Release of 2.20141203-r7

Package-Manager: portage-2.2.18/cvs/Linux x86_64 Manifest-Sign-Key: 0x7EF137EC935B0EAF
author: Jason Zaman <perfinion@gentoo.org> 2015-07-02 18:01:18 +0000
committer: Jason Zaman <perfinion@gentoo.org> 2015-07-02 18:01:18 +0000
commit: 9147d6e5bd6388e5b70bbf9941467cdb19f8f032 (patch)
tree: 02e958a8f0e321ac5d80db5eea912b9664e8df8c /sec-policy/selinux-base-policy
parent: remove all old versions (diff)
download: historical-9147d6e5bd6388e5b70bbf9941467cdb19f8f032.tar.gz
historical-9147d6e5bd6388e5b70bbf9941467cdb19f8f032.tar.bz2
historical-9147d6e5bd6388e5b70bbf9941467cdb19f8f032.zip
3 files changed, 167 insertions, 16 deletions
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog
index 0c374d421d8b..9263d45fb435 100644
--- a/sec-policy/selinux-base-policy/ChangeLog
+++ b/sec-policy/selinux-base-policy/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sec-policy/selinux-base-policy
 # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.176 2015/06/05 16:10:32 perfinion Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.177 2015/07/02 17:59:28 perfinion Exp $
+
+*selinux-base-policy-2.20141203-r7 (02 Jul 2015)
+
+  02 Jul 2015; Jason Zaman <perfinion@gentoo.org>
+  +selinux-base-policy-2.20141203-r7.ebuild:
+  Release of 2.20141203-r7
 
   05 Jun 2015; Jason Zaman <perfinion@gentoo.org>
   selinux-base-policy-2.20141203-r5.ebuild:
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest
index 3092b67c3cf3..1a068ba20aaa 100644
--- a/sec-policy/selinux-base-policy/Manifest
+++ b/sec-policy/selinux-base-policy/Manifest
@@ -12,6 +12,7 @@ DIST patchbundle-selinux-base-policy-2.20141203-r3.tar.bz2 269940 SHA256 c1d507c
 DIST patchbundle-selinux-base-policy-2.20141203-r4.tar.bz2 271374 SHA256 7229f0f5a299fc31b693f603cb265697ecf02afb843aba74f96d8afb208dd9c9 SHA512 41379568855b820a72a1d8e7fb8114464573974d98b98ae9107649ed625d6fc8c045dc6714ee51d6db72473a76c99511ee23e6d0a9bd56a19ebbaa1fa13e55a8 WHIRLPOOL 563020e4d38817d875d7a8b98f670cff68d86fdfe89945b87943c8b48d106a58d269822a60640fcc76f51bad207b8b61839b2cdbb1405ab5f49332516c9faa1d
 DIST patchbundle-selinux-base-policy-2.20141203-r5.tar.bz2 274136 SHA256 c23d17c47ce75620ffa9f3ef66393ae56693d7e431f9c7f0a4468a9646767a5f SHA512 e50d128ff9e6554f7d49bc1e43b40c8b062b8f7bb727acda9772b45381c61bc6c968265245e39f8ca044c2b0f4dadf3cdacfb38cd32306fa27f1acfb49921e06 WHIRLPOOL a0591298d54a4ba080112716fc35509e6c82281d362a11b208caa2a96ddc20c4cc8f942206db49d86b831c6ed13a239b7db9009f17ede77fce7f0c01cd6b20cc
 DIST patchbundle-selinux-base-policy-2.20141203-r6.tar.bz2 293231 SHA256 b686dcc517b97834f66d967afdcc724cb43b5c6dbf9f34043a91cdeda2625cc7 SHA512 a2c486cbe4a1d21ff3fd01bef25ecf5a633a4072646c67cfccf3f7187d95f3d9e3b482a46ba17c55c40a8e7c0dee56e9cf9ddc9f414d3e4511443b62f60d03e9 WHIRLPOOL 3d708e287e3f9b873be647b0327eab6675a8702ee1cffb56e36934cada306e5ccc64397a083dad9e59de37a067e628cacbf896ae99012d5a209e42fd7cd8a4c6
