From 94b58107ac92cb8115edab4be7a1c2f18d2ad72c Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 01/42] profiles: Move SELinux flags from amd64 to generic From: David Michael [rebased to latest SELinux ebuilds] Signed-off-by: Geoff Levand --- profiles/coreos/amd64/generic/package.use | 10 ---------- profiles/coreos/arm64/package.use | 2 -- profiles/coreos/targets/generic/package.use | 7 +++++++ profiles/coreos/{amd64 => targets}/generic/use.mask | 0 4 files changed, 7 insertions(+), 12 deletions(-) delete mode 100644 profiles/coreos/amd64/generic/package.use rename profiles/coreos/{amd64 => targets}/generic/use.mask (100%) diff --git a/profiles/coreos/amd64/generic/package.use b/profiles/coreos/amd64/generic/package.use deleted file mode 100644 index 09246476c9..0000000000 --- a/profiles/coreos/amd64/generic/package.use +++ /dev/null @@ -1,10 +0,0 @@ -# Enable SELinux for amd64 targets -coreos-base/coreos selinux -sys-apps/dbus selinux -sys-apps/systemd selinux - -# Enable SELinux for coreutils -sys-apps/coreutils selinux - -# Enable SELinux for runc -app-emulation/runc selinux diff --git a/profiles/coreos/arm64/package.use b/profiles/coreos/arm64/package.use index 1730b342ee..ea2532be29 100644 --- a/profiles/coreos/arm64/package.use +++ b/profiles/coreos/arm64/package.use @@ -3,6 +3,4 @@ # FIXME: why isn't this set by default??? sys-libs/ncurses unicode -sys-apps/systemd -selinux - sys-auth/polkit -introspection diff --git a/profiles/coreos/targets/generic/package.use b/profiles/coreos/targets/generic/package.use index 4eba98da50..f407580886 100644 --- a/profiles/coreos/targets/generic/package.use +++ b/profiles/coreos/targets/generic/package.use @@ -43,3 +43,10 @@ sys-libs/libseccomp static-libs # bind-tools' configure script breaks when cross-compiling with seccomp enabled net-dns/bind-tools -seccomp + +# Enable SELinux +app-emulation/runc selinux +coreos-base/coreos selinux +sys-apps/coreutils selinux +sys-apps/dbus selinux +sys-apps/systemd selinux diff --git a/profiles/coreos/amd64/generic/use.mask b/profiles/coreos/targets/generic/use.mask similarity index 100% rename from profiles/coreos/amd64/generic/use.mask rename to profiles/coreos/targets/generic/use.mask From 71eedffe8727844096e62b385efd7248756dcafe Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 02/42] profiles: Sync SELinux dependencies on arm64 From: David Michael [rebased to latest SELinux ebuilds] Signed-off-by: Geoff Levand --- profiles/coreos/arm64/package.accept_keywords | 3 +++ 1 file changed, 3 insertions(+) diff --git a/profiles/coreos/arm64/package.accept_keywords b/profiles/coreos/arm64/package.accept_keywords index 0ce7a18013..2f050bbc57 100644 --- a/profiles/coreos/arm64/package.accept_keywords +++ b/profiles/coreos/arm64/package.accept_keywords @@ -20,6 +20,7 @@ =dev-libs/libusb-1.0.21 ~arm64 =dev-libs/nss-3.29.5 ~arm64 =dev-libs/userspace-rcu-0.9.1 ** +=dev-libs/ustr-1.0.4-r8 ~arm64 =dev-perl/libintl-perl-1.240.0-r2 ~arm64 =dev-perl/Text-Unidecode-1.270.0 ~arm64 =dev-util/meson-0.43.0 ~arm64 @@ -58,6 +59,8 @@ =sys-fs/quota-4.02 ** =sys-libs/binutils-libs-2.29.1-r1 ~arm64 =sys-libs/libcap-ng-0.7.8 ~arm64 +=sys-libs/libselinux-2.7 ~arm64 +=sys-libs/libsepol-2.7 ~arm64 =virtual/krb5-0-r1 ~arm64 =virtual/libudev-232 ~arm64 =virtual/libusb-1-r2 ~arm64 From 53d6b298b24f02be804bb1633eeb4cf4e938f2bf Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 03/42] profiles: Set make.defaults POLICY_TYPES to mcs Container Linux only uses the mcs policy type. Signed-off-by: Geoff Levand --- profiles/coreos/base/make.defaults | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profiles/coreos/base/make.defaults b/profiles/coreos/base/make.defaults index 6eb7b5cd05..93276ed01b 100644 --- a/profiles/coreos/base/make.defaults +++ b/profiles/coreos/base/make.defaults @@ -32,7 +32,7 @@ USE="${USE} -zeroconf" USE="${USE} -openmp" # Set SELinux policy -POLICY_TYPES="targeted mcs mls" +POLICY_TYPES="mcs" # Disable packages or optional features with distribution issues. ACCEPT_RESTRICT="* -bindist" From 920ad0f6fddf19e7c0af0f8cf3dbd3b7a3dec4e7 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 04/42] sys-libs/libsemanage: Import latest Signed-off-by: Geoff Levand --- sys-libs/libsemanage/ChangeLog | 414 ------------------ sys-libs/libsemanage/Manifest | 42 +- ...ot-copy-contexts-in-semanage_migrate.patch | 208 --------- ...omedircon-only-set-MLS-level-if-MLS-.patch | 38 ++ .../files/libsemanage-2.6-build-paths.patch | 35 ++ .../files/tmpfiles.d/libsemanage.conf | 1 - ...e-2.4-r2.ebuild => libsemanage-2.6.ebuild} | 57 ++- sys-libs/libsemanage/libsemanage-2.7.ebuild | 137 ++++++ sys-libs/libsemanage/libsemanage-9999.ebuild | 66 ++- sys-libs/libsemanage/metadata.xml | 5 +- 10 files changed, 307 insertions(+), 696 deletions(-) delete mode 100644 sys-libs/libsemanage/ChangeLog delete mode 100644 sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch create mode 100644 sys-libs/libsemanage/files/libsemanage-2.6-0001-libsemanage-genhomedircon-only-set-MLS-level-if-MLS-.patch create mode 100644 sys-libs/libsemanage/files/libsemanage-2.6-build-paths.patch delete mode 100644 sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf rename sys-libs/libsemanage/{libsemanage-2.4-r2.ebuild => libsemanage-2.6.ebuild} (63%) create mode 100644 sys-libs/libsemanage/libsemanage-2.7.ebuild diff --git a/sys-libs/libsemanage/ChangeLog b/sys-libs/libsemanage/ChangeLog deleted file mode 100644 index 6900079b01..0000000000 --- a/sys-libs/libsemanage/ChangeLog +++ /dev/null @@ -1,414 +0,0 @@ -# ChangeLog for sys-libs/libsemanage -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/ChangeLog,v 1.94 2015/06/09 15:36:24 swift Exp $ - -*libsemanage-9999 (09 Jun 2015) - - 09 Jun 2015; Sven Vermeulen +libsemanage-9999.ebuild: - Adding libsemanage-9999 to better support upstream integrations - - 10 May 2015; Jason Zaman libsemanage-2.4-r1.ebuild: - stabilize selinux 2.4 userland - - 09 May 2015; Jason Zaman -libsemanage-2.4.ebuild: - drop broken - -*libsemanage-2.4-r1 (23 Apr 2015) - - 23 Apr 2015; Jason Zaman - +files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch, - +libsemanage-2.4-r1.ebuild, - -files/0002-semanage_migrate_store-Python3-support.patch: - rev bump with migration patch - - 18 Apr 2015; Jason Zaman -libsemanage-2.3-r3.ebuild, - -libsemanage-2.4_rc6-r2.ebuild, -libsemanage-2.4_rc7.ebuild: - Drop old RCs - - 08 Apr 2015; Michał Górny libsemanage-2.2-r2.ebuild, - libsemanage-2.3-r3.ebuild, libsemanage-2.3-r4.ebuild, libsemanage-2.4.ebuild, - libsemanage-2.4_rc6-r2.ebuild, libsemanage-2.4_rc7.ebuild: - Drop old Python implementations - -*libsemanage-2.4 (04 Feb 2015) - - 04 Feb 2015; Jason Zaman +libsemanage-2.4.ebuild: - Version bump - - 26 Jan 2015; Agostino Sarubbo libsemanage-2.3-r4.ebuild: - Stable for x86, wrt bug #535684 - - 22 Jan 2015; Agostino Sarubbo libsemanage-2.3-r4.ebuild: - Stable for amd64, wrt bug #535684 - -*libsemanage-2.4_rc7 (06 Dec 2014) - - 06 Dec 2014; Jason Zaman +libsemanage-2.4_rc7.ebuild, - -libsemanage-2.3-r2.ebuild, -libsemanage-2.4_rc2.ebuild, - -libsemanage-2.4_rc5.ebuild, -libsemanage-2.4_rc6-r1.ebuild, - -libsemanage-2.4_rc6.ebuild: - version bump and ebuild clean up, drop old RC - -*libsemanage-2.3-r4 (04 Dec 2014) - - 04 Dec 2014; Jason Zaman +libsemanage-2.3-r4.ebuild, - libsemanage-2.4_rc6-r2.ebuild: - Call python_optimize, bug 531638 - -*libsemanage-2.4_rc6-r2 (27 Nov 2014) - - 27 Nov 2014; Sven Vermeulen +libsemanage-2.4_rc6-r2.ebuild: - Migrate store as soon as possible, but do not reload policy (bug 530864) - -*libsemanage-2.4_rc6-r1 (22 Nov 2014) - - 22 Nov 2014; Jason Zaman - +files/0002-semanage_migrate_store-Python3-support.patch, - +libsemanage-2.4_rc6-r1.ebuild: - python3 support for semanage_migrate_store. bug 529252 - -*libsemanage-2.4_rc6 (14 Nov 2014) - - 14 Nov 2014; Sven Vermeulen +libsemanage-2.4_rc6.ebuild: - Bump to rc6, add python3_4 to PYTHON_COMPAT (fixes bug 529176); rc6 also fixes - unconfined issue when USE=-unconfined is set - - 01 Nov 2014; Sven Vermeulen libsemanage-2.3-r3.ebuild: - Stabilize libsemanage-2.3-r3 (fix for bug #520608) - -*libsemanage-2.4_rc5 (29 Oct 2014) - - 29 Oct 2014; Sven Vermeulen +libsemanage-2.4_rc5.ebuild, - -libsemanage-2.4_rc4.ebuild: - Bump to 2.4_rc5 - -*libsemanage-2.4_rc4 (07 Oct 2014) - - 07 Oct 2014; Sven Vermeulen +libsemanage-2.4_rc4.ebuild: - Bump to 2.4-rc4 - -*libsemanage-2.4_rc2 (21 Sep 2014) - - 21 Sep 2014; Sven Vermeulen +libsemanage-2.4_rc2.ebuild, - libsemanage-2.3-r2.ebuild, libsemanage-2.3-r3.ebuild: - Noved to github; also add in masked 2.4 series - - 16 Sep 2014; Brian Dolbec libsemanage-2.3-r3.ebuild: - Add python-3.4 target. Tested and confirmed working by perfinion. - -*libsemanage-2.3-r3 (23 Aug 2014) - - 23 Aug 2014; Sven Vermeulen +libsemanage-2.3-r3.ebuild: - Fix bug #520608 - Install .so in correct multilib location - - 05 Aug 2014; Sven Vermeulen -libsemanage-2.2.ebuild, - -libsemanage-2.3-r1.ebuild, -libsemanage-2.3.ebuild: - Remove obsoleted ebuilds - - 05 Aug 2014; Sven Vermeulen libsemanage-2.2-r2.ebuild: - Stabilize latest libsemanage-2.2 - - 30 Jul 2014; Sven Vermeulen libsemanage-2.3-r2.ebuild: - Fix bug #514194 - Stabilization of SELinux userspace 2.3 - - 18 Jun 2014; Michał Górny libsemanage-2.3-r2.ebuild: - Update dependencies to require guaranteed EAPI=5 or multilib ebuilds, bug - #513718. - -*libsemanage-2.3-r2 (02 Jun 2014) - - 02 Jun 2014; Sven Vermeulen +libsemanage-2.3-r2.ebuild: - Update multilib support in libsemanage with thanks to Arfrever - -*libsemanage-2.3-r1 (01 Jun 2014) - - 01 Jun 2014; Sven Vermeulen +libsemanage-2.3-r1.ebuild: - Fixing multilib support (bug #506460) with thanks to Sven Eden. Package has - dep on audit-2.2.2 which is p.masked so added same package to p.mask combo - - 10 May 2014; Sven Vermeulen -libsemanage-2.1.10.ebuild, - -libsemanage-2.2-r1.ebuild, -libsemanage-2.3_rc1.ebuild: - Spring cleanup - -*libsemanage-2.3 (09 May 2014) - - 09 May 2014; Sven Vermeulen +libsemanage-2.3.ebuild: - Bump to 2.3 - -*libsemanage-2.3_rc1 (28 Apr 2014) - - 28 Apr 2014; Sven Vermeulen +libsemanage-2.3_rc1.ebuild: - 2.3-rc1 release - -*libsemanage-2.2-r2 (23 Mar 2014) - - 23 Mar 2014; Sven Vermeulen +libsemanage-2.2-r2.ebuild: - Fix bug #502078 - have SHLIBS use PREFIX, not DESTDIR - - 02 Feb 2014; Sven Vermeulen +libsemanage-2.2-r1.ebuild: - Support multilib - -*libsemanage-2.2-r1 (02 Feb 2014) - - 02 Feb 2014; Sven Vermeulen +libsemanage-2.2-r1.ebuild: - Removing ruby support for libsemanage for now (libselinux has it removed as - we) - - 01 Feb 2014; Sven Vermeulen libsemanage-2.2.ebuild: - Adding python3_3 to supported Pythons, see bug #499606 - - 20 Jan 2014; Sven Vermeulen libsemanage-2.2.ebuild: - Fix bug #497754 - Add in dep on virtual/pgkconfig - - 20 Jan 2014; Sven Vermeulen libsemanage-2.2.ebuild: - Stabilize for amd64 and x86 - - 23 Dec 2013; Sven Vermeulen -libsemanage-2.1.9.ebuild: - Cleanup old version - - 10 Nov 2013; Sven Vermeulen libsemanage-2.2.ebuild: - Adding dependency to audit (bug #490488) - -*libsemanage-2.2 (04 Nov 2013) - - 04 Nov 2013; Sven Vermeulen +libsemanage-2.2.ebuild: - New libsemanage release - - 07 Jul 2013; Sven Vermeulen -libsemanage-2.1.6.ebuild, - -libsemanage-2.1.6-r2.ebuild: - Summer cleaning - - 16 Jun 2013; Sven Vermeulen libsemanage-2.1.10.ebuild: - Stabilization - -*libsemanage-2.1.10 (25 Apr 2013) - - 25 Apr 2013; Sven Vermeulen +libsemanage-2.1.10.ebuild: - New upstream release - - 07 Feb 2013; Sven Vermeulen libsemanage-2.1.9.ebuild: - Python 2.6 is not supported with libsemanage, see bug #445216 - - 17 Nov 2012; libsemanage-2.1.9.ebuild: - Stabilization - - 13 Oct 2012; libsemanage-2.1.9.ebuild: - Supporting user-provided patches using epatch_user - -*libsemanage-2.1.9 (09 Oct 2012) - - 09 Oct 2012; +libsemanage-2.1.9.ebuild: - Introduce new upstream version - - 26 Jun 2012; Mike Gilbert libsemanage-2.1.6-r2.ebuild, - libsemanage-2.1.6.ebuild: - Restrict pypy per Arfrever. - -*libsemanage-2.1.6-r2 (25 Jun 2012) - - 25 Jun 2012; +libsemanage-2.1.6-r2.ebuild: - Fix python3 support - - 13 May 2012; -libsemanage-2.1.0.ebuild: - Removing obsoleted ebuild - - 29 Apr 2012; libsemanage-2.1.6.ebuild: - Stabilization - - 05 Apr 2012; libsemanage-2.1.0.ebuild, - libsemanage-2.1.6.ebuild: - Depending on swig-2.0.4-r1 to fix build failures as per bug #409959 - -*libsemanage-2.1.6 (31 Mar 2012) - - 31 Mar 2012; +libsemanage-2.1.6.ebuild: - Bump to version 2.1.6 - - 12 Nov 2011; -libsemanage-2.0.45.ebuild, - -libsemanage-2.0.46.ebuild: - Remove deprecated ebuilds - - 23 Oct 2011; libsemanage-2.1.0.ebuild: - Stabilization (tracker #384231) - - 17 Sep 2011; libsemanage-2.0.45.ebuild, - libsemanage-2.0.46.ebuild: - Adding dependencies on bison and flex as per bug #382583 - - 17 Sep 2011; libsemanage-2.1.0.ebuild: - Add dependency for flex and bison - - 12 Aug 2011; Anthony G. Basile ChangeLog: - Fix failed gpg signing of Manifest - - 12 Aug 2011; Anthony G. Basile - -libsemanage-2.0.27.ebuild, -libsemanage-2.0.33.ebuild, - -libsemanage-2.0.33-r1.ebuild, -files/libsemanage-2.0.33-bzip.diff: - Removed deprecated versions - -*libsemanage-2.1.0 (03 Aug 2011) - - 03 Aug 2011; Anthony G. Basile - +libsemanage-2.1.0.ebuild: - Bump to 20110727 SELinux userspace release - -*libsemanage-2.0.46 (15 Jul 2011) - - 15 Jul 2011; Anthony G. Basile - +libsemanage-2.0.46.ebuild: - Bump to 2.0.46 - proxy for SwifT - - 30 Jun 2011; Anthony G. Basile - libsemanage-2.0.45.ebuild: - Only build libsemanage for python-2, fixes bug #369089 - - 28 May 2011; Anthony G. Basile - libsemanage-2.0.27.ebuild, libsemanage-2.0.33.ebuild: - Make RDEPEND explicit - - 28 May 2011; Anthony G. Basile - libsemanage-2.0.45.ebuild: - Stable amd64 x86 - - 13 Feb 2011; Anthony G. Basile metadata.xml: - Updated metadata.xml to reflect new selinux herd. - - 06 Feb 2011; Arfrever Frehtes Taifersar Arahesis - libsemanage-2.0.45.ebuild: - Add "python" and "ruby" USE flags. - - 05 Feb 2011; Arfrever Frehtes Taifersar Arahesis - libsemanage-2.0.45.ebuild: - Set SUPPORT_PYTHON_ABIS (bug #353764). Respect AR and CC. - -*libsemanage-2.0.45 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile - +libsemanage-2.0.45.ebuild: - New upstream release. - - 16 Apr 2010; Arfrever Frehtes Taifersar Arahesis - libsemanage-2.0.27.ebuild, libsemanage-2.0.33.ebuild, - libsemanage-2.0.33-r1.ebuild: - Delete calls to deprecated python_version(). - -*libsemanage-2.0.33-r1 (24 Aug 2009) - - 24 Aug 2009; Chris PeBenito - +libsemanage-2.0.33-r1.ebuild, +files/libsemanage-2.0.33-bzip.diff: - Add patch to make bzip2 compression configurable. - - 03 Aug 2009; Chris PeBenito - libsemanage-2.0.33.ebuild: - Fix libsepol dependency. - - 02 Aug 2009; Chris PeBenito - libsemanage-2.0.27.ebuild, libsemanage-2.0.33.ebuild: - Add python_need_rebuild to libsemanage. - -*libsemanage-2.0.33 (02 Aug 2009) - - 02 Aug 2009; Chris PeBenito - +libsemanage-2.0.33.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito - -libsemanage-1.10.9.ebuild, libsemanage-2.0.27.ebuild: - Mark stable. Remove old ebuilds. - -*libsemanage-2.0.27 (03 Oct 2008) - - 03 Oct 2008; Chris PeBenito - +libsemanage-2.0.27.ebuild: - Initial commit of 2.0 libsemanage. - - 10 Sep 2008; Chris PeBenito - libsemanage-1.10.9.ebuild: - Tests cannot be run in the ebuild, they are supposed to be ran on the full - SELinux userland repo. - - 29 May 2008; Ali Polatel libsemanage-1.10.9.ebuild: - python_mod_optimize is ROOT aware. Fixed python_mod_cleanup. - - 26 May 2008; Chris PeBenito - libsemanage-1.10.9.ebuild: - Fix libsepol dependency. - - 13 May 2008; Chris PeBenito -libsemanage-1.4.ebuild, - -libsemanage-1.6.ebuild, -libsemanage-1.10.0.ebuild, - -libsemanage-1.10.5.ebuild, libsemanage-1.10.9.ebuild: - Mark 1.10.9 stable, clear old ebuilds. - -*libsemanage-1.10.9 (29 Jan 2008) - - 29 Jan 2008; Chris PeBenito - +libsemanage-1.10.9.ebuild: - New upstream bugfix release. - -*libsemanage-1.10.5 (18 Oct 2007) - - 18 Oct 2007; Chris PeBenito - +libsemanage-1.10.5.ebuild: - New upstream release. - - 04 Jun 2007; Chris PeBenito - libsemanage-1.10.0.ebuild: - Mark stable. - -*libsemanage-1.10.0 (15 Feb 2007) - - 15 Feb 2007; Chris PeBenito - +libsemanage-1.10.0.ebuild: - New upstream release. - - 09 Oct 2006; Chris PeBenito - libsemanage-1.6.17-r1.ebuild: - Stable to make repoman happy. - -*libsemanage-1.6.17-r1 (08 Oct 2006) - - 08 Oct 2006; Chris PeBenito - -libsemanage-1.6.17.ebuild, +libsemanage-1.6.17-r1.ebuild: - Install semanage.conf since this is masked on example policy-based profiles. - -*libsemanage-1.6.17 (05 Oct 2006) - - 05 Oct 2006; Chris PeBenito - +libsemanage-1.6.17.ebuild: - Add SVN snapshot. - - 31 Jul 2006; Chris PeBenito libsemanage-1.6.ebuild: - Mark stable, long overdue. - - 27 Apr 2006; Alec Warner - files/digest-libsemanage-1.4, Manifest: - Fixing SHA256 digest, pass four - -*libsemanage-1.6 (18 Mar 2006) - - 18 Mar 2006; Chris PeBenito +libsemanage-1.6.ebuild: - New upstream release. - - 22 Feb 2006; Stephen Bennett libsemanage-1.4.ebuild: - Alpha stable - - 19 Feb 2006; Joshua Kinard libsemanage-1.4.ebuild: - Marked stable on mips. - - 09 Feb 2006; Chris PeBenito libsemanage-1.4.ebuild: - Set python version to fix compiles on non 2.4 pythons. - - 17 Jan 2006; Chris PeBenito libsemanage-1.4.ebuild: - Mark stable, x86, amd64, ppc, sparc. - - 14 Jan 2006; Stephen Bennett libsemanage-1.4.ebuild: - Added ~alpha - - 15 Dec 2005; Chris PeBenito libsemanage-1.4.ebuild: - Tighten up versioning to try to prevent mismatch problems as seen in #112348. - -*libsemanage-1.4 (09 Dec 2005) - - 09 Dec 2005; Chris PeBenito +metadata.xml, - +libsemanage-1.4.ebuild: - Initial commit. diff --git a/sys-libs/libsemanage/Manifest b/sys-libs/libsemanage/Manifest index 0518f50f1d..cda9f15354 100644 --- a/sys-libs/libsemanage/Manifest +++ b/sys-libs/libsemanage/Manifest @@ -1,32 +1,10 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -AUX 0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch 7190 SHA256 5746fe5b4f85bb2ca4fdd50b29de98a8561c6a88e66dfb067c3e393eb1399b4d SHA512 ad9923ccad7a0d975b850eaeb5a801b3f933c0a26112226fa19112dd8aa07de9766845dfec44680799a577175c3a564e9c222f7b0968871fd1f69c3140ab569b WHIRLPOOL dda70c907d5ec766886f08e43da0a417ac67652f1682e629c06ce175f37d3db63e9ab257874435a26f4bc1ae7436421a5414b89b997f181a4ff9fe6434c77a2d -DIST libsemanage-2.2.tar.gz 138208 SHA256 11f60bfa0f1c6063cd9bd99ce0cb4acc9d6d9e9b8d7743d39e847bcd7803bd75 SHA512 09032b1b322fec7346164939ade118034812cb538ebc72121640d4ac5c89d2a66b59caa465027cfbebb590dee039a26d4345eafedf365d7f6ad0b5e90377d50f WHIRLPOOL 49170c5ee9ff57dcc4a15aa72386f37993f76436f0da25808c60dab2d03ba52932d0d4fa753c326900d83d2fae30f8bcf659251f17327783f2e2be3deb4842f4 -DIST libsemanage-2.3.tar.gz 138231 SHA256 03e09e35e611c286e446bef92b6023ef2623815996f5a53394bb02e49a312e4b SHA512 defe3bbdbe51abdaa13a39f693c33446d8a1a8509ac1eb25c7770da2df6487bcb0ca31259d02b4531d4c81db5e221e94e95bec97f6a1a155e1de2f65e6f0da34 WHIRLPOOL 943d4d300aa8ad49c411b10b41c0c3e751c46dbcbbe129bdd1d2e975e231c58391d6ecdee6b27699fff9f6e6facf5b48fc8d57c2ff68692694c7de430750fac9 -DIST libsemanage-2.4.tar.gz 151173 SHA256 1a4cace4ef16786531ec075c0e7b2f961e2fee5dc86c5f983a689058899a6484 SHA512 54f993253b22207b053daf4d34e72c65c72279866416089b6c0f047ef77bca3e307eac0ce6dfe40bd14e2e47e79841b358d5607501779f38d9b5f7c35f3b7729 WHIRLPOOL 7303c06515ed59b5756a87d08aff07671e51d26ce9fa452ca75643dd0ce4658571dc69d86434c943d691a4ab0d90cbdccdaa27e5aaec5fdf8057cf2d5d30631e -EBUILD libsemanage-2.2-r2.ebuild 3201 SHA256 39aa38de07e4b04b7f200a5abcfbc3a4dc033063c4adcb51813486d26f82c1cf SHA512 f1186f33e4685c0b6403e001db853ce845940f2332fc9b389e3fa96c5ff0762bcdc1ec22caacf12e5045d946fdb6c611b29b7ec1807bff72df93935fa7063a75 WHIRLPOOL 4715e92f0be45cbfb58e3a44bc8c1a1e69f6f66a803d816a4975d5be596f5f2dbfe8f3d95499475b7c0090cbe22e0359dcd1c895b8be619440463e638da16871 -EBUILD libsemanage-2.3-r4.ebuild 3560 SHA256 e8ccb383ae811fdef8e12f8459a11618269b658b591dd4d57d7537021e361d26 SHA512 dda74556b122d354979db9c5c4883479e56f49e5a2c48a4cd70f112fa22f41daaa75bad63d2a0a94672d17fecf63cc0b6a8dc48d58e0908e851bb98b346036a5 WHIRLPOOL 7b0716d3604b6db85818734c6a148485a8bc3aa0b76f1172e1520dbc5294e75ed8d83cc97c065c9e6cc54b6b22e01ea3cbb094f1e39514208f5fc69ca831f781 -EBUILD libsemanage-2.4-r1.ebuild 4678 SHA256 298fc28320dc183d2dda92faa65c070c73b42bf3a91d40c87438a6963a7e1d8a SHA512 abaad53d8b690d7554771fbba5fd540629aab1ae0d0280d753015a951117ec02315764d6fa098d335bf91eb2f9622dea9d7df0305aceab1e233c7ec118534139 WHIRLPOOL 83f3156d63381f8daacb36cd52e12e3ca6bcb31597ffda33a8b1588813b6f9210458e5a5b8641790bb69f58e23fefa34a36ce995799118f22f63c7b26a68eaff -EBUILD libsemanage-9999.ebuild 4949 SHA256 f07183cfa81eeaa9b4c4cd747e9107cf85e15aa2562b4cbff0d886c33574f409 SHA512 991b0c068749f3e50c31ad417b69def8f0db8cdfb8126bb78419ec5053946c9b14ae27496d517be7f30a59d9616ffbe7b2338f3008e67646f4f610ef4edb889d WHIRLPOOL ceaaf2ffeaa88d3c74472b1baf1b22811aa0038f786c891c7ba68761ec7f978bd51718b0ff01da5ea8ba4a54566563c8d52afb33717a12575c6e189f61aa56d4 -MISC ChangeLog 13938 SHA256 d7938bb036a37dc37a0d2654be04c655b30cf54cb8c4f019e4f6549ffe3179da SHA512 e006775684003b4a7bd9e77f9fdf173bc1402e3cf05aad684b2e31c1942e8d2a268e7ffa19164a94e04e07f7977c1fdefbaaabf021f4ea4e6e8e8e463f69be3c WHIRLPOOL e87415fff3ee0136db7905a45881fdeed6a46b5dbbbf487fc62adba321a99f747f4eb5c549feb8093ffa22bc8369a60e5370638674a4db2c0aa2a4c020cf4230 -MISC metadata.xml 320 SHA256 b26802e71a0f815c4dadc9ec5122bf91ee5007bdd3f508908fb06fb489148ecb SHA512 80b83887b0eb131738dafdc65ba16bdf17793381fe23956ae44393d63333d22c1a45a5ceb8d4ee993825fa06e873e6bdf35f80996951f11924f09ddc28fba43b WHIRLPOOL 0b6f26f333782f25a6cc069dfb5df7bbd63cb9574a1ac29dce9abbd82aee2be4ba6a1146a346402d4e21854f664e9ef70986155d3782c7a9bf25b3a4da853d77 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0 - -iQJ8BAEBCgBmBQJVfyv1XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w -ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0QUU0N0I4NzFERUI0MTJFN0EyODE0NUFF -OTQwMkE3OUIwMzUyOUEyAAoJEOlAKnmwNSmiKIcP/iRf32q/kLkjP5VU9lilQKEq -1en9EqcxYrT9Vcy0gaCg2fcsLbFZCSGug68iEkGVsE+xHyG956Yx5nttjeRqJquq -dqJi39wZkXAolr7pbdjmygZLHhOLmzzmg+ypxH45yFvxNEnc3o9Uc1LR8el/cbvC -1zM3cEbOxVVt+VuM9rUzcobSNIL9VHYUw8PU1rDenUXtR92z82I+Y3bIoYHkPm7N -wQYNo9XT2PoiOehlmMIYz4+SLeQa3VrWNhKq8JteZ7eBRxkgYYd1ao6b+zFkAiVD -iz3teuEDvVadr6UWYffYFTMbrak+E8WJE5CjTDrRlyFvJAGEA51h0KnXG5rkZU8I -8pHazXVed1gykS5WJf3mMcMXKwh7UhnpxkkrzFCsX57+LtoxBNyBnVVQDJ/NKj8E -obo05qmba68tnN9LkJwGruBzhBEGHoDwwF9yZ7Qork/6WP+7bW5SKCw+/1v87L3Z -67a8CMAxrjIY4eLhsJbh7KYHeLJNyDqw9X/6BbVwSTPfoQlw4aRzd13B1msVWwhK -eiFYV044z7wmeGfrwO8mxfyNDeQhhCbXPWiup10hlXAEmmMwBqYE8TCSbev88Rd7 -JS0MjXXgTaJPWqaJq0MtwNNQpXChPuuqFVkvK6eEZFmN+M/1aCLh0DXJy/3zLxDA -Rc5mnjkZUYqL7sMxXTDs -=1PJr ------END PGP SIGNATURE----- +AUX libsemanage-2.6-0001-libsemanage-genhomedircon-only-set-MLS-level-if-MLS-.patch 1370 SHA256 4964db92ab8ad5289f3fe2c45af745564e565b922e0a32dcd9af11983bf51458 SHA512 08663502d489730b2bcc2ea2e1a15fc3cb0874dff4d2b9e650fc6b71f74d8e395a6787186ba1d138bfa99897ba44a9acbbe7b695e88e98591a8ea9f4bc3857c3 WHIRLPOOL f729306d3247fee8df47e9479029207025748dcff87e4743ac77ffc2db276f0bbbc2c08f236364d0c6d2fe92736cc0a5037466eb950f58069c4b94333eba5909 +AUX libsemanage-2.6-build-paths.patch 1325 SHA256 83429eb03458ca686f6a682a7d815b6726935cf2f8de27e9e43357a57c9a2065 SHA512 06fb96608f27169efde64bf679b8cc3e337857e4b6cf0743953f96be7df382e11ea0a20837d854c73dc5c216cee8f9723e23b17fa1a7844d3a4b7ef4ebe937d2 WHIRLPOOL 45fb38af7936b535f196cd9f028e89c80d5138cece7fb8e575c38c1043b961e9f6fc8c8f9378685b3cd12eab6c234d3dc80589f5b0aa99c76d26905f8b181583 +DIST libsemanage-2.6.tar.gz 155897 SHA256 4f81541047290b751f2ffb926fcd381c186f22db18d9fe671b0b4a6a54e8cfce SHA512 38741d6e6f7a2669bfeee362e42d6bfd720cceeaf61331e329b2210fdc070444e529656ce86dd82e94aa248eafcfaea4c5d013d9cce76c1039be6fc6a6b2c790 WHIRLPOOL 9fb781c637c4725dd48fa07898fd5db4b2f1e47264e80468e3c9b48fd8afc6bcb6494a44ccbfb0e48dec10dc5db461ab8e1941251d625854ebbebdbfdacb971c +DIST libsemanage-2.7.tar.gz 153465 SHA256 07e9477714ce6a4557a1fe924ea4cb06501b62d0fa0e3c0dc32a2cf47cb8d476 SHA512 6b30ea87f1ab3944935188539bbf869c8e287e05c174ea61cd19722a89cf8156518f336476e23b4117a5a05aec9a99a4db679b58a6952bf0c31ad809e9ab91d9 WHIRLPOOL b1acccb13b54cacd6d956d615a954c5aef4bd97ec225702ccd6818f7a4d64244f60f13c5b8cc02d4fd453e103b6e409919562406510fe2614c1fc6338c19ad67 +EBUILD libsemanage-2.6.ebuild 4890 SHA256 afad97143eaedb88b2cdd730770570e0e165e957a252d400448ff33b5c2c8dbc SHA512 c00a4c4ebe3b09458176bc65138b47491b528880bced8a3313cd30fdd65caca48042042d1bb909a6abd48f68e31a11cafba426bf70f308971ab063167a817d91 WHIRLPOOL b1a265e966ee4737b828cef7b9e9824bdce074b12d6392f5948b90501b2f8e95a08ef67a456302d4b221fc307c05feda4c05fdeae73c8fac5ac5e574b06dab9c +EBUILD libsemanage-2.7.ebuild 4754 SHA256 32bf136cade6890c9dbab36267ea0ba8811f1a6b63ef73936cff28658983b120 SHA512 845728f9434535df540cfea380cf73a15aa13318913a323b9a0575ea08d46680d9f0bc3d6236710c56de0ab36d146037c5600729bbca4d4462bc59298ba09d8d WHIRLPOOL f794bcc0675c8ba3dc7fc617607aae8af92bf0ad245b9bd3f1d57b50ce6c2f78dc45230e907107a0e97133bb8dd95d492c8c2f6efe281b92c024343d5b8166b5 +EBUILD libsemanage-9999.ebuild 4756 SHA256 840297e111e2bd1c6dd1635e79b64f9a63255fabb04847ed380802f6aed581c1 SHA512 e03ec8650939ce65fff76ace83fc7c8fa31263cd4a01d8feaca97553a6e8dd533a615a6df3a64967ed956f8ed1ff53396b8d5209236dc7b8747316b56998498b WHIRLPOOL 71a4136af89a9039e82c492f3e7af81d932fedec7c0c719ee3e68921a0e406fbad6a34b2bb49f0cca0134028e9799a59a9fa739991a5348e14c0b400e6f7d83d +MISC ChangeLog 6750 SHA256 7c693ec390e212643e6cc8117effd450417f5dca794b20f020c09d9ca6c02bd2 SHA512 031b1102c2f3820ea470702fe41996027604c6ca68edce9ebf0235c515dd21160e714c03fec2531cc8366d99212b7cd00e381696df186e4e63f9885aa796f714 WHIRLPOOL 6f560bfc07f6c17fe3854530ce3336deb7711ff18e76cf7a6cd500a792b05f4dee5b58b3ed8e9de6df7043081927e6a83cb39a53914e92d49df22ec30f0eae64 +MISC ChangeLog-2015 13938 SHA256 d7938bb036a37dc37a0d2654be04c655b30cf54cb8c4f019e4f6549ffe3179da SHA512 e006775684003b4a7bd9e77f9fdf173bc1402e3cf05aad684b2e31c1942e8d2a268e7ffa19164a94e04e07f7977c1fdefbaaabf021f4ea4e6e8e8e463f69be3c WHIRLPOOL e87415fff3ee0136db7905a45881fdeed6a46b5dbbbf487fc62adba321a99f747f4eb5c549feb8093ffa22bc8369a60e5370638674a4db2c0aa2a4c020cf4230 +MISC metadata.xml 406 SHA256 0209a41b2fe792b837de815e5e6b2a34fd06890b015a0cb578961d4c63b50381 SHA512 742aba47cdd9ad8f97fcb03a01cc2552c6e1d715f6b717c9dff2ae86ab34b850745888e4f2e3963ec2c258cf16a33cb161205f4ea72563446eada82f6c298479 WHIRLPOOL e00029ce45c8ffa5247ab3a4bcd7afc3f36e4d4a61038ec2075bba0e984cbe6a68a2ffe79a7aee9b3954bbabce5c985376889ce9187613f32bf898bb3300a59b diff --git a/sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch b/sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch deleted file mode 100644 index 8e523dcbf7..0000000000 --- a/sys-libs/libsemanage/files/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch +++ /dev/null @@ -1,208 +0,0 @@ -From 9caebebd598de737f27cdc8d5253a2cebd67d5a9 Mon Sep 17 00:00:00 2001 -From: Jason Zaman -Date: Wed, 22 Apr 2015 18:27:09 +0400 -Subject: [PATCH] libsemanage: do not copy contexts in semanage_migrate_store - -The modules from the old store were previously copied to the new one -using setfscreatecon and shutil.copy2(). Now that refpolicy has rules -about the new policy location[1], copying the contexts is redundant. - -More importantly, the setcreatefscon caused a constraint violation[2] -which made the migration fail. In python3, shutil.copy2() copies xattrs -as well which again causes problems. shutil.copy() is enough for our -needs here as it will copy the file and permissions in both py2 and 3. -We do not need the extra things that copy2() does (mtime, xattr, etc). - -[1] http://oss.tresys.com/pipermail/refpolicy/2014-December/007511.html - -[2] -type=AVC msg=audit(1429438272.872:1869): avc: denied { create } for pid=28739 comm="semanage_migrat" name="strict" scontext=staff_u:sysadm_r:semanage_t tcontext=system_u:object_r:semanage_store_t tclass=dir permissive=0 - constrain dir { create relabelfrom relabelto } ((u1 == u2 -Fail-) or (t1 == can_change_object_identity -Fail-) ); Constraint DENIED -allow semanage_t semanage_store_t:dir create; - -Signed-off-by: Jason Zaman ---- - libsemanage/utils/semanage_migrate_store | 77 ++++++++------------------------ - 1 file changed, 18 insertions(+), 59 deletions(-) - -diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store -index 03b492e..2f85e9c 100755 ---- a/libsemanage/utils/semanage_migrate_store -+++ b/libsemanage/utils/semanage_migrate_store -@@ -8,7 +8,6 @@ import shutil - import sys - from optparse import OptionParser - --import bz2 - import ctypes - - sepol = ctypes.cdll.LoadLibrary('libsepol.so') -@@ -21,41 +20,20 @@ except: - exit(1) - - -- -- --# For some reason this function doesn't exist in libselinux :\ --def copy_with_context(src, dst): -+def copy_file(src, dst): - if DEBUG: - print("copying %s to %s" % (src, dst)) - try: -- con = selinux.lgetfilecon_raw(src)[1] -- except: -- print("Could not get file context of %s" % src, file=sys.stderr) -- exit(1) -- -- try: -- selinux.setfscreatecon_raw(con) -- except: -- print("Could not set fs create context: %s" %con, file=sys.stderr) -- exit(1) -- -- try: -- shutil.copy2(src, dst) -+ shutil.copy(src, dst) - except OSError as the_err: - (err, strerr) = the_err.args - print("Could not copy %s to %s, %s" %(src, dst, strerr), file=sys.stderr) - exit(1) - -- try: -- selinux.setfscreatecon_raw(None) -- except: -- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) - --def create_dir_from(src, dst, mode): -+def create_dir(dst, mode): - if DEBUG: print("Making directory %s" % dst) - try: -- con = selinux.lgetfilecon_raw(src)[1] -- selinux.setfscreatecon_raw(con) - os.makedirs(dst, mode) - except OSError as the_err: - (err, stderr) = the_err.args -@@ -65,28 +43,18 @@ def create_dir_from(src, dst, mode): - print("Error creating %s" % dst, file=sys.stderr) - exit(1) - -- try: -- selinux.setfscreatecon_raw(None) -- except: -- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) - --def create_file_from(src, dst): -+def create_file(dst): - if DEBUG: print("Making file %s" % dst) - try: -- con = selinux.lgetfilecon_raw(src)[1] -- selinux.setfscreatecon_raw(con) - open(dst, 'a').close() - except OSError as the_err: - (err, stderr) = the_err.args - print("Error creating %s" % dst, file=sys.stderr) - exit(1) - -- try: -- selinux.setfscreatecon_raw(None) -- except: -- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) - --def copy_module(store, name, con, base): -+def copy_module(store, name, base): - if DEBUG: print("Install module %s" % name) - (file, ext) = os.path.splitext(name) - if ext != ".pp": -@@ -94,8 +62,6 @@ def copy_module(store, name, con, base): - print("warning: %s has invalid extension, skipping" % name, file=sys.stderr) - return - try: -- selinux.setfscreatecon_raw(con) -- - if base: - root = oldstore_path(store) - else: -@@ -105,7 +71,7 @@ def copy_module(store, name, con, base): - - os.mkdir("%s/%s" % (bottomdir, file)) - -- copy_with_context(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file)) -+ copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file)) - - # This is the ext file that will eventually be used to choose a compiler - efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600) -@@ -116,15 +82,11 @@ def copy_module(store, name, con, base): - print("Error installing module %s" % name, file=sys.stderr) - exit(1) - -- try: -- selinux.setfscreatecon_raw(None) -- except: -- print("Could not reset fs create context. May need to relabel system.", file=sys.stderr) - --def disable_module(file, root, name, disabledmodules): -+def disable_module(file, name, disabledmodules): - if DEBUG: print("Disabling %s" % name) - (disabledname, disabledext) = os.path.splitext(file) -- create_file_from(os.path.join(root, name), "%s/%s" % (disabledmodules, disabledname)) -+ create_file("%s/%s" % (disabledmodules, disabledname)) - - def migrate_store(store): - -@@ -138,17 +100,14 @@ def migrate_store(store): - print("Migrating from %s to %s" % (oldstore, newstore)) - - # Build up new directory structure -- create_dir_from(oldstore, "%s/%s" % (newroot_path(), store), 0o755) -- create_dir_from(oldstore, newstore, 0o700) -- create_dir_from(oldstore, newmodules, 0o700) -- create_dir_from(oldstore, bottomdir, 0o700) -- create_dir_from(oldstore, disabledmodules, 0o700) -- -- # use whatever the file context of bottomdir is for the module directories -- con = selinux.lgetfilecon_raw(bottomdir)[1] -+ create_dir("%s/%s" % (newroot_path(), store), 0o755) -+ create_dir(newstore, 0o700) -+ create_dir(newmodules, 0o700) -+ create_dir(bottomdir, 0o700) -+ create_dir(disabledmodules, 0o700) - - # Special case for base since it was in a different location -- copy_module(store, "base.pp", con, 1) -+ copy_module(store, "base.pp", 1) - - # Dir structure built, start copying files - for root, dirs, files in os.walk(oldstore): -@@ -161,7 +120,7 @@ def migrate_store(store): - newname = "seusers.local" - else: - newname = name -- copy_with_context(os.path.join(root, name), os.path.join(newstore, newname)) -+ copy_file(os.path.join(root, name), os.path.join(newstore, newname)) - - elif root == oldmodules: - # This should be the modules directory -@@ -171,9 +130,9 @@ def migrate_store(store): - print("Error installing module %s, name conflicts with base" % name, file=sys.stderr) - exit(1) - elif ext == ".disabled": -- disable_module(file, root, name, disabledmodules) -+ disable_module(file, name, disabledmodules) - else: -- copy_module(store, name, con, 0) -+ copy_module(store, name, 0) - - def rebuild_policy(): - # Ok, the modules are loaded, lets try to rebuild the policy -@@ -287,7 +246,7 @@ if __name__ == "__main__": - "preserve_tunables" ] - - -- create_dir_from(oldroot_path(), newroot_path(), 0o755) -+ create_dir(newroot_path(), 0o755) - - stores = None - if TYPE is not None: --- -2.0.5 - diff --git a/sys-libs/libsemanage/files/libsemanage-2.6-0001-libsemanage-genhomedircon-only-set-MLS-level-if-MLS-.patch b/sys-libs/libsemanage/files/libsemanage-2.6-0001-libsemanage-genhomedircon-only-set-MLS-level-if-MLS-.patch new file mode 100644 index 0000000000..e3123ed70f --- /dev/null +++ b/sys-libs/libsemanage/files/libsemanage-2.6-0001-libsemanage-genhomedircon-only-set-MLS-level-if-MLS-.patch @@ -0,0 +1,38 @@ +From 4cf9b9ce2df06fd5a29e5264a6552c9b02ec0b5b Mon Sep 17 00:00:00 2001 +From: Stephen Smalley +Date: Fri, 14 Oct 2016 13:36:37 -0400 +Subject: [PATCH] libsemanage: genhomedircon: only set MLS level if MLS is + enabled + +When a non-MLS policy was used with genhomedircon context_from_record() +in sepol would report an error because an MLS level was present when MLS +is disabled. Based on a patch by Gary Tierney, amended to use +sepol_policydb_mls_enabled rather than semanage_mls_enabled because +we are testing the temporary working policy, not the active policy. + +Reported-by: Jason Zaman +Signed-off-by: Stephen Smalley +--- + libsemanage/src/genhomedircon.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c +index 6991fff..5e9d722 100644 +--- libsemanage/src/genhomedircon.c ++++ libsemanage/src/genhomedircon.c +@@ -638,7 +638,11 @@ static int write_contexts(genhomedircon_settings_t *s, FILE *out, + goto fail; + } + +- if (sepol_context_set_user(sepolh, context, user->sename) < 0 || ++ if (sepol_context_set_user(sepolh, context, user->sename) < 0) { ++ goto fail; ++ } ++ ++ if (sepol_policydb_mls_enabled(s->policydb) && + sepol_context_set_mls(sepolh, context, user->level) < 0) { + goto fail; + } +-- +2.7.3 + diff --git a/sys-libs/libsemanage/files/libsemanage-2.6-build-paths.patch b/sys-libs/libsemanage/files/libsemanage-2.6-build-paths.patch new file mode 100644 index 0000000000..86e5c7e9a6 --- /dev/null +++ b/sys-libs/libsemanage/files/libsemanage-2.6-build-paths.patch @@ -0,0 +1,35 @@ +there's no point in using -I/-L flags to the system paths and this breaks +cross-compiling. just drop them. + +--- a/src/Makefile ++++ b/src/Makefile +@@ -60,7 +60,7 @@ + SWIG_CFLAGS += -Wno-error -Wno-unused-but-set-variable -Wno-unused-variable -Wno-shadow \ + -Wno-unused-parameter + +-override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE ++override CFLAGS += -I../include -D_GNU_SOURCE + RANLIB ?