From 4aa8040a9e47d3fa1c765b865d8de0e459d2d53c Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Mon, 20 Jul 2015 17:18:38 -0700 Subject: [PATCH] Include libsemanage --- .../md5-cache/sys-libs/libsemanage-2.2-r2 | 14 + .../md5-cache/sys-libs/libsemanage-2.3-r4 | 14 + .../md5-cache/sys-libs/libsemanage-2.4-r1 | 14 + .../md5-cache/sys-libs/libsemanage-9999 | 12 + .../sys-libs/libsemanage/ChangeLog | 414 ++++++++++++++++++ .../sys-libs/libsemanage/Manifest | 32 ++ ...ot-copy-contexts-in-semanage_migrate.patch | 208 +++++++++ .../libsemanage/libsemanage-2.2-r2.ebuild | 91 ++++ .../libsemanage/libsemanage-2.3-r4.ebuild | 104 +++++ .../libsemanage/libsemanage-2.4-r1.ebuild | 127 ++++++ .../libsemanage/libsemanage-9999.ebuild | 137 ++++++ .../sys-libs/libsemanage/metadata.xml | 9 + 12 files changed, 1176 insertions(+) create mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.2-r2 create mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.3-r4 create mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.4-r1 create mode 100644 sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-9999 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/ChangeLog create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/Manifest create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-9999.ebuild create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/metadata.xml diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.2-r2 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.2-r2 new file mode 100644 index 0000000000..29d3844f0f --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.2-r2 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install prepare test +DEPEND=>=sys-libs/libsepol-2.2 >=sys-libs/libselinux-2.2.2-r1 dev-libs/ustr sys-process/audit sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_3? ( >=dev-lang/python-3.3.2-r2:3.3 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_3(-)?,-python_single_target_python2_7(-),-python_single_target_python3_3(-)] ) +DESCRIPTION=SELinux kernel and policy management library +EAPI=5 +HOMEPAGE=http://userspace.selinuxproject.org +IUSE=python python_targets_python2_7 python_targets_python3_3 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=amd64 x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-2.2 >=sys-libs/libselinux-2.2.2-r1 dev-libs/ustr sys-process/audit +RESTRICT=test +SLOT=0 +SRC_URI=http://userspace.selinuxproject.org/releases/20131030/libsemanage-2.2.tar.gz +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 3bf24e6abb9b76d9f6c20600f0b716bf multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 python-r1 6d3a3cb5705b9fff1aeb7cfa4e3336fe python-utils-r1 096f8247eae93026af13ab88cf4305cd toolchain-funcs c961250d50160cd37d6b7fd9e8429c92 +_md5_=a152964c87ace4bf28d2671862e4f8ff diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.3-r4 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.3-r4 new file mode 100644 index 0000000000..50491a1e99 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.3-r4 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install prepare test +DEPEND=>=sys-libs/libsepol-2.3[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.3[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_3? ( >=dev-lang/python-3.3.2-r2:3.3 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_3(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_3(-),-python_single_target_python3_4(-)] ) +DESCRIPTION=SELinux kernel and policy management library +EAPI=5 +HOMEPAGE=http://userspace.selinuxproject.org +IUSE=python python_targets_python2_7 python_targets_python3_3 python_targets_python3_4 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=amd64 x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-2.3[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.3[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] +RESTRICT=test +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20140506/libsemanage-2.3.tar.gz +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 3bf24e6abb9b76d9f6c20600f0b716bf multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 python-r1 6d3a3cb5705b9fff1aeb7cfa4e3336fe python-utils-r1 096f8247eae93026af13ab88cf4305cd toolchain-funcs c961250d50160cd37d6b7fd9e8429c92 +_md5_=96acef1f47f39f6b269c801e5fac3660 diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.4-r1 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.4-r1 new file mode 100644 index 0000000000..112f4e48df --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-2.4-r1 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install postinst prepare test +DEPEND=>=sys-libs/libsepol-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_3? ( >=dev-lang/python-3.3.2-r2:3.3 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_3(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_3(-),-python_single_target_python3_4(-)] ) +DESCRIPTION=SELinux kernel and policy management library +EAPI=5 +HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki +IUSE=python python_targets_python2_7 python_targets_python3_3 python_targets_python3_4 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=amd64 x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] +RESTRICT=test +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/libsemanage-2.4.tar.gz +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 3bf24e6abb9b76d9f6c20600f0b716bf multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 python-r1 6d3a3cb5705b9fff1aeb7cfa4e3336fe python-utils-r1 096f8247eae93026af13ab88cf4305cd toolchain-funcs c961250d50160cd37d6b7fd9e8429c92 +_md5_=b1665ea83bf49803d40800063afa9f4a diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-9999 