+DIST patchbundle-selinux-base-policy-2.20141203-r7.tar.bz2 295833 SHA256 ba2219b3efc747be65f94c4d8ac3cd6ee530c82c848fa41935a114184678622a SHA512 8e32d9dbfb2f0f3f50200543aadb51ed9834ccd5cdf30bf8e4d9e6d0b645ce44ffaf80f7aa9385e9c9095d9a383b3a348a92356cb5386c06544ab082a9a468c7 WHIRLPOOL 1648ee1be71e45fcf5a264816ce7edc7bab19bd28a68703923eb2d6068f1f0469ae593855231d31f88baecbf29e7cece2d6beeed20b7c04231a6c90e90d35910
 DIST refpolicy-2.20140311.tar.bz2 664416 SHA256 f69437db95548c78a5dec44c236397146b144153149009ea554d2e536e5436f7 SHA512 50bacee82ed41ac8b8007ecc33bf51d22303cc2ddd27cfb72cb5520dab5f8e255186e34b89cec492c7a2d4220b200814bdede9b46c19f987a3d3d65a1c9b749a WHIRLPOOL e07480beba6ab1f02ad36b7d0c50c4a71cb39a8ec78bf8d1dc3c82bb9dd1d69d9169d7c937165ea15f60ce1147f256d46644f944107a3a8a800d5bad70d4c255
 DIST refpolicy-2.20141203.tar.bz2 680243 SHA256 f438209c430d8a2d4ddcbe4bdd3edb46f6af7dc4913637af0b73c635e40c1522 SHA512 682e4280c5799e4c12ec7594afc1389f67be35055748d2e0dbdc3419159a16c96d4946ca6178daee8370515951f8653b2e452efe8c962b8d7f9bc192f0b15a0c WHIRLPOOL 74bca232534e7af9051bb1ab9f77c1ff6c425781cf4561f781d6e9a40cc5ca0d9add540249ea5493e8782a9372aea296ead6c165c6c440ae1509eb319d151ee5
 EBUILD selinux-base-policy-2.20140311-r5.ebuild 4075 SHA256 9e14cb9272f0b1c514fa42760ca536cfe362ff1166b028438f63360c1aa25d1e SHA512 b10c1e55f65e09b467586fbba3a5aa4ff913fecfa90b7bc402eb5950b6b88ccf3965108cc7ce79be70b8669419158041fe5bcd1e544d14b322e1762f908bc177 WHIRLPOOL f45b4051e7ef52b8a677b266c65d7d2a1b143776a8ab04da3afa1ccd1ba90e93285fc36b9f69a7c5ca5c94bbb2352ac5d3b10a7aca0ae60adf153fc447e8422d
@@ -23,25 +24,26 @@ EBUILD selinux-base-policy-2.20141203-r3.ebuild 4383 SHA256 46e0754998f01063ef47
 EBUILD selinux-base-policy-2.20141203-r4.ebuild 4383 SHA256 58731e82539ed7c2308d3f4f5937930e20a7a539ea5a22fa3f6f46f5b5e36131 SHA512 b732176df602df8c470ca384edad9281c478ea0ede09798aa127e6cb0492c6bb15c269c8a3672eb51a5fa6fbe1c79dfe5ddce963ba8e41284dd24deb6fa58d3c WHIRLPOOL 02c2c57eca6a96db69456089a9619a62417b486c18c0ab15c6cf098830917db9516fa74b7ee3160a7169cab343e4f7279b6421103ae9d056ca11ba770b4e5c4e
 EBUILD selinux-base-policy-2.20141203-r5.ebuild 4385 SHA256 47235923abdc4415ebf9c2beefdaf3ade3494980ed9d02b9499282ae4f1a068a SHA512 596ca1c55a87b2949d06179a447da8d778cdd3c106241858162490f5a8c78eb5789ae2a4acabed7ae805cd2f6a0c239e7db2437b4d7169b836cfe936998d1d07 WHIRLPOOL 375b311d70e9222e54e8b64fa8b5db25d5b21e84ebd29a1206623a1a0310583cd365939a01ea790d28e175d65dabd835b7c5886fd217bb5f6a59646003cad1da