= ranlib + + SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./ +@@ -82,17 +82,17 @@ + $(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $< + + $(SWIGSO): $(SWIGLOBJ) +- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR) ++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage + + $(SWIGRUBYSO): $(SWIGRUBYLOBJ) +- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR) ++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage + + $(LIBA): $(OBJS) + $(AR) rcs $@ $^ + $(RANLIB) $@ + + $(LIBSO): $(LOBJS) +- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -laudit -lselinux -lbz2 -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs ++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -laudit -lselinux -lbz2 -lustr -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs + ln -sf $@ $(TARGET) + + $(LIBPC): $(LIBPC).in ../VERSION diff --git a/sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf b/sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf deleted file mode 100644 index 32f68ae9dd..0000000000 --- a/sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf +++ /dev/null @@ -1 +0,0 @@ -L /etc/selinux/semanage.conf - - - - ../../usr/lib/selinux/semanage.conf diff --git a/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild b/sys-libs/libsemanage/libsemanage-2.6.ebuild similarity index 63% rename from sys-libs/libsemanage/libsemanage-2.4-r2.ebuild rename to sys-libs/libsemanage/libsemanage-2.6.ebuild index 58a907baad..e027c1f35a 100644 --- a/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild +++ b/sys-libs/libsemanage/libsemanage-2.6.ebuild @@ -1,46 +1,52 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild,v 1.2 2015/05/10 09:02:13 perfinion Exp $ -EAPI="5" -PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) +EAPI="6" +PYTHON_COMPAT=( python{2_7,3_4,3_5} ) -inherit multilib python-r1 toolchain-funcs eutils multilib-minimal systemd +inherit multilib python-r1 toolchain-funcs multilib-minimal MY_P="${P//_/-}" +MY_RELEASEDATE="20161014" SEPOL_VER="${PV}" SELNX_VER="${PV}" DESCRIPTION="SELinux kernel and policy management library" HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" -SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + S="${WORKDIR}/${MY_P}/${PN}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" + KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + S="${WORKDIR}/${MY_P}" +fi LICENSE="GPL-2" SLOT="0" -KEYWORDS="amd64 x86" IUSE="python" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] - " + python? ( ${PYTHON_DEPS} )" DEPEND="${RDEPEND} sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig - ${PYTHON_DEPS} )" # tests are not meant to be run outside of the # full SELinux userland repo RESTRICT="test" -S="${WORKDIR}/${MY_P}" - src_prepare() { echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" @@ -64,11 +70,11 @@ src_prepare() { echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" echo "bzip-small=true" >> "${S}/src/semanage.conf" - echo "handle-unknown=allow" >> "${S}/src/semanage.conf" - epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" + eapply "${FILESDIR}"/${PN}-2.6-build-paths.patch + eapply "${FILESDIR}"/${PN}-2.6-0001-libsemanage-genhomedircon-only-set-MLS-level-if-MLS-.patch - epatch_user + eapply_user multilib_copy_sources } @@ -92,7 +98,6 @@ multilib_src_compile() { multilib_src_install() { emake \ - DEFAULT_SEMANAGE_CONF_LOCATION="${ED}/usr/lib/selinux/semanage.conf" \ LIBDIR="${ED}/usr/$(get_libdir)" \ SHLIBDIR="${ED}/usr/$(get_libdir)" \ DESTDIR="${ED}" install @@ -105,5 +110,25 @@ multilib_src_install() { } python_foreach_impl installation_py fi - systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/libsemanage.conf" +} + +pkg_postinst() { + # Migrate the SELinux semanage configuration store if not done already + local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' "${EROOT}"/etc/selinux/config 2>/dev/null) + if [ -n "${selinuxtype}" ] && [ ! -d "${EROOT}"/var/lib/selinux/${mcs}/active ] ; then + ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" + ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." + ewarn "If there are any issues, it can be done manually by running:" + ewarn "/usr/libexec/selinux/semanage_migrate_store" + ewarn "For more information, please see" + ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" + fi + + # Run the store migration without rebuilds + for POLICY_TYPE in ${POLICY_TYPES} ; do + if [ ! -d "${EROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then + einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." + /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" + fi + done } diff --git a/sys-libs/libsemanage/libsemanage-2.7.ebuild b/sys-libs/libsemanage/libsemanage-2.7.ebuild new file mode 100644 index 0000000000..0d8a7240a2 --- /dev/null +++ b/sys-libs/libsemanage/libsemanage-2.7.ebuild @@ -0,0 +1,137 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" +PYTHON_COMPAT=( python{2_7,3_4,3_5} ) + +inherit multilib python-r1 toolchain-funcs multilib-minimal + +MY_P="${P//_/-}" +MY_RELEASEDATE="20170804" + +SEPOL_VER="${PV}" +SELNX_VER="${PV}" + +DESCRIPTION="SELinux kernel and policy management library" +HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + S="${WORKDIR}/${MY_P}/${PN}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" + KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + S="${WORKDIR}/${MY_P}" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="python" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] + >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] + >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] + >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] + python? ( ${PYTHON_DEPS} )" +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex + python? ( + >=dev-lang/swig-2.0.4-r1 + virtual/pkgconfig + )" + +# tests are not meant to be run outside of the +# full SELinux userland repo +RESTRICT="test" + +src_prepare() { + echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" + echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" + echo "# or debugging of policy." >> "${S}/src/semanage.conf" + echo "save-linked=false" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" + echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" + echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" + echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" + echo "# would catch." >> "${S}/src/semanage.conf" + echo "expand-check=1" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" + echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" + echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" + echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" + echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" + echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" + echo >> "${S}/src/semanage.conf" + echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" + echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" + echo "bzip-small=true" >> "${S}/src/semanage.conf" + + eapply_user + + multilib_copy_sources +} + +multilib_src_compile() { + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ + all + + if multilib_is_native_abi && use python; then + building_py() { + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ + "$@" + } + python_foreach_impl building_py swigify + python_foreach_impl building_py pywrap + fi +} + +multilib_src_install() { + emake \ + LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" \ + DESTDIR="${ED}" install + + if multilib_is_native_abi && use python; then + installation_py() { + emake DESTDIR="${ED}" \ + LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" \ + LIBSEPOLA="${EPREFIX%/}/usr/$(get_libdir)/libsepol.a" \ + install-pywrap + python_optimize # bug 531638 + } + python_foreach_impl installation_py + fi +} + +pkg_postinst() { + # Migrate the SELinux semanage configuration store if not done already + local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' "${EROOT}"/etc/selinux/config 2>/dev/null) + if [ -n "${selinuxtype}" ] && [ ! -d "${EROOT}"/var/lib/selinux/${mcs}/active ] ; then + ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" + ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." + ewarn "If there are any issues, it can be done manually by running:" + ewarn "/usr/libexec/selinux/semanage_migrate_store" + ewarn "For more information, please see" + ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" + fi + + # Run the store migration without rebuilds + for POLICY_TYPE in ${POLICY_TYPES} ; do + if [ ! -d "${EROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then + einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." + /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" + fi + done +} diff --git a/sys-libs/libsemanage/libsemanage-9999.ebuild b/sys-libs/libsemanage/libsemanage-9999.ebuild index e6f61bd637..5015c4e9fc 100644 --- a/sys-libs/libsemanage/libsemanage-9999.ebuild +++ b/sys-libs/libsemanage/libsemanage-9999.ebuild @@ -1,14 +1,13 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/libsemanage/libsemanage-9999.ebuild,v 1.1 2015/06/09 15:36:24 swift Exp $ -EAPI="5" -PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) +EAPI="6" +PYTHON_COMPAT=( python{2_7,3_4,3_5} ) -inherit multilib python-r1 toolchain-funcs eutils multilib-minimal systemd +inherit multilib python-r1 toolchain-funcs multilib-minimal MY_P="${P//_/-}" -MY_RELEASEDATE="20150202" +MY_RELEASEDATE="20170804" SEPOL_VER="${PV}" SELNX_VER="${PV}" @@ -16,32 +15,32 @@ SELNX_VER="${PV}" DESCRIPTION="SELinux kernel and policy management library" HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" -if [[ ${PV} == 9999 ]] ; then +if [[ ${PV} == 9999 ]]; then inherit git-r3 EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" S="${WORKDIR}/${MY_P}/${PN}" else - SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" - KEYWORDS="~amd64 ~x86" + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~mips ~x86" S="${WORKDIR}/${MY_P}" fi LICENSE="GPL-2" SLOT="0" IUSE="python" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] - " + python? ( ${PYTHON_DEPS} )" DEPEND="${RDEPEND} sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig - ${PYTHON_DEPS} )" # tests are not meant to be run outside of the @@ -71,14 +70,8 @@ src_prepare() { echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" echo "bzip-small=true" >> "${S}/src/semanage.conf" - echo "handle-unknown=allow" >> "${S}/src/semanage.conf" - if [[ ${PV} != 9999 ]] ; then - # If wanted for live builds, please use /etc/portage/patches - epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" - fi - - epatch_user + eapply_user multilib_copy_sources } @@ -92,8 +85,11 @@ multilib_src_compile() { if multilib_is_native_abi && use python; then building_py() { - python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH - emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ + "$@" } python_foreach_impl building_py swigify python_foreach_impl building_py pywrap @@ -102,18 +98,40 @@ multilib_src_compile() { multilib_src_install() { emake \ - DEFAULT_SEMANAGE_CONF_LOCATION="${ED}/usr/lib/selinux/semanage.conf" \ LIBDIR="${ED}/usr/$(get_libdir)" \ SHLIBDIR="${ED}/usr/$(get_libdir)" \ DESTDIR="${ED}" install if multilib_is_native_abi && use python; then installation_py() { - emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ - SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap + emake DESTDIR="${ED}" \ + LIBDIR="${ED}/usr/$(get_libdir)" \ + SHLIBDIR="${ED}/usr/$(get_libdir)" \ + LIBSEPOLA="${EPREFIX%/}/usr/$(get_libdir)/libsepol.a" \ + install-pywrap python_optimize # bug 531638 } python_foreach_impl installation_py fi - systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/libsemanage.conf" +} + +pkg_postinst() { + # Migrate the SELinux semanage configuration store if not done already + local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' "${EROOT}"/etc/selinux/config 2>/dev/null) + if [ -n "${selinuxtype}" ] && [ ! -d "${EROOT}"/var/lib/selinux/${mcs}/active ] ; then + ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" + ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." + ewarn "If there are any issues, it can be done manually by running:" + ewarn "/usr/libexec/selinux/semanage_migrate_store" + ewarn "For more information, please see" + ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" + fi + + # Run the store migration without rebuilds + for POLICY_TYPE in ${POLICY_TYPES} ; do + if [ ! -d "${EROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then + einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." + /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" + fi + done } diff --git a/sys-libs/libsemanage/metadata.xml b/sys-libs/libsemanage/metadata.xml index 83c24ee195..d4dc9ab41f 100644 --- a/sys-libs/libsemanage/metadata.xml +++ b/sys-libs/libsemanage/metadata.xml @@ -1,7 +1,10 @@ - selinux + + selinux@gentoo.org + SELinux Team + SELinux policy management libraries SELinuxProject/selinux From cf57ff7022d4bbef60754085e750e2703374e3c3 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 05/42] sys-libs/libsemanage: Add postinst USE flag Signed-off-by: Geoff Levand --- sys-libs/libsemanage/libsemanage-2.7.ebuild | 4 +++- sys-libs/libsemanage/metadata.xml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/sys-libs/libsemanage/libsemanage-2.7.ebuild b/sys-libs/libsemanage/libsemanage-2.7.ebuild index 0d8a7240a2..c15ec29882 100644 --- a/sys-libs/libsemanage/libsemanage-2.7.ebuild +++ b/sys-libs/libsemanage/libsemanage-2.7.ebuild @@ -27,7 +27,7 @@ fi LICENSE="GPL-2" SLOT="0" -IUSE="python" +IUSE="python postinst" REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] @@ -116,6 +116,8 @@ multilib_src_install() { } pkg_postinst() { + use postinst || return + # Migrate the SELinux semanage configuration store if not done already local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' "${EROOT}"/etc/selinux/config 2>/dev/null) if [ -n "${selinuxtype}" ] && [ ! -d "${EROOT}"/var/lib/selinux/${mcs}/active ] ; then diff --git a/sys-libs/libsemanage/metadata.xml b/sys-libs/libsemanage/metadata.xml index d4dc9ab41f..5abe197310 100644 --- a/sys-libs/libsemanage/metadata.xml +++ b/sys-libs/libsemanage/metadata.xml @@ -9,4 +9,7 @@ SELinuxProject/selinux + + Run postinst to migrate the SELinux semanage configuration store. + From 9b0be365694d5363a16da2eb2f6a79c4866a9250 Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 06/42] sys-libs/libsemanage: Permit unknown policy objects We're using a stripped down policy, so we don't care that certain tasks may refer to policy objects that don't exist. Permit acts that reference them. From: Matthew Garrett [Rebase to latest] Signed-off-by: Geoff Levand --- sys-libs/libsemanage/libsemanage-2.7.ebuild | 1 + 1 file changed, 1 insertion(+) diff --git a/sys-libs/libsemanage/libsemanage-2.7.ebuild b/sys-libs/libsemanage/libsemanage-2.7.ebuild index c15ec29882..6fdac150ff 100644 --- a/sys-libs/libsemanage/libsemanage-2.7.ebuild +++ b/sys-libs/libsemanage/libsemanage-2.7.ebuild @@ -70,6 +70,7 @@ src_prepare() { echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" echo "bzip-small=true" >> "${S}/src/semanage.conf" + echo "handle-unknown=allow" >> "${S}/src/semanage.conf" eapply_user From 88091cbe6ecc85c73b87032e71323ede8c9ddbb4 Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 07/42] sys-libs/libsemanage: Install configuration file Install selinux to /usr/lib/selinux/ rather than /etc/selinux/ and /var/lib/selinux in order for Container Linux update to work properly. From: Matthew Garrett [Rebase to latest] Signed-off-by: Geoff Levand --- sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf | 3 +++ sys-libs/libsemanage/libsemanage-2.7.ebuild | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf diff --git a/sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf b/sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf new file mode 100644 index 0000000000..168b972069 --- /dev/null +++ b/sys-libs/libsemanage/files/tmpfiles.d/libsemanage.conf @@ -0,0 +1,3 @@ +#Type Path Mode UID GID Age Argument +d /etc/selinux/ - - - - - +L /etc/selinux/semanage.conf - - - - ../../usr/lib/selinux/semanage.conf diff --git a/sys-libs/libsemanage/libsemanage-2.7.ebuild b/sys-libs/libsemanage/libsemanage-2.7.ebuild index 6fdac150ff..fd7739a7d2 100644 --- a/sys-libs/libsemanage/libsemanage-2.7.ebuild +++ b/sys-libs/libsemanage/libsemanage-2.7.ebuild @@ -4,7 +4,7 @@ EAPI="6" PYTHON_COMPAT=( python{2_7,3_4,3_5} ) -inherit multilib python-r1 toolchain-funcs multilib-minimal +inherit multilib python-r1 toolchain-funcs multilib-minimal systemd MY_P="${P//_/-}" MY_RELEASEDATE="20170804" @@ -99,6 +99,7 @@ multilib_src_compile() { multilib_src_install() { emake \ + DEFAULT_SEMANAGE_CONF_LOCATION="${ED}/usr/lib/selinux/semanage.conf" \ LIBDIR="${ED}/usr/$(get_libdir)" \ SHLIBDIR="${ED}/usr/$(get_libdir)" \ DESTDIR="${ED}" install @@ -114,6 +115,8 @@ multilib_src_install() { } python_foreach_impl installation_py fi + + systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/libsemanage.conf" } pkg_postinst() { From d0ce29b9311eabf617e21d0994ef666b288733fb Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 08/42] sys-libs/libsemanage: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- sys-libs/libsemanage/libsemanage-2.7.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys-libs/libsemanage/libsemanage-2.7.ebuild b/sys-libs/libsemanage/libsemanage-2.7.ebuild index fd7739a7d2..d60e6323a8 100644 --- a/sys-libs/libsemanage/libsemanage-2.7.ebuild +++ b/sys-libs/libsemanage/libsemanage-2.7.ebuild @@ -21,7 +21,7 @@ if [[ ${PV} == 9999 ]]; then S="${WORKDIR}/${MY_P}/${PN}" else SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" - KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + KEYWORDS="amd64 ~arm arm64 ~mips x86" S="${WORKDIR}/${MY_P}" fi From ca663b4ad7931f2cb24130e04513f939feb4ed03 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 09/42] app-admin/setools: Import latest Signed-off-by: Geoff Levand --- app-admin/setools/ChangeLog | 428 ------------------ app-admin/setools/Manifest | 16 +- ...check-role_set_expand-libsepol-2.1.0.patch | 24 - .../files/fix-implicit-def-fstat.patch | 13 - .../files/setools-3.3.8-no-check-file.patch | 15 + ...d.patch => setools-3.3.8-policy-max.patch} | 22 +- .../files/setools-4.0.1-remove-gui.patch | 17 + .../files/setools-4.1.0-remove-gui.patch | 18 + .../files/setools-4.1.1-remove-gui.patch | 18 + ...setools3-userspace-2.4-compatibility.patch | 114 ----- app-admin/setools/metadata.xml | 8 +- app-admin/setools/setools-3.3.8-r7.ebuild | 16 +- app-admin/setools/setools-4.0.1.ebuild | 52 +++ app-admin/setools/setools-4.1.1.ebuild | 53 +++ app-admin/setools/setools-9999.ebuild | 53 +++ 15 files changed, 266 insertions(+), 601 deletions(-) delete mode 100644 app-admin/setools/ChangeLog delete mode 100644 app-admin/setools/files/fix-check-role_set_expand-libsepol-2.1.0.patch delete mode 100644 app-admin/setools/files/fix-implicit-def-fstat.patch create mode 100644 app-admin/setools/files/setools-3.3.8-no-check-file.patch rename app-admin/setools/files/{support-cross-build.patch => setools-3.3.8-policy-max.patch} (55%) create mode 100644 app-admin/setools/files/setools-4.0.1-remove-gui.patch create mode 100644 app-admin/setools/files/setools-4.1.0-remove-gui.patch create mode 100644 app-admin/setools/files/setools-4.1.1-remove-gui.patch delete mode 100644 app-admin/setools/files/setools3-userspace-2.4-compatibility.patch create mode 100644 app-admin/setools/setools-4.0.1.ebuild create mode 100644 app-admin/setools/setools-4.1.1.ebuild create mode 100644 app-admin/setools/setools-9999.ebuild diff --git a/app-admin/setools/ChangeLog b/app-admin/setools/ChangeLog deleted file mode 100644 index a660c666b9..0000000000 --- a/app-admin/setools/ChangeLog +++ /dev/null @@ -1,428 +0,0 @@ -# ChangeLog for app-admin/setools -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/setools/ChangeLog,v 1.101 2015/05/10 09:06:14 perfinion Exp $ - - 10 May 2015; Jason Zaman setools-3.3.8-r7.ebuild: - stabilize selinux 2.4 userland - - 18 Apr 2015; Jason Zaman setools-3.3.8-r7.ebuild: - Cleanup deps - - 16 Mar 2015; Mike Frysinger setools-3.3.8-r5.ebuild, - setools-3.3.8-r7.ebuild: - Use new toolchain helpers for selecting the bfd linker #467136 by Amadeusz - Sławiński. Clean up quoting/redundant die/semicolons too. - - 03 Mar 2015; Sven Vermeulen setools-3.3.8-r7.ebuild: - Fix bug #542032 - SWIG version check does not work - - 02 Mar 2015; Sven Vermeulen -setools-3.3.8-r6.ebuild: - Drop r6 (build failure with swig, fixed in r7) - - 18 Feb 2015; Jason Zaman setools-3.3.8-r7.ebuild: - re-add keywords to -r7 - -*setools-3.3.8-r7 (17 Feb 2015) - - 17 Feb 2015; Jason Zaman +setools-3.3.8-r7.ebuild: - revbump with swig patches, dropping keywords for testing - -*setools-3.3.8-r6 (12 Feb 2015) - - 12 Feb 2015; Jason Zaman - +files/setools3-userspace-2.4-compatibility.patch, +setools-3.3.8-r6.ebuild: - fix compile error with 2.4 userland, bug 539462 - - 05 Aug 2014; Sven Vermeulen -setools-3.3.8-r2.ebuild, - -setools-3.3.8-r4.ebuild: - Remove obsolete ebuilds - - 30 Jul 2014; Sven Vermeulen setools-3.3.8-r5.ebuild: - Fix bug #509532 - Fix failure of unresolved overloaded function type - - 28 May 2014; Sven Vermeulen -setools-3.3.7-r1.ebuild, - -setools-3.3.7-r3.ebuild, -setools-3.3.7-r5.ebuild, -setools-3.3.7-r6.ebuild, - -setools-3.3.8-r1.ebuild, -setools-3.3.8-r3.ebuild: - Spring cleanup - -*setools-3.3.8-r5 (28 May 2014) - - 28 May 2014; Sven Vermeulen +setools-3.3.8-r5.ebuild: - Fix bug #509532 - Build failure with unresolved overloaded function type - - 24 Mar 2014; Sven Vermeulen setools-3.3.8-r4.ebuild: - Stabilize - -*setools-3.3.8-r4 (04 Feb 2014) - - 04 Feb 2014; Sven Vermeulen +setools-3.3.8-r4.ebuild: - Switch to python-r1, use EAPI=5, explicitly use bfd linker (bug 467136) - -*setools-3.3.8-r3 (19 Jan 2014) - - 19 Jan 2014; Sven Vermeulen +setools-3.3.8-r3.ebuild: - Fix pthread_cond_timedwait error thanks to Christopher J. PeBenito for the - patch - - 27 Jun 2013; Sven Vermeulen setools-3.3.8-r2.ebuild: - Stabilize - -*setools-3.3.8-r2 (22 Apr 2013) - - 22 Apr 2013; Sven Vermeulen +setools-3.3.8-r2.ebuild: - Using SLOTed swig, fixes bug #453512 - - 16 Apr 2013; Sven Vermeulen setools-3.3.8-r1.ebuild: - Stabilize - -*setools-3.3.8-r1 (09 Mar 2013) - - 09 Mar 2013; Sven Vermeulen +setools-3.3.8-r1.ebuild: - New upstream release (3.3.8) - - 30 Dec 2012; Sven Vermeulen setools-3.3.7-r6.ebuild: - Stabilize - -*setools-3.3.7-r6 (23 Nov 2012) - - 23 Nov 2012; Sven Vermeulen +setools-3.3.7-r6.ebuild: - Fix bugs #436338 and #430262 - - 18 Nov 2012; setools-3.3.7-r5.ebuild: - Adding epatch_user to simplify development and support user-provided patches - -*setools-3.3.7-r5 (08 Sep 2012) - - 08 Sep 2012; +setools-3.3.7-r5.ebuild: - Fix bugs #424627 and #430262 - - 30 Jul 2012; setools-3.3.7-r3.ebuild: - Stabilization - - 09 Jul 2012; setools-3.3.7-r3.ebuild: - Fixing bug #424581 - Work around mkdir_p changes in automake until 1.12 is - default - - 26 Jun 2012; Mike Gilbert setools-3.3.7-r1.ebuild, - setools-3.3.7-r3.ebuild: - Restict pypy per Arfrever. - -*setools-3.3.7-r3 (25 Jun 2012) - - 25 Jun 2012; +setools-3.3.7-r3.ebuild: - Support Python3, fix audit2allow support, bug #415091 and bug #408179 - - 21 May 2012; Mike Frysinger setools-3.3.7-r1.ebuild: - Inherit eutils for epatch. - - 03 May 2012; Jeff Horelick setools-3.3.7-r1.ebuild: - dev-util/pkgconfig -> virtual/pkgconfig - - 12 Nov 2011; -setools-3.3.7.ebuild: - Remove obsoleted ebuilds - - 23 Oct 2011; setools-3.3.7-r1.ebuild: - Stabilization (tracker #384231) - - 19 Aug 2011; -setools-2.4.ebuild, -setools-3.3.4.ebuild, - -setools-3.3.5.ebuild, -setools-3.3.6.ebuild, - -files/setools-3.3.6-headers.diff, -files/apol_tcl_fc.c.diff: - Remove obsoleted versions of setools - -*setools-3.3.7-r1 (19 Aug 2011) - - 19 Aug 2011; - +files/fix-check-role_set_expand-libsepol-2.1.0.patch, - +setools-3.3.7-r1.ebuild, +files/fix-implicit-def-fstat.patch: - Fix #378943 where setools fails to build with new selinux userspace - - 08 Jul 2011; Samuli Suominen setools-2.4.ebuild: - Convert from "useq" to "use". - - 28 May 2011; Anthony G. Basile setools-3.3.7.ebuild: - Stable amd64 x86 - - 04 Apr 2011; Anthony G. Basile setools-2.4.ebuild: - Updated SRC_URI, bug #341929 - - 29 Mar 2011; Christoph Mende setools-3.3.4.ebuild, - setools-3.3.5.ebuild, setools-3.3.6.ebuild, setools-3.3.7.ebuild: - Fixed slot deps - - 13 Feb 2011; Anthony G. Basile metadata.xml: - Updated metadata.xml to reflect new selinux herd. - - 06 Feb 2011; Arfrever Frehtes Taifersar Arahesis - setools-3.3.7.ebuild: - Set SUPPORT_PYTHON_ABIS (bug #308279). Fix building with SWIG 2. - -*setools-3.3.7 (12 May 2010) - - 12 May 2010; Chris PeBenito +setools-3.3.7.ebuild: - New upstream release. - - 20 Sep 2009; Chris PeBenito setools-3.3.6.ebuild, - +files/setools-3.3.6-headers.diff: - Fix QA issues. - -*setools-3.3.6 (08 Aug 2009) - - 08 Aug 2009; Chris PeBenito +setools-3.3.6.ebuild: - New upstream release. - - 22 Jul 2009; Chris PeBenito setools-3.3.4.ebuild, - setools-3.3.5.ebuild: - Drop alpha, mips, ppc, sparc selinux support. - - 13 Jul 2009; Diego E. Pettenò - setools-3.3.5.ebuild: - Use emake rather than make. - -*setools-3.3.5 (02 Dec 2008) - - 02 Dec 2008; Chris PeBenito setools-2.4.ebuild, - -setools-3.3.1.ebuild, -setools-3.3.3.ebuild, +setools-3.3.5.ebuild: - New upstream bugfix release for libsepol 2.x additional features. - Cleanup old ebuilds. - -*setools-3.3.4 (31 Mar 2008) - - 31 Mar 2008; Chris PeBenito +setools-3.3.4.ebuild: - Update with fixes for glibc 2.7, gcc 3.4, and tcl/tk 8.5. - -*setools-3.3.3 (26 Feb 2008) - - 26 Feb 2008; Chris PeBenito +setools-3.3.3.ebuild: - New upstream bugfix release. - -*setools-3.3.1 (27 Aug 2007) - - 27 Aug 2007; Chris PeBenito -setools-3.0.ebuild, - -setools-3.1.ebuild, -setools-3.2.ebuild, -setools-3.3.ebuild, - +setools-3.3.1.ebuild: - New upstream bugfix release. Clear out old unstable ebuilds. - - 20 Aug 2007; Chris PeBenito setools-3.1.ebuild, - setools-3.2.ebuild: - Set bwidget dep to 1.8 to fix #175415. - -*setools-3.3 (04 Aug 2007) - - 04 Aug 2007; Chris PeBenito +setools-3.3.ebuild: - New upstream release. - -*setools-3.2 (09 May 2007) - - 09 May 2007; Chris PeBenito +setools-3.2.ebuild: - New upstream release. - -*setools-3.1 (16 Feb 2007) - - 16 Feb 2007; Chris PeBenito +setools-3.1.ebuild: - New upstream release. - - 02 Feb 2007; Chris PeBenito setools-3.0.ebuild: - Fix bug #156752. - -*setools-3.0 (18 Oct 2006) - - 18 Oct 2006; Chris PeBenito - -files/setools-2.2-nogui.diff, -setools-2.2.ebuild, -setools-2.3.ebuild, - +setools-3.0.ebuild: - New upstream release. - - 12 Sep 2006; Chris PeBenito setools-2.4.ebuild: - Mark stable. - - 11 Sep 2006; Chris PeBenito - +files/apol_tcl_fc.c.diff, setools-2.4.ebuild: - Fixes to hopefully take care of #133028 - -*setools-2.4 (09 May 2006) - - 09 May 2006; Chris PeBenito +setools-2.4.ebuild: - New upstream release. - -*setools-2.3 (03 Feb 2006) - - 03 Feb 2006; Chris PeBenito +setools-2.3.ebuild: - New upstream release. - - 02 Jan 2006; Chris PeBenito -setools-2.1.2.ebuild, - -setools-2.1.3.ebuild, setools-2.2.ebuild: - Mark stable. - - 05 Dec 2005; Chris PeBenito metadata.xml, - setools-2.1.2.ebuild, setools-2.1.3.ebuild, setools-2.2.ebuild: - Update homepage and metadata. - - 12 Nov 2005; Chris PeBenito - +files/setools-2.2-nogui.diff, setools-2.2.ebuild: - Add patch to fix bug #112284. - -*setools-2.2 (08 Nov 2005) - - 08 Nov 2005; Chris PeBenito +setools-2.2.ebuild: - New upstream release. - -*setools-2.1.3 (12 Oct 2005) - - 12 Oct 2005; Chris PeBenito -setools-2.1.0.ebuild, - -setools-2.1.1.ebuild, +setools-2.1.3.ebuild: - New upstream release. - - 08 Oct 2005; Chris PeBenito setools-2.1.2.ebuild: - Mark stable. - - 07 Sep 2005; Chris PeBenito setools-2.1.0.ebuild, - setools-2.1.1.ebuild, setools-2.1.2.ebuild: - Fix changed URIs. - -*setools-2.1.2 (07 Sep 2005) - - 07 Sep 2005; Chris PeBenito +setools-2.1.2.ebuild: - New upstream release. - -*setools-2.1.1 (20 May 2005) - - 20 May 2005; Chris PeBenito setools-2.1.0.ebuild, - +setools-2.1.1.ebuild: - Mark 2.1.0 stable, plus new upstream release. - - 21 Apr 2005; Simon Stelling setools-2.0-r1.ebuild: - stable on amd64 - -*setools-2.1.0 (19 Apr 2005) - - 19 Apr 2005; Chris PeBenito +setools-2.1.0.ebuild: - New upstream release. - -*setools-2.0-r1 (09 Apr 2005) - - 09 Apr 2005; Chris PeBenito +setools-2.0-r1.ebuild: - Fix for bug #88248. - - 29 Mar 2005; Chris PeBenito setools-2.0.ebuild: - Mark stable. - - 06 Mar 2005; Chris PeBenito setools-2.0.ebuild: - Went overboard on CFLAGS fixes, causing some compile failures on some machines. - - 04 Mar 2005; Chris PeBenito setools-2.0.ebuild: - Fix DEPEND - -*setools-2.0 (04 Mar 2005) - - 04 Mar 2005; Chris PeBenito setools-1.5.1.ebuild, - +setools-2.0.ebuild: - New upstream major release. Mark 1.5.1 stable for x86 and ppc. - -*setools-1.5.1 (06 Nov 2004) - - 06 Nov 2004; Chris PeBenito +setools-1.5.1.ebuild: - New upstream release - -*setools-1.4.1-r1 (15 Sep 2004) - - 15 Sep 2004; Chris PeBenito -setools-1.3.1.ebuild, - +setools-1.4.1-r1.ebuild, -setools-1.4.1.ebuild: - Fix seuser.fc install. - -*setools-1.4.1 (22 Aug 2004) - - 22 Aug 2004; Chris PeBenito +setools-1.4.1.ebuild, - -setools-1.4.ebuild: - Bugfix release. - - 24 Jul 2004; Joshua Brindle setools-1.4.ebuild: - add libselinux dependancy - -*setools-1.4 (21 Jun 2004) - - 21 Jun 2004; Chris PeBenito +setools-1.4.ebuild: - New upstream version. - - 21 Jun 2004; Chris PeBenito setools-1.3.1.ebuild: - Fix for compiles that are USE="-selinux". - - 24 May 2004; Chris PeBenito setools-1.3.1.ebuild: - Fix sandbox violations. - -*setools-1.3.1 (05 May 2004) - - 05 May 2004; Chris PeBenito +setools-1.3.1.ebuild, - -setools-1.3.ebuild: - New upstream bugfix release. - - 04 May 2004; Chris PeBenito -setools-1.2.1.ebuild, - setools-1.3.ebuild: - Mark stable - - 29 Apr 2004; Chris PeBenito setools-1.2.1.ebuild, - setools-1.3.ebuild: - Add missing libxml2 dep. - -*setools-1.3 (15 Apr 2004) - - 15 Apr 2004; Chris PeBenito +setools-1.3.ebuild: - New upstream version. - - 03 Mar 2004; Chris PeBenito setools-1.2.1.ebuild: - Mark stable. - -*setools-1.2.1 (08 Feb 2004) - - 08 Feb 2004; Chris PeBenito setools-1.2.1.ebuild: - New upstream bugfix release. - - 06 Feb 2004; Chris PeBenito setools-1.2.ebuild: - Fix seuser file contexts and conf file. - -*setools-1.2 (05 Feb 2004) - - 05 Feb 2004; Chris PeBenito setools-1.2.ebuild: - New upstream version. - - 31 Jan 2004; Chris PeBenito setools-1.1.1.ebuild: - Mark stable. - -*setools-1.1.1 (06 Jan 2004) - - 06 Jan 2004; Chris PeBenito setools-1.1.1.ebuild: - New upstream bugfix release. - - 28 Dec 2003; Chris PeBenito setools-1.1.ebuild: - Eliminate install -Z. The context option is not needed, and causes sandbox - violations. - - 22 Dec 2003; Chris PeBenito setools-1.1.ebuild, - files/setools-1.1-fix_noX.diff: - Treesys makefiles are broken. Add a hack to make it really work for non X - systems. - -*setools-1.1 (22 Dec 2003) - - 22 Dec 2003; Chris PeBenito setools-1.1.ebuild: - New upstream version. Now X is optional, as there are command line tools. Also - has a new optional gtk log analyzer for audit messages. - - 20 Nov 2003; Chris PeBenito setools-1.0.1.ebuild: - Mark stable - -*setools-1.0.1 (06 Nov 2003) - - 06 Nov 2003; Chris PeBenito setools-1.0.1.ebuild: - New upstream minor version. - -*setools-1.0 (23 Oct 2003) - - 23 Oct 2003; Chris PeBenito setools-1.0.ebuild: - Setools for the new SELinux API. - - 22 Sep 2003; Chris PeBenito setools-20030609.ebuild: - Overdue, mark stable. - -*setools-20030609 (02 Jul 2003) - - 02 Jul 2003; Chris PeBenito setools-20030609.ebuild: - Initial commit diff --git a/app-admin/setools/Manifest b/app-admin/setools/Manifest index 6aeaf2fec0..b1f6443c55 100644 --- a/app-admin/setools/Manifest +++ b/app-admin/setools/Manifest @@ -1,4 +1,16 @@ -DIST setools-3.3.8-01-fedora-patches.tar.gz 1128 SHA256 420b852d4209d07b73cec84586e000e7a6a719135ea677711abf97d420840bb6 SHA512 1aa2cc50c307929b522e029a552bfd545aef07656d1983289b0ea9be67aa94c07272a59c17630fc09fd79b06845ada318cdfa48d6cc243a24026e015c23b9634 WHIRLPOOL 25ae2b15fb15060fd0d34c55f4cc098b70a3a616f5334b092657a9c5df037b7fcf00fd185f33ba142e47d46c36b2fb7e9434021d6e987832fe833367a50d7449 -DIST setools-3.3.8-03-gentoo-patches.tar.gz 6584 SHA256 8eac460b7dc2ee5e2f23148cdbf187316edd78ce0ec7ebbb6b0f68d6ad33d86a SHA512 5458dab5775b558e287f946c299753be5cb5eb6c1c2b9df0e32c7cfa758bb5316d142aa6338d3019f5f1eeb72876e4d5ed4939b0dbfe7b7e01c08a19a086bacc WHIRLPOOL e1afa6bb28f3aee2f3acdc66efd8ca02548c4f8e5707052ea455f1db558126f069d63278251630ee68bf4987157279161006975cb14d44055492228fa476cd72 +AUX setools-3.3.8-no-check-file.patch 558 SHA256 ce1b798f8e1129d2b893dc7de2d9c3fed5a4785f03c55b14a1c7e2d9fec0b037 SHA512 25051dcbb94ddeed623aba598235cb1caaedbb7071dd997c58575ed3cc8266c4421cf070d8f10d5ec6804167bef969fab7227a0241daf7f92e30e1bff0d89080 WHIRLPOOL 85ac00cfac831f22a112fb8420eeaabf1c4d3653ecfb958e68079adb061f773827711ddcce89dfc77d702d8c9460c626ec7c9852cd37e1e01e4eeaa4bcddca28 +AUX setools-3.3.8-policy-max.patch 1051 SHA256 64f06c91af9be789f4e6b6db9f585d76a09670bcb9a5f56e2dd848a89b647bfb SHA512 9eacd76d450b6e68d85f14c4d38cb9370a7cd435610c209d83063b3ddc7bb45f8bd75b1aa8573991e021d4af4205646465b3c2b19ac89296bb7e43147eb0775b WHIRLPOOL 9892fdf63f5a6e27d35edda4ccd984a131c9d96efe458170b8269e2e20e72e2adad412f315fc388774004e1c6ae4af3946d5c8237bcee5c90a65b3cd4b58f854 +AUX setools-4.0.1-remove-gui.patch 1031 SHA256 7aa70f25d6c6b3e45cd5773b1d5f9d26f69535b909249a92c596642807fa3171 SHA512 982c0cd43bdf9473df5dd9584d199bbf1bc71bfee284a2f4e7e800c877bb62bbb6aca03ae3099e481c0538bf3f12d425ca23e19763b1b58c647e9749925283ef WHIRLPOOL 4263180a8ae0c8876ad6fb532e6520b614857c6731bca38169e7a06339e9c32d24d2c4fb2f6111d5573dc23d8480a7e3c3984f22e347940d37549fdeb9390a24 +AUX setools-4.1.0-remove-gui.patch 881 SHA256 383d543b29cb26cbf584f713431a0aea6c3c40ec0a5678cec6eef4754f8b4447 SHA512 b931b0cb7d33e22465c1be849990f2bef07eebdd48ad72d22e5fb2cfa853f6ad2f19a722423db72a4578676376c7d23be557c9932cfe457087a68960f04d15d0 WHIRLPOOL 0561ff8d29bc2b5439083694b5fcf889cb5e0e4de76a2d2ed626958b1b26b4fa38ca7804c397530df5a444ba31d50fa6ae006d26a4fbc28e4724f55bd276b542 +AUX setools-4.1.1-remove-gui.patch 890 SHA256 4189b0c3d7d9cc68e9b1305796c8d4b27a23dc3a1d91b4cebe82eb679cc4bc5e SHA512 c30d7fa3624164d3ec5574b1ae36cc896fb5132ed875f232e9e84cf080e7081dadce61f6d88b55aefa45e417a081622acf7aa2d9f10406d23be7646905dfb3e6 WHIRLPOOL 965ff603e6f3d72b247c3c5383ccd5d1b5577045d139b1bb69311229253acd279022b6adc135a94395be1db179895e58dd1cae3e30d8b6cd3a2e69b17d90749d DIST setools-3.3.8-04-gentoo-patches.tar.bz2 94986 SHA256 9a8a43ac97606fde9b2610ceed65f640638929853f871ce530982bedfd919b64 SHA512 39bf00b6aaf31821c6e2e2fb4c460dd1914fba4bf8385acebedf88f1533da990f1fb925dd49d75827aebef3f394a50a1edea46a07204193b58c65a066a064e6a WHIRLPOOL 4a92e4cf6930584de931c5d0805815aacd1c1af4434ca8e73414eda33588a55ef8d7bdfe4195be642889eee480128cbe12d1c5612e07ea304021b230e0b74816 DIST setools-3.3.8.tar.bz2 951428 SHA256 44387ecc9a231ec536a937783440cd8960a72c51f14bffc1604b7525e341e999 SHA512 2c42ee9904174ed6c6fc129e374ec3591925094ab0ef65001b0104e365c5634bf4a79f28369608c80199d8f59fafaa5f274107c04c129c380eeef7adb0c32667 WHIRLPOOL 11c4065809909764f4364b78df1a8030d189315601b882919ccacb5fb147c1b3a061c5bbf9ced3c243d4615ab7727e9db0c89e931a884ae8b317ae3a879e5371 +DIST setools-4.0.1.tar.gz 399888 SHA256 4c2049877f2f68e4485b72bc280fe20127b49a019169a2cf1d8295c908bdcdfe SHA512 d0a36cfddc6a6f47ecaa8402141271558e97467b6c449d18b98bf6fe894189f29a32fb672e3ff573efdb44964bd361283c68c2906d02f8a9c1269b6b71903bc2 WHIRLPOOL 017e709c113b28175787249af8aa1dcc99a5034eadcc76e97a394f9f89afcc1e7fe3eeb8ec105c541a6260d8a2eb4b1aa8155ba2297ecdf6d640ba112857a442 +DIST setools-4.1.1.tar.gz 461649 SHA256 46a927ea2b163cbe1d35cc35da43e45853e13720c7e02d4cf75a498783c19610 SHA512 2e55a3b07e2f94d7c84054f31d266567b9acc708fe2b0e16ac3ea24e8301c712bcf564ff915a6135a1a6ba6822682bb3a6530dae20161a832fb7048364acbd04 WHIRLPOOL a2982268bb6f407f080718cf841eed097b62e09f5cdb972850d2de7da09562bf0e1b3092fbfd6770ee03aa8146c637241a9ea44618b7fd1c0d8da393c1b9d9f2 +EBUILD setools-3.3.8-r7.ebuild 3686 SHA256 42023e25980739373b010a3a57f0d75ad745c5029bdf479161649869a4024ea5 SHA512 984ceb81a0fd293e16097cbbf8aba94ad2418095cd21de4ac322c02ea77d1a64cce97ddceaa8495b1f6a02fe927511532d54572a8c88888014796529ade6126c WHIRLPOOL 7740c289841cdeb0a658c27f1520cc1cb2ccaf482e1f2a81b670b73a0f1619eeefbed7aca42759fbebabd8a7b708a0ec205f5f8525a01e0db2fc7731469e41a6 +EBUILD setools-4.0.1.ebuild 1245 SHA256 f4e02c54ba171978d081536d924388adb8a5b5805da2ce7466158cf90af001d3 SHA512 1803bfdb18d0fb1278c24ed5272bbb55327381debc023fce62f9897c1d863a8afe4d509c0514bd24f52ac77ba7d64702ee6bce4ed33467bf0bf72a3ba778efb3 WHIRLPOOL f9fdf299061afd5dcc207e6430bdc71d345c6fc78b655c7c9420db317188121f435f38c27a5b15eb52602c0d41fcdc435d8adb5a8bff9f81064460fd266871c4 +EBUILD setools-4.1.1.ebuild 1309 SHA256 e0a042409713dfa40f0dd8d459d16494c39252c695393d19dbd12ff9c7c9657c SHA512 8013267116ab4ad01152f1b28575f96f1213670ec1de7d82ccb89ad225b1af3c828733d25e68681e00823bef429a5f8bdb270dce8be4bfd24da4397506c308ce WHIRLPOOL 2d91775a1b01391082fddd74b26ad6fdef22bab2731a177e27c7cf37ba50fb66bc2c2ca80d8303808495ec84a545e002df969f2471b5b92b0cf5f1090ae9c6a6 +EBUILD setools-9999.ebuild 1311 SHA256 06f28c36f24c9273c19c1b1640ef84a3f71314c22b60aaffacbc752f1192896e SHA512 8eaf4dc0b43c38adc6e206eccb60f52e34e1049e29a8ba51ce035f61307ee28a513867732ac8fe03f0a6e02adadc9c9b7afdd3f1edecd2f5e7918a64bbf2b9e6 WHIRLPOOL 4bc2f7776424e86e9da53349d26a8b2bbb4aaef62a6626a351753abb59bd53abb3e828f9512844b1a31afdc4beac7dd83a9e19fa68ef109e3e3b06efe09346b4 +MISC ChangeLog 5140 SHA256 8e79850635caf36462120694daa381d14b742f63a8a3cbd0ff2cc2ee132ce204 SHA512 05e8c3a148150d3f849955ecbf6ba2afe26250c0589ace0cf9747a33ff27f191af0ad5dbd83a5e1bc5aa230c9c639e8c2319ae797dd939ba5b7ac1d42cb68854 WHIRLPOOL f9ff886df693422539a6cd39265d506e3577bcaa55e9d8ef306f79d3943a9e8ec422c19ef0021dacde802a8ee8740ac9793487cd139bc1f3242f3ece8bffd7a0 +MISC ChangeLog-2015 14070 SHA256 bec7f864d78e8ce6fe5154849b5812b59997d667d135bbea4303712caba86ec1 SHA512 427cb0ec019f621f26153c1ba61da38b40d8c3de05f7a70a6361b5eab6f66a96fd9f17f01a7a2662040b7914ffb0dcf4e57272a472f81de01dda76785800202f WHIRLPOOL 9408d6ebc29caa71b2795377d710007628657cf48f895f9787d7d544eb32b8badddfd1c3014f4250729c314cd4525aada13a262689a18ed77edeadfaffb0ef99 +MISC metadata.xml 403 SHA256 dd38714f015f8ddee0a34b8d9711e68f388d63f6057e8a9b13b9152b1185297c SHA512 be645abfaf1149e2f2a9b7f0613b61f015df81a16bc6dde593513aa2ba7b4a9a8fba65520b53a2511ba65c022258f48bcd2aed3f85c273a35c94359e358a8fa6 WHIRLPOOL ed51a619b4afb53017e26d3b273463e641beb0aed9f6fcce5c6c7137e4b1b2016262cce0f0ecfa9f4072f7037f25ad50ad036dc040cb359c4fad8a50f05c75ec diff --git a/app-admin/setools/files/fix-check-role_set_expand-libsepol-2.1.0.patch b/app-admin/setools/files/fix-check-role_set_expand-libsepol-2.1.0.patch deleted file mode 100644 index 548f60b7dc..0000000000 --- a/app-admin/setools/files/fix-check-role_set_expand-libsepol-2.1.0.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -ur setools-3.3.7.orig/configure.ac setools-3.3.7/configure.ac ---- setools-3.3.7.orig/configure.ac 2011-08-12 19:20:32.651000078 +0200 -+++ setools-3.3.7/configure.ac 2011-08-12 19:20:42.224000036 +0200 -@@ -503,7 +503,7 @@ - [AC_LANG_SOURCE([ - #include - int main () { -- return role_set_expand(NULL, NULL, NULL, NULL); -+ return role_set_expand(NULL, NULL, NULL, NULL, NULL); - }])], - sepol_new_user_role_mapping="yes", - sepol_new_user_role_mapping="no") -diff -ur setools-3.3.7.orig/libqpol/src/policy_define.c setools-3.3.7/libqpol/src/policy_define.c ---- setools-3.3.7.orig/libqpol/src/policy_define.c 2011-08-12 19:20:32.657000013 +0200 -+++ setools-3.3.7/libqpol/src/policy_define.c 2011-08-12 19:20:53.907005864 +0200 -@@ -2133,7 +2133,7 @@ - - /* This ebitmap business is just to ensure that there are not conflicting role_trans rules */ - #ifdef HAVE_SEPOL_USER_ROLE_MAPPING -- if (role_set_expand(&roles, &e_roles, policydbp, NULL)) -+ if (role_set_expand(&roles, &e_roles, policydbp, NULL, NULL)) - #else - if (role_set_expand(&roles, &e_roles, policydbp)) - #endif diff --git a/app-admin/setools/files/fix-implicit-def-fstat.patch b/app-admin/setools/files/fix-implicit-def-fstat.patch deleted file mode 100644 index 72764320a2..0000000000 --- a/app-admin/setools/files/fix-implicit-def-fstat.