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-9999 new file mode 100644 index 0000000000..dd72dcb6f1 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/sys-libs/libsemanage-9999 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install postinst prepare test unpack +DEPEND=>=sys-libs/libsepol-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_3? ( >=dev-lang/python-3.3.2-r2:3.3 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_3(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_3(-),-python_single_target_python3_4(-)] ) >=dev-vcs/git-1.8.2.1 +DESCRIPTION=SELinux kernel and policy management library +EAPI=5 +HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki +IUSE=python python_targets_python2_7 python_targets_python3_3 python_targets_python3_4 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] +RESTRICT=test +SLOT=0 +_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de git-r3 3a2bd0ae504c33a50061885480f3def3 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 3bf24e6abb9b76d9f6c20600f0b716bf multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 python-r1 6d3a3cb5705b9fff1aeb7cfa4e3336fe python-utils-r1 096f8247eae93026af13ab88cf4305cd toolchain-funcs c961250d50160cd37d6b7fd9e8429c92 +_md5_=96e404c608fd630344d0ce20ded283e0 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/ChangeLog b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/ChangeLog new file mode 100644 index 0000000000..6900079b01 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/ChangeLog @@ -0,0 +1,414 @@ +# ChangeLog for sys-libs/libsemanage +# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/ChangeLog,v 1.94 2015/06/09 15:36:24 swift Exp $ + +*libsemanage-9999 (09 Jun 2015) + + 09 Jun 2015; Sven Vermeulen +libsemanage-9999.ebuild: + Adding libsemanage-9999 to better support upstream integrations + + 10 May 2015; Jason Zaman libsemanage-2.4-r1.ebuild: + stabilize selinux 2.4 userland + + 09 May 2015; Jason Zaman -libsemanage-2.4.ebuild: + drop broken + +*libsemanage-2.4-r1 (23 Apr 2015) + + 23 Apr 2015; Jason Zaman + +files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch, + +libsemanage-2.4-r1.ebuild, + -files/0002-semanage_migrate_store-Python3-support.patch: + rev bump with migration patch + + 18 Apr 2015; Jason Zaman -libsemanage-2.3-r3.ebuild, + -libsemanage-2.4_rc6-r2.ebuild, -libsemanage-2.4_rc7.ebuild: + Drop old RCs + + 08 Apr 2015; Michał Górny libsemanage-2.2-r2.ebuild, + libsemanage-2.3-r3.ebuild, libsemanage-2.3-r4.ebuild, libsemanage-2.4.ebuild, + libsemanage-2.4_rc6-r2.ebuild, libsemanage-2.4_rc7.ebuild: + Drop old Python implementations + +*libsemanage-2.4 (04 Feb 2015) + + 04 Feb 2015; Jason Zaman +libsemanage-2.4.ebuild: + Version bump + + 26 Jan 2015; Agostino Sarubbo libsemanage-2.3-r4.ebuild: + Stable for x86, wrt bug #535684 + + 22 Jan 2015; Agostino Sarubbo libsemanage-2.3-r4.ebuild: + Stable for amd64, wrt bug #535684 + +*libsemanage-2.4_rc7 (06 Dec 2014) + + 06 Dec 2014; Jason Zaman +libsemanage-2.4_rc7.ebuild, + -libsemanage-2.3-r2.ebuild, -libsemanage-2.4_rc2.ebuild, + -libsemanage-2.4_rc5.ebuild, -libsemanage-2.4_rc6-r1.ebuild, + -libsemanage-2.4_rc6.ebuild: + version bump and ebuild clean up, drop old RC + +*libsemanage-2.3-r4 (04 Dec 2014) + + 04 Dec 2014; Jason Zaman +libsemanage-2.3-r4.ebuild, + libsemanage-2.4_rc6-r2.ebuild: + Call python_optimize, bug 531638 + +*libsemanage-2.4_rc6-r2 (27 Nov 2014) + + 27 Nov 2014; Sven Vermeulen +libsemanage-2.4_rc6-r2.ebuild: + Migrate store as soon as possible, but do not reload policy (bug 530864) + +*libsemanage-2.4_rc6-r1 (22 Nov 2014) + + 22 Nov 2014; Jason Zaman + +files/0002-semanage_migrate_store-Python3-support.patch, + +libsemanage-2.4_rc6-r1.ebuild: + python3 support for semanage_migrate_store. bug 529252 + +*libsemanage-2.4_rc6 (14 Nov 2014) + + 14 Nov 2014; Sven Vermeulen +libsemanage-2.4_rc6.ebuild: + Bump to rc6, add python3_4 to PYTHON_COMPAT (fixes bug 529176); rc6 also fixes + unconfined issue when USE=-unconfined is set + + 01 Nov 2014; Sven Vermeulen libsemanage-2.3-r3.ebuild: + Stabilize libsemanage-2.3-r3 (fix for bug #520608) + +*libsemanage-2.4_rc5 (29 Oct 2014) + + 29 Oct 2014; Sven Vermeulen +libsemanage-2.4_rc5.ebuild, + -libsemanage-2.4_rc4.ebuild: + Bump to 2.4_rc5 + +*libsemanage-2.4_rc4 (07 Oct 2014) + + 07 Oct 2014; Sven Vermeulen +libsemanage-2.4_rc4.ebuild: + Bump to 2.4-rc4 + +*libsemanage-2.4_rc2 (21 Sep 2014) + + 21 Sep 2014; Sven Vermeulen +libsemanage-2.4_rc2.ebuild, + libsemanage-2.3-r2.ebuild, libsemanage-2.3-r3.ebuild: + Noved to github; also add in masked 2.4 series + + 16 Sep 2014; Brian Dolbec libsemanage-2.3-r3.ebuild: + Add python-3.4 target. Tested and confirmed working by perfinion. + +*libsemanage-2.3-r3 (23 Aug 2014) + + 23 Aug 2014; Sven Vermeulen +libsemanage-2.3-r3.ebuild: + Fix bug #520608 - Install .so in correct multilib location + + 05 Aug 2014; Sven Vermeulen -libsemanage-2.2.ebuild, + -libsemanage-2.3-r1.ebuild, -libsemanage-2.3.ebuild: + Remove obsoleted ebuilds + + 05 Aug 2014; Sven Vermeulen libsemanage-2.2-r2.ebuild: + Stabilize latest libsemanage-2.2 + + 30 Jul 2014; Sven Vermeulen libsemanage-2.3-r2.ebuild: + Fix bug #514194 - Stabilization of SELinux userspace 2.3 + + 18 Jun 2014; Michał Górny libsemanage-2.3-r2.ebuild: + Update dependencies to require guaranteed EAPI=5 or multilib ebuilds, bug + #513718. + +*libsemanage-2.3-r2 (02 Jun 2014) + + 02 Jun 2014; Sven Vermeulen +libsemanage-2.3-r2.ebuild: + Update multilib support in libsemanage with thanks to Arfrever + +*libsemanage-2.3-r1 (01 Jun 2014) + + 01 Jun 2014; Sven Vermeulen +libsemanage-2.3-r1.ebuild: + Fixing multilib support (bug #506460) with thanks to Sven