 EBUILD selinux-base-policy-2.20141203-r6.ebuild 4391 SHA256 ebbe98951e4927b1a6ee645c7200937a3b6c3a9e7333ecf8f34172a62605929b SHA512 2dfa4a7e137cf06eb576ff60aabb2bb8895bdb66c30148ec418db2f9ce60a2467deef76e664abdad5df2dafb33a18bde32f8c0de6d713e8756f8e72f6b7d2a5e WHIRLPOOL ffc5e4621225fd2a2c5304617f9ba8e8a4ff18383a57c72cd90f86729c479195308a497ba90f1b052ad829122dd402c1c4ef201c7ad59a6e9d0d8cdafcc3719d
+EBUILD selinux-base-policy-2.20141203-r7.ebuild 4391 SHA256 f9a97968d47ec615888793cf5974b5e8ec78dc01c5889574ff0424fafca73d0a SHA512 adf23d07e763e2b0113ef4a82f6684119a033f08728ee1fe5987b150c7713cb516fe31ceb24ef1bca9a14ef415cbb5b21ca1275e6b512c408a0f917669e53a2e WHIRLPOOL fa9a7e340eb6a685a73cc3d8e1b3980665ce90f35f41ab1f301af85e44806f3b70df8529bb6fef57824692623eb07b95e2aa1034c4987bbdadf759ed91c02bc7
 EBUILD selinux-base-policy-9999.ebuild 4383 SHA256 c3287288b79c3c4b79d456df067756358f7edaee5bfb01fd03ee00c7bfe822c7 SHA512 c444f0ecbe327dd3ff0937beb1c188f7581691630aabe9c50c20397040e2db54c54185a251f861190cec3b1c3f545662372f366a4dbb9e1ee870aec74aa4ea29 WHIRLPOOL 9a04e1d0c87e2c87dca25bbe92747b5b444db22892fbd0c2552d9d9e8297db8aed13d863cb82c93efb52d2362b867c82b94af85a19cdc37524c7521ae52b35a8
-MISC ChangeLog 37381 SHA256 3906810ece033dc3a646c1e9dc3df8c8858ae7e9373cab473eeb6bc7d85c2afe SHA512 8f07a8b1960e81a61db54c6b8e45883eddb7a2e7166a0de5b9c297a13d9c8d69fe0f8937729d32fe2a16a05230627eba352c8e237308811f4f248e6a8f474327 WHIRLPOOL ffbb48ef7fc135e28d09b5f3ea7f02a2ae94b73f7f3c11d87ed24c97749f13341afbd4fc81cfe0474ec5eff0c860559a8c1db03c70caa20b9e03548d29ddb620
+MISC ChangeLog 37554 SHA256 5895e71d82c9e34a0ad36f4bee53b545d5671e6d688dc0ed0b6566940f3ccd39 SHA512 3bf8a057c10677925163011b26db827b3bbf8bd93f5d8a034d3bf695ccba8777f509c8285b75873faa6f1d1d9925ace525efd76a31799aadd75a461ff92556c5 WHIRLPOOL 780998f66d3377409c85407b98ee8dce7b0843bf2cf7808287dcdd034ad73e731c07d5d2d255a93d1e9d55580c1c0bd6033cf4030f1c08d5eef7bda73c839885
 MISC metadata.xml 448 SHA256 4babd5e53785136aa79ee0737a89af1fc49c4fc144aba0f6163d6f85215f57e2 SHA512 7e747c9dbae3eaee62a284824a68039961264540e0633e617aaabaeef2e83f4623863d29ee26c2e4738ac706d3824914f530f8e2b990ac7f06aa8f6e4cae9964 WHIRLPOOL 733957f76ca89c6fdd08060a368048276247994db56cf8325e69b896a07dc5e576ca124f3190079b169ec078a2e69156d4b12e6c6cc94328248705779f357bc4
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0
 
-iQJ8BAEBCABmBQJVccodXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
+iQJ8BAEBCABmBQJVlXw3XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
 ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFMTYyREVBRDFDQ0REMTEzRjA0QjNENDky
-QkJFRDlDQjFBNjhFRjU1AAoJECu+2csaaO9VKAMP/0VXE6oXfNcqovBiV4JwFvJB
-F3pZfvhAq7R593+tP6gAc69QGJM/QXaI3hfF81KZF1o3NsJFNi8GNYjTIVMjOnI4