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -ur setools-3.3.7.orig/libqpol/src/policy.c setools-3.3.7/libqpol/src/policy.c ---- setools-3.3.7.orig/libqpol/src/policy.c 2011-08-12 19:48:13.793000029 +0200 -+++ setools-3.3.7/libqpol/src/policy.c 2011-08-12 19:49:32.880001229 +0200 -@@ -36,6 +36,9 @@ - #include - #include - #include -+#include -+#include -+#include - #include - - #include diff --git a/app-admin/setools/files/setools-3.3.8-no-check-file.patch b/app-admin/setools/files/setools-3.3.8-no-check-file.patch new file mode 100644 index 0000000000..31848e9564 --- /dev/null +++ b/app-admin/setools/files/setools-3.3.8-no-check-file.patch @@ -0,0 +1,15 @@ +there's no real need to run AC_CHECK_FILE to see if a file exists. if the +static link fails later on, then the static lib didn't exist. this also +breaks cross-compiling. + +--- a/configure.ac ++++ b/configure.ac +@@ -448,8 +448,6 @@ + sepol_srcdir="") + if test "x${sepol_srcdir}" = "x"; then + sepol_srcdir=${sepol_devel_libdir} +- AC_CHECK_FILE([${sepol_srcdir}/libsepol.a],, +- AC_MSG_ERROR([make sure libsepol-static is installed])) + else + AC_MSG_CHECKING([for compatible sepol source tree]) + sepol_version=${sepol_srcdir}/VERSION diff --git a/app-admin/setools/files/support-cross-build.patch b/app-admin/setools/files/setools-3.3.8-policy-max.patch similarity index 55% rename from app-admin/setools/files/support-cross-build.patch rename to app-admin/setools/files/setools-3.3.8-policy-max.patch index a2d0b7e891..cf6917a671 100644 --- a/app-admin/setools/files/support-cross-build.patch +++ b/app-admin/setools/files/setools-3.3.8-policy-max.patch @@ -1,7 +1,9 @@ -diff -ur setools-3.3.8.orig/configure.ac setools-3.3.8/configure.ac ---- setools-3.3.8.orig/configure.ac 2013-01-16 08:36:24.000000000 -0800 -+++ setools-3.3.8/configure.ac 2015-06-11 15:01:16.476072420 -0700 -@@ -593,25 +593,6 @@ +trying to run compiled code fails when cross-compiling. +probe the value using the preprocessor instead. + +--- a/configure.ac ++++ b/configure.ac +@@ -621,21 +621,8 @@ sepol_new_errcodes="yes", sepol_new_errcodes="no") @@ -20,10 +22,8 @@ diff -ur setools-3.3.8.orig/configure.ac setools-3.3.8/configure.ac -}])], - sepol_policy_version_max=`cat conftest.data`, - AC_MSG_FAILURE([could not determine maximum libsepol policy version])) --AC_DEFINE_UNQUOTED(SEPOL_POLICY_VERSION_MAX, ${sepol_policy_version_max}, [maximum policy version supported by libsepol]) --CFLAGS="${sepol_save_CFLAGS}" --CPPFLAGS="${sepol_save_CPPFLAGS}" -- - if test ${use_selinux} = "yes"; then - dnl Locate selinux policy root directory - AC_MSG_CHECKING([for selinux policy root]) ++printf "#include \nPOLICYDB_VERSION_MAX\n" > conftest.c ++sepol_policy_version_max=`${CPP} -E -P ${CPPFLAGS} conftest.c | tail -1` + AC_DEFINE_UNQUOTED(SEPOL_POLICY_VERSION_MAX, ${sepol_policy_version_max}, [maximum policy version supported by libsepol]) + CFLAGS="${sepol_save_CFLAGS}" + CPPFLAGS="${sepol_save_CPPFLAGS}" diff --git a/app-admin/setools/files/setools-4.0.1-remove-gui.patch b/app-admin/setools/files/setools-4.0.1-remove-gui.patch new file mode 100644 index 0000000000..bb93ff269b --- /dev/null +++ b/app-admin/setools/files/setools-4.0.1-remove-gui.patch @@ -0,0 +1,17 @@ +--- setools-4.0.1/setup.py.orig 2016-05-22 19:50:02.586000000 +0200 ++++ setools-4.0.1/setup.py 2016-05-22 19:50:56.107000000 +0200 +@@ -163,11 +163,10 @@ + 'build_lex': LexCommand, + 'build_ext': BuildExtCommand, + 'build_qhc': QtHelpCommand}, +- packages=['setools', 'setools.diff', 'setools.policyrep', 'setoolsgui', 'setoolsgui.apol'], +- scripts=['apol', 'sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'], ++ packages=['setools', 'setools.diff', 'setools.policyrep'], ++ scripts=['sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'], + data_files=[(join(sys.prefix, 'share/man/man1'), glob.glob("man/*.1") ), +- (join(sys.prefix, 'share/setools'), glob.glob("data/*.ui") + +- ["data/perm_map", "qhc/apol.qhc"] )], ++ (join(sys.prefix, 'share/setools'), ["data/perm_map"] ),], + ext_modules=ext_py_mods, + test_suite='tests', + license='GPLv2+, LGPLv2.1+', diff --git a/app-admin/setools/files/setools-4.1.0-remove-gui.patch b/app-admin/setools/files/setools-4.1.0-remove-gui.patch new file mode 100644 index 0000000000..67d7fe5c6e --- /dev/null +++ b/app-admin/setools/files/setools-4.1.0-remove-gui.patch @@ -0,0 +1,18 @@ +diff --git a/setup.py b/setup.py +index 4e7645c..aa3895a 100644 +--- a/setup.py ++++ b/setup.py +@@ -180,10 +180,10 @@ setup(name='setools', + 'build_lex': LexCommand, + 'build_ext': BuildExtCommand, + 'build_qhc': QtHelpCommand}, +- packages=['setools', 'setools.diff', 'setools.policyrep', 'setoolsgui', 'setoolsgui.apol'], +- scripts=['apol', 'sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'], ++ packages=['setools', 'setools.diff', 'setools.policyrep'], ++ scripts=['sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'], + data_files=[(join(sys.prefix, 'share/man/man1'), glob.glob("man/*.1"))], +- package_data={'': ['*.ui', '*.qhc'], 'setools': ['perm_map']}, ++ package_data={'setools': ['perm_map']}, + ext_modules=ext_py_mods, + test_suite='tests', + license='GPLv2+, LGPLv2.1+', diff --git a/app-admin/setools/files/setools-4.1.1-remove-gui.patch b/app-admin/setools/files/setools-4.1.1-remove-gui.patch new file mode 100644 index 0000000000..1bb78f5fd9 --- /dev/null +++ b/app-admin/setools/files/setools-4.1.1-remove-gui.patch @@ -0,0 +1,18 @@ +diff --git a/setup.py b/setup.py +index 2ca44c9..0c8a0d9 100644 +--- a/setup.py ++++ b/setup.py +@@ -180,10 +180,10 @@ setup(name='setools', + 'build_lex': LexCommand, + 'build_ext': BuildExtCommand, + 'build_qhc': QtHelpCommand}, +- packages=['setools', 'setools.diff', 'setools.policyrep', 'setoolsgui', 'setoolsgui.apol'], +- scripts=['apol', 'sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'], ++ packages=['setools', 'setools.diff', 'setools.policyrep'], ++ scripts=['sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta'], + data_files=[(join(sys.prefix, 'share/man/man1'), glob.glob("man/*.1"))], +- package_data={'': ['*.ui', '*.qhc', '*.qch'], 'setools': ['perm_map']}, ++ package_data={'setools': ['perm_map']}, + ext_modules=ext_py_mods, + test_suite='tests', + license='GPLv2+, LGPLv2.1+', diff --git a/app-admin/setools/files/setools3-userspace-2.4-compatibility.patch b/app-admin/setools/files/setools3-userspace-2.4-compatibility.patch deleted file mode 100644 index c8fc3f5290..0000000000 --- a/app-admin/setools/files/setools3-userspace-2.4-compatibility.patch +++ /dev/null @@ -1,114 +0,0 @@ -From f1e5b208d507171968ca4d2eeefd7980f1004a3c Mon Sep 17 00:00:00 2001 -From: Chris PeBenito -Date: Thu, 12 Feb 2015 08:55:12 -0500 -Subject: [PATCH] Update for 2015-02-02 Userspace release (2.4) - -SETools now requires libsepol 2.4 and libselinux 2.4. ---- - configure.ac | 6 +++--- - libqpol/src/policy_define.c | 4 ++-- - libqpol/src/policy_extend.c | 4 ++-- - libqpol/src/syn_rule_query.c | 6 +++--- - secmds/replcon.cc | 2 +- - 5 files changed, 11 insertions(+), 11 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 80395e6..ae20da7 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -25,9 +25,9 @@ libseaudit_version=4.5 - setoolsdir='${prefix}/share/setools-3.3' - javadir='${prefix}/share/java' - --version_min_sepol_major=1 --version_min_sepol_minor=12 --version_min_sepol_patch=27 -+version_min_sepol_major=2 -+version_min_sepol_minor=4 -+version_min_sepol_patch=0 - - dnl *** end of tunable values *** - -diff --git a/libqpol/src/policy_define.c b/libqpol/src/policy_define.c -index 229779c..15f70ba 100644 ---- a/libqpol/src/policy_define.c -+++ b/libqpol/src/policy_define.c -@@ -1661,7 +1661,7 @@ int define_compute_type_helper(int which, avrule_t ** rule) - goto bad; - } - class_perm_node_init(perm); -- perm->class = i + 1; -+ perm->tclass = i + 1; - perm->data = datum->s.value; - perm->next = avrule->perms; - avrule->perms = perm; -@@ -1901,7 +1901,7 @@ int define_te_avtab_helper(int which, avrule_t ** rule) - goto out; - } - class_perm_node_init(cur_perms); -- cur_perms->class = i + 1; -+ cur_perms->tclass = i + 1; - if (!perms) - perms = cur_perms; - if (tail) -diff --git a/libqpol/src/policy_extend.c b/libqpol/src/policy_extend.c -index 5325a87..1417271 100644 ---- a/libqpol/src/policy_extend.c -+++ b/libqpol/src/policy_extend.c -@@ -843,7 +843,7 @@ static int qpol_syn_rule_table_insert_sepol_avrule(qpol_policy_t * policy, qpol_ - for (class_node = rule->perms; class_node; class_node = class_node->next) { - key.rule_type = rule->specified; - key.source_val = key.target_val = i + 1; -- key.class_val = class_node->class; -+ key.class_val = class_node->tclass; - key.cond = cond; - if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule)) - goto err; -@@ -856,7 +856,7 @@ static int qpol_syn_rule_table_insert_sepol_avrule(qpol_policy_t * policy, qpol_ - key.rule_type = rule->specified; - key.source_val = i + 1; - key.target_val = j + 1; -- key.class_val = class_node->class; -+ key.class_val = class_node->tclass; - key.cond = cond; - if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule)) - goto err; -diff --git a/libqpol/src/syn_rule_query.c b/libqpol/src/syn_rule_query.c -index 3e63204..d7578f1 100644 ---- a/libqpol/src/syn_rule_query.c -+++ b/libqpol/src/syn_rule_query.c -@@ -67,7 +67,7 @@ static void *syn_rule_class_state_get_cur(const qpol_iterator_t * iter) - return NULL; - } - -- return db->class_val_to_struct[srcs->cur->class - 1]; -+ return db->class_val_to_struct[srcs->cur->tclass - 1]; - } - - static int syn_rule_class_state_next(qpol_iterator_t * iter) -@@ -465,10 +465,10 @@ int qpol_syn_avrule_get_perm_iter(const qpol_policy_t * policy, const qpol_syn_a - } - - for (node = internal_rule->perms; node; node = node->next) { -- for (i = 0; i < db->class_val_to_struct[node->class - 1]->permissions.nprim; i++) { -+ for (i = 0; i < db->class_val_to_struct[node->tclass - 1]->permissions.nprim; i++) { - if (!(node->data & (1 << i))) - continue; -- tmp = sepol_av_to_string(db, node->class, (sepol_access_vector_t) (1 << i)); -+ tmp = sepol_av_to_string(db, node->tclass, (sepol_access_vector_t) (1 << i)); - if (tmp) { - tmp++; /* remove prepended space */ - for (cur = 0; cur < perm_list_sz; cur++) -diff --git a/secmds/replcon.cc b/secmds/replcon.cc -index 34f7c1a..307c39f 100644 ---- a/secmds/replcon.cc -+++ b/secmds/replcon.cc -@@ -60,7 +60,7 @@ static struct option const longopts[] = { - {NULL, 0, NULL, 0} - }; - --extern int lsetfilecon_raw(const char *, security_context_t) __attribute__ ((weak)); -+extern int lsetfilecon_raw(const char *, const char *) __attribute__ ((weak)); - - /** - * As that setools must work with older libselinux versions that may diff --git a/app-admin/setools/metadata.xml b/app-admin/setools/metadata.xml index 3c35d57432..8e9f11ed8b 100644 --- a/app-admin/setools/metadata.xml +++ b/app-admin/setools/metadata.xml @@ -1,6 +1,12 @@ - selinux + + selinux@gentoo.org + SELinux Team + SELinux policy analysis tools. + + TresysTechnology/setools + diff --git a/app-admin/setools/setools-3.3.8-r7.ebuild b/app-admin/setools/setools-3.3.8-r7.ebuild index 2ccd419ff6..3240c25b84 100644 --- a/app-admin/setools/setools-3.3.8-r7.ebuild +++ b/app-admin/setools/setools-3.3.8-r7.ebuild @@ -1,6 +1,5 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/setools/setools-3.3.8-r7.ebuild,v 1.6 2015/05/10 09:06:14 perfinion Exp $ EAPI="5" PYTHON_COMPAT=( python2_7 python3_4 ) @@ -8,14 +7,15 @@ PYTHON_COMPAT=( python2_7 python3_4 ) inherit autotools java-pkg-opt-2 python-r1 eutils toolchain-funcs DESCRIPTION="SELinux policy tools" -HOMEPAGE="http://www.tresys.com/selinux/selinux_policy_tools.shtml" +HOMEPAGE="https://github.com/TresysTechnology/setools/wiki" SRC_URI="http://oss.tresys.com/projects/setools/chrome/site/dists/${P}/${P}.tar.bz2 - http://dev.gentoo.org/~perfinion/patches/setools/${P}-04-gentoo-patches.tar.bz2" + https://dev.gentoo.org/~perfinion/patches/setools/${P}-04-gentoo-patches.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="amd64 x86" +KEYWORDS="amd64 ~arm ~arm64 ~mips x86" IUSE="X debug java python" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" COMMONDEPEND=">=sys-libs/libsepol-2.4 >=sys-libs/libselinux-2.4 @@ -52,14 +52,15 @@ pkg_setup() { } src_prepare() { - epatch "${FILESDIR}/support-cross-build.patch" - EPATCH_MULTI_MSG="Applying various (Gentoo) setool fixes... " \ EPATCH_SUFFIX="patch" \ EPATCH_SOURCE="${WORKDIR}/gentoo-patches" \ EPATCH_FORCE="yes" \ epatch + epatch "${FILESDIR}"/${PN}-3.3.8-no-check-file.patch + epatch "${FILESDIR}"/${PN}-3.3.8-policy-max.patch + # Fix build failure due to double __init__.py installation sed -e "s/^wrappedpy_DATA = qpol.py \$(pkgpython_PYTHON)/wrappedpy_DATA = qpol.py/" -i libqpol/swig/python/Makefile.am || die # Disable broken check for SWIG version. Bug #542032 @@ -87,7 +88,6 @@ src_configure() { --with-java-prefix=${JAVA_HOME} \ --disable-selinux-check \ --disable-bwidget-check \ - --with-sepol-devel=${ROOT}/usr \ $(use_enable python swig-python) \ $(use_enable java swig-java) \ $(use_enable X swig-tcl) \ diff --git a/app-admin/setools/setools-4.0.1.ebuild b/app-admin/setools/setools-4.0.1.ebuild new file mode 100644 index 0000000000..4f9175aaf8 --- /dev/null +++ b/app-admin/setools/setools-4.0.1.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" +PYTHON_COMPAT=( python2_7 python3_4 python3_5 ) + +inherit distutils-r1 + +DESCRIPTION="Policy Analysis Tools for SELinux" +HOMEPAGE="https://github.com/TresysTechnology/setools/wiki" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/TresysTechnology/setools.git" +else + SRC_URI="https://github.com/TresysTechnology/setools/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 ~arm64 ~mips x86" +fi + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +IUSE="X debug test" + +RDEPEND="${PYTHON_DEPS} + >=sys-libs/libselinux-2.4:=[${PYTHON_USEDEP}] + >=dev-python/networkx-1.8[${PYTHON_USEDEP}] + app-arch/bzip2:= + dev-libs/libpcre:= + X? ( + dev-python/PyQt5 + )" + +DEPEND="${RDEPEND} + >=dev-lang/swig-2.0.12:0 + sys-devel/bison + sys-devel/flex + >=sys-libs/libsepol-2.5 + test? ( + python_targets_python2_7? ( dev-python/mock[${PYTHON_USEDEP}] ) + dev-python/tox[${PYTHON_USEDEP}] + )" + +python_prepare_all() { + sed -i "s/'-Werror', //" "${S}"/setup.py || die "failed to remove Werror" + + use X || local PATCHES=( "${FILESDIR}"/setools-4.0.1-remove-gui.patch ) + distutils-r1_python_prepare_all +} + +python_test() { + esetup.py test +} diff --git a/app-admin/setools/setools-4.1.1.ebuild b/app-admin/setools/setools-4.1.1.ebuild new file mode 100644 index 0000000000..f33d361a11 --- /dev/null +++ b/app-admin/setools/setools-4.1.1.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" +PYTHON_COMPAT=( python2_7 python3_4 python3_5 ) + +inherit distutils-r1 + +DESCRIPTION="Policy Analysis Tools for SELinux" +HOMEPAGE="https://github.com/TresysTechnology/setools/wiki" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/TresysTechnology/setools.git" +else + SRC_URI="https://github.com/TresysTechnology/setools/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 x86" +fi + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +IUSE="X debug test" + +RDEPEND="${PYTHON_DEPS} + >=sys-libs/libsepol-2.7:= + >=sys-libs/libselinux-2.7:=[${PYTHON_USEDEP}] + >=dev-python/networkx-1.8[${PYTHON_USEDEP}] + virtual/python-enum34[${PYTHON_USEDEP}] + dev-libs/libpcre:= + X? ( + dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}] + )" + +DEPEND="${RDEPEND} + >=dev-lang/swig-2.0.12:0 + sys-devel/bison + sys-devel/flex + >=sys-libs/libsepol-2.5 + test? ( + python_targets_python2_7? ( dev-python/mock[${PYTHON_USEDEP}] ) + dev-python/tox[${PYTHON_USEDEP}] + )" + +python_prepare_all() { + sed -i "s/'-Werror', //" "${S}"/setup.py || die "failed to remove Werror" + + use X || local PATCHES=( "${FILESDIR}"/setools-4.1.1-remove-gui.patch ) + distutils-r1_python_prepare_all +} + +python_test() { + esetup.py test +} diff --git a/app-admin/setools/setools-9999.ebuild b/app-admin/setools/setools-9999.ebuild new file mode 100644 index 0000000000..f1e79d0d93 --- /dev/null +++ b/app-admin/setools/setools-9999.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" +PYTHON_COMPAT=( python2_7 python3_4 python3_5 ) + +inherit distutils-r1 + +DESCRIPTION="Policy Analysis Tools for SELinux" +HOMEPAGE="https://github.com/TresysTechnology/setools/wiki" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/TresysTechnology/setools.git" +else + SRC_URI="https://github.com/TresysTechnology/setools/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~x86" +fi + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +IUSE="X debug test" + +RDEPEND="${PYTHON_DEPS} + >=sys-libs/libsepol-2.7:= + >=sys-libs/libselinux-2.7:=[${PYTHON_USEDEP}] + >=dev-python/networkx-1.8[${PYTHON_USEDEP}] + virtual/python-enum34[${PYTHON_USEDEP}] + dev-libs/libpcre:= + X? ( + dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}] + )" + +DEPEND="${RDEPEND} + >=dev-lang/swig-2.0.12:0 + sys-devel/bison + sys-devel/flex + >=sys-libs/libsepol-2.5 + test? ( + python_targets_python2_7? ( dev-python/mock[${PYTHON_USEDEP}] ) + dev-python/tox[${PYTHON_USEDEP}] + )" + +python_prepare_all() { + sed -i "s/'-Werror', //" "${S}"/setup.py || die "failed to remove Werror" + + use X || local PATCHES=( "${FILESDIR}"/setools-4.1.0-remove-gui.patch ) + distutils-r1_python_prepare_all +} + +python_test() { + esetup.py test +} From 7c4b82c65773eb1486f8c30993f8ec1012a684cf Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 10/42] app-admin/setools: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- app-admin/setools/setools-4.1.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app-admin/setools/setools-4.1.1.ebuild b/app-admin/setools/setools-4.1.1.ebuild index f33d361a11..ea6656b50f 100644 --- a/app-admin/setools/setools-4.1.1.ebuild +++ b/app-admin/setools/setools-4.1.1.ebuild @@ -14,7 +14,7 @@ if [[ ${PV} == 9999 ]] ; then EGIT_REPO_URI="https://github.com/TresysTechnology/setools.git" else SRC_URI="https://github.com/TresysTechnology/setools/archive/${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="amd64 x86" + KEYWORDS="amd64 x86 arm64" fi LICENSE="GPL-2 LGPL-2.1" From aad6b797d4ede3e128dd6a150c7fa0c1f282d0dd Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 11/42] app-admin/setools: Add networkx USE flag Signed-off-by: Geoff Levand --- app-admin/setools/metadata.xml | 3 +++ app-admin/setools/setools-4.1.1.ebuild | 12 ++++++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/app-admin/setools/metadata.xml b/app-admin/setools/metadata.xml index 8e9f11ed8b..bd6cc0f1ef 100644 --- a/app-admin/setools/metadata.xml +++ b/app-admin/setools/metadata.xml @@ -9,4 +9,7 @@ TresysTechnology/setools + + Enable support for dev-python/networkx + diff --git a/app-admin/setools/setools-4.1.1.ebuild b/app-admin/setools/setools-4.1.1.ebuild index ea6656b50f..b7402b268d 100644 --- a/app-admin/setools/setools-4.1.1.ebuild +++ b/app-admin/setools/setools-4.1.1.ebuild @@ -19,13 +19,13 @@ fi LICENSE="GPL-2 LGPL-2.1" SLOT="0" -IUSE="X debug test" +IUSE="X debug test networkx" RDEPEND="${PYTHON_DEPS} >=sys-libs/libsepol-2.7:= >=sys-libs/libselinux-2.7:=[${PYTHON_USEDEP}] - >=dev-python/networkx-1.8[${PYTHON_USEDEP}] - virtual/python-enum34[${PYTHON_USEDEP}] + networkx? ( >=dev-python/networkx-1.8[${PYTHON_USEDEP}] ) + networkx? ( virtual/python-enum34[${PYTHON_USEDEP}] ) dev-libs/libpcre:= X? ( dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}] @@ -44,7 +44,11 @@ DEPEND="${RDEPEND} python_prepare_all() { sed -i "s/'-Werror', //" "${S}"/setup.py || die "failed to remove Werror" - use X || local PATCHES=( "${FILESDIR}"/setools-4.1.1-remove-gui.patch ) + use X || epatch "${FILESDIR}"/setools-4.1.1-remove-gui.patch + + use networkx || sed -i "s@, 'sedta'@@g" "${S}"/setup.py || die "failed to remove sedta" + use networkx || sed -i "s@, 'seinfoflow'@@g" "${S}"/setup.py || die "failed to remove seinfoflow" + distutils-r1_python_prepare_all } From 990d966196a5d59fc8f10559707ab83fcc98bc6b Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 12/42] app-admin/setools: Add python USE flag Signed-off-by: Geoff Levand --- app-admin/setools/metadata.xml | 1 + app-admin/setools/setools-4.1.1.ebuild | 14 ++++++++------ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/app-admin/setools/metadata.xml b/app-admin/setools/metadata.xml index bd6cc0f1ef..3f44cbad24 100644 --- a/app-admin/setools/metadata.xml +++ b/app-admin/setools/metadata.xml @@ -11,5 +11,6 @@ Enable support for dev-python/networkx + Enable support for python diff --git a/app-admin/setools/setools-4.1.1.ebuild b/app-admin/setools/setools-4.1.1.ebuild index b7402b268d..f73942864e 100644 --- a/app-admin/setools/setools-4.1.1.ebuild +++ b/app-admin/setools/setools-4.1.1.ebuild @@ -4,6 +4,7 @@ EAPI="6" PYTHON_COMPAT=( python2_7 python3_4 python3_5 ) +DISTUTILS_OPTIONAL=1 inherit distutils-r1 DESCRIPTION="Policy Analysis Tools for SELinux" @@ -19,16 +20,17 @@ fi LICENSE="GPL-2 LGPL-2.1" SLOT="0" -IUSE="X debug test networkx" +IUSE="X debug test networkx python" -RDEPEND="${PYTHON_DEPS} +RDEPEND=" + python? ( ${PYTHON_DEPS} ) >=sys-libs/libsepol-2.7:= - >=sys-libs/libselinux-2.7:=[${PYTHON_USEDEP}] - networkx? ( >=dev-python/networkx-1.8[${PYTHON_USEDEP}] ) - networkx? ( virtual/python-enum34[${PYTHON_USEDEP}] ) + >=sys-libs/libselinux-2.7:=[python?,${PYTHON_USEDEP}] + networkx? ( >=dev-python/networkx-1.8[python?,${PYTHON_USEDEP}] ) + networkx? ( virtual/python-enum34[python?,${PYTHON_USEDEP}] ) dev-libs/libpcre:= X? ( - dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}] + dev-python/PyQt5[gui,widgets,python?,${PYTHON_USEDEP}] )" DEPEND="${RDEPEND} From 367490db3e59293afc08d6bef720009e209cd875 Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 13/42] app-admin/setools: Fix detection of development files Fixes detection of development files in the board root. From: David Michael [Split off from bigger patch.] Signed-off-by: Geoff Levand --- coreos/config/env/app-admin/setools | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/coreos/config/env/app-admin/setools b/coreos/config/env/app-admin/setools index 882a117cd1..e3b1a3c8a8 100644 --- a/coreos/config/env/app-admin/setools +++ b/coreos/config/env/app-admin/setools @@ -1,2 +1,2 @@ -export ac_cv_file__build_amd64_usr__usr_lib64_libsepol_a=yes - +export ac_cv_file__build_amd64_usr_usr_lib64_libsepol_a=yes +export ac_cv_file__build_arm64_usr_usr_lib64_libsepol_a=yes From 8aa808152d6d1358a674fdb35ce88d1b99e21a4a Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 14/42] sys-apps/policycoreutils: Import latest Signed-off-by: Geoff Levand --- .../md5-cache/sys-apps/policycoreutils-2.4-r2 | 13 - sys-apps/policycoreutils/ChangeLog | 804 ------------------ sys-apps/policycoreutils/Manifest | 46 +- ...pp-add-roletype-statements-for-both-.patch | 61 -- ...040-reverse-access-check-in-run_init.patch | 12 - ...ycoreutils-2.7-0001-newrole-not-suid.patch | 13 + sys-apps/policycoreutils/metadata.xml | 10 +- .../policycoreutils-2.4-r2.ebuild | 196 ----- .../policycoreutils-2.6-r1.ebuild | 187 ++++ .../policycoreutils-2.7.ebuild | 181 ++++ .../policycoreutils-9999.ebuild | 181 ++++ 11 files changed, 580 insertions(+), 1124 deletions(-) delete mode 100644 metadata/md5-cache/sys-apps/policycoreutils-2.4-r2 delete mode 100644 sys-apps/policycoreutils/ChangeLog delete mode 100644 sys-apps/policycoreutils/files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch delete mode 100644 sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch create mode 100644 sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch delete mode 100644 sys-apps/policycoreutils/policycoreutils-2.4-r2.ebuild create mode 100644 sys-apps/policycoreutils/policycoreutils-2.6-r1.ebuild create mode 100644 sys-apps/policycoreutils/policycoreutils-2.7.ebuild create mode 100644 sys-apps/policycoreutils/policycoreutils-9999.ebuild diff --git a/metadata/md5-cache/sys-apps/policycoreutils-2.4-r2 b/metadata/md5-cache/sys-apps/policycoreutils-2.4-r2 deleted file mode 100644 index ff226479cc..0000000000 --- a/metadata/md5-cache/sys-apps/policycoreutils-2.4-r2 +++ /dev/null @@ -1,13 +0,0 @@ -DEFINED_PHASES=compile install postinst prepare -DEPEND=>=sys-libs/libselinux-2.4[python?] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10 >=sys-libs/libsemanage-2.4[python?] sys-libs/libcap-ng >=sys-libs/libsepol-2.4 nls? ( sys-devel/gettext ) python? ( dev-python/ipy[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) dbus? ( sys-apps/dbus dev-libs/dbus-glib ) audit? ( >=sys-process/audit-1.5.1 ) pam? ( sys-libs/pam ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) virtual/pkgconfig -DESCRIPTION=SELinux core utilities -EAPI=5 -HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki -IUSE=audit extra nls pam dbus python python_targets_python2_7 -KEYWORDS=amd64 x86 -LICENSE=GPL-2 -RDEPEND=>=sys-libs/libselinux-2.4[python?] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10 >=sys-libs/libsemanage-2.4[python?] sys-libs/libcap-ng >=sys-libs/libsepol-2.4 nls? ( sys-devel/gettext ) python? ( dev-python/ipy[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) dbus? ( sys-apps/dbus dev-libs/dbus-glib ) audit? ( >=sys-process/audit-1.5.1 ) pam? ( sys-libs/pam ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,-python_single_target_python2_7(-)] ) python? ( dev-python/sepolgen ) app-admin/setools app-misc/pax-utils -SLOT=0 -SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/policycoreutils-2.4.tar.gz extra? ( mirror://gentoo/policycoreutils-extra-1.33.tar.bz2 ) -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=48cf2a61a1179507c14ab7cb04f3ea63 diff --git a/sys-apps/policycoreutils/ChangeLog b/sys-apps/policycoreutils/ChangeLog deleted file mode 100644 index 975152c229..0000000000 --- a/sys-apps/policycoreutils/ChangeLog +++ /dev/null @@ -1,804 +0,0 @@ -# ChangeLog for sys-apps/policycoreutils -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/ChangeLog,v 1.154 2015/06/09 15:38:25 swift Exp $ - -*policycoreutils-9999 (09 Jun 2015) - - 09 Jun 2015; Sven Vermeulen +policycoreutils-9999.ebuild: - Adding policycoreutils-9999 to better support upstream integrations - - 10 May 2015; Jason Zaman policycoreutils-2.4.ebuild: - stabilize selinux 2.4 userland - - 09 May 2015; Jason Zaman policycoreutils-2.4.ebuild: - ewarn has been moved to libsemanage - - 18 Apr 2015; Jason Zaman - -policycoreutils-2.3-r2.ebuild, -policycoreutils-2.4_rc6-r1.ebuild, - -policycoreutils-2.4_rc7.ebuild: - Drop old RCs - - 04 Mar 2015; Sven Vermeulen policycoreutils-2.4.ebuild: - Fix build failure on x32 (bug #541618) - - 06 Feb 2015; Jason Zaman policycoreutils-2.3-r3.ebuild: - Stablize 2.3-r3 - -*policycoreutils-2.4 (04 Feb 2015) - - 04 Feb 2015; Jason Zaman +policycoreutils-2.4.ebuild: - Version bump - -*policycoreutils-2.4_rc7 (06 Dec 2014) -*policycoreutils-2.3-r3 (06 Dec 2014) - - 06 Dec 2014; Jason Zaman - +policycoreutils-2.3-r3.ebuild, +policycoreutils-2.4_rc7.ebuild, - -policycoreutils-2.4_rc2.ebuild, -policycoreutils-2.4_rc5.ebuild, - -policycoreutils-2.4_rc6.ebuild, - files/0020-disable-autodetection-of-pam-and-audit.patch, - files/0030-make-inotify-check-use-flag-triggered.patch, - policycoreutils-2.4_rc6-r1.ebuild: - version bump and ebuild clean up, drop old RC - -*policycoreutils-2.4_rc6-r1 (22 Nov 2014) - - 22 Nov 2014; Jason Zaman - +files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch, - +policycoreutils-2.4_rc6-r1.ebuild: - add patch from upstream to fix missing roletypes - -*policycoreutils-2.4_rc6 (14 Nov 2014) - - 14 Nov 2014; Sven Vermeulen - +policycoreutils-2.4_rc6.ebuild: - Bump to rc6 - -*policycoreutils-2.4_rc5 (29 Oct 2014) - - 29 Oct 2014; Sven Vermeulen - +policycoreutils-2.4_rc5.ebuild, -policycoreutils-2.4_rc4.ebuild, - policycoreutils-2.4_rc2.ebuild: - Bump to 2.4_rc5 - -*policycoreutils-2.4_rc4 (07 Oct 2014) - - 07 Oct 2014; Sven Vermeulen - +policycoreutils-2.4_rc4.ebuild: - Bump to 2.4-rc4 - -*policycoreutils-2.4_rc2 (21 Sep 2014) - - 21 Sep 2014; Sven Vermeulen - +files/0010-remove-sesandbox-support.patch, - +files/0020-disable-autodetection-of-pam-and-audit.patch, - +files/0030-make-inotify-check-use-flag-triggered.patch, - +files/0040-reverse-access-check-in-run_init.patch, - +files/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch, - +files/0110-build-mcstrans-bug-472912.patch, - +files/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch, - +policycoreutils-2.4_rc2.ebuild, policycoreutils-2.3-r2.ebuild: - Noved to github; also add in masked 2.4 series - - 05 Aug 2014; Sven Vermeulen - -policycoreutils-2.2.5-r2.ebuild, -policycoreutils-2.3-r1.ebuild, - -policycoreutils-2.3.ebuild, metadata.xml: - Remove obsoleted ebuilds - - 30 Jul 2014; Sven Vermeulen policycoreutils-2.3-r2.ebuild: - Fix bug #514194 - Stabilization of SELinux userspace 2.3 - -*policycoreutils-2.3-r2 (28 May 2014) - - 28 May 2014; Sven Vermeulen +policycoreutils-2.3-r2.ebuild: - Fix selocal attribute validation - -*policycoreutils-2.3-r1 (26 May 2014) - - 26 May 2014; Sven Vermeulen +policycoreutils-2.3-r1.ebuild: - Fix selocal to support dontaudit as well. Also verify types, attributes and - roles before adding them. - - 10 May 2014; Sven Vermeulen - -policycoreutils-2.1.14-r1.ebuild, -policycoreutils-2.1.14-r2.ebuild, - -policycoreutils-2.1.14-r3.ebuild, -policycoreutils-2.1.14-r4.ebuild, - -policycoreutils-2.1.14-r5.ebuild, -policycoreutils-2.2.1-r1.ebuild, - -policycoreutils-2.2.5-r1.ebuild, -policycoreutils-2.2.5-r3.ebuild, - -policycoreutils-2.3_rc1.ebuild, -policycoreutils-2.3_rc1-r1.ebuild, - -files/policycoreutils-extra-1.21-fix-python3.patch: - Spring cleanup - - 10 May 2014; Sven Vermeulen - policycoreutils-2.2.5-r4.ebuild: - Stabilize to work around vulnerability CVE-2014-3215 - -*policycoreutils-2.3 (09 May 2014) - - 09 May 2014; Sven Vermeulen +policycoreutils-2.3.ebuild: - Bump to 2.3 - -*policycoreutils-2.3_rc1-r1 (09 May 2014) - - 09 May 2014; Sven Vermeulen - +policycoreutils-2.2.5-r4.ebuild, +policycoreutils-2.3_rc1-r1.ebuild: - Do not build seunshare/sesandbox, cfr bug #509896 - -*policycoreutils-2.3_rc1 (28 Apr 2014) - - 28 Apr 2014; Sven Vermeulen - +policycoreutils-2.3_rc1.ebuild: - 2.3-rc1 release - -*policycoreutils-2.2.5-r3 (19 Apr 2014) - - 19 Apr 2014; Sven Vermeulen - +policycoreutils-2.2.5-r3.ebuild, policycoreutils-2.2.5-r1.ebuild: - Fix bug #507992 - Do not push out restorecond init script if restorecond - should not be installed - - 20 Jan 2014; Sven Vermeulen - policycoreutils-2.2.5-r2.ebuild: - Stabilize for amd64 and x86 - -*policycoreutils-2.1.14-r5 (12 Jan 2014) - - 12 Jan 2014; Sven Vermeulen - +policycoreutils-2.1.14-r5.ebuild: - Backport BUILD_DIR change to 2.1.14 (needed to have runscript_selinux follow - USE flag info) - -*policycoreutils-2.2.5-r2 (12 Jan 2014) - - 12 Jan 2014; Sven Vermeulen - +policycoreutils-2.2.5-r2.ebuild: - Use python builddir locations for installation, otherwise a non-built - directory will be used, dismissing all configuration variables mentioned - earlier - - 23 Dec 2013; Sven Vermeulen - -policycoreutils-2.1.13-r3.ebuild, -policycoreutils-2.1.13-r4.ebuild, - -policycoreutils-2.1.13-r5.ebuild, -policycoreutils-2.1.13-r6.ebuild, - -policycoreutils-2.1.13-r7.ebuild, -policycoreutils-2.1.13-r8.ebuild, - -policycoreutils-2.1.13-r9.ebuild, -policycoreutils-2.1.13-r10.ebuild, - -policycoreutils-2.1.13-r11.ebuild: - Cleanup old versions - -*policycoreutils-2.2.5-r1 (10 Dec 2013) - - 10 Dec 2013; Sven Vermeulen - +policycoreutils-2.2.5-r1.ebuild: - Adding 2.2.5 release - -*policycoreutils-2.2.1-r1 (04 Nov 2013) - - 04 Nov 2013; Sven Vermeulen - +policycoreutils-2.2.1-r1.ebuild: - New policycoreutils release - - 04 Nov 2013; Sven Vermeulen - policycoreutils-2.1.14-r4.ebuild: - Stabilize - -*policycoreutils-2.1.14-r4 (13 Aug 2013) - - 13 Aug 2013; Sven Vermeulen - +policycoreutils-2.1.14-r4.ebuild: - Document setfiles in rlpkg, improve selocal resilience - - 07 Jul 2013; Sven Vermeulen - -policycoreutils-2.1.10-r5.ebuild: - Summer cleaning - -*policycoreutils-2.1.14-r3 (07 Jul 2013) - - 07 Jul 2013; Sven Vermeulen - +policycoreutils-2.1.14-r3.ebuild: - Switch to python-r1 eclass, add in mcstrans (bug #472912) - - 16 Jun 2013; Sven Vermeulen - policycoreutils-2.1.14-r2.ebuild: - Stabilization - - 10 May 2013; Sven Vermeulen metadata.xml: - Add in CPE data for policycoreutils, historical CVEs use redhat as - application vendor - -*policycoreutils-2.1.14-r2 (07 May 2013) - - 07 May 2013; Sven Vermeulen - +policycoreutils-2.1.14-r2.ebuild: - Fix bugs 467268 (yum bindings), 468832 (key error), 468830 (mls range - dependency) - -*policycoreutils-2.1.14-r1 (25 Apr 2013) - - 25 Apr 2013; Sven Vermeulen - +policycoreutils-2.1.14-r1.ebuild: - New upstream release - -*policycoreutils-2.1.13-r11 (19 Apr 2013) - - 19 Apr 2013; Sven Vermeulen - +policycoreutils-2.1.13-r11.ebuild: - Add selocal command to policycoreutils - -*policycoreutils-2.1.13-r10 (16 Apr 2013) - - 16 Apr 2013; Sven Vermeulen - +policycoreutils-2.1.13-r10.ebuild: - Fix bugs #463222 (newrole O_RDWR) and #464808 (hardcoded python3.1 in rlpkg) - - 16 Apr 2013; Sven Vermeulen - -policycoreutils-2.1.10-r1.ebuild, -policycoreutils-2.1.10-r3.ebuild, - -policycoreutils-2.1.10-r4.ebuild, -policycoreutils-2.1.10.ebuild: - Some cleanup (older release unstables) - - 16 Apr 2013; Sven Vermeulen - policycoreutils-2.1.13-r9.ebuild: - Stabilize policycoreutils-2.1.13-r9 - -*policycoreutils-2.1.13-r9 (19 Mar 2013) - - 19 Mar 2013; Sven Vermeulen - +policycoreutils-2.1.13-r9.ebuild: - Fix bug #457786 - Link runscript_selinux with crypt - -*policycoreutils-2.1.13-r8 (10 Mar 2013) - - 10 Mar 2013; Sven Vermeulen - +policycoreutils-2.1.13-r8.ebuild: - Adding selinux_gentoo init script for initramfs and cpu/online support - (#456914) - -*policycoreutils-2.1.13-r7 (09 Mar 2013) - - 09 Mar 2013; Sven Vermeulen - +policycoreutils-2.1.13-r7.ebuild: - Update policycoreutils-extras to fix build failure when not building with PAM - support, see bug #457786 - -*policycoreutils-2.1.13-r6 (30 Dec 2012) - - 30 Dec 2012; Sven Vermeulen +policycoreutils-2.1.13-r6.ebuild, - policycoreutils-2.1.13-r5.ebuild: - Stabilize r5, get r6 available as well which fixes rlpkg to include zfs - support - -*policycoreutils-2.1.13-r5 (17 Nov 2012) - - 17 Nov 2012; policycoreutils-2.1.13-r4.ebuild, - +policycoreutils-2.1.13-r5.ebuild: - Stabilization, move sesandbox support to next release - -*policycoreutils-2.1.13-r4 (14 Oct 2012) - - 14 Oct 2012; +policycoreutils-2.1.13-r4.ebuild: - Remove support for python3 until upstream supports it - - 13 Oct 2012; policycoreutils-2.1.13-r3.ebuild: - Supporting user-provided patches using epatch_user - -*policycoreutils-2.1.13-r3 (09 Oct 2012) - - 09 Oct 2012; +policycoreutils-2.1.13-r3.ebuild: - Introducing new upstream release - - 06 Oct 2012; policycoreutils-2.1.10-r5.ebuild: - Stabilize - -*policycoreutils-2.1.10-r5 (08 Sep 2012) - - 08 Sep 2012; +policycoreutils-2.1.10-r5.ebuild: - Fix bug #427596 and #430806 - - 10 Jul 2012; policycoreutils-2.1.10-r3.ebuild: - Stabilization, drop libcgroup dependency along the way - -*policycoreutils-2.1.10-r4 (10 Jul 2012) - - 10 Jul 2012; +policycoreutils-2.1.10-r4.ebuild: - Support refpolicy style audit2allow (#417199) - - 26 Jun 2012; Mike Gilbert - policycoreutils-2.1.10-r1.ebuild, policycoreutils-2.1.10-r3.ebuild, - policycoreutils-2.1.10.ebuild: - Restrict pypy per Arfrever. - -*policycoreutils-2.1.10-r3 (25 Jun 2012) - - 25 Jun 2012; - +files/policycoreutils-extra-1.21-fix-python3.patch, - +policycoreutils-2.1.10-r3.ebuild: - Improve support for python3, fixes bug #416301 - - 13 May 2012; -policycoreutils-2.1.0-r1.ebuild, - -policycoreutils-2.1.0-r2.ebuild: - Removing obsoleted ebuilds - -*policycoreutils-2.1.10-r1 (29 Apr 2012) - - 29 Apr 2012; policycoreutils-2.1.10.ebuild, - +policycoreutils-2.1.10-r1.ebuild: - Remove dependency on libcgroup (but drop sesandbox support along the way) - - 29 Apr 2012; policycoreutils-2.1.10.ebuild: - Stabilization - -*policycoreutils-2.1.10 (31 Mar 2012) - - 31 Mar 2012; +policycoreutils-2.1.10.ebuild, metadata.xml: - Bump to version 2.1.10 - - 26 Feb 2012; policycoreutils-2.1.0-r2.ebuild: - Stabilization - - 14 Jan 2012; +policycoreutils-2.1.0-r2.ebuild, - metadata.xml: - Mark audit as a local USE flag - -*policycoreutils-2.1.0-r2 (14 Jan 2012) - - 14 Jan 2012; +policycoreutils-2.1.0-r2.ebuild: - Override auto-detection of pam and audit, use USE flags for this - - 12 Nov 2011; -policycoreutils-2.0.82.ebuild, - -policycoreutils-2.0.82-r1.ebuild, -policycoreutils-2.0.85.ebuild, - -policycoreutils-2.1.0.ebuild: - removing obsoleted ebuilds - - 23 Oct 2011; policycoreutils-2.1.0-r1.ebuild: - Stabilization (tracker #384231) - - 23 Oct 2011; policycoreutils-2.0.82-r1.ebuild: - Stabilize 2.0.82-r1 to fix #372807 - -*policycoreutils-2.1.0-r1 (17 Sep 2011) - - 17 Sep 2011; +policycoreutils-2.1.0-r1.ebuild: - Add /var/lib/selinux directory, needed for 'semodule permissive' support (bug - #381755) - - 02 Sep 2011; policycoreutils-2.0.85.ebuild, - policycoreutils-2.1.0.ebuild: - Update patch locations to dev.g.o instead of files/ folder - - 12 Aug 2011; Anthony G. Basile - -policycoreutils-2.0.55.ebuild, -policycoreutils-2.0.69.ebuild, - -policycoreutils-2.0.69-r1.ebuild, -policycoreutils-2.0.69-r2.ebuild, - -files/policycoreutils-2.0.69-setfiles.diff: - Removed deprecated versions - -*policycoreutils-2.1.0 (03 Aug 2011) - - 03 Aug 2011; Anthony G. Basile - +policycoreutils-2.1.0.ebuild: - Bump to 20110727 SELinux userspace release - -*policycoreutils-2.0.85 (15 Jul 2011) - - 15 Jul 2011; Anthony G. Basile - +policycoreutils-2.0.85.ebuild, - +files/policycoreutils-2.0.85-fix-seunshare-vuln.patch.gz, - +files/policycoreutils-2.0.85-sesandbox.patch.gz: - Add fix for bug #374897 and initial support for python3 - - 08 Jul 2011; Samuli Suominen - policycoreutils-2.0.55.ebuild, policycoreutils-2.0.69.ebuild, - policycoreutils-2.0.69-r1.ebuild, policycoreutils-2.0.69-r2.ebuild: - Convert from "useq" to "use". - -*policycoreutils-2.0.82-r1 (30 Jun 2011) - - 30 Jun 2011; Anthony G. Basile - +policycoreutils-2.0.82-r1.ebuild: - Overwrite invalid .po files with valid ones, fixes bug #372807 - - 16 Jun 2011; Anthony G. Basile - policycoreutils-2.0.82.ebuild: - Drop use_nls dependency on gettext. Its mandatory. See bug #299681. - Also put gettext in COMMON_DEPS, it is more than a RDEPEND. - - 28 May 2011; Anthony G. Basile - policycoreutils-2.0.82.ebuild: - Stable amd64 x86 - - 16 Apr 2011; Anthony G. Basile metadata.xml: - Updated metadata info. - - 08 Feb 2011; Arfrever Frehtes Taifersar Arahesis - policycoreutils-2.0.82.ebuild: - Set SUPPORT_PYTHON_ABIS (bug #353762). Fix dependencies. Fix installation - with FEATURES="multilib-strict". - -*policycoreutils-2.0.82 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile - +policycoreutils-2.0.82.ebuild: - New upstream release. - -*policycoreutils-2.0.69-r2 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile - +policycoreutils-2.0.69-r2.ebuild, - +files/policycoreutils-2.0.69-setfiles.diff: - Fixed bug #300613 - - 04 Apr 2010; Arfrever Frehtes Taifersar Arahesis - policycoreutils-2.0.55.ebuild, policycoreutils-2.0.69.ebuild, - policycoreutils-2.0.69-r1.ebuild: - Delete calls to deprecated python_version(). - -*policycoreutils-2.0.69-r1 (20 Sep 2009) - - 20 Sep 2009; Chris PeBenito - +policycoreutils-2.0.69-r1.ebuild: - Update rlpkg for ext4 and btrfs. - - 14 Sep 2009; Chris PeBenito - policycoreutils-2.0.69.ebuild: - Fix libsemanage DEP. - - 02 Aug 2009; Chris PeBenito - policycoreutils-2.0.55.ebuild, policycoreutils-2.0.69.ebuild: - Add python_need_rebuild. - -*policycoreutils-2.0.69 (02 Aug 2009) - - 02 Aug 2009; Chris PeBenito - +policycoreutils-2.0.69.