Eden. Package has + dep on audit-2.2.2 which is p.masked so added same package to p.mask combo + + 10 May 2014; Sven Vermeulen -libsemanage-2.1.10.ebuild, + -libsemanage-2.2-r1.ebuild, -libsemanage-2.3_rc1.ebuild: + Spring cleanup + +*libsemanage-2.3 (09 May 2014) + + 09 May 2014; Sven Vermeulen +libsemanage-2.3.ebuild: + Bump to 2.3 + +*libsemanage-2.3_rc1 (28 Apr 2014) + + 28 Apr 2014; Sven Vermeulen +libsemanage-2.3_rc1.ebuild: + 2.3-rc1 release + +*libsemanage-2.2-r2 (23 Mar 2014) + + 23 Mar 2014; Sven Vermeulen +libsemanage-2.2-r2.ebuild: + Fix bug #502078 - have SHLIBS use PREFIX, not DESTDIR + + 02 Feb 2014; Sven Vermeulen +libsemanage-2.2-r1.ebuild: + Support multilib + +*libsemanage-2.2-r1 (02 Feb 2014) + + 02 Feb 2014; Sven Vermeulen +libsemanage-2.2-r1.ebuild: + Removing ruby support for libsemanage for now (libselinux has it removed as + we) + + 01 Feb 2014; Sven Vermeulen libsemanage-2.2.ebuild: + Adding python3_3 to supported Pythons, see bug #499606 + + 20 Jan 2014; Sven Vermeulen libsemanage-2.2.ebuild: + Fix bug #497754 - Add in dep on virtual/pgkconfig + + 20 Jan 2014; Sven Vermeulen libsemanage-2.2.ebuild: + Stabilize for amd64 and x86 + + 23 Dec 2013; Sven Vermeulen -libsemanage-2.1.9.ebuild: + Cleanup old version + + 10 Nov 2013; Sven Vermeulen libsemanage-2.2.ebuild: + Adding dependency to audit (bug #490488) + +*libsemanage-2.2 (04 Nov 2013) + + 04 Nov 2013; Sven Vermeulen +libsemanage-2.2.ebuild: + New libsemanage release + + 07 Jul 2013; Sven Vermeulen -libsemanage-2.1.6.ebuild, + -libsemanage-2.1.6-r2.ebuild: + Summer cleaning + + 16 Jun 2013; Sven Vermeulen libsemanage-2.1.10.ebuild: + Stabilization + +*libsemanage-2.1.10 (25 Apr 2013) + + 25 Apr 2013; Sven Vermeulen +libsemanage-2.1.10.ebuild: + New upstream release + + 07 Feb 2013; Sven Vermeulen libsemanage-2.1.9.ebuild: + Python 2.6 is not supported with libsemanage, see bug #445216 + + 17 Nov 2012; libsemanage-2.1.9.ebuild: + Stabilization + + 13 Oct 2012; libsemanage-2.1.9.ebuild: + Supporting user-provided patches using epatch_user + +*libsemanage-2.1.9 (09 Oct 2012) + + 09 Oct 2012; +libsemanage-2.1.9.ebuild: + Introduce new upstream version + + 26 Jun 2012; Mike Gilbert libsemanage-2.1.6-r2.ebuild, + libsemanage-2.1.6.ebuild: + Restrict pypy per Arfrever. + +*libsemanage-2.1.6-r2 (25 Jun 2012) + + 25 Jun 2012; +libsemanage-2.1.6-r2.ebuild: + Fix python3 support + + 13 May 2012; -libsemanage-2.1.0.ebuild: + Removing obsoleted ebuild + + 29 Apr 2012; libsemanage-2.1.6.ebuild: + Stabilization + + 05 Apr 2012; libsemanage-2.1.0.ebuild, + libsemanage-2.1.6.ebuild: + Depending on swig-2.0.4-r1 to fix build failures as per bug #409959 + +*libsemanage-2.1.6 (31 Mar 2012) + + 31 Mar 2012; +libsemanage-2.1.6.ebuild: + Bump to version 2.1.6 + + 12 Nov 2011; -libsemanage-2.0.45.ebuild, + -libsemanage-2.0.46.ebuild: + Remove deprecated ebuilds + + 23 Oct 2011; libsemanage-2.1.0.ebuild: + Stabilization (tracker #384231) + + 17 Sep 2011; libsemanage-2.0.45.ebuild, + libsemanage-2.0.46.ebuild: + Adding dependencies on bison and flex as per bug #382583 + + 17 Sep 2011; libsemanage-2.1.0.ebuild: + Add dependency for flex and bison + + 12 Aug 2011; Anthony G. Basile ChangeLog: + Fix failed gpg signing of Manifest + + 12 Aug 2011; Anthony G. Basile + -libsemanage-2.0.27.ebuild, -libsemanage-2.0.33.ebuild, + -libsemanage-2.0.33-r1.ebuild, -files/libsemanage-2.0.33-bzip.diff: + Removed deprecated versions + +*libsemanage-2.1.0 (03 Aug 2011) + + 03 Aug 2011; Anthony G. Basile + +libsemanage-2.1.0.ebuild: + Bump to 20110727 SELinux userspace release + +*libsemanage-2.0.46 (15 Jul 2011) + + 15 Jul 2011; Anthony G. Basile + +libsemanage-2.0.46.ebuild: + Bump to 2.0.46 - proxy for SwifT + + 30 Jun 2011; Anthony G. Basile + libsemanage-2.0.45.ebuild: + Only build libsemanage for python-2, fixes bug #369089 + + 28 May 2011; Anthony G. Basile + libsemanage-2.0.27.ebuild, libsemanage-2.0.33.ebuild: + Make RDEPEND explicit + + 28 May 2011; Anthony G. Basile + libsemanage-2.0.45.ebuild: + Stable amd64 x86 + + 13 Feb 2011; Anthony G. Basile metadata.xml: + Updated metadata.xml to reflect new selinux herd. + + 06 Feb 2011; Arfrever Frehtes Taifersar Arahesis + libsemanage-2.0.45.ebuild: + Add "python" and "ruby" USE flags. + + 05 Feb 2011; Arfrever Frehtes Taifersar Arahesis + libsemanage-2.0.45.ebuild: + Set SUPPORT_PYTHON_ABIS (bug #353764). Respect AR and CC. + +*libsemanage-2.0.45 (05 Feb 2011) + + 05 Feb 2011; Anthony G. Basile + +libsemanage-2.0.45.ebuild: + New upstream release. + + 16 Apr 2010; Arfrever Frehtes Taifersar Arahesis + libsemanage-2.0.27.ebuild, libsemanage-2.0.33.ebuild, + libsemanage-2.0.33-r1.ebuild: + Delete calls to deprecated python_version(). + +*libsemanage-2.0.33-r1 (24 Aug 2009) + + 24 Aug 2009; Chris PeBenito + +libsemanage-2.0.33-r1.ebuild, +files/libsemanage-2.0.33-bzip.diff: + Add patch to make bzip2 compression configurable. + + 03 Aug 2009; Chris PeBenito + libsemanage-2.0.33.ebuild: + Fix libsepol dependency. + + 02 Aug 2009; Chris PeBenito + libsemanage-2.0.27.ebuild, libsemanage-2.0.33.ebuild: + Add python_need_rebuild to libsemanage. + +*libsemanage-2.0.33 (02 Aug 2009) + + 02 Aug 2009; Chris PeBenito + +libsemanage-2.0.33.ebuild: + New upstream release. + + 18 Jul 2009; Chris PeBenito + -libsemanage-1.10.9.ebuild, libsemanage-2.0.27.ebuild: + Mark stable. Remove old ebuilds. + +*libsemanage-2.0.27 (03 Oct 2008) + + 03 Oct 2008; Chris PeBenito + +libsemanage-2.0.27.ebuild: + Initial commit of 2.0 libsemanage. + + 10 Sep 2008; Chris PeBenito + libsemanage-1.10.9.ebuild: + Tests cannot be run in the ebuild, they are supposed to be ran on the full + SELinux userland repo. + + 29 May 2008; Ali Polatel