/[gentoo-x86]/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r1.ebuild
Gentoo

Contents of /sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.3 - (show annotations) (download)
Sun Dec 21 14:20:23 2014 UTC (3 years, 1 month ago) by swift
Branch: MAIN
CVS Tags: HEAD
Changes since 1.2: +1 -1 lines
FILE REMOVED
Remove old ebuilds

(Portage version: 2.2.14/cvs/Linux x86_64, signed Manifest commit with key 0x2EDD52403B68AF47)

1 # Copyright 1999-2014 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20140311-r1.ebuild,v 1.2 2014/04/19 15:51:42 swift Exp $
4 EAPI="4"
5
6 inherit eutils
7
8 HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
9 DESCRIPTION="SELinux policy for core modules"
10
11 IUSE="+unconfined"
12 BASEPOL="2.20140311-r1"
13
14 RDEPEND=">=sec-policy/selinux-base-${PVR}"
15 PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
16 DEPEND=""
17 SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2
18 http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2"
19 KEYWORDS="amd64 x86"
20
21 MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg"
22 LICENSE="GPL-2"
23 SLOT="0"
24 S="${WORKDIR}/"
25 PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2"
26
27 # Code entirely copied from selinux-eclass (cannot inherit due to dependency on
28 # itself), when reworked reinclude it. Only postinstall (where -b base.pp is
29 # added) needs to remain then.
30
31 pkg_pretend() {
32 for i in ${POLICY_TYPES}; do
33 if [[ "${i}" == "targeted" ]] && ! use unconfined; then
34 die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory."
35 fi
36 done
37 }
38
39 src_prepare() {
40 local modfiles
41
42 # Patch the sources with the base patchbundle
43 if [[ -n ${BASEPOL} ]];
44 then
45 cd "${S}"
46 EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \
47 EPATCH_SUFFIX="patch" \
48 EPATCH_SOURCE="${WORKDIR}" \
49 EPATCH_FORCE="yes" \
50 epatch
51 fi
52
53 # Apply the additional patches refered to by the module ebuild.
54 # But first some magic to differentiate between bash arrays and strings
55 if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]];
56 then
57 cd "${S}/refpolicy/policy/modules"
58 for POLPATCH in "${POLICY_PATCH[@]}";
59 do
60 epatch "${POLPATCH}"
61 done
62 else
63 if [[ -n ${POLICY_PATCH} ]];
64 then
65 cd "${S}/refpolicy/policy/modules"
66 for POLPATCH in ${POLICY_PATCH};
67 do
68 epatch "${POLPATCH}"
69 done
70 fi
71 fi
72
73 # Calling user patches
74 epatch_user
75
76 # Collect only those files needed for this particular module
77 for i in ${MODS}; do
78 modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
79 modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
80 done
81
82 for i in ${POLICY_TYPES}; do
83 mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
84 cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
85 || die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
86
87 cp ${modfiles} "${S}"/${i} \
88 || die "Failed to copy the module files to ${S}/${i}"
89 done
90 }
91
92 src_compile() {
93 for i in ${POLICY_TYPES}; do
94 # Parallel builds are broken, so we need to force -j1 here
95 emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed"
96 done
97 }
98
99 src_install() {
100 local BASEDIR="/usr/share/selinux"
101
102 for i in ${POLICY_TYPES}; do
103 for j in ${MODS}; do
104 einfo "Installing ${i} ${j} policy package"
105 insinto ${BASEDIR}/${i}
106 doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
107 done
108 done
109 }
110
111 pkg_postinst() {
112 # Override the command from the eclass, we need to load in base as well here
113 local COMMAND
114 for i in ${MODS}; do
115 COMMAND="-i ${i}.pp ${COMMAND}"
116 done
117
118 for i in ${POLICY_TYPES}; do
119 einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
120
121 cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}"
122
123 semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store"
124 done
125 }

  ViewVC Help
Powered by ViewVC 1.1.20