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito - -policycoreutils-1.34.15.ebuild, policycoreutils-2.0.55.ebuild: - Mark stable. Remove old ebuilds. - -*policycoreutils-2.0.55 (03 Oct 2008) - - 03 Oct 2008; Chris PeBenito - +policycoreutils-2.0.55.ebuild: - Initial commit of policycoreutils 2.0. - - 29 May 2008; Ali Polatel - policycoreutils-1.34.15.ebuild: - python_mod_optimize is ROOT aware. Fixed python_mod_cleanup. - - 26 May 2008; Chris PeBenito - policycoreutils-1.34.15.ebuild: - Fix libsemanage dependency. - - 13 May 2008; Chris PeBenito - -files/policycoreutils-1.28-quietlp.diff, - -files/policycoreutils-1.32-quietlp.diff, - -files/policycoreutils-unsigned-char-ppc.diff, - -policycoreutils-1.28.ebuild, -policycoreutils-1.30-r1.ebuild, - -policycoreutils-1.34.1.ebuild, -policycoreutils-1.34.11.ebuild, - policycoreutils-1.34.15.ebuild: - Mark 1.34.15 stable, clear old ebuilds. - -*policycoreutils-1.34.15 (29 Jan 2008) - - 29 Jan 2008; Chris PeBenito - +policycoreutils-1.34.15.ebuild: - New upstream bugfix release. - - 19 Oct 2007; Chris PeBenito - policycoreutils-1.34.11.ebuild: - Fix quoting in unpack. - -*policycoreutils-1.34.11 (18 Oct 2007) - - 18 Oct 2007; Chris PeBenito - +policycoreutils-1.34.11.ebuild: - New upstream release. - - 04 Jun 2007; Chris PeBenito - policycoreutils-1.34.1.ebuild: - Mark stable. - -*policycoreutils-1.34.1 (15 Feb 2007) - - 15 Feb 2007; Chris PeBenito - +policycoreutils-1.34.1.ebuild: - New upstream release. - - 24 Oct 2006; Chris PeBenito - policycoreutils-1.30.30.ebuild: - Fix glibc handling. - - 09 Oct 2006; Chris PeBenito - policycoreutils-1.30.30.ebuild: - Stable to make repoman happy. - -*policycoreutils-1.30.30 (05 Oct 2006) - - 05 Oct 2006; Chris PeBenito - +files/policycoreutils-1.32-quietlp.diff, +policycoreutils-1.30.30.ebuild: - Add SVN snapshot and updated extras in preparation for reference policy. - - 31 Jul 2006; Chris PeBenito - policycoreutils-1.30-r1.ebuild: - Mark stable, long overdue. - -*policycoreutils-1.30-r1 (28 Mar 2006) - - 28 Mar 2006; Chris PeBenito - -policycoreutils-1.30.ebuild, +policycoreutils-1.30-r1.ebuild: - Fix install location of python site packages. - - 22 Feb 2006; Stephen Bennett policycoreutils-1.28.ebuild: - Alpha stable - - 19 Feb 2006; Joshua Kinard policycoreutils-1.28.ebuild: - Marked stable on mips. - -*policycoreutils-1.30 (18 Mar 2006) - - 18 Mar 2006; Chris PeBenito - +policycoreutils-1.30.ebuild: - New upstream release. - - 05 Feb 2006; Chris PeBenito - +files/policycoreutils-unsigned-char-ppc.diff, - policycoreutils-1.28.ebuild: - Add patch to fix #121689. - - 17 Jan 2006; Chris PeBenito - policycoreutils-1.28.ebuild: - Mark stable, x86, amd64, ppc, sparc. - - 14 Jan 2006; Stephen Bennett policycoreutils-1.28.ebuild: - Added ~alpha - - 15 Dec 2005; Chris PeBenito - policycoreutils-1.22.ebuild, policycoreutils-1.24-r2.ebuild, - policycoreutils-1.28.ebuild: - Tighten up versioning to try to prevent mismatch problems as seen in #112348. - -*policycoreutils-1.28 (09 Dec 2005) - - 09 Dec 2005; Chris PeBenito - +files/policycoreutils-1.28-quietlp.diff, -policycoreutils-1.24-r1.ebuild, - +policycoreutils-1.28.ebuild: - New upstream release. - -*policycoreutils-1.24-r2 (08 Dec 2005) - - 08 Dec 2005; Chris PeBenito - +policycoreutils-1.24-r2.ebuild: - Add compatability symlink for genhomedircon. - -*policycoreutils-1.24-r1 (09 Sep 2005) - - 09 Sep 2005; Chris PeBenito - +policycoreutils-1.24-r1.ebuild: - Update for fixed selinuxconfig source policy path. - - 11 Jul 2005; Chris PeBenito - policycoreutils-1.22.ebuild, policycoreutils-1.24.ebuild: - Fix RDEPEND for building stages. Libsepol is required now. - -*policycoreutils-1.24 (25 Jun 2005) - - 25 Jun 2005; Chris PeBenito - +files/policycoreutils-1.24-genhomedircon-quiet.diff, - -policycoreutils-1.20-r1.ebuild, +policycoreutils-1.24.ebuild: - New upstream release. - - 10 May 2005; Stephen Bennett policycoreutils-1.22.ebuild: - mips stable - - 01 May 2005; Stephen Bennett policycoreutils-1.22.ebuild: - Added ~mips. - - 01 May 2005; Chris PeBenito - policycoreutils-1.22.ebuild: - Mark stable. - -*policycoreutils-1.22 (13 Mar 2005) - - 13 Mar 2005; Chris PeBenito - +files/policycoreutils-1.22-genhomedircon-quiet.diff, - +policycoreutils-1.22.ebuild: - New upstream release. - -*policycoreutils-1.20-r1 (13 Feb 2005) - - 13 Feb 2005; Chris PeBenito - -policycoreutils-1.16.ebuild, +policycoreutils-1.20-r1.ebuild, - -policycoreutils-1.20.ebuild: - Add back some tools deleted from upstream libselinux. - -*policycoreutils-1.20 (07 Jan 2005) - - 07 Jan 2005; Chris PeBenito - policycoreutils-1.18-r1.ebuild, +policycoreutils-1.20.ebuild: - New upstream release. Mark 1.18-r1 stable. - -*policycoreutils-1.18-r1 (03 Jan 2005) - - 03 Jan 2005; Chris PeBenito - +files/policycoreutils-nonls.diff, +policycoreutils-1.18-r1.ebuild: - Make pam and nls optional for embedded systems use. - - 22 Nov 2004; Chris PeBenito - policycoreutils-1.18.ebuild: - Ensure a few dirs and perms during stage1 build. - - 15 Nov 2004; Chris PeBenito - policycoreutils-1.18.ebuild: - Fix libsepol dep. - -*policycoreutils-1.18 (14 Nov 2004) - - 14 Nov 2004; Chris PeBenito - +policycoreutils-1.18.ebuild: - New upstream release. - -*policycoreutils-1.16 (07 Sep 2004) - - 07 Sep 2004; Chris PeBenito - +files/policycoreutils-1.16-genhomedircon-compat.diff, - +policycoreutils-1.16.ebuild: - New upstream release. - - 08 Aug 2004; Tom Martin policycoreutils-1.12-r1.ebuild, - policycoreutils-1.12-r2.ebuild, policycoreutils-1.14.ebuild, - policycoreutils-1.4-r1.ebuild: - Typo in DESCRIPTION: utilites -> utilities. Bug 59717. - - 06 Jul 2004; Chris PeBenito - policycoreutils-1.14.ebuild: - Bump extras to fix free() bug in runscript_selinux.so. - -*policycoreutils-1.12-r2 (06 Jul 2004) - - 06 Jul 2004; Chris PeBenito - +files/runscript-selinux.diff, +policycoreutils-1.12-r2.ebuild: - Fix free() error in runscript_selinux.so. - - 03 Jul 2004; Chris PeBenito - policycoreutils-1.14.ebuild: - Update extras. - -*policycoreutils-1.14 (02 Jul 2004) - - 02 Jul 2004; Chris PeBenito - +files/policycoreutils-1.14-genhomedircon-compat.diff, - +policycoreutils-1.14.ebuild: - New upstream version. - -*policycoreutils-1.12-r1 (28 Jun 2004) - - 28 Jun 2004; Chris PeBenito - +policycoreutils-1.12-r1.ebuild: - Add toggle_bool to extras. - - 11 Jun 2004; Chris PeBenito - -policycoreutils-1.10-r1.ebuild, policycoreutils-1.12.ebuild: - Mark stable - -*policycoreutils-1.12 (14 May 2004) - - 14 May 2004; Chris PeBenito - +policycoreutils-1.12.ebuild: - New upstream release. - -*policycoreutils-1.10-r1 (28 Apr 2004) - - 28 Apr 2004; Chris PeBenito - +policycoreutils-1.10-r1.ebuild, -policycoreutils-1.10.ebuild, - -policycoreutils-1.8.ebuild: - Update extras and mark stable. - -*policycoreutils-1.10 (20 Apr 2004) - - 08 Apr 2004; Chris PeBenito - policycoreutils-1.4-r1.ebuild, policycoreutils-1.8.ebuild: - More specific versioning for libselinux. - - 08 Apr 2004; Chris PeBenito - policycoreutils-1.8.ebuild: - Mark stable for 2004.1 - - 15 Mar 2004; Chris PeBenito - policycoreutils-1.8.ebuild: - Update extras. - -*policycoreutils-1.8 (12 Mar 2004) - - 12 Mar 2004; Chris PeBenito - policycoreutils-1.8.ebuild: - New upstream release. - -*policycoreutils-1.6 (24 Feb 2004) - - 24 Feb 2004; Chris PeBenito - policycoreutils-1.4-r1.ebuild, policycoreutils-1.6.ebuild: - New upstream release. Mark 1.4-r1 stable. - -*policycoreutils-1.4-r1 (09 Feb 2004) - - 09 Feb 2004; Chris PeBenito - policycoreutils-1.4-r1.ebuild: - Move extras to mirrors, and add runscript_selinux.so. - - 31 Jan 2004; Chris PeBenito files/rlpkg: - Switch to portageq from inline python. Add missing quotes for completeness. - - 16 Dec 2003; Chris PeBenito - policycoreutils-1.4.ebuild: - Mark stable. - -*policycoreutils-1.4 (06 Dec 2003) - - 06 Dec 2003; Chris PeBenito - policycoreutils-1.4.ebuild: - New upstream version. - -*policycoreutils-1.2-r2 (23 Nov 2003) - - 23 Nov 2003; Chris PeBenito - policycoreutils-1.2-r2.ebuild: - Bump to add /sbin/seinit. - - 29 Oct 2003; Joshua Brindle - policycoreutils-1.2-r1.ebuild: - added sparc - -*policycoreutils-1.2-r1 (20 Oct 2003) - - 20 Oct 2003; Chris PeBenito - policycoreutils-1.2-r1.ebuild: - Remove unneeded -lattr linking from Makefiles. - - 07 Oct 2003; Chris PeBenito - policycoreutils-1.2.ebuild: - Mark stable. - -*policycoreutils-1.2 (03 Oct 2003) - - 03 Oct 2003; Chris PeBenito - policycoreutils-1.2.ebuild, files/policycoreutils-1.2-gentoo.diff: - New upstream version. - - 29 Sep 2003; Chris PeBenito - policycoreutils-1.1-r1.ebuild: - Add build USE flag; when asserted, only setfiles is built and merged. - - 22 Sep 2003; Chris PeBenito - policycoreutils-1.1-r1.ebuild: - Move selinux-base-policy RDEPEND to checkpolicy. No longer RDEPEND on - checkpolicy. - - 22 Sep 2003; metadata.xml: - Fix metadata.xml - - 24 Aug 2003; Chris PeBenito - policycoreutils-1.1-r1.ebuild, policycoreutils-1.1.ebuild: - Mark stable - -*policycoreutils-1.1-r1 (18 Aug 2003) - - 18 Aug 2003; Chris PeBenito metadata.xml, - policycoreutils-1.0.ebuild, policycoreutils-1.1-r1.ebuild, - files/avc_enforcing, files/avc_toggle, - files/policycoreutils-1.1-setfiles.diff: - Add setfiles patch for alternate root. Add avc_enforcing and avc_toggle - scripts for ease of use for old API users. Use package description from RPM - spec file in metadata.xml long description. - -*policycoreutils-1.1 (14 Aug 2003) - - 14 Aug 2003; Chris PeBenito - policycoreutils-1.1.ebuild: - New upstream version - - 10 Aug 2003; Chris PeBenito - policycoreutils-1.0.ebuild, files/rlpkg: - Add mkinitrd RDEP, add rlpkg. - -*policycoreutils-1.0 (03 Aug 2003) - - 03 Aug 2003; Chris PeBenito metadata.xml, - policycoreutils-1.0.ebuild, files/policycoreutils-1.0-gentoo.diff: - Initial commit diff --git a/sys-apps/policycoreutils/Manifest b/sys-apps/policycoreutils/Manifest index d039c40be5..7481f60df4 100644 --- a/sys-apps/policycoreutils/Manifest +++ b/sys-apps/policycoreutils/Manifest @@ -1,41 +1,17 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -AUX 0001-policycoreutils-pp-add-roletype-statements-for-both-.patch 2157 SHA256 799b93fde622a168e0c7b1a0a1ec1a0a65873379e1245ec42859c00a06ca1372 SHA512 fb96bcf8bf045092be98dfce3c2d010984428f2a302e53c72af236eb1466465a27c6fba00e0912cafb28159e3d233fd82220c2456a2b8df36ba2d1286b9752fa WHIRLPOOL e1a829e0710e045c7a7ba622f4c79e8ff9d59c370b838e45ccca95416845d92a6d690cd65be2c99aa020ec7a6db2692988db7b5d72823d42f977124b35abcb17 AUX 0010-remove-sesandbox-support.patch 747 SHA256 af6969721dede49f4de4e1db8e98e8400a8f0e3ec0b55aee9295aea0d6ba3b9a SHA512 b7b54191d2b8703393dd23a7fcccbdc3e2b7234acd962e994c8549eebae6cae3b6f62055b47a2d5db94510739abfb2fa365090c452422b6fbc02ad625ebe4859 WHIRLPOOL 1ed396c3346123af9fc8a5e911a6c241e2b64d7424b2d5194b0cc7c6b44a960c70afde3d04a508ecf525af038a52c739bc424230db34fcb52096304b2cda2771 AUX 0020-disable-autodetection-of-pam-and-audit.patch 3924 SHA256 5f322dcc8c24838ec30c1df3aa69876063989fd07389c60ef64802c6fe25e91e SHA512 0efcbe36fdaa369cb1837767e872189f9f18b58d738b38c304ef31c568e60d602cfb5f87328a3b1f209840e2ab102f2d0ee8c4e918b2866c0ca978f33252ad33 WHIRLPOOL 669a451f98f39607e6a5a235e67ab432e480327dfe8204c2fcbb7455f571da4a64e91d76926c34e7fc25cec393ed6fbabb33e46c00e4f7a30848f304ed96b61f AUX 0030-make-inotify-check-use-flag-triggered.patch 650 SHA256 1cf0d985c865d9afe134e598c50b40420e4a48f4fde6e5d1916a880b8c393a75 SHA512 9ae10652ae14abd8930690363d41d9cacf0d0003ff21cf75dfc52a4ab7a4ab3d1fa9f1dc6994de9ae874483297478d79ee071dae766dfabf07ba70092bd11ba4 WHIRLPOOL ebf776adb8115db80418313ee8ad80f8d03b71358b1aa790ac690cd81b3646f0818da6bbf5d2f570c4be4150e6a2b475ff848622239f65e1479f29c9eb6a44f1 -AUX 0040-reverse-access-check-in-run_init.patch 500 SHA256 5e1bb9b3124efee30502992cb16720f44d8abd3eeacaa8b70cea5cfa116dc9dc SHA512 2935f303a84f5a18d58eb98bab2101772d6b787a2fe8299cbba1deb0dacc313ae04c60bb731fae255e24c52b5923aa861925c31be8898aa37d2d7687a7725040 WHIRLPOOL 3022f8703ea851c2b90e93965dce0669a2d3b33ef61ee09ed9aed775f07858c6b5474b8e0f0e6186609af4e05234c042aa376ea242b4245a95a1cd08ba19cbd3 AUX 0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch 519 SHA256 63d4952efdf1fa8510485900e17f3bcb356086dda9440e3f4dd9fbcad83ec027 SHA512 c49b440ca07003688e115ea792188f37e5456d8afde0ee3be7a49af8c51ca7089e85e64ad237fbdc3c34685a58022f695f00fe443face1052f8181829678a256 WHIRLPOOL 1a246957e0aebf5129117644eb202a123ae8e43cca19b961796cc3940253e92c479819911a681d2434f794693115843cf351f04f9610e46171bef7048b59a8d1 AUX 0110-build-mcstrans-bug-472912.patch 2509 SHA256 c89ee8947ba7d04c7df30eef7fee91233188da90718c05a93c07112eb272dd8d SHA512 97a6c17e8232dc62dd5beaf101efa1e0462eedfb9fb4eff93d96171bbd866bd12b19ada1c512eef20ba732813e6f009276debbe5385ece373dd3bad1b7e61765 WHIRLPOOL fdb2509aab5e98ed11a942457711132e5888a25c0426bde59a84fb8bd8dc3f065f0e6daba77730e94a114c1e1431a1cee17a6ccf305946a5abed328f027c0bd1 AUX 0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch 483 SHA256 572d141797d2a164b50b081fd6167f3acd93f62cc878c8859f731580243deb7d SHA512 a8a81158924aa527038696a98503144e50ed941ba1afbf52d26fc5bb9373c7ac6fd3f864070ff717c5b45ddba0470bc43b142f02da134559af8896c15084234f WHIRLPOOL 17836a74dcd4ce605891f6bd1eeeca61d6ed1534d3f6d3e1c65d1ddd7096460cbf75eac868d2c7ef112c85f745c2b1af7ca2abf02644351c3ebbfbbffc90a99b -DIST patchbundle-policycoreutils-2.2.5-gentoo-r1.tar.gz 7287 SHA256 cb6915c46a5e6789f95ac254d34b1d890055b31ded61596ffb5bf925aa8c446a SHA512 be6eeaf4927d80f2c198ecc4fbe88a3e960380a0de532155eff3a12157df0615e7b3ffbc09e984df08fb32ce5b62f75147559a093b620a98d9ff836ad07b18b0 WHIRLPOOL de7e0348abc45713ede926d79f26bb8590c41db6f984ff8f29a01b933f6e3c38531682f10a0d7de73f8b26994ac9a476bd9d54fc36fb45689f7ad9eca5206f09 -DIST patchbundle-policycoreutils-3.tar.gz 7294 SHA256 44db261c87f583a7620690fc5041d8a21b1c935e741fe7b594aa2cc958e3deb7 SHA512 24e4c73e97441a1042618f6a4179d71672c81f821ffc2f97a54116bf6b33a93bd7f3e2030dbdb362da5e2a7d8936604e5b0283261c7b2447cc4f7594966c73bc WHIRLPOOL d38416ff9707d7d2bbf04f5d582944a87d27de06f3d70677341d38dacc6501dd78ef01fd8a7bb044d49b1f2a8c95181e2cb1b4b81dae49819409dbcf9d7abcb7 -DIST policycoreutils-2.2.5.tar.gz 4948944 SHA256 bbf850a8c3c2f371f439d6525663eecdd3a737acd594d2f27f8d8f3a07830cc4 SHA512 88a32fbbede56f3e717394f134212ed9df9b06cbb5532168ccc03ef2a465f4320b54a561348ea5c319b5b641f7661565ad29fbdc5aae50190a6d21d076cf2c3f WHIRLPOOL 0eb0e0c7e1fc1514cb28bbda7a10066ad23a9ccfecc92dee606e3f0e71632e07fe1c4ba7ac89993adf15e9520fc9e527e16d623d56b4e96cc882bf82dea4cb14 -DIST policycoreutils-2.3.tar.gz 4984980 SHA256 864cfaee58b5d2f15b140c354e59666e57143293c89f2b2e85bc0d0e4beefcd2 SHA512 3256849d13856ec47ac85470632a57e26952c5dafffb51df4eb8e32467196ff3ef725cc582798727fe45fd6284c1893d12eae2c89088ae1758ad39faec385659 WHIRLPOOL 1dd9bfd67ebb744b8c47144966f09d8361e9018e8d941355080c274b9ac891c18eb95771f3dc8b136683224bc5f12f3fb58fa00666b5815d65e7141c31d9293d -DIST policycoreutils-2.4.tar.gz 5004280 SHA256 b819f876f12473783ccce9f63b9a79cd77177477cd6d46818441f808cc4c3479 SHA512 0eb0ea569c1699ed78e5e9798d9f182b3a8bfa6dcd387bcc78923755b3a1cad982673db88857745154d3769d44402b87e52d5fe3024874001f61f783aa25cce6 WHIRLPOOL d101080973ef6248617b5bca9d8b76e59008061b3411aec4ed95343af09b941a34acb3bb0001da5468595c4c37684ab6f34204e18ccb3cbbd5b3d31df0cb5e7f -DIST policycoreutils-extra-1.31.tar.bz2 16080 SHA256 ad0a78d96fd01aa51fe774e1701bd23934cd72182b2bad68112006f0ea17cc7b SHA512 520f93f1a2ce3c60a1d192b09cb9a968d207fbc6ab1f01861be95a50b65264f706335620ccbca48ce38f81581a4cf5128e5db9e5b0564460c9f05f04038abfba WHIRLPOOL 56e713b9bd8f1af1496f383f45f1ef8d373b3f45148237bfd28c016f4becaa87d932b363d165b46c657ea3a08503e7bc60b1c5a5a2a814a659770bedf33d4202 -DIST policycoreutils-extra-1.33.tar.bz2 16191 SHA256 743c3930277102f5545907314b21e98955e88be7972e30264c6cb5dca370b788 SHA512 3f6f19ae33d5b1043f2979fb3e79bc061767f7051cbd0981e5c5663b4391fa29544b2184b384c9fce7b4100623bc776748d77a01865dcee78b0756d73ee10886 WHIRLPOOL e74b9c3a6dff563b81bf3ce85119fbdfc658191ac063763f2916a7dcd90584f98cbccd1d6cd5ef3aecb00366a82c949c62ab9b907cb98800cb53d3e9ab63b492 -EBUILD policycoreutils-2.2.5-r4.ebuild 4708 SHA256 2287c153ef9ce72a15e1fb0d681942c79c26393dfa00436b414389334606b5e4 SHA512 d69a0cd51e9e995f59535e6e72a3e62d4a5e3f75aeb8a98f9e6dd6ce7f02b4ca19d479395bcfccdeba7b932c484bc90308a3f563d621c0f3f626c4aa5b927c5a WHIRLPOOL c34a44c55bc221274f3f19e8f72fbf1d649b16978d6d080ff66ba47185b0bc7e069431a818ebce1fd23ef590f656fa23e86ebef42bca870050ff2a792bf20072 -EBUILD policycoreutils-2.3-r3.ebuild 4388 SHA256 2b87e99e95421c093aed5fca66c6506261ded68dccc11d309f7e106947664093 SHA512 b00da0cb9bae1f3aa4149b178bf904a90133b7aa7985635c342cb0f5a9e135b3ebb82e14cfdc224684820c1d4085cb8532023793440eaa5e1df8f3f130887b35 WHIRLPOOL 3c8fb7ed0c0ca20985b2f6556a95e623cd04bf83c53822cacfd7702bab50ac55f025ddb15d20799292f4dfdeee702112abf80e269b5493eac128eb9f2df3dfa7 -EBUILD policycoreutils-2.4.ebuild 4495 SHA256 f58265fbd9bd64bba47eef2ef7f65d6a7a62c1fea0b6754f6a48bb879156dc36 SHA512 43a099ac242de40c42132f697e248da84cde5c38ca64be38c4cb8729153a8921597a082d095a6d312b0e6422b6345099460039798c0f626533141e1bf841138b WHIRLPOOL 8d5757ae72043247b9501510bb561d6f8ae516ae54ee97a9b3e9ad68f61626cef9463b73a278d043b472988f7499baf26ef16e3619f7a7efb0e1c9264125f74d -EBUILD policycoreutils-9999.ebuild 5262 SHA256 0bf3f18e901197cfecd321bee41a7eff1e041a657a4e1824d3678728e11d1117 SHA512 e00c2cc009bfd413267723f08e265ef3f5746591d639f5273a4d50ffc601cd60f7db63aa54803bcc536cb543ccc4a78033bdd044ad0ae15d72191603de923189 WHIRLPOOL 218f9ee27401591352d69daf1d3a7ccaa596fc2c5ebd32842fcea33d96f15e90de0ce81346bbb671d9b8f9222f91dbad17a9535af35e06d5f453e2323ebaf4db -MISC ChangeLog 26573 SHA256 ed7d9b9bc3fd89f29cb06c58cd1274191dd2e530a3b8dd83cb2da259d09d1824 SHA512 5e326782bd849516aa8afeed38c0bb9ec52049fc15dda4ab45d5ea84a54f576bf998b02bbe5f73b8c26c26eb388c064dc1e81fa2208f5989b4203ab4cf7adb6b WHIRLPOOL 8b57bc4114ca783c3bd492bfae5875124fd07c4225e64b5ccd7974d0c6e1e576e88bbbd8dde9ae5c0fb0a8aa7850124074c6bc634da87c0d05678c145be2ef00 -MISC metadata.xml 971 SHA256 9d2157deddd1a457ff3d7b1232ec23e71367852b743ef6b4b8290349c3c9c698 SHA512 79fbbb6285a75f84fdd103ed704d62ede2695e7b8fe03f989ac4a065261a5e870675c1186173c1d4a65b88ac98f8bc2153146010513926e1a1b53efa52564a03 WHIRLPOOL eadde5fe3a3a2a71031d46f7e7c602f8069138914e62c44dff4be09afb8e23391a36d7c358a011722151437ee51be9f404ee1360a2d918078de3f783ff7e062f ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0 - -iQIcBAEBCAAGBQJVdwhsAAoJEC7dUkA7aK9HC2wQAJHJi9AsOmlUnFokVxMMkXSy -SWR7FpmMv+fbqJOL6o1ZX11xBVKN6poqC3blCwr3Pv98iENqCbluJgzANiWFUmTd -OS06d4Q0USfUPl3GSylEPRNIbqxoIlD24vdolN7TnU5WfxRvp5klYUAsYoTIQnmy -LViUoBZMzgJZnoUbN7by2geHvkb5U8B1aEawkSAZq+s4M/dFlMtkgYD/DNAk/ZFV -jNhde9bxcvxmmfV6+er2bUplzeTZtwh8wg/6Toh/dOa0kNCtbVMlzNvU9JbAjlK5 -r/1UsCE0aHrQvRSt5BNJ1DT7vUzyrYre+Wq11ox1HQBNXdwk/rDtTzRi9U/RVVSM -I9f0OC2RSCVX/E39jjI7jwGUeAwgkVXqcOm7I4s6ThSpyZsi+VjdyMRwYJH3jUEN -4xfT3hR1nGfPeXkBoGUqVf8n1x3tlzFManweFfxs+HZOBcUkGQh5AcDk4YDihsOM -8mZD6R0aGkAOXzfWQMZHLUzwOdd+07FezFFfby7tYtyvbjmU5xosz1PcoyY85Kqm -wey41drfr61lLedyufgmW4lAYAtNnUEn3bIeiwuvjSPl+J8BYhjSel/zPsPww0Ti -kVyHB0FYagF18FR0Dg3ISYfyWJqjpf+gJQRjRhxPSTGQqcX69oRTjNR6Dds3IJE9 -UetIWSxlDBewq0kZxEOr -=/Evg ------END PGP SIGNATURE----- +AUX policycoreutils-2.7-0001-newrole-not-suid.patch 351 SHA256 5146c50018858ae42ec1be492db8aa5f9ca837df81871481240709e72bc3aafa SHA512 41c37a0711011ebdaafee01b357438ac3219b34b6c9e6ebe182c863d61c899e4819ae71bd9adf4b52bee37750c99b5b1cd40c6a92f119899bd227251d37ccd99 WHIRLPOOL 9a5496d01b53fc39c45153fc2adc658aee8bfb9074534f2ae31b61491227c606de51d335636b536d15d0f2963772fe3ba6e0c0c21ced38f2b673e217127ddb77 +DIST policycoreutils-2.6.tar.gz 4660087 SHA256 68891b376f5048edc53c6ccb2fca44da3dc7f4563f4b6894e201d70c04a05a29 SHA512 ba289060bc348f9315bce84a5e5daf145600274289fdd2206edc10bb0ee03f9b02a9e40e9c118809961ddfe7844dee7d8952d8c9a239af7282f4fc1614c21e9d WHIRLPOOL c04a5f0f6bb044090e0d443f4497d828713fd32de4a0f5b5442e70e836da99e5e6e562a9deeedb566b07da1687c0a6b056c33b0bbe9836a71891fc6a449da60c +DIST policycoreutils-2.7.tar.gz 2796707 SHA256 0a1b8a4a323b854981c6755ff025fe98a0f1cff307f109abb260f0490f13e4f4 SHA512 ce97d659f72058fd23d8dab8db98fc7c0003806a636c521fa15da465d7358d40ccc8e3eaa9675f00a9b0b8aaa1465d3fb650bc0ebbbf00164e121230673256fb WHIRLPOOL f2360ab5e83f1a9a0f9e63bf700a89c28b61d13f8101c9ea2b68e9f071ede23557a0a5bec9a077b96b42be063421018ab8b85c4443e3bc1021f0d251a62de301 +DIST policycoreutils-extra-1.35.tar.bz2 12124 SHA256 25983df35c0b98fb65423f109d71c02e4d6b86415452b7a7a6e92b5e4fa4a36e SHA512 8cc3c74afee7ec38d7d085744fdd60849d3ae97a75599d2181b12b5b472a6a4445868e8a6aff707e439c10d9c378fb55e329b4db21c0a771f41180bf3b9eabc1 WHIRLPOOL 863ca52e1897cbfb9252f1afe81fef497f27ede10c74e1150c07e9f355390eca0e64c9b0cc0a48e8a7442b310387b1e929b40e2b9c14a9a095850a00983cd5f6 +DIST policycoreutils-extra-1.36.tar.bz2 8830 SHA256 2dfbe799bbbf150e68fab7e168fd71b94505c992623f30c71873213447506e8f SHA512 c6a18e6fb2d65f51dc55b88907f23241f2fbfc033d3d2888b109596d9ed31d509b2c93456727ea4d1f98544831afb15c449ff72d6aedf93b9e474b27817f7fb3 WHIRLPOOL c9772dba472b9b466181204f5bd5fb13d839042c53c84db38999a8b077b0dee1e9e78089b7b5fe4bc4076a1ad1c420528354404b292abd428a73e6f95312d0c4 +EBUILD policycoreutils-2.6-r1.ebuild 5556 SHA256 4351a449551bccb6b379e0719ebd7703da433741490dd8b5f4c9de3d0e10b853 SHA512 657e73bbe5e5540f49ab1b1cceaae293c57a2c5abab67b24624d51549745e674b91ca35619da0ff71c51f31af91500d37784bae280b1d52e715b9eda6d9f9690 WHIRLPOOL 4be6d305b90a2f2754ac9de7c1a1153d293e098d049c179e2c516d9bbd637a2c020e590b4ea0f3a1333319bf64121bd40843553d595e7f6e618b425ed86177a1 +EBUILD policycoreutils-2.7.ebuild 4962 SHA256 894b22ac63ba9f5600a0f4bf18e9ac3fbfdb33d663cd5c3990270c8bbc1b3233 SHA512 e3ec9164a11c29bbd225887784b35bc54f306ee94d9fa80963158f218d2261c8d60a63583cbb96f4186863000294fa552a434bb438d0d1fb2754e8d074bb0c12 WHIRLPOOL a71810832fbc2667bb7fd84ee565ce9835af4369c6fb7a7393e756bdd3fbd180f93fde50d9279af6495b940db7246dcf52a8b7b7283bd4b6198482cd987a61fc +EBUILD policycoreutils-9999.ebuild 4969 SHA256 9b55417597828165a48bf0e690cb39330f632d76aa795ced6a546611270e6ee6 SHA512 6cc7dd5c825bd0c9cc63f14dc3000bbb9f7692f1fef6f9ce0f0e6fa09094846e9994f5fa8f39dea42bc52e38f0118239698e6971643ea5d539ca3a8436d763ad WHIRLPOOL d451dbfef9c95b432e81da8f294f94d3d9f6bfbf63b0833991e6ce9468e0f17891fd80866cb8f78aaab1ea1c1e41388baacd00730d09b1af28b96ff9247aefc8 +MISC ChangeLog 6931 SHA256 1b8fdfb862fa904b8e3ed6b1682d163d6d1235bc30bd44c960379f6a39703013 SHA512 5231762bf1d5e909111830c6f75d6b6aa4609d22053a746684885e032b8f6639aacc971b3c13f52254fe67ce059668da77e6a39107deff3388e6546abdc67ea6 WHIRLPOOL a7a8f56e76eb81854e85fb40258b7e569cf0bba25d659cdedeb7290b57169530cf3e7f0944441144c6797b7ec84406f82dcbe445d1ec6901e3bd4a2027019815 +MISC ChangeLog-2015 27068 SHA256 004588c7a9a83bad3e2c4f8b328c77a570e916332eda797fa504a84750373d22 SHA512 b26e0cf65b36ecd72f30f7ae4a467843434374d6c82fb3a8ca67d3a7294073f3aa78e7225052f20b9647266cff4207c95239528c128b5d13eba04e69b04c34af WHIRLPOOL a05d316fa06a95f73ee98c2f247b0cd715da322725ee2f3f09c1e82d12b0fca83cc1f17e362ad6cfb9080fe5fceccb56fab66057afde3b9a4a81554357b0394b +MISC metadata.xml 1117 SHA256 4b5df713eb05f5d1610a5de599ae97ba21335de28b889ea5128ab52d7819f925 SHA512 1f8703b31ced13b4e15311ecc9d4e03c085eb580e61394e8781744a9c33794e0f10144617415e69b703f5716ca5fd15ad6db14fe93a95c9b5d46c429542beac5 WHIRLPOOL 86f2ca768507b5d12de4d43348bd61f84ee1851beda15e6bc4e69906c31983ab7e4975b472ce041855960252fead92cbf5b8ee889e43b0e017dca77d30706a0c diff --git a/sys-apps/policycoreutils/files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch b/sys-apps/policycoreutils/files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch deleted file mode 100644 index 6ed451649e..0000000000 --- a/sys-apps/policycoreutils/files/0001-policycoreutils-pp-add-roletype-statements-for-both-.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 7a09af2123bc0d86787ef82fc2ff43810f1712c0 Mon Sep 17 00:00:00 2001 -From: Steve Lawrence -Date: Wed, 19 Nov 2014 11:21:42 -0500 -Subject: [PATCH 1/2] policycoreutils: pp: add roletype statements for both - declared and required type/typeattributes - -Currently, roletype statements are only added for types when they are -declared (not required). This means that in policy like: - - require { - type foo_t; - } - type bar_t; - role staff_r types foo_t, bar_t; - -only bar_t is associated with staff_r. This patch moves the code that -generates roletype statements for types to outside the SCOPE_DECL check -so that roletype statements are generated for all types, regardless of -the required/declared scope. It further moves the code outside of the -type/typeattribute flavor check so that roletype statements are also -generated for typeattributes. - -Reported-by: Sven Vermeulen -Signed-off-by: Steve Lawrence -Reviewed-by: Yuli Khodorkovskiy -Tested-by: Jason Zaman ---- - policycoreutils/hll/pp/pp.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/policycoreutils/hll/pp/pp.c b/policycoreutils/hll/pp/pp.c -index b1ef27f..4b9f310 100644 ---- a/policycoreutils/hll/pp/pp.c -+++ b/policycoreutils/hll/pp/pp.c -@@ -2083,6 +2083,11 @@ static int type_to_cil(int indent, struct policydb *pdb, struct avrule_block *UN - cil_println(indent, "(typeattributeset " GEN_REQUIRE_ATTR " %s)", key); - } - -+ rc = roletype_role_in_ancestor_to_cil(pdb, decl_stack, key, indent); -+ if (rc != 0) { -+ goto exit; -+ } -+ - switch(type->flavor) { - case TYPE_TYPE: - if (scope == SCOPE_DECL) { -@@ -2090,11 +2095,6 @@ static int type_to_cil(int indent, struct policydb *pdb, struct avrule_block *UN - // object_r is implicit in checkmodule, but not with CIL, - // create it as part of base - cil_println(indent, "(roletype " DEFAULT_OBJECT " %s)", key); -- -- rc = roletype_role_in_ancestor_to_cil(pdb, decl_stack, key, indent); -- if (rc != 0) { -- goto exit; -- } - } - - if (type->flags & TYPE_FLAGS_PERMISSIVE) { --- -2.0.4 - diff --git a/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch b/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch deleted file mode 100644 index f53b456720..0000000000 --- a/sys-apps/policycoreutils/files/0040-reverse-access-check-in-run_init.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -uNr policycoreutils-2.2.1.orig/run_init/run_init.c policycoreutils-2.2.1/run_init/run_init.c ---- policycoreutils-2.2.1.orig/run_init/run_init.c 2013-11-04 21:40:27.490018417 +0100 -+++ policycoreutils-2.2.1/run_init/run_init.c 2013-11-04 21:40:57.088018480 +0100 -@@ -406,7 +406,7 @@ - new_context); - exit(-1); - } -- if (! access("/usr/sbin/open_init_pty", X_OK)) { -+ if (access("/usr/sbin/open_init_pty", X_OK) != 0) { - if (execvp(argv[1], argv + 1)) { - perror("execvp"); - exit(-1); diff --git a/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch b/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch new file mode 100644 index 0000000000..6049bbe282 --- /dev/null +++ b/sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch @@ -0,0 +1,13 @@ +diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile +index bdefbb8..9cff135 100644 +--- policycoreutils/newrole/Makefile ++++ policycoreutils/newrole/Makefile +@@ -49,7 +49,7 @@ ifeq ($(NAMESPACE_PRIV),y) + IS_SUID=y + endif + ifeq ($(IS_SUID),y) +- MODE := 4555 ++ MODE := 0555 + override LDLIBS += -lcap-ng + else + MODE := 0555 diff --git a/sys-apps/policycoreutils/metadata.xml b/sys-apps/policycoreutils/metadata.xml index 866173173b..16effc34b8 100644 --- a/sys-apps/policycoreutils/metadata.xml +++ b/sys-apps/policycoreutils/metadata.xml @@ -1,7 +1,10 @@ - selinux + + selinux@gentoo.org + SELinux Team + Policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system. These utilities include @@ -15,9 +18,10 @@ permissive. - Enable support for sys-process/audit and use the audit_* functions (like audit_getuid instead of getuid()) + Enable support for sys-process/audit and use the audit_* functions (like audit_getuid instead of getuid()) - cpe:/a:redhat:policycoreutils + cpe:/a:redhat:policycoreutils + SELinuxProject/selinux diff --git a/sys-apps/policycoreutils/policycoreutils-2.4-r2.ebuild b/sys-apps/policycoreutils/policycoreutils-2.4-r2.ebuild deleted file mode 100644 index 822e2b0ad5..0000000000 --- a/sys-apps/policycoreutils/policycoreutils-2.4-r2.ebuild +++ /dev/null @@ -1,196 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/policycoreutils-2.4.ebuild,v 1.4 2015/05/10 09:08:19 perfinion Exp $ - -EAPI="5" -PYTHON_COMPAT=( python2_7 ) -PYTHON_REQ_USE="xml" - -inherit multilib python-r1 toolchain-funcs eutils systemd - -MY_P="${P//_/-}" - -EXTRAS_VER="1.33" -SEMNG_VER="${PV}" -SELNX_VER="${PV}" -SEPOL_VER="${PV}" - -IUSE="audit extra nls pam dbus python" - -DESCRIPTION="SELinux core utilities" -HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" -SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz - extra? ( mirror://gentoo/policycoreutils-extra-${EXTRAS_VER}.tar.bz2 )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" - -DEPEND=">=sys-libs/libselinux-${SELNX_VER}[python?] - >=sys-libs/glibc-2.4 - >=sys-libs/libcap-1.10-r10 - >=sys-libs/libsemanage-${SEMNG_VER}[python?] - sys-libs/libcap-ng - >=sys-libs/libsepol-${SEPOL_VER} - nls? ( sys-devel/gettext ) - python? ( - dev-python/ipy[${PYTHON_USEDEP}] - ) - dbus? ( - sys-apps/dbus - dev-libs/dbus-glib - ) - audit? ( >=sys-process/audit-1.5.1 ) - pam? ( sys-libs/pam ) - python? ( - ${PYTHON_DEPS} - )" - -### libcgroup -> seunshare -### dbus -> restorecond - -# pax-utils for scanelf used by rlpkg -RDEPEND="${DEPEND} - python? ( - dev-python/sepolgen - ) - app-admin/setools - app-misc/pax-utils" - -S="${WORKDIR}/${MY_P}" -S1="${WORKDIR}/${MY_P}" -S2="${WORKDIR}/policycoreutils-extra" - -src_prepare() { - epatch "${FILESDIR}/0010-remove-sesandbox-support.patch" - epatch "${FILESDIR}/0020-disable-autodetection-of-pam-and-audit.patch" - epatch "${FILESDIR}/0030-make-inotify-check-use-flag-triggered.patch" - epatch "${FILESDIR}/0040-reverse-access-check-in-run_init.patch" - epatch "${FILESDIR}/0070-remove-symlink-attempt-fails-with-gentoo-sandbox-approach.patch" - epatch "${FILESDIR}/0110-build-mcstrans-bug-472912.patch" - epatch "${FILESDIR}/0120-build-failure-for-mcscolor-for-CONTEXT__CONTAINS.patch" - - # rlpkg is more useful than fixfiles - sed -i -e '/^all/s/fixfiles//' "${S}/scripts/Makefile" \ - || die "fixfiles sed 1 failed" - sed -i -e '/fixfiles/d' "${S}/scripts/Makefile" \ - || die "fixfiles sed 2 failed" - - epatch_user - - find -name Makefile -exec sed s/-Werror//g -i '{}' + - - if use python ; then - python_copy_sources - # Our extra code is outside the regular directory, so set it to the extra - # directory. We really should optimize this as it is ugly, but the extra - # code is needed for Gentoo at the same time that policycoreutils is present - # (so we cannot use an additional package for now). - if use extra ; then - S="${S2}" - python_copy_sources - fi - else - for dir in audit2allow gui scripts \ - semanage sepolicy sepolgen-ifgen - do - sed -e "s/ $dir / /" -i Makefile || die - done - fi - use nls || sed -e "s/ po / /" -i Makefile || die -} - -src_compile() { - building() { - emake -C "${BUILD_DIR}" \ - AUDIT_LOG_PRIVS="y" \ - AUDITH="$(usex audit)" \ - PAMH="$(usex pam)" \ - INOTIFYH="$(usex dbus)" \ - SESANDBOX="n" \ - CC="$(tc-getCC)" \ - DESTDIR="${ROOT}" \ - PYLIBVER="${EPYTHON}" \ - LIBDIR="\$(PREFIX)/$(get_libdir)" - } - if use python ; then - S="${S1}" # Regular policycoreutils - python_foreach_impl building - if use extra ; then - S="${S2}" # Extra set - python_foreach_impl building - fi - else - BUILD_DIR="${S1}" - building - if use extra ; then - BUILD_DIR="${S2}" - building - fi - fi -} - -src_install() { - # Python scripts are present in many places. There are no extension modules. - installation-policycoreutils() { - einfo "Installing policycoreutils" - emake -C "${BUILD_DIR}" DESTDIR="${D}" AUDITH="$(usex audit)" PAMH="$(usex pam)" INOTIFYH="$(usex dbus)" SESANDBOX="n" AUDIT_LOG_PRIV="y" PYLIBVER="${EPYTHON}" install - if use python ; then - python_optimize - fi - } - - installation-extras() { - einfo "Installing policycoreutils-extra" - emake -C "${BUILD_DIR}" DESTDIR="${D}" INOTIFYH="$(usex dbus)" SHLIBDIR="${D}$(get_libdir)/rc" install - if use python ; then - python_optimize - fi - } - - if use python ; then - S="${S1}" # policycoreutils - python_foreach_impl installation-policycoreutils - if use extra ; then - S="${S2}" # extras - python_foreach_impl installation-extras - S="${S1}" # back for later - fi - else - BUILD_DIR="${S1}" - installation-policycoreutils - if use extra ; then - BUILD_DIR="${S2}" - installation-extras - fi - fi - - # remove redhat-style init script - rm -fR "${D}/etc/rc.d" - - # compatibility symlinks - if use extra ; then - dosym /$(get_libdir)/rc/runscript_selinux.so /$(get_libdir)/rcscripts/runscript_selinux.so - fi - - # location for policy definitions - dodir /usr/lib/selinux/policy - dosym ../../usr/lib/selinux/policy /var/lib/selinux - - if use python ; then - # Set version-specific scripts - for pyscript in audit2allow sepolgen-ifgen sepolicy chcat; do - python_replicate_script "${ED}/usr/bin/${pyscript}" - done - python_replicate_script "${ED}/usr/sbin/semanage" - use extra && python_replicate_script "${ED}/usr/sbin/rlpkg" - fi - - dodir /usr/share/doc/${PF}/mcstrans/examples - cp -dR "${S1}"/mcstrans/share/examples/* "${D}/usr/share/doc/${PF}/mcstrans/examples" -} - -pkg_postinst() { - # The selinux_gentoo init script is no longer needed with recent OpenRC - use extra && elog "The selinux_gentoo init script will be removed in future versions since it is not needed with OpenRC 0.13." -} diff --git a/sys-apps/policycoreutils/policycoreutils-2.6-r1.ebuild b/sys-apps/policycoreutils/policycoreutils-2.6-r1.ebuild new file mode 100644 index 0000000000..6a544ae2b9 --- /dev/null +++ b/sys-apps/policycoreutils/policycoreutils-2.6-r1.ebuild @@ -0,0 +1,187 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" +PYTHON_COMPAT=( python{2_7,3_4,3_5} ) +PYTHON_REQ_USE="xml" + +inherit multilib python-r1 toolchain-funcs bash-completion-r1 + +MY_P="${P//_/-}" + +MY_RELEASEDATE="20161014" +EXTRAS_VER="1.35" +SEMNG_VER="${PV}" +SELNX_VER="${PV}" +SEPOL_VER="${PV}" + +IUSE="audit pam dbus" +REQUIRED_USE="${PYTHON_REQUIRED_USE}" + +DESCRIPTION="SELinux core utilities" +HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + SRC_URI="https://dev.gentoo.org/~swift/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2" + S1="${WORKDIR}/${MY_P}/${PN}" + S2="${WORKDIR}/policycoreutils-extra" + S="${S1}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz + https://dev.gentoo.org/~swift/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2" + KEYWORDS="amd64 ~arm64 ~mips x86" + S1="${WORKDIR}/${MY_P}" + S2="${WORKDIR}/policycoreutils-extra" + S="${S1}" +fi + +LICENSE="GPL-2" +SLOT="0" + +DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}] + >=sys-libs/glibc-2.4 + >=sys-libs/libcap-1.10-r10:= + >=sys-libs/libsemanage-${SEMNG_VER}:=[python,${PYTHON_USEDEP}] + sys-libs/libcap-ng:= + >=sys-libs/libsepol-${SEPOL_VER}:= + >=app-admin/setools-4.0[${PYTHON_USEDEP}] + sys-devel/gettext + dev-python/ipy[${PYTHON_USEDEP}] + dbus? ( + sys-apps/dbus + dev-libs/dbus-glib:= + ) + audit? ( >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}] ) + pam? ( sys-libs/pam:= ) + ${PYTHON_DEPS} + ! seunshare +### dbus -> restorecond + +# pax-utils for scanelf used by rlpkg +RDEPEND="${DEPEND} + dev-python/sepolgen[${PYTHON_USEDEP}] + app-misc/pax-utils + ! seunshare +### dbus -> restorecond + +# pax-utils for scanelf used by rlpkg +RDEPEND="${DEPEND} + app-misc/pax-utils + ! seunshare +### dbus -> restorecond + +# pax-utils for scanelf used by rlpkg +RDEPEND="${DEPEND} + app-misc/pax-utils + ! Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 15/42] sys-apps/policycoreutils: Add python USE flag From: Matthew Garrett [Split from big patch and rebased for policycoreutils2.7] Signed-off-by: Geoff Levand --- .../policycoreutils-2.7.ebuild | 91 +++++++++++++------ 1 file changed, 61 insertions(+), 30 deletions(-) diff --git a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild index 2f74519d79..63f8cd614b 100644 --- a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild +++ b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild @@ -15,7 +15,7 @@ SEMNG_VER="${PV}" SELNX_VER="${PV}" SEPOL_VER="${PV}" -IUSE="audit pam dbus" +IUSE="audit pam dbus python" REQUIRED_USE="${PYTHON_REQUIRED_USE}" DESCRIPTION="SELinux core utilities" @@ -40,22 +40,26 @@ fi LICENSE="GPL-2" SLOT="0" -DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}] +DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python?,${PYTHON_USEDEP}] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10:= - >=sys-libs/libsemanage-${SEMNG_VER}:=[python,${PYTHON_USEDEP}] + >=sys-libs/libsemanage-${SEMNG_VER}:=[python?,${PYTHON_USEDEP}] sys-libs/libcap-ng:= >=sys-libs/libsepol-${SEPOL_VER}:= - >=app-admin/setools-4.1.1[${PYTHON_USEDEP}] + >=app-admin/setools-4.1.1[python?,${PYTHON_USEDEP}] sys-devel/gettext - dev-python/ipy[${PYTHON_USEDEP}] + python? ( + dev-python/ipy[${PYTHON_USEDEP}] + ) dbus? ( sys-apps/dbus dev-libs/dbus-glib:= ) - audit? ( >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}] ) + audit? ( >=sys-process/audit-1.5.1[python?,${PYTHON_USEDEP}] ) pam? ( sys-libs/pam:= ) - ${PYTHON_DEPS} + python? ( + ${PYTHON_DEPS} + ) ! Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 16/42] sys-apps/policycoreutils: Add extra USE flag From: Michael Marineau [Rebase to latest] Signed-off-by: Geoff Levand --- sys-apps/policycoreutils/metadata.xml | 1 + .../policycoreutils-2.7.ebuild | 41 +++++++++++-------- 2 files changed, 26 insertions(+), 16 deletions(-) diff --git a/sys-apps/policycoreutils/metadata.xml b/sys-apps/policycoreutils/metadata.xml index 16effc34b8..ba063014a9 100644 --- a/sys-apps/policycoreutils/metadata.xml +++ b/sys-apps/policycoreutils/metadata.xml @@ -19,6 +19,7 @@ Enable support for sys-process/audit and use the audit_* functions (like audit_getuid instead of getuid()) + Enable Gentoo's policycoreutils-extra features. cpe:/a:redhat:policycoreutils diff --git a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild index 63f8cd614b..971ff6d69f 100644 --- a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild +++ b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild @@ -15,7 +15,7 @@ SEMNG_VER="${PV}" SELNX_VER="${PV}" SEPOL_VER="${PV}" -IUSE="audit pam dbus python" +IUSE="audit extra pam dbus python" REQUIRED_USE="${PYTHON_REQUIRED_USE}" DESCRIPTION="SELinux core utilities" @@ -30,7 +30,7 @@ if [[ ${PV} == 9999 ]] ; then S="${S1}" else SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz - https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2" + extra? ( https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2 )" KEYWORDS="amd64 ~arm64 ~mips x86" S1="${WORKDIR}/${MY_P}" S2="${WORKDIR}/policycoreutils-extra" @@ -108,8 +108,10 @@ src_prepare() { # directory. We really should optimize this as it is ugly, but the extra # code is needed for Gentoo at the same time that policycoreutils is present # (so we cannot use an additional package for now). - S="${S2}" - python_copy_sources + if use extra ; then + S="${S2}" + python_copy_sources + fi fi } @@ -128,13 +130,17 @@ src_compile() { if use python ; then S="${S1}" # Regular policycoreutils python_foreach_impl building - S="${S2}" # Extra set - python_foreach_impl building + if use extra ; then + S="${S2}" # Extra set + python_foreach_impl building + fi else BUILD_DIR="${S1}" building - BUILD_DIR="${S2}" - building + if use extra ; then + BUILD_DIR="${S2}" + building + fi fi } @@ -170,14 +176,18 @@ src_install() { if use python ; then S="${S1}" # policycoreutils python_foreach_impl installation-policycoreutils - S="${S2}" # extras - python_foreach_impl installation-extras - S="${S1}" # back for later + if use extra ; then + S="${S2}" + installation-extras + S="${S1}" # back for later + fi else BUILD_DIR="${S1}" installation-policycoreutils - BUILD_DIR="${S2}" - installation-extras + if use extra ; then + BUILD_DIR="${S2}" + installation-extras + fi fi # remove redhat-style init script @@ -196,9 +206,8 @@ src_install() { for pyscript in audit2allow sepolgen-ifgen sepolicy chcat; do python_replicate_script "${ED}/usr/bin/${pyscript}" done - for pyscript in semanage rlpkg; do - python_replicate_script "${ED}/usr/sbin/${pyscript}" - done + python_replicate_script "${ED}/usr/sbin/semanage" + use extra && python_replicate_script "${ED}/usr/sbin/rlpkg" fi } From 4b048bbad64d5fd18f6676e34956671f0e4ad22d Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 17/42] sys-apps/policycoreutils: Add nls USE flag Signed-off-by: Geoff Levand --- sys-apps/policycoreutils/metadata.xml | 1 + sys-apps/policycoreutils/policycoreutils-2.7.ebuild | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/sys-apps/policycoreutils/metadata.xml b/sys-apps/policycoreutils/metadata.xml index ba063014a9..bd70aa3455 100644 --- a/sys-apps/policycoreutils/metadata.xml +++ b/sys-apps/policycoreutils/metadata.xml @@ -20,6 +20,7 @@ Enable support for sys-process/audit and use the audit_* functions (like audit_getuid instead of getuid()) Enable Gentoo's policycoreutils-extra features. + Use nls/gettext. cpe:/a:redhat:policycoreutils diff --git a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild index 971ff6d69f..8063a8b8bc 100644 --- a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild +++ b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild @@ -15,7 +15,7 @@ SEMNG_VER="${PV}" SELNX_VER="${PV}" SEPOL_VER="${PV}" -IUSE="audit extra pam dbus python" +IUSE="audit extra nls pam dbus python" REQUIRED_USE="${PYTHON_REQUIRED_USE}" DESCRIPTION="SELinux core utilities" @@ -47,7 +47,7 @@ DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python?,${PYTHON_USEDEP}] sys-libs/libcap-ng:= >=sys-libs/libsepol-${SEPOL_VER}:= >=app-admin/setools-4.1.1[python?,${PYTHON_USEDEP}] - sys-devel/gettext + nls? ( sys-devel/gettext ) python? ( dev-python/ipy[${PYTHON_USEDEP}] ) @@ -113,6 +113,7 @@ src_prepare() { python_copy_sources fi fi + use nls || sed -e "s/ po / /" -i Makefile || die } src_compile() { From c62687f32a5b06caf087e1097f52f5659367d201 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 18/42] sys-apps/policycoreutils: Add semodule USE flag Add an semodule USE flag and enable it in the SDK profile to get semodule-utils into the SDK. Signed-off-by: Geoff Levand --- profiles/coreos/targets/sdk/package.use | 2 ++ sys-apps/policycoreutils/metadata.xml | 1 + sys-apps/policycoreutils/policycoreutils-2.7.ebuild | 5 +++-- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/profiles/coreos/targets/sdk/package.use b/profiles/coreos/targets/sdk/package.use index 18d3098f80..ce35bbd99b 100644 --- a/profiles/coreos/targets/sdk/package.use +++ b/profiles/coreos/targets/sdk/package.use @@ -25,3 +25,5 @@ sys-libs/ncurses static-libs sys-libs/zlib static-libs virtual/jpeg static-libs x11-libs/pixman static-libs + +sys-apps/policycoreutils semodule diff --git a/sys-apps/policycoreutils/metadata.xml b/sys-apps/policycoreutils/metadata.xml index bd70aa3455..23515a0a48 100644 --- a/sys-apps/policycoreutils/metadata.xml +++ b/sys-apps/policycoreutils/metadata.xml @@ -19,6 +19,7 @@ Enable support for sys-process/audit and use the audit_* functions (like audit_getuid instead of getuid()) + Enable support for sys-apps/semodule-utils. Enable Gentoo's policycoreutils-extra features. Use nls/gettext. diff --git a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild index 8063a8b8bc..8a96e0e809 100644 --- a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild +++ b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild @@ -15,7 +15,7 @@ SEMNG_VER="${PV}" SELNX_VER="${PV}" SEPOL_VER="${PV}" -IUSE="audit extra nls pam dbus python" +IUSE="audit extra nls pam dbus python semodule" REQUIRED_USE="${PYTHON_REQUIRED_USE}" DESCRIPTION="SELinux core utilities" @@ -71,7 +71,8 @@ RDEPEND="${DEPEND} app-misc/pax-utils ! Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 19/42] sys-apps/policycoreutils: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- sys-apps/policycoreutils/policycoreutils-2.7.