDIR="${D}" install-headers \
84 || die "${i} headers install failed."
85
86 echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type"
87
88 echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types"
89
90 # libsemanage won't make this on its own
91 keepdir "/etc/selinux/${i}/policy"
92 done
93
94 dodoc doc/Makefile.example doc/example.{te,fc,if}
95
96 insinto /etc/selinux
97 doins "${FILESDIR}/config"
98 }
99
100 pkg_postinst() {
101 [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted"
102
103 if has "loadpolicy" $FEATURES ; then
104 for i in ${POLICY_TYPES}; do
105 einfo "Inserting base module into ${i} module store."
106
107 cd "/usr/share/selinux/${i}"
108 semodule -s "${i}" -b base.pp
109 done
110 else
111 echo
112 echo
113 eerror "Policy has not been loaded. It is strongly suggested"
114 eerror "that the policy be loaded before continuing!!"
115 echo
116 einfo "Automatic policy loading can be enabled by adding"
117 einfo "\"loadpolicy\" to the FEATURES in make.conf."
118 echo
119 echo
120 ebeep 4
121 epause 4
122 fi
123 }

  ViewVC Help
Powered by ViewVC 1.1.20