libsemanage-1.10.9.ebuild: + python_mod_optimize is ROOT aware. Fixed python_mod_cleanup. + + 26 May 2008; Chris PeBenito + libsemanage-1.10.9.ebuild: + Fix libsepol dependency. + + 13 May 2008; Chris PeBenito -libsemanage-1.4.ebuild, + -libsemanage-1.6.ebuild, -libsemanage-1.10.0.ebuild, + -libsemanage-1.10.5.ebuild, libsemanage-1.10.9.ebuild: + Mark 1.10.9 stable, clear old ebuilds. + +*libsemanage-1.10.9 (29 Jan 2008) + + 29 Jan 2008; Chris PeBenito + +libsemanage-1.10.9.ebuild: + New upstream bugfix release. + +*libsemanage-1.10.5 (18 Oct 2007) + + 18 Oct 2007; Chris PeBenito + +libsemanage-1.10.5.ebuild: + New upstream release. + + 04 Jun 2007; Chris PeBenito + libsemanage-1.10.0.ebuild: + Mark stable. + +*libsemanage-1.10.0 (15 Feb 2007) + + 15 Feb 2007; Chris PeBenito + +libsemanage-1.10.0.ebuild: + New upstream release. + + 09 Oct 2006; Chris PeBenito + libsemanage-1.6.17-r1.ebuild: + Stable to make repoman happy. + +*libsemanage-1.6.17-r1 (08 Oct 2006) + + 08 Oct 2006; Chris PeBenito + -libsemanage-1.6.17.ebuild, +libsemanage-1.6.17-r1.ebuild: + Install semanage.conf since this is masked on example policy-based profiles. + +*libsemanage-1.6.17 (05 Oct 2006) + + 05 Oct 2006; Chris PeBenito + +libsemanage-1.6.17.ebuild: + Add SVN snapshot. + + 31 Jul 2006; Chris PeBenito libsemanage-1.6.ebuild: + Mark stable, long overdue. + + 27 Apr 2006; Alec Warner + files/digest-libsemanage-1.4, Manifest: + Fixing SHA256 digest, pass four + +*libsemanage-1.6 (18 Mar 2006) + + 18 Mar 2006; Chris PeBenito +libsemanage-1.6.ebuild: + New upstream release. + + 22 Feb 2006; Stephen Bennett libsemanage-1.4.ebuild: + Alpha stable + + 19 Feb 2006; Joshua Kinard libsemanage-1.4.ebuild: + Marked stable on mips. + + 09 Feb 2006; Chris PeBenito libsemanage-1.4.ebuild: + Set python version to fix compiles on non 2.4 pythons. + + 17 Jan 2006; Chris PeBenito libsemanage-1.4.ebuild: + Mark stable, x86, amd64, ppc, sparc. + + 14 Jan 2006; Stephen Bennett libsemanage-1.4.ebuild: + Added ~alpha + + 15 Dec 2005; Chris PeBenito libsemanage-1.4.ebuild: + Tighten up versioning to try to prevent mismatch problems as seen in #112348. + +*libsemanage-1.4 (09 Dec 2005) + + 09 Dec 2005; Chris PeBenito +metadata.xml, + +libsemanage-1.4.ebuild: + Initial commit. diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/Manifest new file mode 100644 index 0000000000..0518f50f1d --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/Manifest @@ -0,0 +1,32 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +AUX 0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch 7190 SHA256 5746fe5b4f85bb2ca4fdd50b29de98a8561c6a88e66dfb067c3e393eb1399b4d SHA512 ad9923ccad7a0d975b850eaeb5a801b3f933c0a26112226fa19112dd8aa07de9766845dfec44680799a577175c3a564e9c222f7b0968871fd1f69c3140ab569b WHIRLPOOL dda70c907d5ec766886f08e43da0a417ac67652f1682e629c06ce175f37d3db63e9ab257874435a26f4bc1ae7436421a5414b89b997f181a4ff9fe6434c77a2d +DIST libsemanage-2.2.tar.gz 138208 SHA256 11f60bfa0f1c6063cd9bd99ce0cb4acc9d6d9e9b8d7743d39e847bcd7803bd75 SHA512 09032b1b322fec7346164939ade118034812cb538ebc72121640d4ac5c89d2a66b59caa465027cfbebb590dee039a26d4345eafedf365d7f6ad0b5e90377d50f WHIRLPOOL 49170c5ee9ff57dcc4a15aa72386f37993f76436f0da25808c60dab2d03ba52932d0d4fa753c326900d83d2fae30f8bcf659251f17327783f2e2be3deb4842f4 +DIST libsemanage-2.3.tar.gz 138231 SHA256 03e09e35e611c286e446bef92b6023ef2623815996f5a53394bb02e49a312e4b SHA512 defe3bbdbe51abdaa13a39f693c33446d8a1a8509ac1eb25c7770da2df6487bcb0ca31259d02b4531d4c81db5e221e94e95bec97f6a1a155e1de2f65e6f0da34 WHIRLPOOL 943d4d300aa8ad49c411b10b41c0c3e751c46dbcbbe129bdd1d2e975e231c58391d6ecdee6b27699fff9f6e6facf5b48fc8d57c2ff68692694c7de430750fac9 +DIST libsemanage-2.4.tar.gz 151173 SHA256 1a4cace4ef16786531ec075c0e7b2f961e2fee5dc86c5f983a689058899a6484 SHA512 54f993253b22207b053daf4d34e72c65c72279866416089b6c0f047ef77bca3e307eac0ce6dfe40bd14e2e47e79841b358d5607501779f38d9b5f7c35f3b7729 WHIRLPOOL 7303c06515ed59b5756a87d08aff07671e51d26ce9fa452ca75643dd0ce4658571dc69d86434c943d691a4ab0d90cbdccdaa27e5aaec5fdf8057cf2d5d30631e +EBUILD libsemanage-2.2-r2.ebuild 3201 SHA256 39aa38de07e4b04b7f200a5abcfbc3a4dc033063c4adcb51813486d26f82c1cf SHA512 f1186f33e4685c0b6403e001db853ce845940f2332fc9b389e3fa96c5ff0762bcdc1ec22caacf12e5045d946fdb6c611b29b7ec1807bff72df93935fa7063a75 WHIRLPOOL 4715e92f0be45cbfb58e3a44bc8c1a1e69f6f66a803d816a4975d5be596f5f2dbfe8f3d95499475b7c0090cbe22e0359dcd1c895b8be619440463e638da16871 +EBUILD libsemanage-2.3-r4.ebuild 3560 SHA256 e8ccb383ae811fdef8e12f8459a11618269b658b591dd4d57d7537021e361d26 SHA512 dda74556b122d354979db9c5c4883479e56f49e5a2c48a4cd70f112fa22f41daaa75bad63d2a0a94672d17fecf63cc0b6a8dc48d58e0908e851bb98b346036a5 WHIRLPOOL 7b0716d3604b6db85818734c6a148485a8bc3aa0b76f1172e1520dbc5294e75ed8d83cc97c065c9e6cc54b6b22e01ea3cbb094f1e39514208f5fc69ca831f781 +EBUILD libsemanage-2.4-r1.ebuild 4678 SHA256 298fc28320dc183d2dda92faa65c070c73b42bf3a91d40c87438a6963a7e1d8a SHA512 abaad53d8b690d7554771fbba5fd540629aab1ae0d0280d753015a951117ec02315764d6fa098d335bf91eb2f9622dea9d7df0305aceab1e233c7ec118534139 WHIRLPOOL 83f3156d63381f8daacb36cd52e12e3ca6bcb31597ffda33a8b1588813b6f9210458e5a5b8641790bb69f58e23fefa34a36ce995799118f22f63c7b26a68eaff +EBUILD libsemanage-9999.ebuild 4949 SHA256 f07183cfa81eeaa9b4c4cd747e9107cf85e15aa2562b4cbff0d886c33574f409 SHA512 991b0c068749f3e50c31ad417b69def8f0db8cdfb8126bb78419ec5053946c9b14ae27496d517be7f30a59d9616ffbe7b2338f3008e67646f4f610ef4edb889d WHIRLPOOL ceaaf2ffeaa88d3c74472b1baf1b22811aa0038f786c891c7ba68761ec7f978bd51718b0ff01da5ea8ba4a54566563c8d52afb33717a12575c6e189f61aa56d4 +MISC ChangeLog 13938 SHA256 d7938bb036a37dc37a0d2654be04c655b30cf54cb8c4f019e4f6549ffe3179da