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild index 8a96e0e809..515b04c464 100644 --- a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild +++ b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild @@ -31,7 +31,7 @@ if [[ ${PV} == 9999 ]] ; then else SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz extra? ( https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2 )" - KEYWORDS="amd64 ~arm64 ~mips x86" + KEYWORDS="amd64 arm64 ~mips x86" S1="${WORKDIR}/${MY_P}" S2="${WORKDIR}/policycoreutils-extra" S="${S1}" From 66ef88e1c5052ee201b9586d5ddd48f6207d2e9d Mon Sep 17 00:00:00 2001 From: Matthew Garrett Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 20/42] sys-apps/policycoreutils: Fixups for Continar Linux From: Matthew Garrett [Split from big patch and rebased for policycoreutils2.7] Signed-off-by: Geoff Levand --- .../policycoreutils/policycoreutils-2.7.ebuild | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild index 515b04c464..fcb023649f 100644 --- a/sys-apps/policycoreutils/policycoreutils-2.7.ebuild +++ b/sys-apps/policycoreutils/policycoreutils-2.7.ebuild @@ -114,6 +114,14 @@ src_prepare() { python_copy_sources fi fi + + # Skip building unneeded parts. + if ! use python ; then + for dir in audit2allow gui scripts semanage sepolicy sepolgen-ifgen; do + sed -e "s/ $dir / /" -i Makefile || die + done + fi + use nls || sed -e "s/ po / /" -i Makefile || die } @@ -196,12 +204,12 @@ src_install() { rm -fR "${D}/etc/rc.d" || die # compatibility symlinks - dosym /sbin/setfiles /usr/sbin/setfiles bashcomp_alias setsebool getsebool # location for policy definitions - dodir /var/lib/selinux - keepdir /var/lib/selinux + dodir /usr/lib/selinux/policy + dosym ../../usr/lib/selinux/policy /var/lib/selinux + keepdir /usr/lib/selinux/policy if use python ; then # Set version-specific scripts From b23f3d82927203c17bc87fdbf729f68fd2263d8d Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 21/42] sys-apps/semodule-utils: Import latest Signed-off-by: Geoff Levand --- sys-apps/semodule-utils/Manifest | 5 ++ sys-apps/semodule-utils/metadata.xml | 15 ++++++ .../semodule-utils/semodule-utils-2.7.ebuild | 53 +++++++++++++++++++ .../semodule-utils/semodule-utils-9999.ebuild | 53 +++++++++++++++++++ 4 files changed, 126 insertions(+) create mode 100644 sys-apps/semodule-utils/Manifest create mode 100644 sys-apps/semodule-utils/metadata.xml create mode 100644 sys-apps/semodule-utils/semodule-utils-2.7.ebuild create mode 100644 sys-apps/semodule-utils/semodule-utils-9999.ebuild diff --git a/sys-apps/semodule-utils/Manifest b/sys-apps/semodule-utils/Manifest new file mode 100644 index 0000000000..31fb439d67 --- /dev/null +++ b/sys-apps/semodule-utils/Manifest @@ -0,0 +1,5 @@ +DIST semodule-utils-2.7.tar.gz 15447 SHA256 90c98b3362a43b4da2a51a9176820a56f3e615225e23e3395bc566c4490786ba SHA512 5c7c2a2224949f50c1119edba90d937363e22af52a38f06525e957b29f5310a3e3444d03980b2f808ce995de0f9fc0a9dca8b6167bbfde29c1a33b9bc786d3c8 WHIRLPOOL 795b3300f186e12ba5083a76fb2f58e85d2443471f7278d4d6f18cfd4b82ca479f47c30acd3c5e7d741733b2ca8a571dc70d0432f5e2faac5fa16f1efeba89e8 +EBUILD semodule-utils-2.7.ebuild 1123 SHA256 47d42c79162f53571fbcfb42fd1d73195d842ed4a08c0f2a98800b9b6e083aea SHA512 66d018f1a8a2c16f6083972fb80d14806cd2671ab8150fd676fd164d21bfef12d43eb70b1f1e99a972f15cc19ed0c78d518788a79ca8805f9ce31dae9d10a38d WHIRLPOOL 0e81265b804d63aaa648f228869e57730c6ad2d823236f1198c7d155fe2b30a46429a4e295318afe7b4d755e3ab49e825a4b964f8bb6ad1bfb06837f5a4f3ce3 +EBUILD semodule-utils-9999.ebuild 1125 SHA256 1275cfe02db4ba6abf8606d5689bcadfec943f42eb94e02e7b8dc6ae49fc2817 SHA512 47d27f5e250d9f48cb4ea0fb36c09a3cdf67787d48361d7836d8d6ad71ba1006f0f147c7f6d6d8f1a7a93cb3957dc0c280dad3193e63ef1ab3e934a236311183 WHIRLPOOL 2e4b457273297b0c3d3e0e71ad3f462215f86f5ac6ae9237313103d3aec15b0e18f9d28eddb68e20fe5da9f7f8c3c587dc9839c686121217bc68e19ae10ddb73 +MISC ChangeLog 336 SHA256 bd1c437e44227e39a97d6fc2167beb1d73e707412761e47da2324736d3879efe SHA512 7ff9acc4570ec40979db650ad898e14f38b5e1bee9fa91c3c41b4c279799d8cad8693f9aa04b46ff6bd917aa100d239d54c424d95c866c8613b06cc94c94440a WHIRLPOOL 32f1e6df3aeb3d5e1a74a908c5036b5d0ff77079b0c2b66aa6d31c35949d936f915d40bd7f914a1d4ab9c523b1a07949ef9874168c834d520d4fbd69dcc6bc61 +MISC metadata.xml 521 SHA256 4c80afc6b7cc533b3b4c6948928326dce797b7d328bd82b77cdb69056400440f SHA512 e15b382ddf7059ff9c82887d636522dcc993e580e715d4a822106ed27c7fdb75b32e96c8c32a34cbdbbef4ad0f9c49bfb7c7420ea97852fa82e7740c4044a689 WHIRLPOOL ae4aa7a4ca3d855ef9668b6b1cdbc48445d60db63da8558c8c06e08a86330724af27051286c53a796456c2635830563916673b347bd6615344929e8456c5f924 diff --git a/sys-apps/semodule-utils/metadata.xml b/sys-apps/semodule-utils/metadata.xml new file mode 100644 index 0000000000..35a209da7a --- /dev/null +++ b/sys-apps/semodule-utils/metadata.xml @@ -0,0 +1,15 @@ + + + + + selinux@gentoo.org + SELinux Team + + + semodule-utils are utilities to create and link SELinux policy module packages. + + + cpe:/a:redhat:policycoreutils + SELinuxProject/selinux + + diff --git a/sys-apps/semodule-utils/semodule-utils-2.7.ebuild b/sys-apps/semodule-utils/semodule-utils-2.7.ebuild new file mode 100644 index 0000000000..a0ef418401 --- /dev/null +++ b/sys-apps/semodule-utils/semodule-utils-2.7.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit toolchain-funcs + +MY_RELEASEDATE="20170804" +SEPOL_VER="${PV}" +SELNX_VER="${PV}" + +MY_P="${P//_/-}" +IUSE="" + +if [[ ${PV} == *9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + S="${WORKDIR}/${MY_P}/${PN}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" + KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + S="${WORKDIR}/${MY_P}" +fi + +DESCRIPTION="SELinux policy module utilities" +HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" + +LICENSE="GPL-2" +SLOT="0" + +DEPEND=">=sys-libs/libsepol-${SEPOL_VER}:=" + +RDEPEND="${DEPEND} + ! Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 22/42] sys-apps/semodule-utils: Enable building on arm64 Signed-off-by: Geoff Levand --- sys-apps/semodule-utils/semodule-utils-2.7.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys-apps/semodule-utils/semodule-utils-2.7.ebuild b/sys-apps/semodule-utils/semodule-utils-2.7.ebuild index a0ef418401..56d1b76695 100644 --- a/sys-apps/semodule-utils/semodule-utils-2.7.ebuild +++ b/sys-apps/semodule-utils/semodule-utils-2.7.ebuild @@ -18,7 +18,7 @@ if [[ ${PV} == *9999 ]] ; then S="${WORKDIR}/${MY_P}/${PN}" else SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" - KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + KEYWORDS="amd64 ~arm arm64 ~mips x86" S="${WORKDIR}/${MY_P}" fi From e76cb073fd246cf274b8ba6c4a8e1b94fc0c6b31 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 23/42] sys-apps/semodule-utils: Fix cross compile Signed-off-by: Geoff Levand --- sys-apps/semodule-utils/semodule-utils-2.7.ebuild | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sys-apps/semodule-utils/semodule-utils-2.7.ebuild b/sys-apps/semodule-utils/semodule-utils-2.7.ebuild index 56d1b76695..ba50e485c5 100644 --- a/sys-apps/semodule-utils/semodule-utils-2.7.ebuild +++ b/sys-apps/semodule-utils/semodule-utils-2.7.ebuild @@ -42,12 +42,12 @@ src_prepare() { src_compile() { emake \ CC="$(tc-getCC)" \ - LIBDIR="\$(PREFIX)/$(get_libdir)" + LIBDIR="${ROOT:-/}\$(PREFIX)/$(get_libdir)" } src_install() { emake DESTDIR="${D}" \ - LIBDIR="\$(PREFIX)/$(get_libdir)" \ - LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \ + LIBDIR="${ROOT:-/}\$(PREFIX)/$(get_libdir)" \ + LIBSEPOLA="${ROOT:-/}/usr/$(get_libdir)/libsepol.a" \ install } From fa2a62849848482408cc9e833c015425dc81b39e Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 24/42] sys-apps/checkpolicy: Import latest Signed-off-by: Geoff Levand --- sys-apps/checkpolicy/Manifest | 9 ++- ...y-2.4-r2.ebuild => checkpolicy-2.6.ebuild} | 31 +++++----- sys-apps/checkpolicy/checkpolicy-2.7.ebuild | 58 +++++++++++++++++++ sys-apps/checkpolicy/checkpolicy-9999.ebuild | 58 +++++++++++++++++++ sys-apps/checkpolicy/metadata.xml | 5 +- 5 files changed, 143 insertions(+), 18 deletions(-) rename sys-apps/checkpolicy/{checkpolicy-2.4-r2.ebuild => checkpolicy-2.6.ebuild} (54%) create mode 100644 sys-apps/checkpolicy/checkpolicy-2.7.ebuild create mode 100644 sys-apps/checkpolicy/checkpolicy-9999.ebuild diff --git a/sys-apps/checkpolicy/Manifest b/sys-apps/checkpolicy/Manifest index cd28827b4f..5ee4ab19f2 100644 --- a/sys-apps/checkpolicy/Manifest +++ b/sys-apps/checkpolicy/Manifest @@ -1 +1,8 @@ -DIST checkpolicy-2.4.tar.gz 65238 SHA256 9bbdac28a88de4c405c769730863f3adcd266adbfa45881a5de67e3a4895bcd4 SHA512 8c5c22d9510305e7f518d1a5818f5b36895210f48835d8d24a43b2d34e79881cebcc8cd588bb663c0613a4f878db125c22a4b4df3d0f63b8fb8f88350abc61cc WHIRLPOOL b717428b4411e526cc47ed2be88d7e7e4d48153404b90d50e510fd0cc10cc0452661d0b6b0cc200bb09ae1cc040ae59aae68a8c748611db3ca4cd262f8e8f932 +DIST checkpolicy-2.6.tar.gz 69748 SHA256 0bebd18688ca8027b1b3b4ff1532c0626f1fe49883ae6cb74d9d385940e74157 SHA512 1d8361a5735410909be7fe5a54740e0e1b6339d0fbad9965f3ae2902e7eaaec7531fec1dd73bb57b28ad933773778ab50b97db3d92aacf5fac3b63d1ed364b46 WHIRLPOOL ac5407796114f54b11fb96220dad47706a111d99ad072bfb29868fd4646106c647b33631fa4b6d250e3f01550f79e369a8de14523dab861d1c13e45c91041ac2 +DIST checkpolicy-2.7.tar.gz 65967 SHA256 5413479f1dcde866c19896b4dbfec315d822aa431606e1d03c944408984c3201 SHA512 fba8a4132f90c98f8222de563dc15aac1b739d3a6207779b6a4715d2813e7553081351c54f42371a1b704a1f5038d40821b61213c4ad53eb705823975858cf7f WHIRLPOOL 71ea60ebcfd2b46ab5c24bb2a5197af8382fe3aa7b38946976ea3dff33a08f809d8b366e58fa2ceca13bdea8c99e9f8b8e5a9b54125664a4cec5e27b6471c1fc +EBUILD checkpolicy-2.6.ebuild 1170 SHA256 7c79e0b42eb65d0d95ab5ad84f315094967ae7382698f506aec8273a71f277bf SHA512 756f3191add673f5ae35e27997f88584d026a663ef12c943f3bdc57a1c0679c18cf0f26300d0e568b8c2f707fd7e3001f5c79cbe6fcfda0f509cee200660cf84 WHIRLPOOL 3243ce95ea8d7addd19acb1f2806b1485e879f6e177150a54916b732df171bff4292469b7aa78dea06896fd1952fbddd38235e2b40804fb60f93470c473d57df +EBUILD checkpolicy-2.7.ebuild 1232 SHA256 c3d100f696a8c8fccf55e44a4913f3f258a757485eedbae4cf00f0635dcf1bf7 SHA512 b671810da7baedcd74e6456f53cdd63afdf73cbedab7d5f942023534d863aef4d536ff8e6acf370964352707a86c0b72bd3530601025aa27f96395b29ff3c1f8 WHIRLPOOL 2e0870813ef85177d63074de481aed7057eeb9dc80ccab5ac3741d6162d1ac4d0387cf8d93070f6e64f15fa04c8878fdf51998882e889192cee4b78d417975f1 +EBUILD checkpolicy-9999.ebuild 1234 SHA256 bc3b25305a19178a5889de57ed927a6f0f83890b2f95963a35253871f2463516 SHA512 182644845d4bca1d031ea6077dc55d5181ebf63ec3f89789a53f6d6b8cd6e53ef240bef1411cf9ac3ba6b9acea5e0ba8c4d568262eb29c67b9850883977b5ee6 WHIRLPOOL ace194b8498cb1d19a4a5231447a8c71e59647d17cdaffd7fcd547fd74c9f8afae715da98eb71bcca916bfb5629d20cbffafe2370a919e149410590149484dfe +MISC ChangeLog 4040 SHA256 9e48e3748991a4fe8d3bcf4cc2d82f02cae6af2cc39e3c2f0db13b453bcc37b5 SHA512 fd6d9d5a343f133d6936b8cb08c0136608bf2227147d75e0f20ce8fc389471fa5e6eae1393269f286c38608b79a3203190619220b65bd160f9504e9ac72b80d4 WHIRLPOOL eae6a4125c115fb6de043df36ef3c08a072eaeac08afbd9502081f86314e20af24d8de32dcaead203f98243f3c38d28a86a55983ec3ff8674c3c25188753c37a +MISC ChangeLog-2015 11441 SHA256 f12a3aab8bc77da0cc4b2fb84cd8a41e3824632157f4cf8133920c0c0bca4d9b SHA512 e408593bb24513ad663768838d5e9d2b3a7e918d63f161e6432e9d459cd463276f0662cfe0cfb667bb2160015282f0366e04627f13cececda35e0a80dd11e588 WHIRLPOOL 14356c428d724416dc500a4200feb8be3521923e9e6a0f8ee7f1032e52b683bd238450db432beae2880e57285cb6d792319f9f75fd343cfd4928412fac62d7b7 +MISC metadata.xml 308 SHA256 e18ad84d03bc0569121d1a2a228843f85913376e162435e979a1888ea9a976ff SHA512 e07f79eaa348cc35ebb4eac966f6b59ff87cde6c2b9694ac996da971c45aed834f34b8a9325b205fdfe590d7add0d46013cc551af166a9ca2ca59e0feffbc9bb WHIRLPOOL 9b2dc03d3db3f486141b4c49914fce11b3f31253a9f4b400e3bea315d70409fb9a882537c1667113499defa92868f30ec8e9a6533f99910fafcc3f7e194f1d2c diff --git a/sys-apps/checkpolicy/checkpolicy-2.4-r2.ebuild b/sys-apps/checkpolicy/checkpolicy-2.6.ebuild similarity index 54% rename from sys-apps/checkpolicy/checkpolicy-2.4-r2.ebuild rename to sys-apps/checkpolicy/checkpolicy-2.6.ebuild index 26152998d3..9f6ccc4d75 100644 --- a/sys-apps/checkpolicy/checkpolicy-2.4-r2.ebuild +++ b/sys-apps/checkpolicy/checkpolicy-2.6.ebuild @@ -1,23 +1,31 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2016 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/checkpolicy/checkpolicy-2.4.ebuild,v 1.3 2015/05/10 09:07:48 perfinion Exp $ -EAPI="5" +EAPI="6" -inherit toolchain-funcs eutils +inherit toolchain-funcs MY_P="${P//_/-}" +MY_RELEASEDATE="20161014" SEPOL_VER="${PV}" SEMNG_VER="${PV}" DESCRIPTION="SELinux policy compiler" HOMEPAGE="http://userspace.selinuxproject.org" -SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + S="${WORKDIR}/${MY_P}/${PN}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" + KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + S="${WORKDIR}/${MY_P}" +fi LICENSE="GPL-2" SLOT="0" -KEYWORDS="amd64 x86" IUSE="debug" DEPEND=">=sys-libs/libsepol-${SEPOL_VER} @@ -27,17 +35,8 @@ DEPEND=">=sys-libs/libsepol-${SEPOL_VER} RDEPEND=">=sys-libs/libsemanage-${SEMNG_VER}" -S="${WORKDIR}/${MY_P}" - -src_prepare() { - epatch_user -} - src_compile() { - emake CC="$(tc-getCC)" YACC="bison -y" \ - INCLUDEDIR="${ROOT}\$(PREFIX)/include" \ - LIBDIR="\$(PREFIX)/$(get_libdir)" \ - LDLIBS="${ROOT}\$(LIBDIR)/libsepol.a -lfl" + emake CC="$(tc-getCC)" YACC="bison -y" LIBDIR="\$(PREFIX)/$(get_libdir)" } src_install() { diff --git a/sys-apps/checkpolicy/checkpolicy-2.7.ebuild b/sys-apps/checkpolicy/checkpolicy-2.7.ebuild new file mode 100644 index 0000000000..812e63ad51 --- /dev/null +++ b/sys-apps/checkpolicy/checkpolicy-2.7.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit toolchain-funcs + +MY_P="${P//_/-}" +MY_RELEASEDATE="20170804" + +SEPOL_VER="${PV}" +SEMNG_VER="${PV}" + +DESCRIPTION="SELinux policy compiler" +HOMEPAGE="http://userspace.selinuxproject.org" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + S="${WORKDIR}/${MY_P}/${PN}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" + KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + S="${WORKDIR}/${MY_P}" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="debug" + +DEPEND=">=sys-libs/libsepol-${SEPOL_VER} + >=sys-libs/libsemanage-${SEMNG_VER} + sys-devel/flex + sys-devel/bison" + +RDEPEND=">=sys-libs/libsemanage-${SEMNG_VER}" + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + YACC="bison -y" \ + LIBDIR="\$(PREFIX)/$(get_libdir)" +} + +src_install() { + emake DESTDIR="${D}" \ + LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \ + install + + if use debug; then + dobin "${S}/test/dismod" + dobin "${S}/test/dispol" + fi +} + +pkg_postinst() { + einfo "This checkpolicy can compile version `checkpolicy -V |cut -f 1 -d ' '` policy." +} diff --git a/sys-apps/checkpolicy/checkpolicy-9999.ebuild b/sys-apps/checkpolicy/checkpolicy-9999.ebuild new file mode 100644 index 0000000000..a354cf27e2 --- /dev/null +++ b/sys-apps/checkpolicy/checkpolicy-9999.ebuild @@ -0,0 +1,58 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit toolchain-funcs + +MY_P="${P//_/-}" +MY_RELEASEDATE="20170804" + +SEPOL_VER="${PV}" +SEMNG_VER="${PV}" + +DESCRIPTION="SELinux policy compiler" +HOMEPAGE="http://userspace.selinuxproject.org" + +if [[ ${PV} == 9999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" + S="${WORKDIR}/${MY_P}/${PN}" +else + SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~mips ~x86" + S="${WORKDIR}/${MY_P}" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="debug" + +DEPEND=">=sys-libs/libsepol-${SEPOL_VER} + >=sys-libs/libsemanage-${SEMNG_VER} + sys-devel/flex + sys-devel/bison" + +RDEPEND=">=sys-libs/libsemanage-${SEMNG_VER}" + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + YACC="bison -y" \ + LIBDIR="\$(PREFIX)/$(get_libdir)" +} + +src_install() { + emake DESTDIR="${D}" \ + LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \ + install + + if use debug; then + dobin "${S}/test/dismod" + dobin "${S}/test/dispol" + fi +} + +pkg_postinst() { + einfo "This checkpolicy can compile version `checkpolicy -V |cut -f 1 -d ' '` policy." +} diff --git a/sys-apps/checkpolicy/metadata.xml b/sys-apps/checkpolicy/metadata.xml index 92f48e0172..b5ba8a9fac 100644 --- a/sys-apps/checkpolicy/metadata.xml +++ b/sys-apps/checkpolicy/metadata.xml @@ -1,6 +1,9 @@ - selinux + + selinux@gentoo.org + SELinux Team + SELinux policy compilier From 792721a7ea9ab837763b966c4ae03dcf07644c1e Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 25/42] sys-apps/checkpolicy: Fix cross compile Signed-off-by: Geoff Levand --- sys-apps/checkpolicy/checkpolicy-2.7.ebuild | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys-apps/checkpolicy/checkpolicy-2.7.ebuild b/sys-apps/checkpolicy/checkpolicy-2.7.ebuild index 812e63ad51..47cc602a4c 100644 --- a/sys-apps/checkpolicy/checkpolicy-2.7.ebuild +++ b/sys-apps/checkpolicy/checkpolicy-2.7.ebuild @@ -39,12 +39,13 @@ src_compile() { emake \ CC="$(tc-getCC)" \ YACC="bison -y" \ - LIBDIR="\$(PREFIX)/$(get_libdir)" + PREFIX="/usr" \ + LIBDIR="${ROOT:-/}\$(PREFIX)/$(get_libdir)" } src_install() { emake DESTDIR="${D}" \ - LIBSEPOLA="/usr/$(get_libdir)/libsepol.a" \ + LIBSEPOLA="${ROOT:-/}usr/$(get_libdir)/libsepol.a" \ install if use debug; then From 78f307d17e46d2c3b0f931d9c40e924ad9d36bc5 Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 26/42] sys-apps/checkpolicy: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- sys-apps/checkpolicy/checkpolicy-2.7.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys-apps/checkpolicy/checkpolicy-2.7.ebuild b/sys-apps/checkpolicy/checkpolicy-2.7.ebuild index 47cc602a4c..e239dd8582 100644 --- a/sys-apps/checkpolicy/checkpolicy-2.7.ebuild +++ b/sys-apps/checkpolicy/checkpolicy-2.7.ebuild @@ -20,7 +20,7 @@ if [[ ${PV} == 9999 ]] ; then S="${WORKDIR}/${MY_P}/${PN}" else SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz" - KEYWORDS="amd64 ~arm ~arm64 ~mips x86" + KEYWORDS="amd64 ~arm arm64 ~mips x86" S="${WORKDIR}/${MY_P}" fi From 81ccaedca2d79faa7c3adc9edb2375fe4d63fa09 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 27/42] eclass/coreos-sec-policy.eclass: New eclass Adds a new eclass coreos-sec-policy.eclass that handles the Container Linux build specifics. Signed-off-by: Geoff Levand --- eclass/coreos-sec-policy.eclass | 36 +++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 eclass/coreos-sec-policy.eclass diff --git a/eclass/coreos-sec-policy.eclass b/eclass/coreos-sec-policy.eclass new file mode 100644 index 0000000000..2fc978fdd0 --- /dev/null +++ b/eclass/coreos-sec-policy.eclass @@ -0,0 +1,36 @@ +# Copyright 2018 CoreOS, Inc. +# Distributed under the terms of the GNU General Public License v2 + +# @ECLASS: coreos-sec-policy.eclass +# @BLURB: Container Linux sec-policy ebuild routines. + +# When updating the sec-policy ebuilds BASEPOL needs to be updated to match +# the ${PVR} version string of the upstream selinux policy packages. +# BASEPOL must corespond to a published gentoo policy patchbundle. +export BASEPOL="2.20170805-r3" + +# Setting these variables allows the sec-policy makefiles to work with +# Container Linux. +export BINDIR="/usr/bin" +export SHAREDIR="${EROOT:-/}usr/share/selinux" + +# For build debugging. +export QUIET="n" + +# Avoid circular dependency selinux-base <-> selinux-base-policy. +if [[ "${CATEGORY}/${PN}" != "sec-policy/selinux-base" && + "${CATEGORY}/${PN}" != "sec-policy/selinux-base-policy" ]]; then + inherit selinux-policy-2 +fi + +coreos-sec-policy_pkg_postinst() { + debug-print-function ${FUNCNAME} "$@" + + # For board builds Container Linux installs policy modules to the OS + # image in the SDK build_image script. + [[ "${CBUILD}" == "${CHOST}" ]] || return + + selinux-policy-2_pkg_postinst +} + +EXPORT_FUNCTIONS pkg_postinst From 21a3aecaeab00bec09f76ad81211a7023366c6ee Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 28/42] eclass/selinux-policy-2: Use upstream version Delete this version and use the upstream portage-stable version. Local changes for Container Linux are handled by a new eclass coreos-sec-policy.eclass. Signed-off-by: Geoff Levand --- eclass/selinux-policy-2.eclass | 289 --------------------------------- 1 file changed, 289 deletions(-) delete mode 100644 eclass/selinux-policy-2.eclass diff --git a/eclass/selinux-policy-2.eclass b/eclass/selinux-policy-2.eclass deleted file mode 100644 index 8327c71399..0000000000 --- a/eclass/selinux-policy-2.eclass +++ /dev/null @@ -1,289 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/selinux-policy-2.eclass,v 1.32 2015/04/21 11:19:10 perfinion Exp $ - -# Eclass for installing SELinux policy, and optionally -# reloading the reference-policy based modules. - -# @ECLASS: selinux-policy-2.eclass -# @MAINTAINER: -# selinux@gentoo.org -# @BLURB: This eclass supports the deployment of the various SELinux modules in sec-policy -# @DESCRIPTION: -# The selinux-policy-2.eclass supports deployment of the various SELinux modules -# defined in the sec-policy category. It is responsible for extracting the -# specific bits necessary for single-module deployment (instead of full-blown -# policy rebuilds) and applying the necessary patches. -# -# Also, it supports for bundling patches to make the whole thing just a bit more -# manageable. - -# @ECLASS-VARIABLE: MODS -# @DESCRIPTION: -# This variable contains the (upstream) module name for the SELinux module. -# This name is only the module name, not the category! -: ${MODS:="_illegal"} - -# @ECLASS-VARIABLE: BASEPOL -# @DESCRIPTION: -# This variable contains the version string of the selinux-base-policy package -# that this module build depends on. It is used to patch with the appropriate -# patch bundle(s) that are part of selinux-base-policy. -: ${BASEPOL:=${PVR}} - -# @ECLASS-VARIABLE: POLICY_PATCH -# @DESCRIPTION: -# This variable contains the additional patch(es) that need to be applied on top -# of the patchset already contained within the BASEPOL variable. The variable -# can be both a simple string (space-separated) or a bash array. -: ${POLICY_PATCH:=""} - -# @ECLASS-VARIABLE: POLICY_FILES -# @DESCRIPTION: -# When defined, this contains the files (located in the ebuilds' files/ -# directory) which should be copied as policy module files into the store. -# Generally, users would want to include at least a .te and .fc file, but .if -# files are supported as well. The variable can be both a simple string -# (space-separated) or a bash array. -: ${POLICY_FILES:=""} - -# @ECLASS-VARIABLE: POLICY_TYPES -# @DESCRIPTION: -# This variable informs the eclass for which SELinux policies the module should -# be built. Currently, Gentoo supports targeted, strict, mcs and mls. -# This variable is the same POLICY_TYPES variable that we tell SELinux -# users to set in make.conf. Therefore, it is not the module that should -# override it, but the user. -: ${POLICY_TYPES:="targeted strict mcs mls"} - -# @ECLASS-VARIABLE: SELINUX_GIT_REPO -# @DESCRIPTION: -# When defined, this variable overrides the default repository URL as used by -# this eclass. It allows end users to point to a different policy repository -# using a single variable, rather than having to set the packagename_LIVE_REPO -# variable for each and every SELinux policy module package they want to install. -# The default value is Gentoo's hardened-refpolicy repository. -: ${SELINUX_GIT_REPO:="git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git"}; - -# @ECLASS-VARIABLE: SELINUX_GIT_BRANCH -# @DESCRIPTION: -# When defined, this variable sets the Git branch to use of the repository. This -# allows for users and developers to use a different branch for the entire set of -# SELinux policy packages, rather than having to override them one by one with the -# packagename_LIVE_BRANCH variable. -# The default value is the 'master' branch. -: ${SELINUX_GIT_BRANCH:="master"}; - -extra_eclass="" -case ${BASEPOL} in - 9999) extra_eclass="git-r3"; - EGIT_REPO_URI="${SELINUX_GIT_REPO}"; - EGIT_BRANCH="${SELINUX_GIT_BRANCH}"; - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy";; -esac - -inherit eutils ${extra_eclass} - -IUSE="" - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -if [[ -n ${BASEPOL} ]] && [[ "${BASEPOL}" != "9999" ]]; -then - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2" -elif [[ "${BASEPOL}" != "9999" ]]; -then - SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2" -else - SRC_URI="" -fi - -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" -PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2" - -# Modules should always depend on at least the first release of the -# selinux-base-policy for which they are generated. -if [[ -n ${BASEPOL} ]]; -then - RDEPEND=">=sys-apps/policycoreutils-2.0.82 - >=sec-policy/selinux-base-policy-${BASEPOL}" -else - RDEPEND=">=sys-apps/policycoreutils-2.0.82 - >=sec-policy/selinux-base-policy-${PV}" -fi -DEPEND="${RDEPEND} - sys-devel/m4 - >=sys-apps/checkpolicy-2.0.21" - -case "${EAPI:-0}" in - 0|1|2|3|4) die "EAPI<5 is not supported";; - *) : ;; -esac - -EXPORT_FUNCTIONS "src_unpack src_prepare src_compile src_install pkg_postrm" - -# @FUNCTION: selinux-policy-2_src_unpack -# @DESCRIPTION: -# Unpack the policy sources as offered by upstream (refpolicy). -selinux-policy-2_src_unpack() { - if [[ "${BASEPOL}" != "9999" ]]; - then - unpack ${A} - else - git-r3_src_unpack - fi -} - -# @FUNCTION: selinux-policy-2_src_prepare -# @DESCRIPTION: -# Patch the reference policy sources with our set of enhancements. Start with -# the base patchbundle referred to by the ebuilds through the BASEPOL variable, -# then apply the additional patches as offered by the ebuild. -# -# Next, extract only those files needed for this particular module (i.e. the .te -# and .fc files for the given module in the MODS variable). -# -# Finally, prepare the build environments for each of the supported SELinux -# types (such as targeted or strict), depending on the POLICY_TYPES variable -# content. -selinux-policy-2_src_prepare() { - local modfiles - local add_interfaces=0; - - # Create 3rd_party location for user-contributed policies - cd "${S}/refpolicy/policy/modules" && mkdir 3rd_party; - - # Patch the sources with the base patchbundle - if [[ -n ${BASEPOL} ]] && [[ "${BASEPOL}" != "9999" ]]; - then - cd "${S}" - EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ - EPATCH_SUFFIX="patch" \ - EPATCH_SOURCE="${WORKDIR}" \ - EPATCH_FORCE="yes" \ - epatch - fi - - # Call in epatch_user. We do this early on as we start moving - # files left and right hereafter. - epatch_user - - # Copy additional files to the 3rd_party/ location - if [[ "$(declare -p POLICY_FILES 2>/dev/null 2>&1)" == "declare -a"* ]] || - [[ -n ${POLICY_FILES} ]]; - then - add_interfaces=1; - cd "${S}/refpolicy/policy/modules" - for POLFILE in ${POLICY_FILES[@]}; - do - cp "${FILESDIR}/${POLFILE}" 3rd_party/ || die "Could not copy ${POLFILE} to 3rd_party/ location"; - done - fi - - # Apply the additional patches refered to by the module ebuild. - # But first some magic to differentiate between bash arrays and strings - if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]] || - [[ -n ${POLICY_PATCH} ]]; - then - cd "${S}/refpolicy/policy/modules" - for POLPATCH in ${POLICY_PATCH[@]}; - do - epatch "${POLPATCH}" - done - fi - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" - if [ ${add_interfaces} -eq 1 ]; - then - modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.if) $modfiles" - fi - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -# @FUNCTION: selinux-policy-2_src_compile -# @DESCRIPTION: -# Build the SELinux policy module (.pp file) for just the selected module, and -# this for each SELinux policy mentioned in POLICY_TYPES -selinux-policy-2_src_compile() { - local makeuse="" - for useflag in ${IUSE}; - do - use ${useflag} && makeuse="${makeuse} -D use_${useflag}" - done - - for i in ${POLICY_TYPES}; do - # Support USE flags in builds - export M4PARAM="${makeuse}" - if [[ ${BASEPOL} == 2.20140311* ]]; then - # Parallel builds are broken in 2.20140311-r7 and earlier, bug 530178 - emake -j1 NAME=$i SHAREDIR="${ROOT}/usr/share/selinux" -C "${S}"/${i} || die "${i} compile failed" - else - emake NAME=$i SHAREDIR="${ROOT}/usr/share/selinux" -C "${S}"/${i} || die "${i} compile failed" - fi - done -} - -# @FUNCTION: selinux-policy-2_src_install -# @DESCRIPTION: -# Install the built .pp files in the correct subdirectory within -# /usr/share/selinux. -selinux-policy-2_src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" - - if [[ "${POLICY_FILES[@]}" == *"${j}.if"* ]]; - then - insinto ${BASEDIR}/${i}/include/3rd_party - doins "${S}"/${i}/${j}.if || die "Failed to add ${j}.if to ${i}" - fi - done - done -} - -# @FUNCTION: selinux-policy-2_pkg_postrm -# @DESCRIPTION: -# Uninstall the module(s) from the SELinux policy stores, effectively -# deactivating the policy on the system. -selinux-policy-2_pkg_postrm() { - # Only if we are not upgrading - if [[ -z "${REPLACED_BY_VERSION}" ]]; - then - # build up the command in the case of multiple modules - local COMMAND - for i in ${MODS}; do - COMMAND="-r ${i} ${COMMAND}" - done - - for i in ${POLICY_TYPES}; do - einfo "Removing the following modules from the $i module store: ${MODS}" - - semodule -s ${i} ${COMMAND} - if [ $? -ne 0 ]; - then - ewarn "SELinux module unload failed."; - else - einfo "SELinux modules unloaded succesfully." - fi - done - fi -} - From a32d5109fef70570fe816fcf92d2cfa2c02eae71 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 29/42] sec-policy/selinux-base: Import latest Signed-off-by: Geoff Levand --- sec-policy/selinux-base/ChangeLog | 352 ------------------ sec-policy/selinux-base/Manifest | 22 +- sec-policy/selinux-base/files/booleans | 1 - sec-policy/selinux-base/files/config | 2 +- sec-policy/selinux-base/files/kernel_mcs.diff | 13 - sec-policy/selinux-base/files/lxc_contexts | 4 - sec-policy/selinux-base/files/mcs_create.diff | 21 -- .../selinux-base/files/mcs_range_target.diff | 9 - sec-policy/selinux-base/files/selinux.conf | 4 + .../files/tmpfiles.d/selinux-base.conf | 3 - sec-policy/selinux-base/metadata.xml | 13 +- ...uild => selinux-base-2.20170204-r1.ebuild} | 109 ++---- .../selinux-base-2.20170204-r2.ebuild | 161 ++++++++ .../selinux-base-2.20170204-r3.ebuild | 161 ++++++++ .../selinux-base-2.20170204-r4.ebuild | 161 ++++++++ .../selinux-base-2.20170805-r2.ebuild | 161 ++++++++ .../selinux-base-2.20170805-r3.ebuild | 161 ++++++++ .../selinux-base-2.20170805-r4.ebuild | 161 ++++++++ .../selinux-base/selinux-base-9999.ebuild | 92 ++--- 19 files changed, 1080 insertions(+), 531 deletions(-) delete mode 100644 sec-policy/selinux-base/ChangeLog delete mode 100644 sec-policy/selinux-base/files/booleans delete mode 100644 sec-policy/selinux-base/files/kernel_mcs.diff delete mode 100644 sec-policy/selinux-base/files/lxc_contexts delete mode 100644 sec-policy/selinux-base/files/mcs_create.diff delete mode 100644 sec-policy/selinux-base/files/mcs_range_target.diff create mode 100644 sec-policy/selinux-base/files/selinux.conf delete mode 100644 sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf rename sec-policy/selinux-base/{selinux-base-2.20141203-r14.ebuild => selinux-base-2.20170204-r1.ebuild} (56%) create mode 100644 sec-policy/selinux-base/selinux-base-2.20170204-r2.ebuild create mode 100644 sec-policy/selinux-base/selinux-base-2.20170204-r3.ebuild create mode 100644 sec-policy/selinux-base/selinux-base-2.20170204-r4.ebuild create mode 100644 sec-policy/selinux-base/selinux-base-2.20170805-r2.ebuild create mode 100644 sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild create mode 100644 sec-policy/selinux-base/selinux-base-2.20170805-r4.ebuild diff --git a/sec-policy/selinux-base/ChangeLog b/sec-policy/selinux-base/ChangeLog deleted file mode 100644 index 227af8757c..0000000000 --- a/sec-policy/selinux-base/ChangeLog +++ /dev/null @@ -1,352 +0,0 @@ -# ChangeLog for sec-policy/selinux-base -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/ChangeLog,v 1.73 2015/06/05 16:10:26 perfinion Exp $ - - 05 Jun 2015; Jason Zaman - selinux-base-2.20141203-r5.ebuild: - Stabilize policy 2.20141203-r5 - -*selinux-base-2.20141203-r6 (05 Jun 2015) - - 05 Jun 2015; Jason Zaman - +selinux-base-2.20141203-r6.ebuild: - Release of 2.20141203-r6 - - 25 Apr 2015; Mike Gilbert - selinux-base-2.20140311-r5.ebuild, selinux-base-2.20140311-r6.ebuild, - selinux-base-2.20140311-r7.ebuild, selinux-base-2.20141203-r1.ebuild, - selinux-base-2.20141203-r2.ebuild, selinux-base-2.20141203-r3.ebuild, - selinux-base-2.20141203-r4.ebuild, selinux-base-2.20141203-r5.ebuild: - Replace links pointing at git.overlays.gentoo.org. - - 21 Apr 2015; Jason Zaman selinux-base-9999.ebuild: - update git urls and migrate git-2 -> git-r3 - - 15 Apr 2015; Jason Zaman - selinux-base-2.20141203-r4.ebuild: - Stabilize policy 2.20141203-r4 - -*selinux-base-2.20141203-r5 (15 Apr 2015) - - 15 Apr 2015; Jason Zaman - +selinux-base-2.20141203-r5.ebuild: - Release of 2.20141203-r5 - - 22 Mar 2015; Sven Vermeulen - selinux-base-2.20141203-r3.ebuild: - Stabilize 2.20141203-r3 policies - -*selinux-base-2.20141203-r4 (22 Mar 2015) - - 22 Mar 2015; Sven Vermeulen - +selinux-base-2.20141203-r4.ebuild, selinux-base-9999.ebuild: - Release of 2.20141203-r4 - -*selinux-base-2.20141203-r3 (29 Jan 2015) - - 29 Jan 2015; Jason Zaman - +selinux-base-2.20141203-r3.ebuild, selinux-base-2.20141203-r2.ebuild: - Release of 2.20141203-r3, stable 2.20141203-r2 - - 21 Dec 2014; Sven Vermeulen - -selinux-base-2.20140311-r1.ebuild, -selinux-base-2.20140311-r2.ebuild, - -selinux-base-2.20140311-r3.ebuild, -selinux-base-2.20140311-r4.ebuild: - Remove old ebuilds - - 21 Dec 2014; Sven Vermeulen - selinux-base-2.20141203-r1.ebuild: - Stabilize 2.20141203-r1 - -*selinux-base-2.20141203-r2 (21 Dec 2014) - - 21 Dec 2014; Sven Vermeulen - +selinux-base-2.20141203-r2.ebuild: - Release of 2.20141203-r2 - - 07 Dec 2014; Jason Zaman - selinux-base-2.20140311-r7.ebuild, selinux-base-9999.ebuild: - Stabilize 2.20140311-r7 - -*selinux-base-2.20141203-r1 (07 Dec 2014) - - 07 Dec 2014; Jason Zaman - +selinux-base-2.20141203-r1.ebuild: - Release of 2.20141203-r1 - - 07 Dec 2014; Jason Zaman selinux-base-9999.ebuild: - update SRC_URI - - 07 Dec 2014; Sven Vermeulen selinux-base-9999.ebuild: - Clean up sed commands that are no longer needed (bug 257111 is fixed upstream) - - 05 Dec 2014; Jason Zaman selinux-base-9999.ebuild: - enable parallel build, bug 530178 - - 01 Nov 2014; Sven Vermeulen - selinux-base-2.20140311-r6.ebuild: - Stabilize rev 6 - -*selinux-base-2.20140311-r7 (01 Nov 2014) - - 01 Nov 2014; Sven Vermeulen - +selinux-base-2.20140311-r7.ebuild: - Bump revision r7 of SELinux policies - - 01 Nov 2014; Sven Vermeulen selinux-base-9999.ebuild: - Add KEYWORDS logic in -9999 ebuilds for ease of copying - - 24 Aug 2014; Sven Vermeulen selinux-base-9999.ebuild: - Back to gogo infrastructure - - 23 Aug 2014; Sven Vermeulen selinux-base-9999.ebuild: - Temporarily use github until gogo is back on track - - 22 Aug 2014; Sven Vermeulen - selinux-base-2.20140311-r5.ebuild: - Stabilize r5 policies - -*selinux-base-2.20140311-r6 (21 Aug 2014) - - 21 Aug 2014; Sven Vermeulen - +selinux-base-2.20140311-r6.ebuild: - Release of 2.20140311-r6 - -*selinux-base-2.20140311-r5 (09 Aug 2014) - - 09 Aug 2014; Sven Vermeulen - +selinux-base-2.20140311-r5.ebuild: - Bump towards r5 (fixes duplicate context for hiawatha) - - 08 Aug 2014; Sven Vermeulen selinux-base-9999.ebuild: - Make 9999 ebuilds EAPI=5 and transform to make master for version bumps - - 06 Aug 2014; Sven Vermeulen selinux-base-9999.ebuild: - Supporting the SELINUX_GIT_* variables - - 05 Aug 2014; Sven Vermeulen - -selinux-base-2.20130424-r1.ebuild, -selinux-base-2.20130424-r2.ebuild, - -selinux-base-2.20130424-r3.ebuild, -selinux-base-2.20130424-r4.ebuild: - Remove obsolete ebuilds - -*selinux-base-2.20140311-r4 (01 Aug 2014) - - 01 Aug 2014; Sven Vermeulen - +selinux-base-2.20140311-r4.ebuild, selinux-base-2.20140311-r3.ebuild: - Stabilization of r3, and make r4 available for testing - - 29 May 2014; Sven Vermeulen - selinux-base-2.20140311-r2.ebuild: - Stabilize 2.20140311-r2 - -*selinux-base-2.20140311-r3 (29 May 2014) - - 29 May 2014; Sven Vermeulen - +selinux-base-2.20140311-r3.ebuild: - Bump to 2.20140311-r3 - - 19 Apr 2014; Sven Vermeulen - selinux-base-2.20140311-r1.ebuild: - Stabilize r1 policies - -*selinux-base-2.20140311-r2 (19 Apr 2014) - - 19 Apr 2014; Sven Vermeulen - +selinux-base-2.20140311-r2.ebuild: - Release of 2.20140311-r2 - - 24 Mar 2014; Sven Vermeulen - -selinux-base-2.20120725-r5.ebuild, -selinux-base-2.20120725-r7.ebuild, - -selinux-base-2.20120725-r8.ebuild, -selinux-base-2.20120725-r9.ebuild, - -selinux-base-2.20120725-r10.ebuild, -selinux-base-2.20120725-r11.ebuild, - -selinux-base-2.20120725-r12.ebuild: - Removing older SELinux policies - -*selinux-base-2.20140311-r1 (21 Mar 2014) - - 21 Mar 2014; Sven Vermeulen - +selinux-base-2.20140311-r1.ebuild: - New upstream refpolicy release - - 12 Jan 2014; Sven Vermeulen - selinux-base-2.20130424-r4.ebuild: - Stabilize 2.20130424-r4 - -*selinux-base-2.20130424-r4 (11 Dec 2013) - - 11 Dec 2013; Sven Vermeulen - +selinux-base-2.20130424-r4.ebuild: - Release of 2.20130424-r4 - -*selinux-base-2.20130424-r3 (26 Sep 2013) - - 26 Sep 2013; Sven Vermeulen - +selinux-base-2.20130424-r3.ebuild: - Release 2.20130424-r3, fixing bugs #480628, #482196, #475432, #485304, #480870 - and #428322 - - 15 Aug 2013; Sven Vermeulen selinux-base-9999.ebuild: - Clean up generated cruft before building base policy - see bug 480628 - - 15 Aug 2013; Sven Vermeulen - selinux-base-2.20130424-r2.ebuild: - Stabilize r2 of policies - -*selinux-base-2.20130424-r2 (20 Jul 2013) - - 20 Jul 2013; Sven Vermeulen - +selinux-base-2.20130424-r2.ebuild: - Pushing out rev 2 - - 16 Jun 2013; Sven Vermeulen - selinux-base-2.20130424-r1.ebuild: - Stabilize 20130424 policies - - 07 May 2013; Sven Vermeulen - selinux-base-2.20130424-r1.ebuild, selinux-base-9999.ebuild: - Add in support for epatch_user (to support interface patching) - -*selinux-base-2.20130424-r1 (06 May 2013) - - 06 May 2013; Sven Vermeulen - +selinux-base-2.20130424-r1.ebuild: - Adding 20130424 release - - 11 Apr 2013; Sven Vermeulen - selinux-base-2.20120725-r12.ebuild, selinux-base-9999.ebuild: - Add in support for manual pages - - 29 Mar 2013; Sven Vermeulen - selinux-base-2.20120725-r12.ebuild: - Stabilize r12, fixes 455080, 453724, 461880, 453722, 452166, 458876, 457618, - 456910, 456194, 453990 and 460152 - -*selinux-base-2.20120725-r12 (09 Mar 2013) - - 09 Mar 2013; Sven Vermeulen - +selinux-base-2.20120725-r12.ebuild, selinux-base-9999.ebuild: - Pushing out rev 12 - - 23 Feb 2013; Sven Vermeulen - selinux-base-2.20120725-r11.ebuild: - Stabilization - -*selinux-base-2.20120725-r11 (26 Jan 2013) - - 26 Jan 2013; Sven Vermeulen - +selinux-base-2.20120725-r11.ebuild: - Bumping selinux-base to revision 11 - - 16 Jan 2013; Sven Vermeulen - selinux-base-2.20120725-r10.ebuild: - Stabilizing - -*selinux-base-2.20120725-r10 (16 Jan 2013) - - 16 Jan 2013; Sven Vermeulen - +selinux-base-2.20120725-r10.ebuild: - Bumping with fix for #451128 - - 13 Jan 2013; Sven Vermeulen - selinux-base-2.20120725-r9.ebuild: - Stabilizing r9 - - 30 Dec 2012; Samuli Suominen - selinux-base-2.20120725-r9.ebuild: - Use virtual/udev instead of sys-fs/udev; regression introduced by swift@g.o - 21 Dec 2012 by not using up-to-date ebuild from gentoo-x86 for revision - bumping. - -*selinux-base-2.20120725-r9 (21 Dec 2012) - - 21 Dec 2012; Sven Vermeulen +selinux-base-2.20120725-r9.ebuild: - Bumping to revision 9 - - 17 Dec 2012; Sven Vermeulen -selinux-base-2.20120215-r13.ebuild, - -selinux-base-2.20120215-r14.ebuild, -selinux-base-2.20120215-r15.ebuild, - -selinux-base-2.20120215-r6.ebuild, -selinux-base-2.20120215-r7.ebuild, - -selinux-base-2.20120215-r8.ebuild, -selinux-base-2.20120215-r9.ebuild: - Removing older ebuilds - - 13 Dec 2012; Sven Vermeulen selinux-base-2.20120725-r8.ebuild: - Stabilization - - 11 Dec 2012; Samuli Suominen - selinux-base-2.20120215-r6.ebuild, selinux-base-2.20120215-r7.ebuild, - selinux-base-2.20120215-r8.ebuild, selinux-base-2.20120215-r9.ebuild, - selinux-base-2.20120215-r13.ebuild, selinux-base-2.20120215-r14.ebuild, - selinux-base-2.20120215-r15.ebuild, selinux-base-2.20120725-r5.ebuild, - selinux-base-2.20120725-r7.ebuild, selinux-base-2.20120725-r8.ebuild, - selinux-base-9999.ebuild: - Use virtual/udev instead of sys-fs/udev. - - 04 Dec 2012; Sven Vermeulen selinux-base-9999.ebuild, metadata.xml: - Add in support for unconfined USE flag and fix #445978 - -*selinux-base-2.20120725-r8 (03 Dec 2012) - - 03 Dec 2012; Sven Vermeulen +selinux-base-2.20120725-r8.ebuild: - Bumping to revision 8 - -*selinux-base-2.20120725-r7 (18 Nov 2012) - - 18 Nov 2012; Sven Vermeulen +selinux-base-2.20120725-r7.ebuild: - Pushing out rev 7 - -*selinux-base-9999 (13 Oct 2012) - - 13 Oct 2012; Sven Vermeulen +selinux-base-9999.ebuild: - Adding live ebuild - - 04 Oct 2012; Sven Vermeulen selinux-base-2.20120725-r5.ebuild: - Stabilization - -*selinux-base-2.20120725-r5 (21 Sep 2012) - - 21 Sep 2012; Sven Vermeulen +selinux-base-2.20120725-r5.ebuild: - Introducing policy for 2.20120725, rev5 - - 30 Jul 2012; Sven Vermeulen selinux-base-2.20120215-r14.ebuild: - Stabilization of revision 14 of the SELinux policy modules - -*selinux-base-2.20120215-r15 (26 Jul 2012) - - 26 Jul 2012; Sven Vermeulen +selinux-base-2.20120215-r15.ebuild: - Bump to rev15 - -*selinux-base-2.20120215-r14 (16 Jul 2012) - - 16 Jul 2012; Sven Vermeulen +selinux-base-2.20120215-r14.ebuild: - Bumping to rev14 - -*selinux-base-2.20120215-r13 (27 Jun 2012) - - 27 Jun 2012; Sven Vermeulen +selinux-base-2.20120215-r13.ebuild: - Bump to revision 13 - -*selinux-base-2.20120215-r9 (20 May 2012) - - 20 May 2012; Sven Vermeulen +selinux-base-2.20120215-r9.ebuild: - Bumping to rev 9 - - 29 Apr 2012; Sven Vermeulen selinux-base-2.20120215-r7.ebuild: - Stabilizing rev7 - -*selinux-base-2.20120215-r8 (26 Apr 2012) - - 26 Apr 2012; Sven Vermeulen +selinux-base-2.20120215-r8.ebuild: - Bump to rev8, fix #411719, #411149 and #411943 - -*selinux-base-2.20120215-r7 (22 Apr 2012) - - 22 Apr 2012; Sven Vermeulen +selinux-base-2.20120215-r7.ebuild: - Bumping to rev 7, fixing bugs #401595, #411193 and #403293 - - 31 Mar 2012; Sven Vermeulen +selinux-base-2.20120215-r6.ebuild, - +files/config, +metadata.xml: - Bumping to 2.20120215 policies - -*selinux-base-2.20120215-r6 (31 Mar 2012) - - 31 Mar 2012; Sven Vermeulen +selinux-base-2.20120215-r6.ebuild, - +files/config, +metadata.xml: - Initial base policy package (without additional modules) diff --git a/sec-policy/selinux-base/Manifest b/sec-policy/selinux-base/Manifest index 8c79c9abb3..0a7b3160b0 100644 --- a/sec-policy/selinux-base/Manifest +++ b/sec-policy/selinux-base/Manifest @@ -1,2 +1,20 @@ -DIST patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 299602 SHA256 e8518004942a6c57170a609683e22b1410c93a2a195829c41dc8fbc703d941b5 SHA512 ce6484fbca1d2d074e50d1a3953392bd3ce0a4617df98fbac37747b469b4f160a9331586dfe1c3ddccb1ccbee24876a2f05ab49e37c8492a48baf83c2d01d140 WHIRLPOOL 1fd7b956e98e95a64c3a713a944d4531259bd156a7feabf6a89c4b5f33ac846377730eede97889e85183be086f282ebd18e860214f6ca3f01b40f2323470ee04 -DIST refpolicy-2.20141203.tar.bz2 680243 SHA256 f438209c430d8a2d4ddcbe4bdd3edb46f6af7dc4913637af0b73c635e40c1522 SHA512 682e4280c5799e4c12ec7594afc1389f67be35055748d2e0dbdc3419159a16c96d4946ca6178daee8370515951f8653b2e452efe8c962b8d7f9bc192f0b15a0c WHIRLPOOL 74bca232534e7af9051bb1ab9f77c1ff6c425781cf4561f781d6e9a40cc5ca0d9add540249ea5493e8782a9372aea296ead6c165c6c440ae1509eb319d151ee5 +AUX config 631 BLAKE2B 7c7c5ad7e2349cf8dd6877bba7947f256b6bdee492ef76a44ac378eafb9203c0d7ad6f188a762c61b80672a56dca65767567cd68c998aa67d58a9579e5c0cae6 SHA512 f3c4fece54e5786de94fc97c8e7678f9901c6963828d28b020c423458ac258480191f216522fed7658e7ad1c94fd25557efc524a4b75ec8837116c6a14c2328a +AUX selinux.conf 119 BLAKE2B c877aec601cfc066b42493a3b45e179834d30b7f0eb34b625f3758795c2fd2e58744cf539fdb5b06c002365fb264bdf6e953c1f6e30c7b2d310e22206ea5a37f SHA512 a057f84388b2b494b5e7623b076450c1856687c50a4ccb5aa22215748461786a0c71fdd9f76e9ed8639bcd3040006fb010aa5497192d6c0cab432a1b9c028b3b +DIST patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 327838 BLAKE2B 8b8f6241636c0aaa472df3b4ad035d3f6ed8bafa25f9d5b2106f41e6e9e589cd3105f91fbcb9a5972998b6deda3eaf034755bcb13b57cd51957b473a60dfcbfe SHA512 727dd11bc5a777388199fb1da67add940a6051cca874456cdc4bb65f567216481e70b92fcf37ac59cc48d907fbe87b67e97c3813c4c97d5f31b7c66b7246f166 +DIST patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 354083 BLAKE2B 9296ea072f27774e7e6b055be9c24ba5717a1502cb2b20f57768231d2fdc267cc2e340ff9e301e072a199e80434f5f5caeed6151ea424b52380665a9927c23d6 SHA512 ac907590cefdc69638fce25de481d3dce625f0f1511e0fa3d0bcc78b2a18c57c0bea392c225d314645b1aec5abbcedf67bfc50b66be8580447bbcac7223ea66d +DIST patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 342266 BLAKE2B 4b4fb4d495f9507152ef05815273bc3d09927f9cdb3e63aa6050a620a061c133519b503dc6dbdb658c04a81a0917a7a4872668ee3fef8c2a049e0006e1c103de SHA512 df46b785a17c633d6fcd063b48258a362a0df13fcb71fb699b6c19281f4d647db43639e08e083157fcd49405c5c38c8408534decff99536d28ada64e9192d130 +DIST patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 373731 BLAKE2B cb291e14e181c68d95c77dc07185ba6d186d4a7f2bf163cbe32670d54cdf29e32ecfac49d449d8631df7df67992499e2bec6b39f6096f4d9e9394a87f2b24654 SHA512 93a0644440064d85db32c56a381478f8ef94824a04531e6fbad26dd79be02dacd939b804759db35d0627908ff653f8107e18c48858df458c80ae785d80374667 +DIST patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 314854 BLAKE2B 483d04f364195eb8627153647118eb23812a610db63a40d50819b42c19fc20ffd0a36cd5c1959a764eab2109bd2e5317f74fd3a5cc1c7ddd17d8c85be05579a5 SHA512 1358db158945b82e0e41907e3919a6888564b4f15ad765f0fe2dc7bf284485c18d11c5502d598268e33b2163a6fa0be2a4029a8e9f774abfd4377031ee9afd32 +DIST patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 324834 BLAKE2B ecc3b0425987aa648b3dd52977a6e1fd987e605fe302c3b6d8742d3eac9a1c89697de1f97331e9863b132bb95814ae7577e161a024cdda297fb84458aa9417fd SHA512 62ec2e70397d06d464e95305a4c0699cc07063d879d986a74442955fb8076a00cbe4a4f7a3cda46876cbf2ad38189be06f0c05ce9698aadafa6e9f02a8daf668 +DIST patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 689641 BLAKE2B 1accfbecd4825a6cdb8c3c189c9e23898d1dbe8415d2fe26a842782dec634958f01861916a3c040740359562984718b61cee7af7d9395b125590931110e67eff SHA512 2067b090cd054e47d6496c9513d69a7a37a72de8dc873159a8055e27fe2380dc73006354d790c455ae893645f956c6be6d6ad2d30be7428ff8a442604a0c5400 +DIST refpolicy-2.20170204.tar.bz2 709965 BLAKE2B 7fb10d6054d74204f8c7d6d8ee88603f37b6600ed4a03e937a3a233ea7a80feef6ab90ba01af8d444fa79b266456260b14af3be0ad6a311baff6e3408af7d1ba SHA512 30deabb02a5bde51c463e3e89988d850cff51596c2e72733a064245dec152ea46317eea79550dbe82a7a0d327ec0bcfbd9474ff8a902507392df0da00df6397f +DIST refpolicy-2.20170805.tar.bz2 740430 BLAKE2B 0597f51fceb5ca88b3506aa16cbd2d7f3df3a1d9c6afdf4cc5fc7eca25fa19c5810889f90ed1ee0abef401d41384558abb69f6638caf50341f71d075fa99e561 SHA512 dbb6809b028ae75296ad26d5997cc21d835c49555a0e37957cb39b36b144af6e817320073a29247448eba1876ab9e29d3956ff4456f1542b66ba38af459ec586 +EBUILD selinux-base-2.20170204-r1.ebuild 4284 BLAKE2B ee5f7e898a6226019ce0257768151b41e3fa1c0ad38e01c5ebda9331ce92fcef503fcb893b04f17f8725fee715fee9840a049dd8b3c311e3817983b00174b640 SHA512 a33229c688249f633db2a8279a236d141b8c3958381c180bf2072982773dbb02750f108df855afd4e1ec04eca660ae2d42f492b57cd3ff01e60bfabaaefe331b +EBUILD selinux-base-2.20170204-r2.ebuild 4282 BLAKE2B 123b7baf0cd584e3b305fef94e2a15cd1aa03acf966739051bea816f8fc71bbe2c0d94b092aa2f6cd987e97c74a5d6e6cd5cdbfe302a912644da1d58496633b2 SHA512 afb5b7d59305173fef1a5e44d8bd67d97bb0c9f3c2546f9dfc33c63fdeb48dd97468c8c7f3ec7c8eab458c490298199e306bfa327034a21983dd03e6d78bfce1 +EBUILD selinux-base-2.20170204-r3.ebuild 4282 BLAKE2B 123b7baf0cd584e3b305fef94e2a15cd1aa03acf966739051bea816f8fc71bbe2c0d94b092aa2f6cd987e97c74a5d6e6cd5cdbfe302a912644da1d58496633b2 SHA512 afb5b7d59305173fef1a5e44d8bd67d97bb0c9f3c2546f9dfc33c63fdeb48dd97468c8c7f3ec7c8eab458c490298199e306bfa327034a21983dd03e6d78bfce1 +EBUILD selinux-base-2.20170204-r4.ebuild 4282 BLAKE2B 123b7baf0cd584e3b305fef94e2a15cd1aa03acf966739051bea816f8fc71bbe2c0d94b092aa2f6cd987e97c74a5d6e6cd5cdbfe302a912644da1d58496633b2 SHA512 afb5b7d59305173fef1a5e44d8bd67d97bb0c9f3c2546f9dfc33c63fdeb48dd97468c8c7f3ec7c8eab458c490298199e306bfa327034a21983dd03e6d78bfce1 +EBUILD selinux-base-2.20170805-r2.ebuild 4229 BLAKE2B ab5d46cc5ce4a811959d57217ea52eefb2fd1ae84aea395c5192905b95a2c2cca719b7f33a4a47d6ca1f78d32c7715c21eecc5b74d76a4cdbc064a0ece34fc20 SHA512 d3bd2b7e545472924817350746d5fcc086982f20ba0108caa49486d9673debff82be89cefc7fc61584f621a50259c3bc7a0432bba1d7778c958f942193e87dc2 +EBUILD selinux-base-2.20170805-r3.ebuild 4229 BLAKE2B ab5d46cc5ce4a811959d57217ea52eefb2fd1ae84aea395c5192905b95a2c2cca719b7f33a4a47d6ca1f78d32c7715c21eecc5b74d76a4cdbc064a0ece34fc20 SHA512 d3bd2b7e545472924817350746d5fcc086982f20ba0108caa49486d9673debff82be89cefc7fc61584f621a50259c3bc7a0432bba1d7778c958f942193e87dc2 +EBUILD selinux-base-2.20170805-r4.ebuild 4231 BLAKE2B b35811a2a3e1cc9e8c187cb8d16cda060abd82f5c9c2be4364769307b6edde34fb963eb1b23c870d0efee16fd8da0d168931e7f7ea5adaa0bb2dfa13c861fcb7 SHA512 95efa50852b58394c254efea11aec254bf211c01bc1187c9d34131869adf90540650aa9eb43994020c37677547a51a100ae083d04386e6fc23e46f33c4cccfe7 +EBUILD selinux-base-9999.ebuild 4231 BLAKE2B b35811a2a3e1cc9e8c187cb8d16cda060abd82f5c9c2be4364769307b6edde34fb963eb1b23c870d0efee16fd8da0d168931e7f7ea5adaa0bb2dfa13c861fcb7 SHA512 95efa50852b58394c254efea11aec254bf211c01bc1187c9d34131869adf90540650aa9eb43994020c37677547a51a100ae083d04386e6fc23e46f33c4cccfe7 +MISC metadata.xml 839 BLAKE2B 797f551065b80455c9538f115d680016954b7fc05cd5232ca09b86d83163c81e9ed868ea6b9be08d3c1284dcfd3527e88660befb747a631f4d2292331410cb52 SHA512 330017a98a3f9f4e6d6004955eb939c8d9c1c92fe6d091f78cdd7d2f6a02838c67a8a3268f38dad7df27f909ff51dc295d5de748f9767a257b5dad36c74d921a diff --git a/sec-policy/selinux-base/files/booleans b/sec-policy/selinux-base/files/booleans deleted file mode 100644 index c12771d473..0000000000 --- a/sec-policy/selinux-base/files/booleans +++ /dev/null @@ -1 +0,0 @@ -allow_execmem = true \ No newline at end of file diff --git a/sec-policy/selinux-base/files/config b/sec-policy/selinux-base/files/config index 7b66367667..55933ea0e5 100644 --- a/sec-policy/selinux-base/files/config +++ b/sec-policy/selinux-base/files/config @@ -12,4 +12,4 @@ SELINUX=permissive # mls - Full SELinux protection with Multi-Level Security # mcs - Full SELinux protection with Multi-Category Security # (mls, but only one sensitivity level) -SELINUXTYPE=mcs +SELINUXTYPE=strict diff --git a/sec-policy/selinux-base/files/kernel_mcs.diff b/sec-policy/selinux-base/files/kernel_mcs.diff deleted file mode 100644 index 8f9cfd7e01..0000000000 --- a/sec-policy/selinux-base/files/kernel_mcs.diff +++ /dev/null @@ -1,13 +0,0 @@ -diff -ur refpolicy.orig/policy/modules/kernel/kernel.te refpolicy/policy/modules/kernel/kernel.te ---- refpolicy.orig/policy/modules/kernel/kernel.te 2015-06-24 14:05:01.160318849 -0700 -+++ refpolicy/policy/modules/kernel/kernel.te 2015-06-24 14:06:23.468516424 -0700 -@@ -442,3 +442,9 @@ - #dev_manage_all_dev_nodes(kernel_t) - dev_setattr_generic_chr_files(kernel_t) - ') -+mcs_killall(kernel_t) -+mcs_file_read_all(kernel_t) -+mcs_file_write_all(kernel_t) -+mcs_process_set_categories(kernel_t) -+mcs_ptrace_all(kernel_t) -+allow kernel_t self:capability2 wake_alarm; diff --git a/sec-policy/selinux-base/files/lxc_contexts b/sec-policy/selinux-base/files/lxc_contexts deleted file mode 100644 index 923a158e28..0000000000 --- a/sec-policy/selinux-base/files/lxc_contexts +++ /dev/null @@ -1,4 +0,0 @@ -process = "system_u:system_r:svirt_lxc_net_t:s0" -content = "system_u:object_r:virt_var_lib_t:s0" -file = "system_u:object_r:svirt_lxc_file_t:s0" - diff --git a/sec-policy/selinux-base/files/mcs_create.diff b/sec-policy/selinux-base/files/mcs_create.diff deleted file mode 100644 index 64b823577d..0000000000 --- a/sec-policy/selinux-base/files/mcs_create.diff +++ /dev/null @@ -1,21 +0,0 @@ -diff -ur work.orig/refpolicy/policy/mcs work/refpolicy/policy/mcs ---- refpolicy/policy/mcs 2015-12-18 13:41:18.655947448 +0000 -+++ refpolicy/policy/mcs 2015-12-18 13:42:40.364890957 +0000 -@@ -100,14 +100,14 @@ - # New filesystem object labels must be dominated by the relabeling subject - # clearance, also the objects are single-level. - mlsconstrain file { create relabelto } -- (( h1 dom h2 ) and ( l2 eq h2 )); -+ ((( h1 dom h2 ) and ( l2 eq h2 )) or (t1 == mcswriteall)); - - # new file labels must be dominated by the relabeling subject clearance - mlsconstrain { dir file lnk_file chr_file blk_file sock_file fifo_file } { relabelfrom } -- ( h1 dom h2 ); -+ (( h1 dom h2 ) or (t1 == mcswriteall)); - - mlsconstrain { dir file lnk_file chr_file blk_file sock_file fifo_file } { create relabelto } -- (( h1 dom h2 ) and ( l2 eq h2 )); -+ ((( h1 dom h2 ) and ( l2 eq h2 )) or (t1 == mcswriteall)); - - mlsconstrain process { transition dyntransition } - (( h1 dom h2 ) or ( t1 == mcssetcats )); diff --git a/sec-policy/selinux-base/files/mcs_range_target.diff b/sec-policy/selinux-base/files/mcs_range_target.diff deleted file mode 100644 index 1c16ab7fdb..0000000000 --- a/sec-policy/selinux-base/files/mcs_range_target.diff +++ /dev/null @@ -1,9 +0,0 @@ -diff -ur mcs.orig/policy/mcs mcs/policy/mcs ---- refpolicy.orig/policy/mcs 2015-09-14 11:32:38.155721902 -0700 -+++ refpolicy/policy/mcs 2015-09-14 11:36:08.055490569 -0700 -@@ -1,4 +1,5 @@ - ifdef(`enable_mcs',` -+default_range dir_file_class_set target low-high; - # - # Define sensitivities - # diff --git a/sec-policy/selinux-base/files/selinux.conf b/sec-policy/selinux-base/files/selinux.conf new file mode 100644 index 0000000000..77d379e812 --- /dev/null +++ b/sec-policy/selinux-base/files/selinux.conf @@ -0,0 +1,4 @@ +# Rebuild all selinux policy modules +[selinux-rebuild] +class = portage.sets.dbapi.OwnerSet +files = /usr/share/selinux/ diff --git a/sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf b/sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf deleted file mode 100644 index d5023d851b..0000000000 --- a/sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf +++ /dev/null @@ -1,3 +0,0 @@ -d /etc/selinux/ - - - - - -L /etc/selinux/config - - - - ../../usr/lib/selinux/config -L /etc/selinux/mcs - - - - ../../usr/lib/selinux/mcs diff --git a/sec-policy/selinux-base/metadata.xml b/sec-policy/selinux-base/metadata.xml index 39f2415871..16f3d9c00e 100644 --- a/sec-policy/selinux-base/metadata.xml +++ b/sec-policy/selinux-base/metadata.xml @@ -1,15 +1,18 @@ - selinux + + selinux@gentoo.org + SELinux Team + Gentoo SELinux base policy. This contains policy for a system at the end of system installation. There is no extra policy in this package. - Enable the labeled networking peer permissions (SELinux policy capability). - Enable the open permissions for file object classes (SELinux policy capability). - Enable User Based Access Control (UBAC) in the SELinux policy - Enable support for the unconfined SELinux module + Enable the labeled networking peer permissions (SELinux policy capability). + Enable the open permissions for file object classes (SELinux policy capability). + Enable User Based Access Control (UBAC) in the SELinux policy + Enable support for the unconfined SELinux module diff --git a/sec-policy/selinux-base/selinux-base-2.20141203-r14.ebuild b/sec-policy/selinux-base/selinux-base-2.20170204-r1.ebuild similarity index 56% rename from sec-policy/selinux-base/selinux-base-2.20141203-r14.ebuild rename to sec-policy/selinux-base/selinux-base-2.20170204-r1.ebuild index 3661151504..e868d90864 100644 --- a/sec-policy/selinux-base/selinux-base-2.20141203-r14.ebuild +++ b/sec-policy/selinux-base/selinux-base-2.20170204-r1.ebuild @@ -1,64 +1,46 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/selinux-base-2.20141203-r5.ebuild,v 1.3 2015/06/05 16:10:26 perfinion Exp $ -EAPI="5" -inherit eutils systemd +EAPI="6" if [[ ${PV} == 9999* ]]; then EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_SOURCEDIR="${WORKDIR}/refpolicy" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - inherit git-2 - - KEYWORDS="" + inherit git-r3 else SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2" + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" - KEYWORDS="amd64 x86" + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" fi -IUSE="+peer_perms +open_perms +ubac +unconfined doc" +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" DESCRIPTION="Gentoo base policy for SELinux" -HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" LICENSE="GPL-2" SLOT="0" RDEPEND=">=sys-apps/policycoreutils-2.3 - virtual/udev - !<=sec-policy/selinux-base-policy-2.20120725" + virtual/udev" DEPEND="${RDEPEND} sys-devel/m4 >=sys-apps/checkpolicy-2.3" S=${WORKDIR}/ -#src_unpack() { -# git-2_src_unpack -#} - src_prepare() { if [[ ${PV} != 9999* ]]; then - # Apply the gentoo patches to the policy. These patches are only necessary - # for base policies, or for interface changes on modules. - EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ - EPATCH_SUFFIX="patch" \ - EPATCH_SOURCE="${WORKDIR}" \ - EPATCH_FORCE="yes" \ - epatch + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" fi - epatch "${FILESDIR}/kernel_mcs.diff" - epatch "${FILESDIR}/mcs_create.diff" - epatch "${FILESDIR}/mcs_range_target.diff" - - cd "${S}/refpolicy" - make bare + eapply_user - epatch_user + cd "${S}/refpolicy" || die + emake bare } src_configure() { @@ -68,12 +50,12 @@ src_configure() { if ! use peer_perms; then sed -i -e '/network_peer_controls/d' \ - "${S}/refpolicy/policy/policy_capabilities" + "${S}/refpolicy/policy/policy_capabilities" || die fi if ! use open_perms; then sed -i -e '/open_perms/d' \ - "${S}/refpolicy/policy/policy_capabilities" + "${S}/refpolicy/policy/policy_capabilities" || die fi if ! use ubac; then @@ -81,20 +63,25 @@ src_configure() { || die "Failed to disable User Based Access Control" fi - echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die # Prepare initial configuration - cd "${S}/refpolicy"; - make conf || die "Make conf failed" + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" # Setup the policies based on the types delivered by the end user. # These types can be "targeted", "strict", "mcs" and "mls". for i in ${POLICY_TYPES}; do - cp -a "${S}/refpolicy" "${S}/${i}" - cd "${S}/${i}"; + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" - sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ "${S}/${i}/build.conf" || die "build.conf setup failed." @@ -124,10 +111,10 @@ src_compile() { [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" for i in ${POLICY_TYPES}; do - cd "${S}/${i}" - emake base UNK_PERMS=allow BINDIR="${ROOT}/usr/bin" || die "${i} compile failed" + cd "${S}/${i}" || die + emake base if use doc; then - make html || die + emake html fi done } @@ -136,25 +123,24 @@ src_install() { [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" for i in ${POLICY_TYPES}; do - cd "${S}/${i}" - + cd "${S}/${i}" || die - make DESTDIR="${D}" install \ + emake DESTDIR="${D}" install \ || die "${i} install failed." - make DESTDIR="${D}" install-headers \ + emake DESTDIR="${D}" install-headers \ || die "${i} headers install failed." - echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die - echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" - cp "${FILESDIR}/booleans" "${D}/etc/selinux/${i}/booleans" + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die # libsemanage won't make this on its own keepdir "/etc/selinux/${i}/policy" if use doc; then - dohtml doc/html/*; + docinto ${i}/html + dodoc -r doc/html/*; fi insinto /usr/share/selinux/devel; @@ -162,27 +148,14 @@ src_install() { done - systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/selinux-base.conf" - systemd-tmpfiles --root="${D}" --create selinux-base.conf - + docinto / dodoc doc/Makefile.example doc/example.{te,fc,if} doman man/man8/*.8; - insinto /usr/lib/selinux + insinto /etc/selinux doins "${FILESDIR}/config" - insinto /etc/selinux/mcs/contexts - doins "${FILESDIR}/lxc_contexts" - - mkdir -p "${D}/usr/lib/selinux" - for i in ${POLICY_TYPES}; do - mv "${D}/etc/selinux/${i}" "${D}/usr/lib/selinux" - dosym "../../usr/lib/selinux/${i}" "/etc/selinux/${i}" - done -} - -pkg_preinst() { - has_version "<${CATEGORY}/${PN}-2.20101213-r13" - previous_less_than_r13=$? + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" } diff --git a/sec-policy/selinux-base/selinux-base-2.20170204-r2.ebuild b/sec-policy/selinux-base/selinux-base-2.20170204-r2.ebuild new file mode 100644 index 0000000000..71409d1bb6 --- /dev/null +++ b/sec-policy/selinux-base/selinux-base-2.20170204-r2.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" + + inherit git-r3 +else + SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" + + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi + +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" +LICENSE="GPL-2" +SLOT="0" + +RDEPEND=">=sys-apps/policycoreutils-2.3 + virtual/udev" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-2.3" + +S=${WORKDIR}/ + +src_prepare() { + if [[ ${PV} != 9999* ]]; then + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" + fi + + eapply_user + + cd "${S}/refpolicy" || die + emake bare +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die + + # Prepare initial configuration + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die + + #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + + if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-${i}/seusers" \ + || die "policy seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + emake base + if use doc; then + emake html + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + + emake DESTDIR="${D}" install \ + || die "${i} install failed." + + emake DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + docinto ${i}/html + dodoc -r doc/html/*; + fi + + insinto /usr/share/selinux/devel; + doins doc/policy.xml; + + done + + docinto / + dodoc doc/Makefile.example doc/example.{te,fc,if} + + doman man/man8/*.8; + + insinto /etc/selinux + doins "${FILESDIR}/config" + + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" +} diff --git a/sec-policy/selinux-base/selinux-base-2.20170204-r3.ebuild b/sec-policy/selinux-base/selinux-base-2.20170204-r3.ebuild new file mode 100644 index 0000000000..71409d1bb6 --- /dev/null +++ b/sec-policy/selinux-base/selinux-base-2.20170204-r3.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" + + inherit git-r3 +else + SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" + + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi + +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" +LICENSE="GPL-2" +SLOT="0" + +RDEPEND=">=sys-apps/policycoreutils-2.3 + virtual/udev" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-2.3" + +S=${WORKDIR}/ + +src_prepare() { + if [[ ${PV} != 9999* ]]; then + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" + fi + + eapply_user + + cd "${S}/refpolicy" || die + emake bare +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die + + # Prepare initial configuration + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die + + #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + + if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-${i}/seusers" \ + || die "policy seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + emake base + if use doc; then + emake html + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + + emake DESTDIR="${D}" install \ + || die "${i} install failed." + + emake DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + docinto ${i}/html + dodoc -r doc/html/*; + fi + + insinto /usr/share/selinux/devel; + doins doc/policy.xml; + + done + + docinto / + dodoc doc/Makefile.example doc/example.{te,fc,if} + + doman man/man8/*.8; + + insinto /etc/selinux + doins "${FILESDIR}/config" + + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" +} diff --git a/sec-policy/selinux-base/selinux-base-2.20170204-r4.ebuild b/sec-policy/selinux-base/selinux-base-2.20170204-r4.ebuild new file mode 100644 index 0000000000..71409d1bb6 --- /dev/null +++ b/sec-policy/selinux-base/selinux-base-2.20170204-r4.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" + + inherit git-r3 +else + SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" + + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi + +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" +LICENSE="GPL-2" +SLOT="0" + +RDEPEND=">=sys-apps/policycoreutils-2.3 + virtual/udev" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-2.3" + +S=${WORKDIR}/ + +src_prepare() { + if [[ ${PV} != 9999* ]]; then + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" + fi + + eapply_user + + cd "${S}/refpolicy" || die + emake bare +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die + + # Prepare initial configuration + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die + + #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + + if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-${i}/seusers" \ + || die "policy seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + emake base + if use doc; then + emake html + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + + emake DESTDIR="${D}" install \ + || die "${i} install failed." + + emake DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + docinto ${i}/html + dodoc -r doc/html/*; + fi + + insinto /usr/share/selinux/devel; + doins doc/policy.xml; + + done + + docinto / + dodoc doc/Makefile.example doc/example.{te,fc,if} + + doman man/man8/*.8; + + insinto /etc/selinux + doins "${FILESDIR}/config" + + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" +} diff --git a/sec-policy/selinux-base/selinux-base-2.20170805-r2.ebuild b/sec-policy/selinux-base/selinux-base-2.20170805-r2.ebuild new file mode 100644 index 0000000000..c2ac18ef37 --- /dev/null +++ b/sec-policy/selinux-base/selinux-base-2.20170805-r2.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" + + inherit git-r3 +else + SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" + + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi + +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" +LICENSE="GPL-2" +SLOT="0" + +RDEPEND=">=sys-apps/policycoreutils-2.3 + virtual/udev" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-2.3" + +S=${WORKDIR}/ + +src_prepare() { + if [[ ${PV} != 9999* ]]; then + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" + fi + + eapply_user + + cd "${S}/refpolicy" || die + emake bare +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die + + # Prepare initial configuration + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die + + #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + + if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-${i}/seusers" \ + || die "policy seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + emake base + if use doc; then + emake html + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + + emake DESTDIR="${D}" install \ + || die "${i} install failed." + + emake DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + docinto ${i}/html + dodoc -r doc/html/*; + fi + + insinto /usr/share/selinux/devel; + doins doc/policy.xml; + + done + + docinto / + dodoc doc/Makefile.example doc/example.{te,fc,if} + + doman man/man8/*.8; + + insinto /etc/selinux + doins "${FILESDIR}/config" + + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" +} diff --git a/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild b/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild new file mode 100644 index 0000000000..c2ac18ef37 --- /dev/null +++ b/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" + + inherit git-r3 +else + SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" + + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi + +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" +LICENSE="GPL-2" +SLOT="0" + +RDEPEND=">=sys-apps/policycoreutils-2.3 + virtual/udev" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-2.3" + +S=${WORKDIR}/ + +src_prepare() { + if [[ ${PV} != 9999* ]]; then + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" + fi + + eapply_user + + cd "${S}/refpolicy" || die + emake bare +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die + + # Prepare initial configuration + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die + + #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + + if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-${i}/seusers" \ + || die "policy seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + emake base + if use doc; then + emake html + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + + emake DESTDIR="${D}" install \ + || die "${i} install failed." + + emake DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + docinto ${i}/html + dodoc -r doc/html/*; + fi + + insinto /usr/share/selinux/devel; + doins doc/policy.xml; + + done + + docinto / + dodoc doc/Makefile.example doc/example.{te,fc,if} + + doman man/man8/*.8; + + insinto /etc/selinux + doins "${FILESDIR}/config" + + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" +} diff --git a/sec-policy/selinux-base/selinux-base-2.20170805-r4.ebuild b/sec-policy/selinux-base/selinux-base-2.20170805-r4.ebuild new file mode 100644 index 0000000000..75f0679ab2 --- /dev/null +++ b/sec-policy/selinux-base/selinux-base-2.20170805-r4.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" + + inherit git-r3 +else + SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" + + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" +fi + +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" +LICENSE="GPL-2" +SLOT="0" + +RDEPEND=">=sys-apps/policycoreutils-2.3 + virtual/udev" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-2.3" + +S=${WORKDIR}/ + +src_prepare() { + if [[ ${PV} != 9999* ]]; then + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" + fi + + eapply_user + + cd "${S}/refpolicy" || die + emake bare +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" || die + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die + + # Prepare initial configuration + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die + + #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + + if [ "${i}" != "targeted" ] && [ "${i}" != "strict" ] && use unconfined; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-${i}/seusers" \ + || die "policy seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + emake base + if use doc; then + emake html + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" || die + + emake DESTDIR="${D}" install \ + || die "${i} install failed." + + emake DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + docinto ${i}/html + dodoc -r doc/html/*; + fi + + insinto /usr/share/selinux/devel; + doins doc/policy.xml; + + done + + docinto / + dodoc doc/Makefile.example doc/example.{te,fc,if} + + doman man/man8/*.8; + + insinto /etc/selinux + doins "${FILESDIR}/config" + + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" +} diff --git a/sec-policy/selinux-base/selinux-base-9999.ebuild b/sec-policy/selinux-base/selinux-base-9999.ebuild index 12f53be9eb..75f0679ab2 100644 --- a/sec-policy/selinux-base/selinux-base-9999.ebuild +++ b/sec-policy/selinux-base/selinux-base-9999.ebuild @@ -1,60 +1,46 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base/selinux-base-9999.ebuild,v 1.18 2015/04/21 10:34:30 perfinion Exp $ -EAPI="5" -inherit eutils +EAPI="6" if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" inherit git-r3 - - KEYWORDS="" else SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 - http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" + https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" - KEYWORDS="~amd64 ~x86" + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" fi -IUSE="+peer_perms +open_perms +ubac +unconfined doc" +IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" DESCRIPTION="Gentoo base policy for SELinux" -HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" LICENSE="GPL-2" SLOT="0" RDEPEND=">=sys-apps/policycoreutils-2.3 - virtual/udev - !<=sec-policy/selinux-base-policy-2.20120725" + virtual/udev" DEPEND="${RDEPEND} sys-devel/m4 >=sys-apps/checkpolicy-2.3" S=${WORKDIR}/ -#src_unpack() { -# git-2_src_unpack -#} - src_prepare() { if [[ ${PV} != 9999* ]]; then - # Apply the gentoo patches to the policy. These patches are only necessary - # for base policies, or for interface changes on modules. - EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ - EPATCH_SUFFIX="patch" \ - EPATCH_SOURCE="${WORKDIR}" \ - EPATCH_FORCE="yes" \ - epatch + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" fi - cd "${S}/refpolicy" - make bare + eapply_user - epatch_user + cd "${S}/refpolicy" || die + emake bare } src_configure() { @@ -64,12 +50,12 @@ src_configure() { if ! use peer_perms; then sed -i -e '/network_peer_controls/d' \ - "${S}/refpolicy/policy/policy_capabilities" + "${S}/refpolicy/policy/policy_capabilities" || die fi if ! use open_perms; then sed -i -e '/open_perms/d' \ - "${S}/refpolicy/policy/policy_capabilities" + "${S}/refpolicy/policy/policy_capabilities" || die fi if ! use ubac; then @@ -77,20 +63,25 @@ src_configure() { || die "Failed to disable User Based Access Control" fi - echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" + if use systemd; then + sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \ + || die "Failed to enable SystemD" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die # Prepare initial configuration - cd "${S}/refpolicy"; - make conf || die "Make conf failed" + cd "${S}/refpolicy" || die + emake conf || die "Make conf failed" # Setup the policies based on the types delivered by the end user. # These types can be "targeted", "strict", "mcs" and "mls". for i in ${POLICY_TYPES}; do - cp -a "${S}/refpolicy" "${S}/${i}" - cd "${S}/${i}"; + cp -a "${S}/refpolicy" "${S}/${i}" || die + cd "${S}/${i}" || die #cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf" - sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" + sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ "${S}/${i}/build.conf" || die "build.conf setup failed." @@ -120,10 +111,10 @@ src_compile() { [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" for i in ${POLICY_TYPES}; do - cd "${S}/${i}" - emake base || die "${i} compile failed" + cd "${S}/${i}" || die + emake base if use doc; then - make html || die + emake html fi done } @@ -132,23 +123,24 @@ src_install() { [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" for i in ${POLICY_TYPES}; do - cd "${S}/${i}" + cd "${S}/${i}" || die - make DESTDIR="${D}" install \ + emake DESTDIR="${D}" install \ || die "${i} install failed." - make DESTDIR="${D}" install-headers \ + emake DESTDIR="${D}" install-headers \ || die "${i} headers install failed." - echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die - echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die # libsemanage won't make this on its own keepdir "/etc/selinux/${i}/policy" if use doc; then - dohtml doc/html/*; + docinto ${i}/html + dodoc -r doc/html/*; fi insinto /usr/share/selinux/devel; @@ -156,18 +148,14 @@ src_install() { done - systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/selinux-base.conf" - systemd-tmpfiles --root="${D}" --create selinux-base.conf - + docinto / dodoc doc/Makefile.example doc/example.{te,fc,if} doman man/man8/*.8; - insinto /usr/lib/selinux + insinto /etc/selinux doins "${FILESDIR}/config" -} -pkg_preinst() { - has_version "<${CATEGORY}/${PN}-2.20101213-r13" - previous_less_than_r13=$? + insinto /usr/share/portage/config/sets + doins "${FILESDIR}/selinux.conf" } From b0b9dee9ff765922e99208c4c8f48023eb82c24c Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 30/42] sec-policy/selinux-base: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild b/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild index c2ac18ef37..ced6acbb92 100644 --- a/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild +++ b/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild @@ -13,7 +13,7 @@ else SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" + KEYWORDS="amd64 -arm arm64 ~mips x86" fi IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined" From 01c5104ceaa346b826bdd0ecd3d993626eec2849 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 31/42] sec-policy/selinux-base: Fixups for Container Linux Signed-off-by: Geoff Levand --- sec-policy/selinux-base/files/config | 2 +- sec-policy/selinux-base/files/lxc_contexts | 10 ++++ sec-policy/selinux-base/files/selinux.conf | 4 -- .../files/tmpfiles.d/selinux-base.conf | 3 ++ .../selinux-base-2.20170805-r3.ebuild | 48 ++++++++++++------- 5 files changed, 44 insertions(+), 23 deletions(-) create mode 100644 sec-policy/selinux-base/files/lxc_contexts delete mode 100644 sec-policy/selinux-base/files/selinux.conf create mode 100644 sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf diff --git a/sec-policy/selinux-base/files/config b/sec-policy/selinux-base/files/config index 55933ea0e5..7b66367667 100644 --- a/sec-policy/selinux-base/files/config +++ b/sec-policy/selinux-base/files/config @@ -12,4 +12,4 @@ SELINUX=permissive # mls - Full SELinux protection with Multi-Level Security # mcs - Full SELinux protection with Multi-Category Security # (mls, but only one sensitivity level) -SELINUXTYPE=strict +SELINUXTYPE=mcs diff --git a/sec-policy/selinux-base/files/lxc_contexts b/sec-policy/selinux-base/files/lxc_contexts new file mode 100644 index 0000000000..b9ce512118 --- /dev/null +++ b/sec-policy/selinux-base/files/lxc_contexts @@ -0,0 +1,10 @@ +# This file is used to configure the per-instance contexts of rkt and other +# applications that use libvirt for lxc container support. +# +# See: +# https://coreos.com/rkt/docs/latest/selinux.html +# https://selinuxproject.org/page/PolicyConfigurationFiles#contexts.2Flxc_contexts_File + +process = "system_u:system_r:svirt_lxc_net_t:s0" +content = "system_u:object_r:virt_var_lib_t:s0" +file = "system_u:object_r:svirt_lxc_file_t:s0" diff --git a/sec-policy/selinux-base/files/selinux.conf b/sec-policy/selinux-base/files/selinux.conf deleted file mode 100644 index 77d379e812..0000000000 --- a/sec-policy/selinux-base/files/selinux.conf +++ /dev/null @@ -1,4 +0,0 @@ -# Rebuild all selinux policy modules -[selinux-rebuild] -class = portage.sets.dbapi.OwnerSet -files = /usr/share/selinux/ diff --git a/sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf b/sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf new file mode 100644 index 0000000000..5fdb7e230c --- /dev/null +++ b/sec-policy/selinux-base/files/tmpfiles.d/selinux-base.conf @@ -0,0 +1,3 @@ +#Type Path Mode UID GID Age Argument +d /etc/selinux/ - - - - - +L /etc/selinux/config - - - - ../../usr/lib/selinux/config diff --git a/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild b/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild index ced6acbb92..8380467a31 100644 --- a/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild +++ b/sec-policy/selinux-base/selinux-base-2.20170805-r3.ebuild @@ -3,6 +3,8 @@ EAPI="6" +inherit coreos-sec-policy systemd + if [[ ${PV} == 9999* ]]; then EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" @@ -37,6 +39,20 @@ src_prepare() { eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" fi + # Additional selinux policy for rkt. + local kte="${S}/refpolicy/policy/modules/kernel/kernel.te" + # Read and write files and directories regardless of their category set. + echo "mcs_file_read_all(kernel_t)" >> "${kte}" + echo "mcs_file_write_all(kernel_t)" >> "${kte}" + # Trusted for setting any category set for the processes it executes. + echo "mcs_process_set_categories(kernel_t)" >> "${kte}" + # Sigkill and sigstop all domains regardless of their category set. + echo "mcs_killall(kernel_t)" >> "${kte}" + # Allowed to ptrace all domains regardless of their category set. + echo "mcs_ptrace_all(kernel_t)" >> "${kte}" + # Quiet wake_alarm AVCs. + echo "allow kernel_t self:capability2 wake_alarm;" >> "${kte}" + eapply_user cd "${S}/refpolicy" || die @@ -134,28 +150,24 @@ src_install() { echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die + done - # libsemanage won't make this on its own - keepdir "/etc/selinux/${i}/policy" + insinto /usr/lib/selinux + doins "${FILESDIR}/config" - if use doc; then - docinto ${i}/html - dodoc -r doc/html/*; - fi + local tmpfiles_conf="${T}"/selinux-base.conf + cp "${FILESDIR}"/tmpfiles.d/selinux-base.conf "${tmpfiles_conf}" - insinto /usr/share/selinux/devel; - doins doc/policy.xml; + for i in ${POLICY_TYPES}; do + # relocate policy to /usr + mv "${D}/etc/selinux/${i}" "${D}/usr/lib/selinux" + echo "L /etc/selinux/${i} - - - - ../../usr/lib/selinux/${i}" \ + >> "${tmpfiles_conf}" + insinto /usr/lib/selinux/${i}/contexts + doins "${FILESDIR}/lxc_contexts" done - docinto / - dodoc doc/Makefile.example doc/example.