-CfIwXnTEVFLgZ1YLj8GMubSMOOsgIBD7l03pum7jbV7O/2jjxs05zleplADTfiO2
-SrrZJeZ2dKFX/8nw+NvRoamlc+3mlK0cdidcB44YMlhq0/YkK520OHle43fam6tC
-bkx7xOKDBxmYULaGxx32GJTn5PhbfqeGafRVtWiT6B3i2oSb1fvZjx1uNZ54VqaO
-qnneQ2VLc5QcnXsjnbP5fu+2tDxZBfDRaVrUezmJBQWKCrFh9s9LP18SW5t6oUST
-IdjdVDWLl5wjluZdPztBDCdbVnuhP/pDl7AdT0aIL8wBLHGp6KE+2qkdlOjIZWw1
-GxlPKpRVK9ZP72gMteqqrFBKui015+iar8Ye296Fu874vsTLBC6eWUGS2mre5asV
-Ug/YRJsisKCHx3C5PtiGtzqRpoTUltd/an+q4X+SZzBzk6t6v9QIkBWVaiYZKjx5
-SrfmusnE0WyBNERFaXbibiBg6zhJ5WrtJV8WSlZ796hnoHS/PIZYH3CxM9G5SnrX
-18skNx7oj7mpEBJnzrqRI6vncisiD19jjsO9lnhYpJ5bMSJQZGKGGG99d024fNkb
-zr7x1kHI+Po5r34+UQWZ
-=00Cn
+QkJFRDlDQjFBNjhFRjU1AAoJECu+2csaaO9VPecQAKDqlkG9qZzvqPMySUznmcf8
+ZlFfwJowOOueSrQCPENVugbLEK3vgS6F2XtGealVq3WbNdwm6wbIq1mImIzNSim3
+QN4jXcS1hp9v527Z5WO+l6RA85zN2+0jEweBDZAz3uspDO7XPJVIhjCGafE9xbND
+asHVORDvJIRsvblZcJvAjtp4bFnlGcrtYwUKVQkDCb8MZeUf33alCIJz0Tdr0wsX
+rFj8Ms84fwRsOtM3HyMx2huTOzhe5YdlAVN5UsMvBCRANi5QSWJXKTx1/jFwpZsy
+pUZWUm5A0Qttyof2SPPVI/tNafqUryTh8T5yuI8FIjOmt1zRdyPpHnQZWy/5fxeu
+pEWTlGePrLNrOBDSJajtY3kfjV+skM0gJYWb7EXYqZs4hJgZzF2eTyZQqQW/ke7C
+f7IIh9DpOOJAQEjkRn+d1ovFpT3gAhdblCUOSBpghJLkPZdoAy+xSdI4XJcl6one
+sFRvH1x0F7mJQRiH7ZmGumZtDrGDnGFEmTFLaf8aIcdBJKCYrxBJWBBt0+t/FZpw
+hVOtyQZbB+OfuAdxkq6Lu7z8G0SKItPLTrhdA7PqbX0Wx9S6xnJbAZpn9Z6/rRAe
+r+8/IEb7u5vQgVbTCyOLSOh9Hb6jNotg05PKm41Os89/jQ1vJf/HPw5u3cEkBri9
+MdoCfn4G0uIiIwo+Q4tA
+=BLDw
 -----END PGP SIGNATURE-----
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r7.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r7.ebuild
new file mode 100644
index 000000000000..11dc6f3203ed
--- /dev/null
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r7.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20141203-r7.ebuild,v 1.1 2015/07/02 17:59:28 perfinion Exp $
+EAPI="5"
+
+inherit eutils
+
+if [[ ${PV} == 9999* ]]; then
+	EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}"
+	EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}"
+	EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy"
+
+	inherit git-r3
+
+	KEYWORDS=""
+else
+	SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2
+			http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
+	KEYWORDS="~amd64 ~x86"
+fi
+
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
+DESCRIPTION="SELinux policy for core modules"
+
+IUSE="+unconfined"
+
+RDEPEND="=sec-policy/selinux-base-${PVR}"
+PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
+DEPEND=""
+
+MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg"
+LICENSE="GPL-2"
+SLOT="0"
+S="${WORKDIR}/"
+
+# Code entirely copied from selinux-eclass (cannot inherit due to dependency on
+# itself), when reworked reinclude it. Only postinstall (where -b base.pp is
+# added) needs to remain then.