SHA512 e006775684003b4a7bd9e77f9fdf173bc1402e3cf05aad684b2e31c1942e8d2a268e7ffa19164a94e04e07f7977c1fdefbaaabf021f4ea4e6e8e8e463f69be3c WHIRLPOOL e87415fff3ee0136db7905a45881fdeed6a46b5dbbbf487fc62adba321a99f747f4eb5c549feb8093ffa22bc8369a60e5370638674a4db2c0aa2a4c020cf4230 +MISC metadata.xml 320 SHA256 b26802e71a0f815c4dadc9ec5122bf91ee5007bdd3f508908fb06fb489148ecb SHA512 80b83887b0eb131738dafdc65ba16bdf17793381fe23956ae44393d63333d22c1a45a5ceb8d4ee993825fa06e873e6bdf35f80996951f11924f09ddc28fba43b WHIRLPOOL 0b6f26f333782f25a6cc069dfb5df7bbd63cb9574a1ac29dce9abbd82aee2be4ba6a1146a346402d4e21854f664e9ef70986155d3782c7a9bf25b3a4da853d77 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0 + +iQJ8BAEBCgBmBQJVfyv1XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w +ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0QUU0N0I4NzFERUI0MTJFN0EyODE0NUFF +OTQwMkE3OUIwMzUyOUEyAAoJEOlAKnmwNSmiKIcP/iRf32q/kLkjP5VU9lilQKEq +1en9EqcxYrT9Vcy0gaCg2fcsLbFZCSGug68iEkGVsE+xHyG956Yx5nttjeRqJquq +dqJi39wZkXAolr7pbdjmygZLHhOLmzzmg+ypxH45yFvxNEnc3o9Uc1LR8el/cbvC +1zM3cEbOxVVt+VuM9rUzcobSNIL9VHYUw8PU1rDenUXtR92z82I+Y3bIoYHkPm7N +wQYNo9XT2PoiOehlmMIYz4+SLeQa3VrWNhKq8JteZ7eBRxkgYYd1ao6b+zFkAiVD +iz3teuEDvVadr6UWYffYFTMbrak+E8WJE5CjTDrRlyFvJAGEA51h0KnXG5rkZU8I +8pHazXVed1gykS5WJf3mMcMXKwh7UhnpxkkrzFCsX57+LtoxBNyBnVVQDJ/NKj8E +obo05qmba68tnN9LkJwGruBzhBEGHoDwwF9yZ7Qork/6WP+7bW5SKCw+/1v87L3Z +67a8CMAxrjIY4eLhsJbh7KYHeLJNyDqw9X/6BbVwSTPfoQlw4aRzd13B1msVWwhK +eiFYV044z7wmeGfrwO8mxfyNDeQhhCbXPWiup10hlXAEmmMwBqYE8TCSbev88Rd7 +JS0MjXXgTaJPWqaJq0MtwNNQpXChPuuqFVkvK6eEZFmN+M/1aCLh0DXJy/3zLxDA +Rc5mnjkZUYqL7sMxXTDs +=1PJr +-----END PGP SIGNATURE----- diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch new file mode 100644 index 0000000000..8e523dcbf7 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch @@ -0,0 +1,208 @@ +From 9caebebd598de737f27cdc8d5253a2cebd67d5a9 Mon Sep 17 00:00:00 2001 +From: Jason Zaman +Date: Wed, 22 Apr 2015 18:27:09 +0400 +Subject: [PATCH] libsemanage: do not copy contexts in semanage_migrate_store + +The modules from the old store were previously copied to the new one +using setfscreatecon and shutil.copy2(). Now that refpolicy has rules +about the new policy location[1], copying the contexts is redundant. + +More importantly, the setcreatefscon caused a constraint violation[2] +which made the migration fail. In python3, shutil.copy2() copies xattrs +as well which again causes problems. shutil.copy() is enough for our +needs here as it will copy the file and permissions in both py2 and 3. +We do not need the extra things that copy2() does (mtime, xattr, etc). + +[1] http://oss.tresys.com/pipermail/refpolicy/2014-December/007511.html + +[2] +type=AVC msg=audit(1429438272.872:1869): avc: denied { create } for pid=28739 comm="semanage_migrat" name="strict" scontext=staff_u:sysadm_r:semanage_t tcontext=system_u:object_r:semanage_store_t tclass=dir permissive=0 + constrain dir { create relabelfrom relabelto } ((u1 == u2 -Fail-) or (t1 == can_change_object_identity -Fail-) ); Constraint DENIED +allow semanage_t semanage_store_t:dir create; + +Signed-off-by: Jason Zaman +--- + libsemanage/utils/semanage_migrate_store | 77 ++++++++------------------------ + 1 file changed, 18 insertions(+), 59 deletions(-) + +diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store +index 03b492e..2f85e9c 100755 +--- a/libsemanage/utils/semanage_migrate_store ++++ b/libsemanage/utils/semanage_migrate_store +@@ -8,7 +8,6 @@ import shutil + import sys + from optparse import OptionParser + +-import bz2 + import ctypes + + sepol = ctypes.cdll.LoadLibrary('libsepol.so') +@@ -21,41 +20,20 @@ except: + exit(1) + + +- +- +-# For some reason this function doesn't exist in libselinux :\ +-def copy_with_context(src, dst): ++def copy_file(src, dst): + if DEBUG: + print("copying %s to %s" % (src, dst)) + try: +- con = selinux.lgetfilecon_raw(src)[1] +- except: +- print("Could not get file context of %s" % src, file=sys.stderr) +- exit(1) +- +- try: +- selinux.setfscreatecon_raw(con) +- except: +- print("Could not set fs create context: %s" %con, file=sys.stderr) +- exit(1) +- +- try: +- shutil.copy2(src, dst) ++ shutil.copy(src, dst) + except OSError as the_err: + (err, strerr) = the_err.args + print("Could not copy %s to %s, %s" %(src, dst, strerr), file=sys.stderr) + exit(1) + +- try: +- selinux.setfscreatecon_raw(None) +- except: +- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) + +-def create_dir_from(src, dst, mode): ++def create_dir(dst, mode): + if DEBUG: print("Making directory %s" % dst) + try: +- con = selinux.lgetfilecon_raw(src)[1] +- selinux.setfscreatecon_raw(con) + os.makedirs(dst, mode) + except OSError as the_err: + (err, stderr) = the_err.args +@@ -65,28 +43,18 @@ def create_dir_from(src, dst, mode): + print("Error creating %s" % dst, file=sys.stderr) + exit(1) + +- try: +- selinux.setfscreatecon_raw(None) +- except: +- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) + +-def create_file_from(src, dst): ++def create_file(dst): + if DEBUG: print("Making file %s" % dst) + try: +- con = selinux.lgetfilecon_raw(src)[1] +- selinux.setfscreatecon_raw(con) + open(dst, 'a').close() + except OSError as the_err: + (err, stderr) = the_err.args + print("Error creating %s" % dst, file=sys.stderr) + exit(1) + +- try: +- selinux.setfscreatecon_raw(None) +- except: +- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) + +-def copy_module(store, name, con, base): ++def copy_module(store, name, base): + if DEBUG: print("Install module %s" % name) + (file, ext) = os.path.splitext(name) + if ext != ".pp": +@@ -94,8 +62,6 @@ def copy_module(store, name, con, base): + print("warning: %s has invalid extension, skipping" % name, file=sys.stderr) + return + try: +- selinux.setfscreatecon_raw(con) +- + if base: + root = oldstore_path(store) + else: +@@ -105,7 +71,7 @@ def copy_module(store, name, con, base): + + os.mkdir("%s/%s" % (bottomdir, file)) + +- copy_with_context(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file)) ++ copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file)) + + # This is the ext file that will eventually be used to choose a compiler + efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600) +@@ -116,15 +82,11 @@ def copy_module(store, name, con, base): + print("Error installing module %s" % name, file=sys.stderr) + exit(1) + +- try: +- selinux.setfscreatecon_raw(None) +- except: +- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) + +-def disable_module(file, root, name, disabledmodules): ++def disable_module(file, name, disabledmodules): + if DEBUG: print("Disabling %s" % name) + (disabledname, disabledext) = os.path.splitext(file) +- create_file_from(os.path.join(root, name), "%s/%s" % (disabledmodules, disabledname)) ++ create_file("%s/%s" % (disabledmodules, disabledname)) + + def migrate_store(store): + +@@ -138,17 +100,14 @@ def migrate_store(store): + print("Migrating from %s to %s" % (oldstore, newstore)) + + # Build up new directory structure +- create_dir_from(oldstore, "%s/%s" % (newroot_path(), store), 0o755) +- create_dir_from(oldstore, newstore, 0o700) +- create_dir_from(oldstore, newmodules, 0o700) +- create_dir_from(oldstore, bottomdir, 0o700) +- create_dir_from(oldstore, disabledmodules, 0o700) +- +- # use whatever the file context of bottomdir is for the module directories +- con = selinux.lgetfilecon_raw(bottomdir)[1] ++ create_dir("%s/%s" % (newroot_path(), store), 0o755) ++ create_dir(newstore, 0o700) ++ create_dir(newmodules, 0o700) ++ create_dir(bottomdir, 0o700) ++ create_dir(disabledmodules, 0o700) + + # Special case for base since it was in a different location +- copy_module(store, "base.pp", con, 1) ++ copy_module(store, "base.pp", 1) + + # Dir structure built, start copying files + for root, dirs, files in os.walk(oldstore): +@@ -161,7 +120,7 @@ def migrate_store(store): + newname = "seusers.local" + else: + newname = name +- copy_with_context(os.path.join(root, name), os.path.join(newstore, newname)) ++ copy_file(os.path.join(root, name), os.path.join(newstore, newname)) + + elif root == oldmodules: + # This should be the modules directory +@@ -171,9 +130,9 @@ def migrate_store(store): + print("Error installing module %s, name conflicts with base" % name, file=sys.stderr) + exit(1) + elif ext == ".disabled": +- disable_module(file, root, name, disabledmodules) ++ disable_module(file, name, disabledmodules) + else: +- copy_module(store, name, con, 0) ++ copy_module(store, name, 0) + + def rebuild_policy(): + # Ok, the modules are loaded, lets try to rebuild the policy +@@ -287,7 +246,7 @@ if __name__ == "__main__": + "preserve_tunables" ] + + +- create_dir_from(oldroot_path(), newroot_path(), 0o755) ++ create_dir(newroot_path(), 0o755) + + stores = None + if TYPE is not None: +-- +2.0.5 + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild new file mode 100644 index 0000000000..6c3ecddf7e --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild @@ -0,0 +1,91 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild,v 1.3 2015/04/08 18:28:33 mgorny Exp $ + +EAPI="5" +PYTHON_COMPAT=( python2_7 python3_3 ) + +inherit multilib python-r1 toolchain-funcs eutils multilib-minimal + +SEPOL_VER="2.2" +SELNX_VER="2.2.2-r1" + +DESCRIPTION="SELinux kernel and policy management library" +HOMEPAGE="http://userspace.selinuxproject.org" +SRC_URI="http://userspace.selinuxproject.org/releases/20131030/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="python" + +RDEPEND=">=sys-libs/libsepol-${SEPOL_VER} + >=sys-libs/libselinux-${SELNX_VER} + dev-libs/ustr + sys-process/audit" +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex + python? ( + >=dev-lang/swig-2.0.4-r1 + virtual/pkgconfig + ${PYTHON_DEPS} + )" + +# tests are not meant to be run outside of the +# full SELinux userland repo +RESTRICT="test" + +src_prepare() { + echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" + echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" + echo "# or debugging of policy." >> "${S}/src/semanage.conf" + echo "save-linked=false" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" + echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" + echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" + echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" + echo "# would catch." >> "${S}/src/semanage.conf" + echo "expand-check=1" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" + echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" + echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" + echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" + echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" + echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" + echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" + echo "bzip-small=true" >> "${S}/src/semanage.conf" + + epatch_user + + multilib_copy_sources +} + +multilib_src_compile() { + emake AR="$(tc-getAR)" CC="$(tc-getCC)" all || die + + if multilib_is_native_abi && use python; then + building() { + python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH + emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" + } + python_foreach_impl building swigify + python_foreach_impl building pywrap + fi +} + +multilib_src_install() { + LIBDIR="\$(PREFIX)/$(get_libdir)" SHLIBDIR="\$(PREFIX)/$(get_libdir)" \ + emake DESTDIR="${D}" install + + if multilib_is_native_abi && use python; then + installation() { + emake DESTDIR="${D}" install-pywrap + } + python_foreach_impl installation + fi +} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild new file mode 100644 index 0000000000..b528da5110 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild @@ -0,0 +1,104 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild,v 1.4 2015/04/08 18:28:33 mgorny Exp $ + +EAPI="5" +PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) + +inherit multilib python-r1 toolchain-funcs eutils multilib-minimal + +MY_P="${P//_/-}" + +SEPOL_VER="2.3" +SELNX_VER="2.3" + +DESCRIPTION="SELinux kernel and policy management library" +HOMEPAGE="http://userspace.selinuxproject.org" +SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20140506/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="python" + +RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] + >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] + >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] + >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] + " +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex + python? ( + >=dev-lang/swig-2.0.4-r1 + virtual/pkgconfig + ${PYTHON_DEPS} + )" + +# tests are not meant to be run outside of the +# full SELinux userland repo +RESTRICT="test" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" + echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" + echo "# or debugging of policy." >> "${S}/src/semanage.conf" + echo "save-linked=false" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" + echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" + echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" + echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" + echo "# would catch." >> "${S}/src/semanage.conf" + echo "expand-check=1" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" + echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" + echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" + echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" + echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" + echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" + echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" + echo "bzip-small=true" >> "${S}/src/semanage.conf" + + epatch_user + + multilib_copy_sources +} + +multilib_src_compile() { + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ + all + + if multilib_is_native_abi && use python; then + building_py() { + python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH + emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" + python_optimize # bug 531638 + } + python_foreach_impl building_py swigify + python_foreach_impl building_py pywrap + fi +} + +multilib_src_install() { + emake \ + LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" \ + DESTDIR="${ED}" install + + if multilib_is_native_abi && use python; then + installation_py() { + emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap + } + python_foreach_impl installation_py + fi +} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild new file mode 100644 index 0000000000..3f644c9826 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild @@ -0,0 +1,127 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild,v 1.2 2015/05/10 09:02:13 perfinion Exp $ + +EAPI="5" +PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) + +inherit multilib python-r1 toolchain-funcs eutils multilib-minimal + +MY_P="${P//_/-}" + +SEPOL_VER="${PV}" +SELNX_VER="${PV}" + +DESCRIPTION="SELinux kernel and policy management library" +HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" +SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="python" + +RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] + >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] + >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] + >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] + " +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex + python? ( + >=dev-lang/swig-2.0.4-r1 + virtual/pkgconfig + ${PYTHON_DEPS} + )" + +# tests are not meant to be run outside of the +# full SELinux userland repo +RESTRICT="test" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" + echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" + echo "# or debugging of policy." >> "${S}/src/semanage.conf" + echo "save-linked=false" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" + echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" + echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" + echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" + echo "# would catch." >> "${S}/src/semanage.conf" + echo "expand-check=1" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" + echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" + echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" + echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" + echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" + echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" + echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" + echo "bzip-small=true" >> "${S}/src/semanage.conf" + + epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" + + epatch_user + + multilib_copy_sources +} + +multilib_src_compile() { + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ + all + + if multilib_is_native_abi && use python; then + building_py() { + python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH + emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" + } + python_foreach_impl building_py swigify + python_foreach_impl building_py pywrap + fi +} + +multilib_src_install() { + emake \ + LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" \ + DESTDIR="${ED}" install + + if multilib_is_native_abi && use python; then + installation_py() { + emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap + python_optimize # bug 531638 + } + python_foreach_impl installation_py + fi +} + +pkg_postinst() { + # Migrate the SELinux semanage configuration store if not done already + local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' /etc/selinux/config); + if [ -n "${selinuxtype}" ] && [ ! -d /var/lib/selinux/${mcs}/active ] ; then + ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" + ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." + ewarn "If there are any issues, it can be done manually by running:" + ewarn "/usr/libexec/selinux/semanage_migrate_store" + ewarn "For more information, please see" + ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" + fi + + # Run the store migration without rebuilds + for POLICY_TYPE in ${POLICY_TYPES} ; do + if [ ! -d "${ROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then + einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." + /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" + fi + done +} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-9999.ebuild new file mode 100644 index 0000000000..2d8456d669 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/libsemanage-9999.ebuild @@ -0,0 +1,137 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/libsemanage-9999.ebuild,v 1.1 2015/06/09 15:36:24 swift Exp $ + +EAPI="5" +PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) + +inherit multilib python-r1 toolchain-funcs eutils multilib-minimal + +MY_P="${P//_/-}" +MY_RELEASEDATE="20150202" + +SEPOL_VER="${PV}" +SELNX_VER="${PV}" + +DESCRIPTION="SELinux kernel and policy management library" +HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + S="${WORKDIR}/${MY_P}/${PN}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~x86" + S="${WORKDIR}/${MY_P}" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="python" + +RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] + >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] + >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] + >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] + " +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex + python? ( + >=dev-lang/swig-2.0.4-r1 + virtual/pkgconfig + ${PYTHON_DEPS} + )" + +# tests are not meant to be run outside of the +# full SELinux userland repo +RESTRICT="test" + +src_prepare() { + echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" + echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" + echo "# or debugging of policy." >> "${S}/src/semanage.conf" + echo "save-linked=false" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" + echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" + echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" + echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" + echo "# would catch." >> "${S}/src/semanage.conf" + echo "expand-check=1" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" + echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" + echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" + echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" + echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" + echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" + echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" + echo "bzip-small=true" >> "${S}/src/semanage.conf" + + if [[ ${PV} != 9999 ]] ; then + # If wanted for live builds, please use /etc/portage/patches + epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" + fi + + epatch_user + + multilib_copy_sources +} + +multilib_src_compile() { + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ + all + + if multilib_is_native_abi && use python; then + building_py() { + python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH + emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" + } + python_foreach_impl building_py swigify + python_foreach_impl building_py pywrap + fi +} + +multilib_src_install() { + emake \ + LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" \ + DESTDIR="${ED}" install + + if multilib_is_native_abi && use python; then + installation_py() { + emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap + python_optimize # bug 531638 + } + python_foreach_impl installation_py + fi +} + +pkg_postinst() { + # Migrate the SELinux semanage configuration store if not done already + local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' /etc/selinux/config); + if [ -n "${selinuxtype}" ] && [ ! -d /var/lib/selinux/${mcs}/active ] ; then + ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" + ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." + ewarn "If there are any issues, it can be done manually by running:" + ewarn "/usr/libexec/selinux/semanage_migrate_store" + ewarn "For more information, please see" + ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" + fi + + # Run the store migration without rebuilds + for POLICY_TYPE in ${POLICY_TYPES} ; do + if [ ! -d "${ROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then + einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." + /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" + fi + done +} diff --git a/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/metadata.xml new file mode 100644 index 0000000000..83c24ee195 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-libs/libsemanage/metadata.xml @@ -0,0 +1,9 @@ + + + + selinux + SELinux policy management libraries + + SELinuxProject/selinux + +