{te,fc,if} - - doman man/man8/*.8; - - insinto /etc/selinux - doins "${FILESDIR}/config" - - insinto /usr/share/portage/config/sets - doins "${FILESDIR}/selinux.conf" + systemd_dotmpfilesd "${tmpfiles_conf}" + systemd-tmpfiles --root="${D}" --create selinux-base.conf } From 53efab6e6b34a6147f09f8651542b6c9a5c32829 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 32/42] sec-policy/selinux-base-policy: Import latest Signed-off-by: Geoff Levand --- sec-policy/selinux-base-policy/ChangeLog | 1033 ----------------- sec-policy/selinux-base-policy/Manifest | 20 +- sec-policy/selinux-base-policy/files/config | 15 - .../selinux-base-policy/files/modules.conf | 50 - sec-policy/selinux-base-policy/metadata.xml | 7 +- .../selinux-base-policy-2.20170204-r1.ebuild | 122 ++ ... selinux-base-policy-2.20170204-r2.ebuild} | 93 +- .../selinux-base-policy-2.20170204-r3.ebuild | 122 ++ .../selinux-base-policy-2.20170204-r4.ebuild | 122 ++ .../selinux-base-policy-2.20170805-r2.ebuild | 122 ++ .../selinux-base-policy-2.20170805-r3.ebuild | 122 ++ .../selinux-base-policy-2.20170805-r4.ebuild | 122 ++ .../selinux-base-policy-9999.ebuild | 75 +- 13 files changed, 831 insertions(+), 1194 deletions(-) delete mode 100644 sec-policy/selinux-base-policy/ChangeLog delete mode 100644 sec-policy/selinux-base-policy/files/config delete mode 100644 sec-policy/selinux-base-policy/files/modules.conf create mode 100644 sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild rename sec-policy/selinux-base-policy/{selinux-base-policy-2.20141203-r14.ebuild => selinux-base-policy-2.20170204-r2.ebuild} (58%) create mode 100644 sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r3.ebuild create mode 100644 sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r4.ebuild create mode 100644 sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r2.ebuild create mode 100644 sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild create mode 100644 sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r4.ebuild diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog deleted file mode 100644 index 0c374d421d..0000000000 --- a/sec-policy/selinux-base-policy/ChangeLog +++ /dev/null @@ -1,1033 +0,0 @@ -# ChangeLog for sec-policy/selinux-base-policy -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.176 2015/06/05 16:10:32 perfinion Exp $ - - 05 Jun 2015; Jason Zaman - selinux-base-policy-2.20141203-r5.ebuild: - Stabilize policy 2.20141203-r5 - -*selinux-base-policy-2.20141203-r6 (05 Jun 2015) - - 05 Jun 2015; Jason Zaman - +selinux-base-policy-2.20141203-r6.ebuild: - Release of 2.20141203-r6 - - 25 Apr 2015; Mike Gilbert - selinux-base-policy-2.20140311-r5.ebuild, - selinux-base-policy-2.20140311-r6.ebuild, - selinux-base-policy-2.20140311-r7.ebuild, - selinux-base-policy-2.20141203-r1.ebuild, - selinux-base-policy-2.20141203-r2.ebuild, - selinux-base-policy-2.20141203-r3.ebuild, - selinux-base-policy-2.20141203-r4.ebuild, - selinux-base-policy-2.20141203-r5.ebuild: - Replace links pointing at git.overlays.gentoo.org. - - 21 Apr 2015; Jason Zaman - selinux-base-policy-9999.ebuild: - update git urls and migrate git-2 -> git-r3 - - 15 Apr 2015; Jason Zaman - selinux-base-policy-2.20141203-r4.ebuild: - Stabilize policy 2.20141203-r4 - -*selinux-base-policy-2.20141203-r5 (15 Apr 2015) - - 15 Apr 2015; Jason Zaman - +selinux-base-policy-2.20141203-r5.ebuild: - Release of 2.20141203-r5 - - 22 Mar 2015; Sven Vermeulen - selinux-base-policy-2.20141203-r3.ebuild: - Stabilize 2.20141203-r3 policies - -*selinux-base-policy-2.20141203-r4 (22 Mar 2015) - - 22 Mar 2015; Sven Vermeulen - +selinux-base-policy-2.20141203-r4.ebuild, selinux-base-policy-9999.ebuild: - Release of 2.20141203-r4 - -*selinux-base-policy-2.20141203-r3 (29 Jan 2015) - - 29 Jan 2015; Jason Zaman - +selinux-base-policy-2.20141203-r3.ebuild, - selinux-base-policy-2.20141203-r2.ebuild: - Release of 2.20141203-r3, stable 2.20141203-r2 - - 21 Dec 2014; Sven Vermeulen - -selinux-base-policy-2.20140311-r1.ebuild, - -selinux-base-policy-2.20140311-r2.ebuild, - -selinux-base-policy-2.20140311-r3.ebuild, - -selinux-base-policy-2.20140311-r4.ebuild: - Remove old ebuilds - - 21 Dec 2014; Sven Vermeulen - selinux-base-policy-2.20141203-r1.ebuild: - Stabilize 2.20141203-r1 - -*selinux-base-policy-2.20141203-r2 (21 Dec 2014) - - 21 Dec 2014; Sven Vermeulen - +selinux-base-policy-2.20141203-r2.ebuild: - Release of 2.20141203-r2 - - 07 Dec 2014; Jason Zaman - selinux-base-policy-2.20140311-r7.ebuild, selinux-base-policy-9999.ebuild: - Stabilize 2.20140311-r7 - -*selinux-base-policy-2.20141203-r1 (07 Dec 2014) - - 07 Dec 2014; Jason Zaman - +selinux-base-policy-2.20141203-r1.ebuild: - Release of 2.20141203-r1 - - 07 Dec 2014; Jason Zaman - selinux-base-policy-9999.ebuild: - update SRC_URI - - 05 Dec 2014; Jason Zaman - selinux-base-policy-9999.ebuild: - enable parallel build, bug 530178 - - 29 Nov 2014; Jason Zaman - selinux-base-policy-2.20140311-r7.ebuild, selinux-base-policy-9999.ebuild: - Must relabel RDEP not DEP - - 23 Nov 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Add notice about bug 530178 - - 23 Nov 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Parallel builds are fixed since February 2014 - - 01 Nov 2014; Sven Vermeulen - selinux-base-policy-2.20140311-r6.ebuild: - Stabilize rev 6 - -*selinux-base-policy-2.20140311-r7 (01 Nov 2014) - - 01 Nov 2014; Sven Vermeulen - +selinux-base-policy-2.20140311-r7.ebuild: - Bump revision r7 of SELinux policies - - 01 Nov 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Add KEYWORDS logic in -9999 ebuilds for ease of copying - - 30 Aug 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Use single-line rlpkg call and do not label policy packages - - 24 Aug 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Back to gogo infrastructure - - 23 Aug 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Temporarily use github until gogo is back on track - - 22 Aug 2014; Sven Vermeulen - selinux-base-policy-2.20140311-r5.ebuild: - Stabilize r5 policies - -*selinux-base-policy-2.20140311-r6 (21 Aug 2014) - - 21 Aug 2014; Sven Vermeulen - +selinux-base-policy-2.20140311-r6.ebuild: - Release of 2.20140311-r6 - -*selinux-base-policy-2.20140311-r5 (09 Aug 2014) - - 09 Aug 2014; Sven Vermeulen - +selinux-base-policy-2.20140311-r5.ebuild, selinux-base-policy-9999.ebuild: - Bump towards r5 (fixes duplicate context for hiawatha) - - 08 Aug 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Make 9999 ebuilds EAPI=5 and transform to make master for version bumps - - 06 Aug 2014; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Supporting the SELINUX_GIT_* variables - - 05 Aug 2014; Sven Vermeulen - -selinux-base-policy-2.20130424-r1.ebuild, - -selinux-base-policy-2.20130424-r2.ebuild, - -selinux-base-policy-2.20130424-r3.ebuild, - -selinux-base-policy-2.20130424-r4.ebuild: - Remove obsolete ebuilds - -*selinux-base-policy-2.20140311-r4 (01 Aug 2014) - - 01 Aug 2014; Sven Vermeulen - +selinux-base-policy-2.20140311-r4.ebuild, - selinux-base-policy-2.20140311-r3.ebuild: - Stabilization of r3, and make r4 available for testing - - 29 May 2014; Sven Vermeulen - selinux-base-policy-2.20140311-r2.ebuild: - Stabilize 2.20140311-r2 - -*selinux-base-policy-2.20140311-r3 (29 May 2014) - - 29 May 2014; Sven Vermeulen - +selinux-base-policy-2.20140311-r3.ebuild: - Bump to 2.20140311-r3 - - 19 Apr 2014; Sven Vermeulen - selinux-base-policy-2.20140311-r1.ebuild: - Stabilize r1 policies - -*selinux-base-policy-2.20140311-r2 (19 Apr 2014) - - 19 Apr 2014; Sven Vermeulen - +selinux-base-policy-2.20140311-r2.ebuild: - Release of 2.20140311-r2 - - 24 Mar 2014; Sven Vermeulen - -selinux-base-policy-2.20120725-r5.ebuild, - -selinux-base-policy-2.20120725-r7.ebuild, - -selinux-base-policy-2.20120725-r8.ebuild, - -selinux-base-policy-2.20120725-r9.ebuild, - -selinux-base-policy-2.20120725-r10.ebuild, - -selinux-base-policy-2.20120725-r11.ebuild, - -selinux-base-policy-2.20120725-r12.ebuild: - Removing older SELinux policies - -*selinux-base-policy-2.20140311-r1 (21 Mar 2014) - - 21 Mar 2014; Sven Vermeulen - +selinux-base-policy-2.20140311-r1.ebuild: - New upstream refpolicy release - - 12 Jan 2014; Sven Vermeulen - selinux-base-policy-2.20130424-r4.ebuild: - Stabilize 2.20130424-r4 - -*selinux-base-policy-2.20130424-r4 (11 Dec 2013) - - 11 Dec 2013; Sven Vermeulen - +selinux-base-policy-2.20130424-r4.ebuild: - Release of 2.20130424-r4 - -*selinux-base-policy-2.20130424-r3 (26 Sep 2013) - - 26 Sep 2013; Sven Vermeulen - +selinux-base-policy-2.20130424-r3.ebuild: - Release 2.20130424-r3, fixing bugs #480628, #482196, #475432, #485304, #480870 - and #428322 - - 15 Aug 2013; Sven Vermeulen - selinux-base-policy-2.20130424-r2.ebuild: - Stabilize r2 of policies - -*selinux-base-policy-2.20130424-r2 (20 Jul 2013) - - 20 Jul 2013; Sven Vermeulen - +selinux-base-policy-2.20130424-r2.ebuild, selinux-base-policy-9999.ebuild: - release rev2 - - 16 Jun 2013; Sven Vermeulen - selinux-base-policy-2.20130424-r1.ebuild: - Stabilize 20130424 policies - - 07 May 2013; Sven Vermeulen - selinux-base-policy-2.20130424-r1.ebuild, selinux-base-policy-9999.ebuild: - Adding support for epatch_user since selinux-base-policy will not inherit - this from the selinux eclass - -*selinux-base-policy-2.20130424-r1 (06 May 2013) - - 06 May 2013; Sven Vermeulen - +selinux-base-policy-2.20130424-r1.ebuild: - Adding 20130424 release - - 29 Mar 2013; Sven Vermeulen - selinux-base-policy-9999.ebuild: - Fix bug #462952 - cyclic dependency for unconfined - - 29 Mar 2013; Sven Vermeulen - selinux-base-policy-2.20120725-r12.ebuild: - Stabilize r12, fixes 455080, 453724, 461880, 453722, 452166, 458876, 457618, - 456910, 456194, 453990 and 460152 - - 26 Mar 2013; Sven Vermeulen - selinux-base-policy-2.20120725-r12.ebuild, selinux-base-policy-9999.ebuild: - unconfined package is PDEPEND, otherwise circular dependency. See bug #462952 - - 09 Mar 2013; Sven Vermeulen - selinux-base-policy-2.20120725-r12.ebuild: - Fix bug #458876 - USE=unconfined if targeted is set - -*selinux-base-policy-2.20120725-r12 (09 Mar 2013) - - 09 Mar 2013; Sven Vermeulen - +selinux-base-policy-2.20120725-r12.ebuild, selinux-base-policy-9999.ebuild: - Pushing out rev 12 - - 23 Feb 2013; Sven Vermeulen - selinux-base-policy-2.20120725-r11.ebuild: - Stabilization - -*selinux-base-policy-2.20120725-r11 (26 Jan 2013) - - 26 Jan 2013; Sven Vermeulen - +selinux-base-policy-2.20120725-r11.ebuild: - Bumping selinux-base-policy to revision 11 - - 16 Jan 2013; Sven Vermeulen - selinux-base-policy-2.20120725-r10.ebuild: - Stabilizing - -*selinux-base-policy-2.20120725-r10 (16 Jan 2013) - - 16 Jan 2013; Sven Vermeulen - +selinux-base-policy-2.20120725-r10.ebuild: - Bumping with fix for #451128 - - 13 Jan 2013; Sven Vermeulen - selinux-base-policy-2.20120725-r9.ebuild: - Stabilizing r9 - -*selinux-base-policy-2.20120725-r9 (21 Dec 2012) - - 21 Dec 2012; Sven Vermeulen +selinux-base-policy-2.20120725-r9.ebuild: - Bumping to revision 9 - - 17 Dec 2012; Sven Vermeulen -selinux-base-policy-2.20120215-r13.ebuild, - -selinux-base-policy-2.20120215-r14.ebuild, - -selinux-base-policy-2.20120215-r15.ebuild, - -selinux-base-policy-2.20120215-r6.ebuild, - -selinux-base-policy-2.20120215-r7.ebuild, - -selinux-base-policy-2.20120215-r8.ebuild, - -selinux-base-policy-2.20120215-r9.ebuild: - Removing older ebuilds - - 13 Dec 2012; Sven Vermeulen selinux-base-policy-2.20120725-r8.ebuild: - Stabilization - - 04 Dec 2012; Sven Vermeulen selinux-base-policy-9999.ebuild, - metadata.xml: - Add in support for unconfined USE flag - -*selinux-base-policy-2.20120725-r8 (03 Dec 2012) - - 03 Dec 2012; Sven Vermeulen +selinux-base-policy-2.20120725-r8.ebuild: - Bumping to revision 8 - -*selinux-base-policy-2.20120725-r7 (18 Nov 2012) - - 18 Nov 2012; Sven Vermeulen +selinux-base-policy-2.20120725-r7.ebuild: - Pushing out rev 7 - -*selinux-base-policy-9999 (13 Oct 2012) - - 13 Oct 2012; Sven Vermeulen +selinux-base-policy-9999.ebuild: - Adding live ebuild - - 04 Oct 2012; Sven Vermeulen selinux-base-policy-2.20120725-r5.ebuild: - Stabilization - -*selinux-base-policy-2.20120725-r5 (21 Sep 2012) - - 21 Sep 2012; Sven Vermeulen +selinux-base-policy-2.20120725-r5.ebuild: - Introducing policy for 2.20120725, rev5 - - 30 Jul 2012; Sven Vermeulen selinux-base-policy-2.20120215-r14.ebuild: - Stabilization of revision 14 of the SELinux policy modules - -*selinux-base-policy-2.20120215-r15 (26 Jul 2012) - - 26 Jul 2012; Sven Vermeulen +selinux-base-policy-2.20120215-r15.ebuild: - Bump to rev15 - -*selinux-base-policy-2.20120215-r14 (16 Jul 2012) - - 16 Jul 2012; Sven Vermeulen +selinux-base-policy-2.20120215-r14.ebuild: - Bumping to rev14 - -*selinux-base-policy-2.20120215-r13 (27 Jun 2012) - - 27 Jun 2012; Sven Vermeulen +selinux-base-policy-2.20120215-r13.ebuild: - Bump to revision 13 - -*selinux-base-policy-2.20120215-r9 (20 May 2012) - - 20 May 2012; Sven Vermeulen +selinux-base-policy-2.20120215-r9.ebuild: - Bumping to rev 9 - - 13 May 2012; Sven Vermeulen -selinux-base-policy-2.20110726-r5.ebuild, - -selinux-base-policy-2.20110726-r6.ebuild, - -selinux-base-policy-2.20110726-r7.ebuild, - -selinux-base-policy-2.20110726-r8.ebuild, - -selinux-base-policy-2.20110726-r11.ebuild, - -selinux-base-policy-2.20110726-r13.ebuild, metadata.xml: - Drop unused local USE flag definitions - - 13 May 2012; Sven Vermeulen -selinux-base-policy-2.20110726-r5.ebuild, - -selinux-base-policy-2.20110726-r6.ebuild, - -selinux-base-policy-2.20110726-r7.ebuild, - -selinux-base-policy-2.20110726-r8.ebuild, - -selinux-base-policy-2.20110726-r11.ebuild, - -selinux-base-policy-2.20110726-r13.ebuild: - Removing deprecated ebuilds (cleanup) - - 29 Apr 2012; Sven Vermeulen selinux-base-policy-2.20120215-r7.ebuild: - Stabilize rev7 - -*selinux-base-policy-2.20120215-r8 (26 Apr 2012) - - 26 Apr 2012; Sven Vermeulen +selinux-base-policy-2.20120215-r8.ebuild: - Bump to rev8, fix #411719, #411149 and #411943 - - 22 Apr 2012; Michael Sterrett - selinux-base-policy-2.20120215-r7.ebuild: - inherit goes near the top - -*selinux-base-policy-2.20120215-r7 (22 Apr 2012) - - 22 Apr 2012; Sven Vermeulen +selinux-base-policy-2.20120215-r7.ebuild: - Bumping to rev 7, fixing bugs #401595, #411193 and #403293 - - 01 Apr 2012; Michael Sterrett - selinux-base-policy-2.20120215-r6.ebuild: - inherit goes near the top - - 31 Mar 2012; Sven Vermeulen selinux-base-policy-2.20110726-r13.ebuild: - Stabilizing - -*selinux-base-policy-2.20120215-r6 (31 Mar 2012) - - 31 Mar 2012; Sven Vermeulen +selinux-base-policy-2.20120215-r6.ebuild: - Bumping to 2.20120215 policies - - 23 Feb 2012; Sven Vermeulen selinux-base-policy-2.20110726-r11.ebuild: - Stabilizing - -*selinux-base-policy-2.20110726-r13 (23 Feb 2012) - - 23 Feb 2012; Sven Vermeulen +selinux-base-policy-2.20110726-r13.ebuild: - Adding revision 13 - - 29 Jan 2012; Manifest: - Updating manifest - - 29 Jan 2012; Sven Vermeulen selinux-base-policy-2.20110726-r8.ebuild: - Stabilize r8 series - -*selinux-base-policy-2.20110726-r11 (14 Jan 2012) - - 14 Jan 2012; Sven Vermeulen +selinux-base-policy-2.20110726-r11.ebuild: - Bumping to rev 11 - - 19 Dec 2011; Sven Vermeulen selinux-base-policy-2.20110726-r6.ebuild: - Stabilize rev6 - -*selinux-base-policy-2.20110726-r8 (17 Dec 2011) - - 17 Dec 2011; Sven Vermeulen +selinux-base-policy-2.20110726-r8.ebuild: - Bumping to rev8, list of changes available at - http://archives.gentoo.org/gentoo-hardened/msg_b11ef32142076034abd0616e373361 - da.xml - -*selinux-base-policy-2.20110726-r7 (04 Dec 2011) - - 04 Dec 2011; Sven Vermeulen +selinux-base-policy-2.20110726-r7.ebuild: - Bumping to rev 7 - - 27 Nov 2011; Sven Vermeulen selinux-base-policy-2.20110726-r4.ebuild, - selinux-base-policy-2.20110726-r5.ebuild, - selinux-base-policy-2.20110726-r6.ebuild, files/modules.conf: - Put XDG selection (for base) in modules.conf instead of ebuild hocus-pocus - - 27 Nov 2011; Sven Vermeulen selinux-base-policy-2.20110726-r5.ebuild: - Stable on x86/amd64 - -*selinux-base-policy-2.20110726-r6 (15 Nov 2011) - - 15 Nov 2011; Sven Vermeulen +selinux-base-policy-2.20110726-r6.ebuild: - Fixing #389579, #389917, #388875 and #389569. Also improves support for - gcc-config and updates VDE patch with upstream feedback - - 12 Nov 2011; Sven Vermeulen -selinux-base-policy-2.20090730.ebuild, - -selinux-base-policy-2.20090814.ebuild, - -selinux-base-policy-2.20091215.ebuild, - -selinux-base-policy-2.20101213-r16.ebuild, - -selinux-base-policy-2.20101213-r17.ebuild, - -selinux-base-policy-2.20101213-r18.ebuild, - -selinux-base-policy-2.20101213-r20.ebuild, - -selinux-base-policy-2.20101213-r21.ebuild, - -selinux-base-policy-2.20101213-r22.ebuild, - -selinux-base-policy-2.20110726-r3.ebuild, - -files/modules.conf.strict.20090730, -files/modules.conf.targeted.20090730: - Removing old policies - - 23 Oct 2011; Sven Vermeulen selinux-base-policy-2.20110726-r4.ebuild: - Stabilization (tracker #384231) - -*selinux-base-policy-2.20110726-r5 (23 Oct 2011) - - 23 Oct 2011; Sven Vermeulen +selinux-base-policy-2.20110726-r5.ebuild: - Update patches with XDG support, clean up patches with upstream feedback, - include asterisk fix - -*selinux-base-policy-2.20110726-r4 (17 Sep 2011) - - 17 Sep 2011; Sven Vermeulen +selinux-base-policy-2.20110726-r4.ebuild: - Update on portage and portage_fetch domains, fix puppet issues, normalize - patches with refpolicy - -*selinux-base-policy-2.20110726-r3 (28 Aug 2011) - - 28 Aug 2011; Sven Vermeulen +selinux-base-policy-2.20110726-r3.ebuild: - Introduce policy based on refpolicy 20110726 - -*selinux-base-policy-2.20101213-r22 (07 Aug 2011) - - 07 Aug 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r22.ebuild: - Fix patchbundle issue with portage patch - -*selinux-base-policy-2.20101213-r21 (25 Jul 2011) -*selinux-base-policy-2.20101213-r20 (25 Jul 2011) - - 25 Jul 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r20.ebuild, - +selinux-base-policy-2.20101213-r21.ebuild, +files/modules.conf, - files/config: - Support unattended use of portage/emerge-webrsync, add layman in its own - domain, fix a firefox context mismatch, allow cron to call portage, mark - semanage as being an eselect wrapper too (fixes /etc/selinux labeling - mismatches). Bugs fixed: #376005, #375835 (workaround) - - 11 Jul 2011; Anthony G. Basile - -files/selinux-base-policy-20070329.diff, - -selinux-base-policy-20080525.ebuild, - -selinux-base-policy-20080525-r1.ebuild, -files/modules.conf.strict, - -files/modules.conf.strict.20070928, -files/modules.conf.strict.20080525, - -files/modules.conf.targeted, -files/modules.conf.targeted.20070928, - -files/modules.conf.targeted.20080525: - Removed all pre 2.20xx base policies - -*selinux-base-policy-2.20101213-r18 (10 Jul 2011) - - 10 Jul 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r18.ebuild: - Bump to r18, improve support for openrc, allow portage to work with - NFS-mounted locations, fix firefox plugin support, fix postgres init - script support, fix syslog startup issue - - 03 Jul 2011; Anthony G. Basile - selinux-base-policy-2.20101213-r16.ebuild, - selinux-base-policy-2.20101213-r17.ebuild, - -files/patchbundle-selinux-base-policy-2.20101213-r16.tar.bz2, - -files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2: - Moved patchbundles out of ${FILESDIR}, bug #370927 - - 30 Jun 2011; Anthony G. Basile - -selinux-base-policy-2.20101213-r11.ebuild, - -selinux-base-policy-2.20101213-r12.ebuild, - -files/patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2, - -files/patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2: - Removed deprecated versions - -*selinux-base-policy-2.20101213-r17 (30 Jun 2011) - - 30 Jun 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r17.ebuild, - +files/patchbundle-selinux-base-policy-2.20101213-r17.tar.bz2: - Add support for zabbix - - 02 Jun 2011; Anthony G. Basile - selinux-base-policy-2.20101213-r16.ebuild: - Stable amd64 x86 - - 20 May 2011; Anthony G. Basile - -selinux-base-policy-2.20101213-r5.ebuild, - -selinux-base-policy-2.20101213-r6.ebuild, - -selinux-base-policy-2.20101213-r7.ebuild, - -selinux-base-policy-2.20101213-r9.ebuild, - -selinux-base-policy-2.20101213-r10.ebuild, - -files/patchbundle-selinux-base-policy-2.20101213-r10.tar.bz2, - -files/patchbundle-selinux-base-policy-2.20101213-r5.tar.bz2, - -files/patchbundle-selinux-base-policy-2.20101213-r6.tar.bz2, - -files/patchbundle-selinux-base-policy-2.20101213-r7.tar.bz2, - -files/patchbundle-selinux-base-policy-2.20101213-r9.tar.bz2: - Removed deprecated revisions of base policy 2.20101213 - -*selinux-base-policy-2.20101213-r16 (20 May 2011) - - 20 May 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r16.ebuild, - +files/patchbundle-selinux-base-policy-2.20101213-r16.tar.bz2, metadata.xml: - Drop obsoleted policy builds, add openrc support (rc-update, rc-status), - correct file contexts for /lib64, make UBAC optional (#257111 and #306393), - use portage_srcrepo_t for live ebuilds and match mdadm policy with upstream - -*selinux-base-policy-2.20101213-r12 (16 Apr 2011) -*selinux-base-policy-2.20101213-r11 (16 Apr 2011) - - 16 Apr 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r11.ebuild, - +selinux-base-policy-2.20101213-r12.ebuild, - +files/patchbundle-selinux-base-policy-2.20101213-r11.tar.bz2, - +files/patchbundle-selinux-base-policy-2.20101213-r12.tar.bz2: - Added new patchbundles for rev bumps to base policy 2.20101213 - -*selinux-base-policy-2.20101213-r10 (07 Mar 2011) -*selinux-base-policy-2.20101213-r9 (07 Mar 2011) - - 07 Mar 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r9.ebuild, - +selinux-base-policy-2.20101213-r10.ebuild, - +files/patchbundle-selinux-base-policy-2.20101213-r10.tar.bz2, - +files/patchbundle-selinux-base-policy-2.20101213-r9.tar.bz2: - Added new patchbundles for rev bumps to base policy 2.20101213 - - 05 Feb 2011; Anthony G. Basile - +files/patchbundle-selinux-base-policy-2.20101213-r5.tar.bz2, - +files/patchbundle-selinux-base-policy-2.20101213-r6.tar.bz2, - +files/patchbundle-selinux-base-policy-2.20101213-r7.tar.bz2: - Added patchbundle for base policy 2.20101213. - -*selinux-base-policy-2.20101213-r7 (05 Feb 2011) -*selinux-base-policy-2.20101213-r6 (05 Feb 2011) -*selinux-base-policy-2.20101213-r5 (05 Feb 2011) - - 05 Feb 2011; Anthony G. Basile - +selinux-base-policy-2.20101213-r5.ebuild, - +selinux-base-policy-2.20101213-r6.ebuild, - +selinux-base-policy-2.20101213-r7.ebuild: - New upstream policy. - -*selinux-base-policy-2.20091215 (16 Dec 2009) - - 16 Dec 2009; Chris PeBenito - +selinux-base-policy-2.20091215.ebuild: - New upstream release. - -*selinux-base-policy-20080525-r1 (14 Sep 2009) - - 14 Sep 2009; Chris PeBenito - +selinux-base-policy-20080525-r1.ebuild: - Update old base policy to support ext4. - - 14 Aug 2009; Chris PeBenito - -selinux-base-policy-20070329.ebuild, - -selinux-base-policy-20070928.ebuild, selinux-base-policy-20080525.ebuild: - Mark 20080525 stable, clear old ebuilds. - -*selinux-base-policy-2.20090814 (14 Aug 2009) - - 14 Aug 2009; Chris PeBenito - +selinux-base-policy-2.20090814.ebuild: - Git version of refpolicy for misc fixes including some cron problems. - -*selinux-base-policy-2.20090730 (03 Aug 2009) - - 03 Aug 2009; Chris PeBenito - +selinux-base-policy-2.20090730.ebuild: - New upstream release. - - 18 Jul 2009; Chris PeBenito - selinux-base-policy-20070329.ebuild, selinux-base-policy-20070928.ebuild, - selinux-base-policy-20080525.ebuild: - Drop alpha, mips, ppc, sparc selinux support. - -*selinux-base-policy-20080525 (25 May 2008) - - 25 May 2008; Chris PeBenito - +selinux-base-policy-20080525.ebuild: - New SVN snapshot. - - 16 Mar 2008; Chris PeBenito - -selinux-base-policy-20051022-r1.ebuild, - -selinux-base-policy-20061114.ebuild: - Remove old ebuilds. - - 03 Feb 2008; Chris PeBenito - selinux-base-policy-20070928.ebuild: - Mark stable. - -*selinux-base-policy-20070928 (26 Nov 2007) - - 26 Nov 2007; Chris PeBenito - +selinux-base-policy-20070928.ebuild: - New SVN snapshot. - - 04 Jun 2007; Chris PeBenito - selinux-base-policy-20070329.ebuild: - Mark stable. - - 30 Mar 2007; Chris PeBenito - +files/selinux-base-policy-20070329.diff, - selinux-base-policy-20070329.ebuild: - Compile fix. - -*selinux-base-policy-20070329 (29 Mar 2007) - - 29 Mar 2007; Chris PeBenito - +selinux-base-policy-20070329.ebuild: - New SVN snapshot. - - 22 Feb 2007; Markus Ullmann ChangeLog: - Redigest for Manifest2 - -*selinux-base-policy-20061114 (15 Nov 2006) - - 15 Nov 2006; Chris PeBenito - +selinux-base-policy-20061114.ebuild: - New SVN snapshot. - - 25 Oct 2006; Chris PeBenito - selinux-base-policy-20061015.ebuild: - Fix to have default POLICY_TYPES if it is empty. - - 21 Oct 2006; Chris PeBenito - selinux-base-policy-20061015.ebuild: - Fix xml generation failure to die. - -*selinux-base-policy-20061015 (15 Oct 2006) - - 15 Oct 2006; Chris PeBenito - -selinux-base-policy-20061008.ebuild, - +selinux-base-policy-20061015.ebuild: - Update for testing fixes. - -*selinux-base-policy-20061008 (08 Oct 2006) - - 08 Oct 2006; Chris PeBenito -files/semanage.conf, - +selinux-base-policy-20061008.ebuild, - -selinux-base-policy-99999999.ebuild: - First mainstream reference policy testing release. - - 29 Sep 2006; Chris PeBenito - selinux-base-policy-99999999.ebuild: - Fix for new SVN location. Fixes 147781. - - 22 Feb 2006; Stephen Bennett - selinux-base-policy-20051022-r1.ebuild: - Alpha stable - -*selinux-base-policy-99999999 (02 Feb 2006) - - 02 Feb 2006; Chris PeBenito +files/config, - +files/modules.conf.strict, +files/modules.conf.targeted, - +files/semanage.conf, +selinux-base-policy-99999999.ebuild: - Add experimental policy for testing reference policy. Requires portage fix - from bug #110857. - - 02 Feb 2006; Chris PeBenito - -selinux-base-policy-20050322.ebuild, - -selinux-base-policy-20050618.ebuild, - -selinux-base-policy-20050821.ebuild, - -selinux-base-policy-20051022.ebuild: - Clean out old ebuilds. - - 14 Jan 2006; Stephen Bennett - selinux-base-policy-20051022-r1.ebuild: - Added ~alpha - -*selinux-base-policy-20051022-r1 (08 Dec 2005) - - 08 Dec 2005; Chris PeBenito - +selinux-base-policy-20051022-r1.ebuild: - Change to use compatability genhomedircon. Newer policycoreutils (1.28) - breaks the backwards compatability this policy uses. - -*selinux-base-policy-20051022 (22 Oct 2005) - - 22 Oct 2005; Chris PeBenito - +selinux-base-policy-20051022.ebuild: - Very trivial fixes. - - 08 Sep 2005; Chris PeBenito - selinux-base-policy-20050821.ebuild: - Mark stable. - -*selinux-base-policy-20050821 (21 Aug 2005) - - 21 Aug 2005; Chris PeBenito - +selinux-base-policy-20050821.ebuild: - Minor updates for 2.6.12. - - 21 Jun 2005; Chris PeBenito - selinux-base-policy-20050618.ebuild: - Mark stable. - -*selinux-base-policy-20050618 (18 Jun 2005) - - 18 Jun 2005; Chris PeBenito - -selinux-base-policy-20041123.ebuild, - -selinux-base-policy-20050306.ebuild, - +selinux-base-policy-20050618.ebuild: - New release to support 2.6.12 features. - - 10 May 2005; Stephen Bennett - selinux-base-policy-20050322.ebuild: - mips stable - - 01 May 2005; Stephen Bennett - selinux-base-policy-20050322.ebuild: - Added ~mips. - -*selinux-base-policy-20050322 (23 Mar 2005) - - 23 Mar 2005; Chris PeBenito - +selinux-base-policy-20050322.ebuild: - New release. - -*selinux-base-policy-20050306 (06 Mar 2005) - - 06 Mar 2005; Chris PeBenito - +selinux-base-policy-20050306.ebuild: - Fix bad samba_domain dummy macro. Add policies needed for udev support. - -*selinux-base-policy-20050224 (24 Feb 2005) - - 24 Feb 2005; Chris PeBenito - +selinux-base-policy-20050224.ebuild: - New release. - - 19 Jan 2005; Chris PeBenito - selinux-base-policy-20041123.ebuild: - Mark stable. - -*selinux-base-policy-20041123 (23 Nov 2004) - - 23 Nov 2004; Chris PeBenito - +selinux-base-policy-20041123.ebuild: - New release with 1.18 merge. - -*selinux-base-policy-20041023 (23 Oct 2004) - - 23 Oct 2004; Chris PeBenito - +selinux-base-policy-20041023.ebuild: - New release with 1.16 merge. Tcpd and inetd have been deprecated since they - are not in the base system anymore, and probably no one uses them anyway. - -*selinux-base-policy-20040906 (06 Sep 2004) - - 06 Sep 2004; Chris PeBenito - +selinux-base-policy-20040906.ebuild: - New release with 1.14 merge, which has policy 18 (fine-grained netlink) - features. - - 05 Sep 2004; Chris PeBenito - selinux-base-policy-20040225.ebuild, -selinux-base-policy-20040509.ebuild, - -selinux-base-policy-20040604.ebuild, selinux-base-policy-20040629.ebuild, - selinux-base-policy-20040702.ebuild: - Remove old builds, switch to epause and ebeep in remaining builds. - -*selinux-base-policy-20040702 (02 Jul 2004) - - 02 Jul 2004; Chris PeBenito - +selinux-base-policy-20040702.ebuild: - Same as 20040629, except with updated flask headers, which will come out in - 2.6.8. - -*selinux-base-policy-20040629 (29 Jun 2004) - - 29 Jun 2004; Chris PeBenito - +selinux-base-policy-20040629.ebuild: - Large sysadmfile cleanup: disable admin_separation to give sysadm_r back its - ablility to modify all files. Minor fixes: portage_r works again, syslog-ng - breakage fixed, put back manual PaX policy for pageexec/segmexec. - - 16 Jun 2004; Chris PeBenito - selinux-base-policy-20040604.ebuild: - Mark stable. - - 10 Jun 2004; Chris PeBenito - selinux-base-policy-20040225.ebuild, selinux-base-policy-20040509.ebuild, - selinux-base-policy-20040604.ebuild: - Add src_compile() stub - -*selinux-base-policy-20040604 (04 Jun 2004) - - 04 Jun 2004; Chris PeBenito - +selinux-base-policy-20040604.ebuild: - New release including 1.12 NSA policy, and experimental sesandbox. - - 15 May 2004; Chris PeBenito - selinux-base-policy-20040509.ebuild: - Mark stable. - -*selinux-base-policy-20040509 (09 May 2004) - - 09 May 2004; Chris PeBenito - +selinux-base-policy-20040509.ebuild: - A few small cleanups. Make PaX non exec pages macro based on arch. Large - portage update, get rid of portage_exec_fetch_t, portage will setexec. Add - global_ssp tunable. - -*selinux-base-policy-20040418 (18 Apr 2004) - - 18 Apr 2004; Chris PeBenito - +selinux-base-policy-20040418.ebuild: - New release for checkpolicy 1.10 - -*selinux-base-policy-20040414 (14 Apr 2004) - - 14 Apr 2004; Chris PeBenito - -selinux-base-policy-20040408.ebuild, +selinux-base-policy-20040414.ebuild: - Minor updates - -*selinux-base-policy-20040408 (08 Apr 2004) - - 08 Apr 2004; Chris PeBenito - selinux-base-policy-20040408.ebuild: - New update. Users.fc is now deprecated, as the contexts for user directories - is now automatically generated. Portage fetching of distfiles now has a - subdomain, for dropping priviledges. - - 28 Feb 2004; Chris PeBenito - selinux-base-policy-20040225.ebuild: - Mark stable. - -*selinux-base-policy-20040225 (25 Feb 2004) - - 25 Feb 2004; Chris PeBenito - selinux-base-policy-20040225.ebuild: - New support for PaX ACL hooks. Addition of tunable.te for configurable policy - options. Rewrite of portage.te. Now auto-transition for sysadm is default, can - reenable portage_r by tunable.te. Makefile update from NSA CVS. - -*selinux-base-policy-20040209 (09 Feb 2004) - - 09 Feb 2004; Chris PeBenito - selinux-base-policy-20040209.ebuild: - Minor revision to add XFS labeling and policy for integrated - runscript-run_init. - - 07 Feb 2004; Chris PeBenito - selinux-base-policy-20040202.ebuild: - Mark x86 stable. - -*selinux-base-policy-20040202 (02 Feb 2004) - - 02 Feb 2004; Chris PeBenito - selinux-base-policy-20040202.ebuild: - A few misc fixes. Allow portage to update bootloader code, such as in lilo or - grub postinst. This requires checkpolicy 1.4-r1. - -*selinux-base-policy-20031225 (25 Dec 2003) - - 25 Dec 2003; Chris PeBenito - selinux-base-policy-20031225.ebuild: - New release, with merged NSA 1.4 policy. One critical note, this policy - requires pam 0.77. Much work has been done to minimize access to /etc/shadow, - and one requirement is in the patch for pam 0.77. If you do not use this pam - version or newer, you will be unable to authenticate in enforcing. Since - devfs no longer is usable in SELinux, it's policy has been removed. You - should merge the changes, remove the devfsd policy (devfsd.te and devfsd.fc), - load the policy, and relabel. - - 27 Nov 2003; Chris PeBenito - selinux-base-policy-20031010-r1.ebuild: - Mark stable. Add build USE flag for stage building. - -*selinux-base-policy-20031010-r1 (12 Nov 2003) - - 12 Nov 2003; Chris PeBenito - selinux-base-policy-20031010-r1.ebuild, - files/selinux-base-policy-20031010-cvs.diff: - Add fixes from policy cvs for compilers, so non x86 and ppc compilers can - work. Also portage update as a side effect of updated setfiles code in - portage, from bug 31748. - - 28 Oct 2003; Chris PeBenito - selinux-base-policy-20031010.ebuild: - Mark stable - -*selinux-base-policy-20031010 (10 Oct 2003) - - 10 Oct 2003; Chris PeBenito - selinux-base-policy-20031010.ebuild: - New release for new API. Massive cleanups all over the place. - -*selinux-base-policy-20030817 (17 Aug 2003) - - 17 Aug 2003; Chris PeBenito - selinux-base-policy-20030817.ebuild: - Initial commit of new API policy - - 10 Aug 2003; Chris PeBenito - selinux-base-policy-20030729-r1.ebuild: - Mark stable - -*selinux-base-policy-20030729-r1 (31 Jul 2003) - - 31 Jul 2003; Chris PeBenito - selinux-base-policy-20030729-r1.ebuild: - New rev that handles an empty POLICYDIR sanely. - -*selinux-base-policy-20030729 (29 Jul 2003) - - 29 Jul 2003; Chris PeBenito - selinux-base-policy-20030729.ebuild: - Make the ebuild use POLICYDIR. Important fix so portage can load policy so - selinux-policy.eclass works. update_modules_t cleanup. Fix for an access when - merging baselayout. - -*selinux-base-policy-20030720 (20 Jul 2003) - - 20 Jul 2003; Chris PeBenito - selinux-base-policy-20030720.ebuild: - Many fixes, including the syslog fix. File contexts have changed, so a relabel - is needed. You may encounter problems relabeling /usr/portage, as its file - context has changed, as files should not have the same type as a domain. - Relabelling in permissive will fix this, or temporarily give portage_t a - file_type attribute. Tightened the can_exec_any() macro. Moved staff.fc to - users.fc, since all users with SELinux identities should have their home - directories have the correct identity, not the generic identity. - - 06 Jun 2003; Chris PeBenito - selinux-base-policy-20030604.ebuild: - Mark stable - -*selinux-base-policy-20030604 (04 Jun 2003) - - 04 Jun 2003; Chris PeBenito - selinux-base-policy-20030604.ebuild: - Fix broken 20030603 - - 04 Jun 2003; Chris PeBenito - selinux-base-policy-20030603.ebuild: - Pulling 20030603, as there are problems, 20030604 later today - -*selinux-base-policy-20030603 (03 Jun 2003) - - 03 Jun 2003; Chris PeBenito - selinux-base-policy-20030603.ebuild: - Numerous various fixes. Added staff role. Removed ipsec, gpm and gpg policies - as they are not appropriate for the base policy, and untested. - -*selinux-base-policy-20030522 (22 May 2003) - - 22 May 2003; Chris PeBenito - selinux-base-policy-20030522.ebuild: - The policy is in pretty good shape now. I've been able to run in enforcing mode - with little problem. I've also been able to successfully merge and unmerge - packages in enforcing mode, with few exceptions (why does mysql need to run ps - during configure?). - -*selinux-base-policy-20030514 (14 May 2003) - - 14 May 2003; Chris PeBenito - selinux-base-policy-20030514.ebuild: - Many improvements in many areas. Of note, rlogind policies were removed. Klogd - is being merged into syslogd. The portage policy is much more complete, but - still needs work. Its suggested that all changes be merged in, policy - reloaded, then relabel. - -*selinux-base-policy-20030419 (19 Apr 2003) - - 23 Apr 2003; Chris PeBenito - selinux-base-policy-20030419.ebuild: - Marking stable for selinux-small stable usage - - 19 Apr 2003; Chris PeBenito Manifest, - selinux-base-policy-20030419.ebuild: - Initial commit. Base policies for SELinux, with Gentoo-specifics diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index 8c79c9abb3..fe39dd1f26 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -1,2 +1,18 @@ -DIST patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 299602 SHA256 e8518004942a6c57170a609683e22b1410c93a2a195829c41dc8fbc703d941b5 SHA512 ce6484fbca1d2d074e50d1a3953392bd3ce0a4617df98fbac37747b469b4f160a9331586dfe1c3ddccb1ccbee24876a2f05ab49e37c8492a48baf83c2d01d140 WHIRLPOOL 1fd7b956e98e95a64c3a713a944d4531259bd156a7feabf6a89c4b5f33ac846377730eede97889e85183be086f282ebd18e860214f6ca3f01b40f2323470ee04 -DIST refpolicy-2.20141203.tar.bz2 680243 SHA256 f438209c430d8a2d4ddcbe4bdd3edb46f6af7dc4913637af0b73c635e40c1522 SHA512 682e4280c5799e4c12ec7594afc1389f67be35055748d2e0dbdc3419159a16c96d4946ca6178daee8370515951f8653b2e452efe8c962b8d7f9bc192f0b15a0c WHIRLPOOL 74bca232534e7af9051bb1ab9f77c1ff6c425781cf4561f781d6e9a40cc5ca0d9add540249ea5493e8782a9372aea296ead6c165c6c440ae1509eb319d151ee5 +DIST patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 327838 BLAKE2B 8b8f6241636c0aaa472df3b4ad035d3f6ed8bafa25f9d5b2106f41e6e9e589cd3105f91fbcb9a5972998b6deda3eaf034755bcb13b57cd51957b473a60dfcbfe SHA512 727dd11bc5a777388199fb1da67add940a6051cca874456cdc4bb65f567216481e70b92fcf37ac59cc48d907fbe87b67e97c3813c4c97d5f31b7c66b7246f166 +DIST patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 354083 BLAKE2B 9296ea072f27774e7e6b055be9c24ba5717a1502cb2b20f57768231d2fdc267cc2e340ff9e301e072a199e80434f5f5caeed6151ea424b52380665a9927c23d6 SHA512 ac907590cefdc69638fce25de481d3dce625f0f1511e0fa3d0bcc78b2a18c57c0bea392c225d314645b1aec5abbcedf67bfc50b66be8580447bbcac7223ea66d +DIST patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 342266 BLAKE2B 4b4fb4d495f9507152ef05815273bc3d09927f9cdb3e63aa6050a620a061c133519b503dc6dbdb658c04a81a0917a7a4872668ee3fef8c2a049e0006e1c103de SHA512 df46b785a17c633d6fcd063b48258a362a0df13fcb71fb699b6c19281f4d647db43639e08e083157fcd49405c5c38c8408534decff99536d28ada64e9192d130 +DIST patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 373731 BLAKE2B cb291e14e181c68d95c77dc07185ba6d186d4a7f2bf163cbe32670d54cdf29e32ecfac49d449d8631df7df67992499e2bec6b39f6096f4d9e9394a87f2b24654 SHA512 93a0644440064d85db32c56a381478f8ef94824a04531e6fbad26dd79be02dacd939b804759db35d0627908ff653f8107e18c48858df458c80ae785d80374667 +DIST patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 314854 BLAKE2B 483d04f364195eb8627153647118eb23812a610db63a40d50819b42c19fc20ffd0a36cd5c1959a764eab2109bd2e5317f74fd3a5cc1c7ddd17d8c85be05579a5 SHA512 1358db158945b82e0e41907e3919a6888564b4f15ad765f0fe2dc7bf284485c18d11c5502d598268e33b2163a6fa0be2a4029a8e9f774abfd4377031ee9afd32 +DIST patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 324834 BLAKE2B ecc3b0425987aa648b3dd52977a6e1fd987e605fe302c3b6d8742d3eac9a1c89697de1f97331e9863b132bb95814ae7577e161a024cdda297fb84458aa9417fd SHA512 62ec2e70397d06d464e95305a4c0699cc07063d879d986a74442955fb8076a00cbe4a4f7a3cda46876cbf2ad38189be06f0c05ce9698aadafa6e9f02a8daf668 +DIST patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 689641 BLAKE2B 1accfbecd4825a6cdb8c3c189c9e23898d1dbe8415d2fe26a842782dec634958f01861916a3c040740359562984718b61cee7af7d9395b125590931110e67eff SHA512 2067b090cd054e47d6496c9513d69a7a37a72de8dc873159a8055e27fe2380dc73006354d790c455ae893645f956c6be6d6ad2d30be7428ff8a442604a0c5400 +DIST refpolicy-2.20170204.tar.bz2 709965 BLAKE2B 7fb10d6054d74204f8c7d6d8ee88603f37b6600ed4a03e937a3a233ea7a80feef6ab90ba01af8d444fa79b266456260b14af3be0ad6a311baff6e3408af7d1ba SHA512 30deabb02a5bde51c463e3e89988d850cff51596c2e72733a064245dec152ea46317eea79550dbe82a7a0d327ec0bcfbd9474ff8a902507392df0da00df6397f +DIST refpolicy-2.20170805.tar.bz2 740430 BLAKE2B 0597f51fceb5ca88b3506aa16cbd2d7f3df3a1d9c6afdf4cc5fc7eca25fa19c5810889f90ed1ee0abef401d41384558abb69f6638caf50341f71d075fa99e561 SHA512 dbb6809b028ae75296ad26d5997cc21d835c49555a0e37957cb39b36b144af6e817320073a29247448eba1876ab9e29d3956ff4456f1542b66ba38af459ec586 +EBUILD selinux-base-policy-2.20170204-r1.ebuild 3786 BLAKE2B 1e38aca0b48fc0cba740cf038eb24b0473542387d9432abbc2a0068269185de547e6af8e83fd81d16f4e7e0998e67c621c4d82498c1bd632fea0dff7b85c097b SHA512 c9ad330b65b72d08a864877d563c5de522939a8a0a747641317b3cb70c8ba3c7c11a64d039011865fb4f012f9b00befffb2f7a729e1ba9965bac93b15e930bc5 +EBUILD selinux-base-policy-2.20170204-r2.ebuild 3784 BLAKE2B 13d9e90856016ad20813d25e6a1bad97d3342521fb8a934f543323edd12824b6867c99217d92afa0229891979fcc00ae967905f89a2db248d0e1c53f9d54c950 SHA512 8fe89ca7392cff717e83b358535eb68126562f6a94fc0f8d2d3d0d4a991dc7fa6c28cde728c4a1a9ab5f78608f9931c91660c505abd7685be0dd7e8007cb189c +EBUILD selinux-base-policy-2.20170204-r3.ebuild 3784 BLAKE2B 13d9e90856016ad20813d25e6a1bad97d3342521fb8a934f543323edd12824b6867c99217d92afa0229891979fcc00ae967905f89a2db248d0e1c53f9d54c950 SHA512 8fe89ca7392cff717e83b358535eb68126562f6a94fc0f8d2d3d0d4a991dc7fa6c28cde728c4a1a9ab5f78608f9931c91660c505abd7685be0dd7e8007cb189c +EBUILD selinux-base-policy-2.20170204-r4.ebuild 3784 BLAKE2B 13d9e90856016ad20813d25e6a1bad97d3342521fb8a934f543323edd12824b6867c99217d92afa0229891979fcc00ae967905f89a2db248d0e1c53f9d54c950 SHA512 