+
+pkg_pretend() {
+	for i in ${POLICY_TYPES}; do
+		if [[ "${i}" == "targeted" ]] && ! use unconfined; then
+			die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory."
+		fi
+	done
+}
+
+src_prepare() {
+	local modfiles
+
+	if [[ ${PV} != 9999* ]]; then
+		# Patch the source with the base patchbundle
+		cd "${S}"
+		EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \
+		EPATCH_SUFFIX="patch" \
+		EPATCH_SOURCE="${WORKDIR}" \
+		EPATCH_FORCE="yes" \
+		epatch
+	fi
+
+	# Apply the additional patches refered to by the module ebuild.
+	# But first some magic to differentiate between bash arrays and strings
+	if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]];
+	then
+		cd "${S}/refpolicy/policy/modules"
+		for POLPATCH in "${POLICY_PATCH[@]}";
+		do
+			epatch "${POLPATCH}"
+		done
+	else
+		if [[ -n ${POLICY_PATCH} ]];
+		then
+			cd "${S}/refpolicy/policy/modules"
+			for POLPATCH in ${POLICY_PATCH};
+			do
+				epatch "${POLPATCH}"
+			done
+		fi
+	fi
+
+	# Calling user patches
+	epatch_user
+
+	# Collect only those files needed for this particular module
+	for i in ${MODS}; do
+		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
+		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
+	done
+
+	for i in ${POLICY_TYPES}; do
+		mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
+		cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
+			|| die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
+
+		cp ${modfiles} "${S}"/${i} \
+			|| die "Failed to copy the module files to ${S}/${i}"
+	done
+}
+
+src_compile() {
+	for i in ${POLICY_TYPES}; do
+		emake NAME=$i -C "${S}"/${i} || die "${i} compile failed"
+	done
+}
+
+src_install() {
+	local BASEDIR="/usr/share/selinux"
+
+	for i in ${POLICY_TYPES}; do
+		for j in ${MODS}; do
+			einfo "Installing ${i} ${j} policy package"
+			insinto ${BASEDIR}/${i}
+			doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
+		done
+	done
+}
+
+pkg_postinst() {
+	# Override the command from the eclass, we need to load in base as well here
+	local COMMAND
+	for i in ${MODS}; do
+		COMMAND="-i ${i}.pp ${COMMAND}"
+	done
+
+	for i in ${POLICY_TYPES}; do
+		einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
+
+		cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}"
+
+		semodule -s ${i} -b base.pp ${COMMAND} || die "Failed to load in base and modules ${MODS} in the $i policy store"
+	done
+
+	# Relabel depending packages
+	local PKGSET="";
+	if [ -x /usr/bin/qdepends ] ; then
+		PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+	elif [ -x /usr/bin/equery ] ; then
+		PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+	fi
+	if [ -n "${PKGSET}" ] ; then
+		rlpkg ${PKGSET};
+	fi
+}
author	Jason Zaman <perfinion@gentoo.org>	2015-07-02 18:01:18 +0000
committer	Jason Zaman <perfinion@gentoo.org>	2015-07-02 18:01:18 +0000
commit	9147d6e5bd6388e5b70bbf9941467cdb19f8f032 (patch)
tree	02e958a8f0e321ac5d80db5eea912b9664e8df8c /sec-policy/selinux-base-policy
parent	remove all old versions (diff)
download	historical-9147d6e5bd6388e5b70bbf9941467cdb19f8f032.tar.gz historical-9147d6e5bd6388e5b70bbf9941467cdb19f8f032.tar.bz2 historical-9147d6e5bd6388e5b70bbf9941467cdb19f8f032.zip