/[gentoo-x86]/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r9.ebuild
Gentoo

Contents of /sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r9.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.3 - (show annotations) (download)
Mon Mar 24 19:44:11 2014 UTC (3 years, 7 months ago) by swift
Branch: MAIN
CVS Tags: HEAD
Changes since 1.2: +1 -1 lines
FILE REMOVED
Remove older SELinux policy ebuilds

(Portage version: 2.2.8-r1/cvs/Linux x86_64, signed Manifest commit with key 0x2EDD52403B68AF47)

1 # Copyright 1999-2013 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r9.ebuild,v 1.2 2013/01/13 16:03:50 swift Exp $
4 EAPI="4"
5
6 inherit eutils
7
8 HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
9 DESCRIPTION="SELinux policy for core modules"
10
11 IUSE="unconfined"
12 BASEPOL="${PVR}"
13
14 RDEPEND=">=sec-policy/selinux-base-${PVR}
15 unconfined? ( sec-policy/selinux-unconfined )"
16 DEPEND=""
17 SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2
18 http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2"
19 KEYWORDS="amd64 x86"
20
21 MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg"
22 LICENSE="GPL-2"
23 SLOT="0"
24 S="${WORKDIR}/"
25 PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2"
26
27 # Code entirely copied from selinux-eclass (cannot inherit due to dependency on
28 # itself), when reworked reinclude it. Only postinstall (where -b base.pp is
29 # added) needs to remain then.
30
31 src_prepare() {
32 local modfiles
33
34 # Patch the sources with the base patchbundle
35 if [[ -n ${BASEPOL} ]];
36 then
37 cd "${S}"
38 EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \
39 EPATCH_SUFFIX="patch" \
40 EPATCH_SOURCE="${WORKDIR}" \
41 EPATCH_FORCE="yes" \
42 epatch
43 fi
44
45 # Apply the additional patches refered to by the module ebuild.
46 # But first some magic to differentiate between bash arrays and strings
47 if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]];
48 then
49 cd "${S}/refpolicy/policy/modules"
50 for POLPATCH in "${POLICY_PATCH[@]}";
51 do
52 epatch "${POLPATCH}"
53 done
54 else
55 if [[ -n ${POLICY_PATCH} ]];
56 then
57 cd "${S}/refpolicy/policy/modules"
58 for POLPATCH in ${POLICY_PATCH};
59 do
60 epatch "${POLPATCH}"
61 done
62 fi
63 fi
64
65 # Collect only those files needed for this particular module
66 for i in ${MODS}; do
67 modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
68 modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
69 done
70
71 for i in ${POLICY_TYPES}; do
72 mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
73 cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
74 || die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
75
76 cp ${modfiles} "${S}"/${i} \
77 || die "Failed to copy the module files to ${S}/${i}"
78 done
79 }
80
81 src_compile() {
82 for i in ${POLICY_TYPES}; do
83 # Parallel builds are broken, so we need to force -j1 here
84 emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed"
85 done
86 }
87
88 src_install() {
89 local BASEDIR="/usr/share/selinux"
90
91 for i in ${POLICY_TYPES}; do
92 for j in ${MODS}; do
93 einfo "Installing ${i} ${j} policy package"
94 insinto ${BASEDIR}/${i}
95 doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
96 done
97 done
98 }
99
100 pkg_postinst() {
101 # Override the command from the eclass, we need to load in base as well here
102 local COMMAND
103 for i in ${MODS}; do
104 COMMAND="-i ${i}.pp ${COMMAND}"
105 done
106
107 for i in ${POLICY_TYPES}; do
108 einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
109
110 cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}"
111
112 semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store"
113 done
114 }

  ViewVC Help
Powered by ViewVC 1.1.20