8fe89ca7392cff717e83b358535eb68126562f6a94fc0f8d2d3d0d4a991dc7fa6c28cde728c4a1a9ab5f78608f9931c91660c505abd7685be0dd7e8007cb189c +EBUILD selinux-base-policy-2.20170805-r2.ebuild 3731 BLAKE2B b1125281be24405a79edfc239d8974ff09b704030f54cfe6c7e27e72d405e7a9154b2b0961d3aa2b3f7a46c4d3cf8499493b9611cd43be15744525febbe3b0d3 SHA512 acf60b729293958f5eccdd45214b5aace93ed86b926511c802da2f6da75ec60617e00adb980dcc9873b519811130378bbf4fb25de6256328b701043a5bebd3d0 +EBUILD selinux-base-policy-2.20170805-r3.ebuild 3656 BLAKE2B dcc7628e5aa698c5bec439756527717fa71df73d41322382c354bb8fdd17379b184d8dbb6cb5e861db7a0b3c44091cf26f16ea57b6c39924bac4d66b6a1f446f SHA512 0f5cb442bd49e60b4a80cec9f5d4ee73bfbf989d0318c651898c400c622a29db2ad66fbc4e5fc530544a8b8df8b0c4d2551dfe690ece6a806aa039a9e03836a4 +EBUILD selinux-base-policy-2.20170805-r4.ebuild 3658 BLAKE2B 7d3b8311b5eb17e0cad01d07366401db104aa3b7e1d7e621319514db5edec8c44187760eda6432f06dd97aca19c010725d125b30efb7526a85023d7833d1e63b SHA512 4484bca5ac53864f1ab88887e45cc708e31832a8022c75119127bbe3814f7c3073e8a1522b8026370a91b8b41f7821392603a3d99d9609e859240de1b3b33aeb +EBUILD selinux-base-policy-9999.ebuild 3733 BLAKE2B 9bcd77ab3ccc6f7983975547571051e78d1a0092fb1f1785d6bdb541bfb1a25f206c693fe91bad068e8086192db3bcb5bfead8ace1f2583b6225a692c6506eb6 SHA512 4718bfed0759c58ad9a115beb90b8769973985d3ca6e0cdb8cb6ab4afc16da4aa7dde1fea3b4d06ba3c8de87a8e394a905db076444c54d15e0a7c4b37148e934 +MISC metadata.xml 534 BLAKE2B 1bb289204431150ae974c9fd677926faf72e75def3294b9df405a048e398ac3b6147de8483512487edaeea378e1dbd32df0675acb7fa50326c48382603c5dbfe SHA512 d8340bec9d0ec0feb396b17b53a6d53e3caa7ddd1efdc5e5de07baf86592ad0526d08fc08908295cf18a915eef1c7429c72970d56967162b2390eed6f28c822a diff --git a/sec-policy/selinux-base-policy/files/config b/sec-policy/selinux-base-policy/files/config deleted file mode 100644 index 55933ea0e5..0000000000 --- a/sec-policy/selinux-base-policy/files/config +++ /dev/null @@ -1,15 +0,0 @@ -# This file controls the state of SELinux on the system on boot. - -# SELINUX can take one of these three values: -# enforcing - SELinux security policy is enforced. -# permissive - SELinux prints warnings instead of enforcing. -# disabled - No SELinux policy is loaded. -SELINUX=permissive - -# SELINUXTYPE can take one of these four values: -# targeted - Only targeted network daemons are protected. -# strict - Full SELinux protection. -# mls - Full SELinux protection with Multi-Level Security -# mcs - Full SELinux protection with Multi-Category Security -# (mls, but only one sensitivity level) -SELINUXTYPE=strict diff --git a/sec-policy/selinux-base-policy/files/modules.conf b/sec-policy/selinux-base-policy/files/modules.conf deleted file mode 100644 index 47535f6b38..0000000000 --- a/sec-policy/selinux-base-policy/files/modules.conf +++ /dev/null @@ -1,50 +0,0 @@ -application = base -authlogin = base -bootloader = base -clock = base -consoletype = base -corecommands = base -corenetwork = base -cron = base -devices = base -dmesg = base -domain = base -files = base -filesystem = base -fstools = base -getty = base -hostname = base -hotplug = base -init = base -iptables = base -kernel = base -libraries = base -locallogin = base -logging = base -lvm = base -miscfiles = base -mcs = base -mls = base -modutils = base -mount = base -mta = base -netutils = base -nscd = base -portage = base -raid = base -rsync = base -selinux = base -selinuxutil = base -ssh = base -staff = base -storage = base -su = base -sysadm = base -sysnetwork = base -terminal = base -ubac = base -udev = base -userdomain = base -usermanage = base -unprivuser = base -xdg = base diff --git a/sec-policy/selinux-base-policy/metadata.xml b/sec-policy/selinux-base-policy/metadata.xml index 4adcb401b0..46dc07f542 100644 --- a/sec-policy/selinux-base-policy/metadata.xml +++ b/sec-policy/selinux-base-policy/metadata.xml @@ -1,12 +1,15 @@ - selinux + + selinux@gentoo.org + SELinux Team + Gentoo SELinux base policy. This contains policy for a system at the end of system installation. There is no extra policy in this package. - Enable support for the unconfined SELinux policy module + Enable support for the unconfined SELinux policy module diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild new file mode 100644 index 0000000000..6782cb7193 --- /dev/null +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170204-r1.ebuild @@ -0,0 +1,122 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +if [[ ${PV} == 9999* ]]; then + EGIT_REPO_URI="${SELINUX_GIT_REPO:-git://anongit.gentoo.org/proj/hardened-refpolicy.git https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" + EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" + EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" + + inherit git-r3 +else + SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 + https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" +fi + +HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" +DESCRIPTION="SELinux policy for core modules" + +IUSE="systemd +unconfined" + +PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" +DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" + +MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" +LICENSE="GPL-2" +SLOT="0" +S="${WORKDIR}/" + +# Code entirely copied from selinux-eclass (cannot inherit due to dependency on +# itself), when reworked reinclude it. Only postinstall (where -b base.pp is +# added) needs to remain then. + +pkg_setup() { + if use systemd; then + MODS="${MODS} systemd" + fi +} + +pkg_pretend() { + for i in ${POLICY_TYPES}; do + if [[ "${i}" == "targeted" ]] && ! use unconfined; then + die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." + fi + done +} + +src_prepare() { + local modfiles + + if [[ ${PV} != 9999* ]]; then + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" + fi + + eapply_user + + # Collect only those files needed for this particular module + for i in ${MODS}; do + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles" + modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" + done + + for i in ${POLICY_TYPES}; do + mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" + cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ + || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" + + cp ${modfiles} "${S}"/${i} \ + || die "Failed to copy the module files to ${S}/${i}" + done +} + +src_compile() { + for i in ${POLICY_TYPES}; do + emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" + done +} + +src_install() { + local BASEDIR="/usr/share/selinux" + + for i in ${POLICY_TYPES}; do + for j in ${MODS}; do + einfo "Installing ${i} ${j} policy package" + insinto ${BASEDIR}/${i} + doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}" + done + done +} + +pkg_postinst() { + # Override the command from the eclass, we need to load in base as well here + local COMMAND="-i base.pp" + if has_version "/dev/null 2>&1)" == "declare -a"* ]]; - then - cd "${S}/refpolicy/policy/modules" - for POLPATCH in "${POLICY_PATCH[@]}"; - do - epatch "${POLPATCH}" - done - else - if [[ -n ${POLICY_PATCH} ]]; - then - cd "${S}/refpolicy/policy/modules" - for POLPATCH in ${POLICY_PATCH}; - do - epatch "${POLPATCH}" - done - fi - fi - - # Calling user patches - epatch_user + eapply_user # Collect only those files needed for this particular module for i in ${MODS}; do @@ -99,7 +74,7 @@ src_prepare() { src_compile() { for i in ${POLICY_TYPES}; do - emake BINDIR="${ROOT}/usr/bin" SHAREDIR="${ROOT}/usr/share/selinux" NAME=$i -C "${S}"/${i} || die "${i} compile failed" + emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" done } @@ -115,3 +90,33 @@ src_install() { done } +pkg_postinst() { + # Override the command from the eclass, we need to load in base as well here + local COMMAND="-i base.pp" + if has_version "/dev/null 2>&1)" == "declare -a"* ]]; - then - cd "${S}/refpolicy/policy/modules" - for POLPATCH in "${POLICY_PATCH[@]}"; - do - epatch "${POLPATCH}" - done - else - if [[ -n ${POLICY_PATCH} ]]; - then - cd "${S}/refpolicy/policy/modules" - for POLPATCH in ${POLICY_PATCH}; - do - epatch "${POLPATCH}" - done - fi + einfo "Applying SELinux policy updates ... " + eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" fi - # Calling user patches - epatch_user + eapply_user # Collect only those files needed for this particular module for i in ${MODS}; do @@ -117,9 +92,13 @@ src_install() { pkg_postinst() { # Override the command from the eclass, we need to load in base as well here - local COMMAND + local COMMAND="-i base.pp" + if has_version " Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 33/42] sec-policy/selinux-base-policy: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- .../selinux-base-policy-2.20170805-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild index 8ef5919d34..6f7263b718 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild @@ -12,7 +12,7 @@ if [[ ${PV} == 9999* ]]; then else SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2 https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 -arm ~arm64 ~mips x86" + KEYWORDS="amd64 -arm arm64 ~mips ~x86" fi HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/" From cb3416716340af5229c08a0bca9c9d7710e9c756 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 34/42] sec-policy/selinux-base-policy: Fixups for Container Linux Signed-off-by: Geoff Levand --- .../selinux-base-policy-2.20170805-r3.ebuild | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild index 6f7263b718..4425c47468 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20170805-r3.ebuild @@ -3,6 +3,8 @@ EAPI="6" +inherit coreos-sec-policy + if [[ ${PV} == 9999* ]]; then EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" @@ -20,6 +22,12 @@ DESCRIPTION="SELinux policy for core modules" IUSE="systemd +unconfined" +# For board builds Container Linux installs the base security module (base.pp) +# in the SDK build_image script, and not in pkg_postinst() below. The added +# RDEPEND here is needed to get base.pp into the OS image so it is available +# for build_image. +RDEPEND=">=sec-policy/selinux-base-${PV}" + PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" @@ -91,6 +99,10 @@ src_install() { } pkg_postinst() { + # For board builds Container Linux installs policy modules to the OS + # image in the SDK build_image script. + [[ "${CBUILD}" == "${CHOST}" ]] || return + # Override the command from the eclass, we need to load in base as well here local COMMAND="-i base.pp" if has_version " Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 35/42] sec-policy/selinux-unconfined: Import latest Signed-off-by: Geoff Levand --- sec-policy/selinux-unconfined/ChangeLog | 284 ------------------ sec-policy/selinux-unconfined/Manifest | 20 +- sec-policy/selinux-unconfined/metadata.xml | 5 +- .../selinux-unconfined-2.20141203-r14.ebuild | 17 -- .../selinux-unconfined-2.20170204-r1.ebuild | 15 + .../selinux-unconfined-2.20170204-r2.ebuild | 15 + .../selinux-unconfined-2.20170204-r3.ebuild | 15 + .../selinux-unconfined-2.20170204-r4.ebuild | 15 + .../selinux-unconfined-2.20170805-r2.ebuild | 15 + .../selinux-unconfined-2.20170805-r3.ebuild | 15 + .../selinux-unconfined-2.20170805-r4.ebuild | 15 + .../selinux-unconfined-9999.ebuild | 12 +- 12 files changed, 132 insertions(+), 311 deletions(-) delete mode 100644 sec-policy/selinux-unconfined/ChangeLog delete mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20141203-r14.ebuild create mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r1.ebuild create mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r2.ebuild create mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r3.ebuild create mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r4.ebuild create mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r2.ebuild create mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild create mode 100644 sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r4.ebuild diff --git a/sec-policy/selinux-unconfined/ChangeLog b/sec-policy/selinux-unconfined/ChangeLog deleted file mode 100644 index 752561d2ea..0000000000 --- a/sec-policy/selinux-unconfined/ChangeLog +++ /dev/null @@ -1,284 +0,0 @@ -# ChangeLog for sec-policy/selinux-unconfined -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-unconfined/ChangeLog,v 1.55 2015/06/05 16:10:22 perfinion Exp $ - - 05 Jun 2015; Jason Zaman - selinux-unconfined-2.20141203-r5.ebuild: - Stabilize policy 2.20141203-r5 - -*selinux-unconfined-2.20141203-r6 (05 Jun 2015) - - 05 Jun 2015; Jason Zaman - +selinux-unconfined-2.20141203-r6.ebuild: - Release of 2.20141203-r6 - - 15 Apr 2015; Jason Zaman - selinux-unconfined-2.20141203-r4.ebuild: - Stabilize policy 2.20141203-r4 - -*selinux-unconfined-2.20141203-r5 (15 Apr 2015) - - 15 Apr 2015; Jason Zaman - +selinux-unconfined-2.20141203-r5.ebuild: - Release of 2.20141203-r5 - - 22 Mar 2015; Sven Vermeulen - selinux-unconfined-2.20141203-r3.ebuild: - Stabilize 2.20141203-r3 policies - -*selinux-unconfined-2.20141203-r4 (22 Mar 2015) - - 22 Mar 2015; Sven Vermeulen - +selinux-unconfined-2.20141203-r4.ebuild, selinux-unconfined-9999.ebuild: - Release of 2.20141203-r4 - -*selinux-unconfined-2.20141203-r3 (29 Jan 2015) - - 29 Jan 2015; Jason Zaman - +selinux-unconfined-2.20141203-r3.ebuild, - selinux-unconfined-2.20141203-r2.ebuild: - Release of 2.20141203-r3, stable 2.20141203-r2 - - 21 Dec 2014; Sven Vermeulen - -selinux-unconfined-2.20140311-r1.ebuild, - -selinux-unconfined-2.20140311-r2.ebuild, - -selinux-unconfined-2.20140311-r3.ebuild, - -selinux-unconfined-2.20140311-r4.ebuild: - Remove old ebuilds - - 21 Dec 2014; Sven Vermeulen - selinux-unconfined-2.20141203-r1.ebuild: - Stabilize 2.20141203-r1 - -*selinux-unconfined-2.20141203-r2 (21 Dec 2014) - - 21 Dec 2014; Sven Vermeulen - +selinux-unconfined-2.20141203-r2.ebuild: - Release of 2.20141203-r2 - - 07 Dec 2014; Jason Zaman - selinux-unconfined-2.20140311-r7.ebuild: - Stabilize 2.20140311-r7 - -*selinux-unconfined-2.20141203-r1 (07 Dec 2014) - - 07 Dec 2014; Jason Zaman - +selinux-unconfined-2.20141203-r1.ebuild: - Release of 2.20141203-r1 - - 01 Nov 2014; Sven Vermeulen - selinux-unconfined-2.20140311-r6.ebuild: - Stabilize rev 6 - -*selinux-unconfined-2.20140311-r7 (01 Nov 2014) - - 01 Nov 2014; Sven Vermeulen - +selinux-unconfined-2.20140311-r7.ebuild: - Bump revision r7 of SELinux policies - - 01 Nov 2014; Sven Vermeulen selinux-unconfined-9999.ebuild: - Add KEYWORDS logic in -9999 ebuilds for ease of copying - - 22 Aug 2014; Sven Vermeulen - selinux-unconfined-2.20140311-r5.ebuild: - Stabilize r5 policies - -*selinux-unconfined-2.20140311-r6 (21 Aug 2014) - - 21 Aug 2014; Sven Vermeulen - +selinux-unconfined-2.20140311-r6.ebuild: - Release of 2.20140311-r6 - -*selinux-unconfined-2.20140311-r5 (09 Aug 2014) - - 09 Aug 2014; Sven Vermeulen - +selinux-unconfined-2.20140311-r5.ebuild: - Bump towards r5 (fixes duplicate context for hiawatha) - - 08 Aug 2014; Sven Vermeulen selinux-unconfined-9999.ebuild: - Make 9999 ebuilds EAPI=5 and transform to make master for version bumps - - 05 Aug 2014; Sven Vermeulen - -selinux-unconfined-2.20130424-r1.ebuild, - -selinux-unconfined-2.20130424-r2.ebuild, - -selinux-unconfined-2.20130424-r3.ebuild, - -selinux-unconfined-2.20130424-r4.ebuild: - Remove obsolete ebuilds - -*selinux-unconfined-2.20140311-r4 (01 Aug 2014) - - 01 Aug 2014; Sven Vermeulen - +selinux-unconfined-2.20140311-r4.ebuild, - selinux-unconfined-2.20140311-r3.ebuild: - Stabilization of r3, and make r4 available for testing - - 29 May 2014; Sven Vermeulen - selinux-unconfined-2.20140311-r2.ebuild: - Stabilize 2.20140311-r2 - -*selinux-unconfined-2.20140311-r3 (29 May 2014) - - 29 May 2014; Sven Vermeulen - +selinux-unconfined-2.20140311-r3.ebuild: - Bump to 2.20140311-r3 - - 19 Apr 2014; Sven Vermeulen - selinux-unconfined-2.20140311-r1.ebuild: - Stabilize r1 policies - -*selinux-unconfined-2.20140311-r2 (19 Apr 2014) - - 19 Apr 2014; Sven Vermeulen - +selinux-unconfined-2.20140311-r2.ebuild: - Release of 2.20140311-r2 - - 24 Mar 2014; Sven Vermeulen - -selinux-unconfined-2.20120725-r11.ebuild, - -selinux-unconfined-2.20120725-r12.ebuild, - -selinux-unconfined-2.20120725-r5.ebuild, - -selinux-unconfined-2.20120725-r7.ebuild, - -selinux-unconfined-2.20120725-r8.ebuild, - -selinux-unconfined-2.20120725-r9.ebuild: - Remove older SELinux policy ebuilds - -*selinux-unconfined-2.20140311-r1 (21 Mar 2014) - - 21 Mar 2014; Sven Vermeulen - +selinux-unconfined-2.20140311-r1.ebuild: - New upstream refpolicy release - - 12 Jan 2014; Sven Vermeulen - selinux-unconfined-2.20130424-r4.ebuild: - Stabilize 2.20130424-r4 - -*selinux-unconfined-2.20130424-r4 (11 Dec 2013) - - 11 Dec 2013; Sven Vermeulen - +selinux-unconfined-2.20130424-r4.ebuild: - Release of 2.20130424-r4 - -*selinux-unconfined-2.20130424-r3 (26 Sep 2013) - - 26 Sep 2013; Sven Vermeulen - +selinux-unconfined-2.20130424-r3.ebuild: - Release 2.20130424-r3, fixing bugs #480628, #482196, #475432, #485304, #480870 - and #428322 - - 15 Aug 2013; Sven Vermeulen - selinux-unconfined-2.20130424-r2.ebuild: - Stabilize r2 of policies - -*selinux-unconfined-2.20130424-r2 (20 Jul 2013) - - 20 Jul 2013; Sven Vermeulen - +selinux-unconfined-2.20130424-r2.ebuild: - Pushing out rev 2 - - 16 Jun 2013; Sven Vermeulen - selinux-unconfined-2.20130424-r1.ebuild: - Stabilize 20130424 policies - -*selinux-unconfined-2.20130424-r1 (06 May 2013) - - 06 May 2013; Sven Vermeulen - +selinux-unconfined-2.20130424-r1.ebuild: - Adding 20130424 release - - 29 Mar 2013; Sven Vermeulen - selinux-unconfined-2.20120725-r12.ebuild: - Stabilize r12, fixes 455080, 453724, 461880, 453722, 452166, 458876, 457618, - 456910, 456194, 453990 and 460152 - -*selinux-unconfined-2.20120725-r12 (09 Mar 2013) - - 09 Mar 2013; Sven Vermeulen - +selinux-unconfined-2.20120725-r12.ebuild: - Pushing out rev 12 - - 23 Feb 2013; Sven Vermeulen - selinux-unconfined-2.20120725-r11.ebuild: - Stabilization - -*selinux-unconfined-2.20120725-r11 (26 Jan 2013) - - 26 Jan 2013; Sven Vermeulen - +selinux-unconfined-2.20120725-r11.ebuild: - Bumping selinux-unconfined to revision 11 - - 13 Jan 2013; Sven Vermeulen - selinux-unconfined-2.20120725-r9.ebuild: - Stabilizing r9 - -*selinux-unconfined-2.20120725-r9 (21 Dec 2012) - - 21 Dec 2012; Sven Vermeulen +selinux-unconfined-2.20120725-r9.ebuild: - Bumping to revision 9 - - 17 Dec 2012; Sven Vermeulen -selinux-unconfined-2.20120215-r1.ebuild, - -selinux-unconfined-2.20120215-r14.ebuild, - -selinux-unconfined-2.20120215-r15.ebuild, - -selinux-unconfined-2.20120215-r2.ebuild, - -selinux-unconfined-2.20120215.ebuild: - Removing older ebuilds - - 13 Dec 2012; Sven Vermeulen selinux-unconfined-2.20120725-r8.ebuild: - Stabilization - -*selinux-unconfined-2.20120725-r8 (03 Dec 2012) - - 03 Dec 2012; Sven Vermeulen +selinux-unconfined-2.20120725-r8.ebuild: - Bumping to revision 8 - -*selinux-unconfined-2.20120725-r7 (18 Nov 2012) - - 18 Nov 2012; Sven Vermeulen +selinux-unconfined-2.20120725-r7.ebuild: - Pushing out rev 7 - -*selinux-unconfined-9999 (13 Oct 2012) - - 13 Oct 2012; Sven Vermeulen +selinux-unconfined-9999.ebuild: - Adding live ebuild - - 04 Oct 2012; Sven Vermeulen selinux-unconfined-2.20120725-r5.ebuild: - Stabilization - -*selinux-unconfined-2.20120725-r5 (21 Sep 2012) - - 21 Sep 2012; Sven Vermeulen +selinux-unconfined-2.20120725-r5.ebuild: - Introducing policy for 2.20120725, rev5 - - 30 Jul 2012; Sven Vermeulen selinux-unconfined-2.20120215-r14.ebuild: - Stabilization of revision 14 of the SELinux policy modules - -*selinux-unconfined-2.20120215-r15 (26 Jul 2012) - - 26 Jul 2012; Sven Vermeulen +selinux-unconfined-2.20120215-r15.ebuild: - Bump to rev15 - -*selinux-unconfined-2.20120215-r14 (16 Jul 2012) - - 16 Jul 2012; Sven Vermeulen +selinux-unconfined-2.20120215-r14.ebuild: - Bumping to rev14 - -*selinux-unconfined-2.20120215-r2 (27 Jun 2012) - - 27 Jun 2012; Sven Vermeulen +selinux-unconfined-2.20120215-r2.ebuild: - Bump to revision 13 - -*selinux-unconfined-2.20120215-r1 (20 May 2012) - - 20 May 2012; Sven Vermeulen +selinux-unconfined-2.20120215-r1.ebuild: - Bumping to rev 9 - - 29 Apr 2012; Sven Vermeulen selinux-unconfined-2.20120215.ebuild: - Stabilizing revision 7 - - 31 Mar 2012; Sven Vermeulen +selinux-unconfined-2.20120215.ebuild, - +metadata.xml: - Bumping to 2.20120215 policies - -*selinux-unconfined-2.20120215 (31 Mar 2012) - - 31 Mar 2012; Sven Vermeulen +selinux-unconfined-2.20120215.ebuild, - +metadata.xml: - Initial SELinux policy for unconfined domain diff --git a/sec-policy/selinux-unconfined/Manifest b/sec-policy/selinux-unconfined/Manifest index 8c79c9abb3..d04eb79601 100644 --- a/sec-policy/selinux-unconfined/Manifest +++ b/sec-policy/selinux-unconfined/Manifest @@ -1,2 +1,18 @@ -DIST patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 299602 SHA256 e8518004942a6c57170a609683e22b1410c93a2a195829c41dc8fbc703d941b5 SHA512 ce6484fbca1d2d074e50d1a3953392bd3ce0a4617df98fbac37747b469b4f160a9331586dfe1c3ddccb1ccbee24876a2f05ab49e37c8492a48baf83c2d01d140 WHIRLPOOL 1fd7b956e98e95a64c3a713a944d4531259bd156a7feabf6a89c4b5f33ac846377730eede97889e85183be086f282ebd18e860214f6ca3f01b40f2323470ee04 -DIST refpolicy-2.20141203.tar.bz2 680243 SHA256 f438209c430d8a2d4ddcbe4bdd3edb46f6af7dc4913637af0b73c635e40c1522 SHA512 682e4280c5799e4c12ec7594afc1389f67be35055748d2e0dbdc3419159a16c96d4946ca6178daee8370515951f8653b2e452efe8c962b8d7f9bc192f0b15a0c WHIRLPOOL 74bca232534e7af9051bb1ab9f77c1ff6c425781cf4561f781d6e9a40cc5ca0d9add540249ea5493e8782a9372aea296ead6c165c6c440ae1509eb319d151ee5 +DIST patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 327838 BLAKE2B 8b8f6241636c0aaa472df3b4ad035d3f6ed8bafa25f9d5b2106f41e6e9e589cd3105f91fbcb9a5972998b6deda3eaf034755bcb13b57cd51957b473a60dfcbfe SHA512 727dd11bc5a777388199fb1da67add940a6051cca874456cdc4bb65f567216481e70b92fcf37ac59cc48d907fbe87b67e97c3813c4c97d5f31b7c66b7246f166 +DIST patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 354083 BLAKE2B 9296ea072f27774e7e6b055be9c24ba5717a1502cb2b20f57768231d2fdc267cc2e340ff9e301e072a199e80434f5f5caeed6151ea424b52380665a9927c23d6 SHA512 ac907590cefdc69638fce25de481d3dce625f0f1511e0fa3d0bcc78b2a18c57c0bea392c225d314645b1aec5abbcedf67bfc50b66be8580447bbcac7223ea66d +DIST patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 342266 BLAKE2B 4b4fb4d495f9507152ef05815273bc3d09927f9cdb3e63aa6050a620a061c133519b503dc6dbdb658c04a81a0917a7a4872668ee3fef8c2a049e0006e1c103de SHA512 df46b785a17c633d6fcd063b48258a362a0df13fcb71fb699b6c19281f4d647db43639e08e083157fcd49405c5c38c8408534decff99536d28ada64e9192d130 +DIST patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 373731 BLAKE2B cb291e14e181c68d95c77dc07185ba6d186d4a7f2bf163cbe32670d54cdf29e32ecfac49d449d8631df7df67992499e2bec6b39f6096f4d9e9394a87f2b24654 SHA512 93a0644440064d85db32c56a381478f8ef94824a04531e6fbad26dd79be02dacd939b804759db35d0627908ff653f8107e18c48858df458c80ae785d80374667 +DIST patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 314854 BLAKE2B 483d04f364195eb8627153647118eb23812a610db63a40d50819b42c19fc20ffd0a36cd5c1959a764eab2109bd2e5317f74fd3a5cc1c7ddd17d8c85be05579a5 SHA512 1358db158945b82e0e41907e3919a6888564b4f15ad765f0fe2dc7bf284485c18d11c5502d598268e33b2163a6fa0be2a4029a8e9f774abfd4377031ee9afd32 +DIST patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 324834 BLAKE2B ecc3b0425987aa648b3dd52977a6e1fd987e605fe302c3b6d8742d3eac9a1c89697de1f97331e9863b132bb95814ae7577e161a024cdda297fb84458aa9417fd SHA512 62ec2e70397d06d464e95305a4c0699cc07063d879d986a74442955fb8076a00cbe4a4f7a3cda46876cbf2ad38189be06f0c05ce9698aadafa6e9f02a8daf668 +DIST patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 689641 BLAKE2B 1accfbecd4825a6cdb8c3c189c9e23898d1dbe8415d2fe26a842782dec634958f01861916a3c040740359562984718b61cee7af7d9395b125590931110e67eff SHA512 2067b090cd054e47d6496c9513d69a7a37a72de8dc873159a8055e27fe2380dc73006354d790c455ae893645f956c6be6d6ad2d30be7428ff8a442604a0c5400 +DIST refpolicy-2.20170204.tar.bz2 709965 BLAKE2B 7fb10d6054d74204f8c7d6d8ee88603f37b6600ed4a03e937a3a233ea7a80feef6ab90ba01af8d444fa79b266456260b14af3be0ad6a311baff6e3408af7d1ba SHA512 30deabb02a5bde51c463e3e89988d850cff51596c2e72733a064245dec152ea46317eea79550dbe82a7a0d327ec0bcfbd9474ff8a902507392df0da00df6397f +DIST refpolicy-2.20170805.tar.bz2 740430 BLAKE2B 0597f51fceb5ca88b3506aa16cbd2d7f3df3a1d9c6afdf4cc5fc7eca25fa19c5810889f90ed1ee0abef401d41384558abb69f6638caf50341f71d075fa99e561 SHA512 dbb6809b028ae75296ad26d5997cc21d835c49555a0e37957cb39b36b144af6e817320073a29247448eba1876ab9e29d3956ff4456f1542b66ba38af459ec586 +EBUILD selinux-unconfined-2.20170204-r1.ebuild 292 BLAKE2B b23a44cf9d7c3fa3d77eaf44da007d28ca8ebc2c31b4502522d08b10ab36315b64e6f185115aa8f47918313b2b6baa27f80acc3784c3c03c811c8a997bac01b0 SHA512 8c12825359a1bafb9003732e3823264286eefc2c395196c14437104e4861235a29f6a9a35be9fd7daa776c748e9b9d337ec2948bc2b458079d1bbf3307d96a24 +EBUILD selinux-unconfined-2.20170204-r2.ebuild 290 BLAKE2B 3848b3489bde7117a1132261c2ac7f09d367282afbec1150a2315f0de28e45d737c9ffc3c4178df9fd3b961eb2bd42e34119e97d25a8fedf4c9e3d793c015708 SHA512 8285596975ddb919612ed132de92db0c2b15fd4e31edb44c99cc60c2c0d25c0485d151cb88c6906bd4208cb85bb76cc59f775a2f90f1e679dc2140ac18d6a7f8 +EBUILD selinux-unconfined-2.20170204-r3.ebuild 290 BLAKE2B 3848b3489bde7117a1132261c2ac7f09d367282afbec1150a2315f0de28e45d737c9ffc3c4178df9fd3b961eb2bd42e34119e97d25a8fedf4c9e3d793c015708 SHA512 8285596975ddb919612ed132de92db0c2b15fd4e31edb44c99cc60c2c0d25c0485d151cb88c6906bd4208cb85bb76cc59f775a2f90f1e679dc2140ac18d6a7f8 +EBUILD selinux-unconfined-2.20170204-r4.ebuild 290 BLAKE2B 3848b3489bde7117a1132261c2ac7f09d367282afbec1150a2315f0de28e45d737c9ffc3c4178df9fd3b961eb2bd42e34119e97d25a8fedf4c9e3d793c015708 SHA512 8285596975ddb919612ed132de92db0c2b15fd4e31edb44c99cc60c2c0d25c0485d151cb88c6906bd4208cb85bb76cc59f775a2f90f1e679dc2140ac18d6a7f8 +EBUILD selinux-unconfined-2.20170805-r2.ebuild 290 BLAKE2B 3848b3489bde7117a1132261c2ac7f09d367282afbec1150a2315f0de28e45d737c9ffc3c4178df9fd3b961eb2bd42e34119e97d25a8fedf4c9e3d793c015708 SHA512 8285596975ddb919612ed132de92db0c2b15fd4e31edb44c99cc60c2c0d25c0485d151cb88c6906bd4208cb85bb76cc59f775a2f90f1e679dc2140ac18d6a7f8 +EBUILD selinux-unconfined-2.20170805-r3.ebuild 290 BLAKE2B 3848b3489bde7117a1132261c2ac7f09d367282afbec1150a2315f0de28e45d737c9ffc3c4178df9fd3b961eb2bd42e34119e97d25a8fedf4c9e3d793c015708 SHA512 8285596975ddb919612ed132de92db0c2b15fd4e31edb44c99cc60c2c0d25c0485d151cb88c6906bd4208cb85bb76cc59f775a2f90f1e679dc2140ac18d6a7f8 +EBUILD selinux-unconfined-2.20170805-r4.ebuild 292 BLAKE2B b23a44cf9d7c3fa3d77eaf44da007d28ca8ebc2c31b4502522d08b10ab36315b64e6f185115aa8f47918313b2b6baa27f80acc3784c3c03c811c8a997bac01b0 SHA512 8c12825359a1bafb9003732e3823264286eefc2c395196c14437104e4861235a29f6a9a35be9fd7daa776c748e9b9d337ec2948bc2b458079d1bbf3307d96a24 +EBUILD selinux-unconfined-9999.ebuild 292 BLAKE2B b23a44cf9d7c3fa3d77eaf44da007d28ca8ebc2c31b4502522d08b10ab36315b64e6f185115aa8f47918313b2b6baa27f80acc3784c3c03c811c8a997bac01b0 SHA512 8c12825359a1bafb9003732e3823264286eefc2c395196c14437104e4861235a29f6a9a35be9fd7daa776c748e9b9d337ec2948bc2b458079d1bbf3307d96a24 +MISC metadata.xml 328 BLAKE2B 87e024bb413e0c65f34313030016af3ead498111d26844172eb61cfdc17c6605ea41975127ed67f33b5c905a4a7095b2661288ecd4e383a314425f3661602297 SHA512 dcf584f01f9b74b9e5196147219616837c1c46a73b258a37ddd8d183b9bd61d6c0819d92e27390d67b4d6d01b8b1a1447010d6437459a329c3eaa4a79f39b050 diff --git a/sec-policy/selinux-unconfined/metadata.xml b/sec-policy/selinux-unconfined/metadata.xml index 2fd988dda8..2f2543e38b 100644 --- a/sec-policy/selinux-unconfined/metadata.xml +++ b/sec-policy/selinux-unconfined/metadata.xml @@ -1,6 +1,9 @@ - selinux + + selinux@gentoo.org + SELinux Team + Gentoo SELinux policy for unconfined domains diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20141203-r14.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20141203-r14.ebuild deleted file mode 100644 index 37be602ce0..0000000000 --- a/sec-policy/selinux-unconfined/selinux-unconfined-2.20141203-r14.ebuild +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-unconfined/selinux-unconfined-2.20141203-r5.ebuild,v 1.2 2015/06/05 16:10:22 perfinion Exp $ -EAPI="5" - -IUSE="" -MODS="unconfined" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for unconfined" - -if [[ $PV == 9999* ]] ; then - KEYWORDS="" -else - KEYWORDS="amd64 x86" -fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r1.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r1.ebuild new file mode 100644 index 0000000000..11d2e71947 --- /dev/null +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r1.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="unconfined" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for unconfined" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" +fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r2.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r2.ebuild new file mode 100644 index 0000000000..f5d4a5975a --- /dev/null +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r2.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="unconfined" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for unconfined" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r3.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r3.ebuild new file mode 100644 index 0000000000..f5d4a5975a --- /dev/null +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r3.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="unconfined" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for unconfined" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r4.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r4.ebuild new file mode 100644 index 0000000000..f5d4a5975a --- /dev/null +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170204-r4.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="unconfined" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for unconfined" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r2.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r2.ebuild new file mode 100644 index 0000000000..f5d4a5975a --- /dev/null +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r2.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="unconfined" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for unconfined" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild new file mode 100644 index 0000000000..f5d4a5975a --- /dev/null +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="unconfined" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for unconfined" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r4.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r4.ebuild new file mode 100644 index 0000000000..11d2e71947 --- /dev/null +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r4.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="unconfined" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for unconfined" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" +fi diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-9999.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-9999.ebuild index c75300a2f4..11d2e71947 100644 --- a/sec-policy/selinux-unconfined/selinux-unconfined-9999.ebuild +++ b/sec-policy/selinux-unconfined/selinux-unconfined-9999.ebuild @@ -1,7 +1,7 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-unconfined/selinux-unconfined-9999.ebuild,v 1.4 2015/03/22 13:47:24 swift Exp $ -EAPI="5" + +EAPI="6" IUSE="" MODS="unconfined" @@ -10,8 +10,6 @@ inherit selinux-policy-2 DESCRIPTION="SELinux policy for unconfined" -if [[ $PV == 9999* ]] ; then - KEYWORDS="" -else - KEYWORDS="~amd64 ~x86" +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" fi From 1e226b55dec2fd9ad3a5ce72a7716149c20db4fa Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 36/42] sec-policy/selinux-unconfined: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- .../selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild index f5d4a5975a..e38bb7572c 100644 --- a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild @@ -11,5 +11,5 @@ inherit selinux-policy-2 DESCRIPTION="SELinux policy for unconfined" if [[ ${PV} != 9999* ]] ; then - KEYWORDS="amd64 -arm ~arm64 ~mips x86" + KEYWORDS="amd64 -arm arm64 ~mips x86" fi From bcd532e1df2451f85562548919006c3e3f30092b Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 37/42] sec-policy/selinux-unconfined: Fixups for Container Linux Signed-off-by: Geoff Levand --- .../selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild index e38bb7572c..281feeacc9 100644 --- a/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild +++ b/sec-policy/selinux-unconfined/selinux-unconfined-2.20170805-r3.ebuild @@ -6,7 +6,7 @@ EAPI="6" IUSE="" MODS="unconfined" -inherit selinux-policy-2 +inherit coreos-sec-policy DESCRIPTION="SELinux policy for unconfined" From 515e1d85d41ccff25a0c74fa84ae0f0685d7fd3a Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 38/42] sec-policy/selinux-virt: Import latest Signed-off-by: Geoff Levand --- sec-policy/selinux-virt/ChangeLog | 308 ------------------ sec-policy/selinux-virt/Manifest | 20 +- .../files/fix-qemu-is-optional-r8.patch | 15 - sec-policy/selinux-virt/files/virt.diff | 36 -- sec-policy/selinux-virt/metadata.xml | 5 +- .../selinux-virt-2.20141203-r14.ebuild | 19 -- .../selinux-virt-2.20170204-r1.ebuild | 15 + .../selinux-virt-2.20170204-r2.ebuild | 15 + .../selinux-virt-2.20170204-r3.ebuild | 15 + .../selinux-virt-2.20170204-r4.ebuild | 15 + .../selinux-virt-2.20170805-r2.ebuild | 15 + .../selinux-virt-2.20170805-r3.ebuild | 15 + .../selinux-virt-2.20170805-r4.ebuild | 15 + .../selinux-virt/selinux-virt-9999.ebuild | 12 +- 14 files changed, 132 insertions(+), 388 deletions(-) delete mode 100644 sec-policy/selinux-virt/ChangeLog delete mode 100644 sec-policy/selinux-virt/files/fix-qemu-is-optional-r8.patch delete mode 100644 sec-policy/selinux-virt/files/virt.diff delete mode 100644 sec-policy/selinux-virt/selinux-virt-2.20141203-r14.ebuild create mode 100644 sec-policy/selinux-virt/selinux-virt-2.20170204-r1.ebuild create mode 100644 sec-policy/selinux-virt/selinux-virt-2.20170204-r2.ebuild create mode 100644 sec-policy/selinux-virt/selinux-virt-2.20170204-r3.ebuild create mode 100644 sec-policy/selinux-virt/selinux-virt-2.20170204-r4.ebuild create mode 100644 sec-policy/selinux-virt/selinux-virt-2.20170805-r2.ebuild create mode 100644 sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild create mode 100644 sec-policy/selinux-virt/selinux-virt-2.20170805-r4.ebuild diff --git a/sec-policy/selinux-virt/ChangeLog b/sec-policy/selinux-virt/ChangeLog deleted file mode 100644 index f24e369764..0000000000 --- a/sec-policy/selinux-virt/ChangeLog +++ /dev/null @@ -1,308 +0,0 @@ -# ChangeLog for sec-policy/selinux-virt -# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/ChangeLog,v 1.63 2015/06/05 16:10:23 perfinion Exp $ - - 05 Jun 2015; Jason Zaman - selinux-virt-2.20141203-r5.ebuild: - Stabilize policy 2.20141203-r5 - -*selinux-virt-2.20141203-r6 (05 Jun 2015) - - 05 Jun 2015; Jason Zaman - +selinux-virt-2.20141203-r6.ebuild: - Release of 2.20141203-r6 - - 15 Apr 2015; Jason Zaman - selinux-virt-2.20141203-r4.ebuild: - Stabilize policy 2.20141203-r4 - -*selinux-virt-2.20141203-r5 (15 Apr 2015) - - 15 Apr 2015; Jason Zaman - +selinux-virt-2.20141203-r5.ebuild: - Release of 2.20141203-r5 - - 22 Mar 2015; Sven Vermeulen - selinux-virt-2.20141203-r3.ebuild: - Stabilize 2.20141203-r3 policies - -*selinux-virt-2.20141203-r4 (22 Mar 2015) - - 22 Mar 2015; Sven Vermeulen - +selinux-virt-2.20141203-r4.ebuild, selinux-virt-9999.ebuild: - Release of 2.20141203-r4 - -*selinux-virt-2.20141203-r3 (29 Jan 2015) - - 29 Jan 2015; Jason Zaman - +selinux-virt-2.20141203-r3.ebuild, selinux-virt-2.20141203-r2.ebuild: - Release of 2.20141203-r3, stable 2.20141203-r2 - - 21 Dec 2014; Sven Vermeulen - -selinux-virt-2.20140311-r1.ebuild, -selinux-virt-2.20140311-r2.ebuild, - -selinux-virt-2.20140311-r3.ebuild, -selinux-virt-2.20140311-r4.ebuild: - Remove old ebuilds - - 21 Dec 2014; Sven Vermeulen - selinux-virt-2.20141203-r1.ebuild: - Stabilize 2.20141203-r1 - -*selinux-virt-2.20141203-r2 (21 Dec 2014) - - 21 Dec 2014; Sven Vermeulen - +selinux-virt-2.20141203-r2.ebuild: - Release of 2.20141203-r2 - - 07 Dec 2014; Jason Zaman - selinux-virt-2.20140311-r7.ebuild: - Stabilize 2.20140311-r7 - -*selinux-virt-2.20141203-r1 (07 Dec 2014) - - 07 Dec 2014; Jason Zaman - +selinux-virt-2.20141203-r1.ebuild: - Release of 2.20141203-r1 - - 01 Nov 2014; Sven Vermeulen - selinux-virt-2.20140311-r6.ebuild: - Stabilize rev 6 - -*selinux-virt-2.20140311-r7 (01 Nov 2014) - - 01 Nov 2014; Sven Vermeulen - +selinux-virt-2.20140311-r7.ebuild: - Bump revision r7 of SELinux policies - - 01 Nov 2014; Sven Vermeulen selinux-virt-9999.ebuild: - Add KEYWORDS logic in -9999 ebuilds for ease of copying - - 22 Aug 2014; Sven Vermeulen - selinux-virt-2.20140311-r5.ebuild: - Stabilize r5 policies - -*selinux-virt-2.20140311-r6 (21 Aug 2014) - - 21 Aug 2014; Sven Vermeulen - +selinux-virt-2.20140311-r6.ebuild: - Release of 2.20140311-r6 - -*selinux-virt-2.20140311-r5 (09 Aug 2014) - - 09 Aug 2014; Sven Vermeulen - +selinux-virt-2.20140311-r5.ebuild: - Bump towards r5 (fixes duplicate context for hiawatha) - - 08 Aug 2014; Sven Vermeulen selinux-virt-9999.ebuild: - Make 9999 ebuilds EAPI=5 and transform to make master for version bumps - - 05 Aug 2014; Sven Vermeulen - -selinux-virt-2.20130424-r1.ebuild, -selinux-virt-2.20130424-r2.ebuild, - -selinux-virt-2.20130424-r3.ebuild, -selinux-virt-2.20130424-r4.ebuild: - Remove obsolete ebuilds - -*selinux-virt-2.20140311-r4 (01 Aug 2014) - - 01 Aug 2014; Sven Vermeulen - +selinux-virt-2.20140311-r4.ebuild, selinux-virt-2.20140311-r3.ebuild: - Stabilization of r3, and make r4 available for testing - - 29 May 2014; Sven Vermeulen - selinux-virt-2.20140311-r2.ebuild: - Stabilize 2.20140311-r2 - -*selinux-virt-2.20140311-r3 (29 May 2014) - - 29 May 2014; Sven Vermeulen - +selinux-virt-2.20140311-r3.ebuild: - Bump to 2.20140311-r3 - - 19 Apr 2014; Sven Vermeulen - selinux-virt-2.20140311-r1.ebuild: - Stabilize r1 policies - -*selinux-virt-2.20140311-r2 (19 Apr 2014) - - 19 Apr 2014; Sven Vermeulen - +selinux-virt-2.20140311-r2.ebuild: - Release of 2.20140311-r2 - - 24 Mar 2014; Sven Vermeulen - -selinux-virt-2.20120725-r11.ebuild, -selinux-virt-2.20120725-r12.ebuild, - -selinux-virt-2.20120725-r5.ebuild, -selinux-virt-2.20120725-r7.ebuild, - -selinux-virt-2.20120725-r8.ebuild, -selinux-virt-2.20120725-r9.ebuild: - Remove older SELinux policy ebuilds - -*selinux-virt-2.20140311-r1 (21 Mar 2014) - - 21 Mar 2014; Sven Vermeulen - +selinux-virt-2.20140311-r1.ebuild: - New upstream refpolicy release - - 12 Jan 2014; Sven Vermeulen - selinux-virt-2.20130424-r4.ebuild: - Stabilize 2.20130424-r4 - -*selinux-virt-2.20130424-r4 (11 Dec 2013) - - 11 Dec 2013; Sven Vermeulen - +selinux-virt-2.20130424-r4.ebuild: - Release of 2.20130424-r4 - -*selinux-virt-2.20130424-r3 (26 Sep 2013) - - 26 Sep 2013; Sven Vermeulen - +selinux-virt-2.20130424-r3.ebuild: - Release 2.20130424-r3, fixing bugs #480628, #482196, #475432, #485304, #480870 - and #428322 - - 15 Aug 2013; Sven Vermeulen - selinux-virt-2.20130424-r2.ebuild: - Stabilize r2 of policies - -*selinux-virt-2.20130424-r2 (20 Jul 2013) - - 20 Jul 2013; Sven Vermeulen - +selinux-virt-2.20130424-r2.ebuild: - Pushing out rev 2 - - 16 Jun 2013; Sven Vermeulen - selinux-virt-2.20130424-r1.ebuild: - Stabilize 20130424 policies - -*selinux-virt-2.20130424-r1 (06 May 2013) - - 06 May 2013; Sven Vermeulen - +selinux-virt-2.20130424-r1.ebuild: - Adding 20130424 release - - 29 Mar 2013; Sven Vermeulen - selinux-virt-2.20120725-r12.ebuild: - Stabilize r12, fixes 455080, 453724, 461880, 453722, 452166, 458876, 457618, - 456910, 456194, 453990 and 460152 - -*selinux-virt-2.20120725-r12 (09 Mar 2013) - - 09 Mar 2013; Sven Vermeulen - +selinux-virt-2.20120725-r12.ebuild: - Pushing out rev 12 - - 23 Feb 2013; Sven Vermeulen - selinux-virt-2.20120725-r11.ebuild: - Stabilization - -*selinux-virt-2.20120725-r11 (26 Jan 2013) - - 26 Jan 2013; Sven Vermeulen - +selinux-virt-2.20120725-r11.ebuild: - Bumping selinux-virt to revision 11 - - 13 Jan 2013; Sven Vermeulen - selinux-virt-2.20120725-r9.ebuild: - Stabilizing r9 - -*selinux-virt-2.20120725-r9 (21 Dec 2012) - - 21 Dec 2012; Sven Vermeulen +selinux-virt-2.20120725-r9.ebuild: - Bumping to revision 9 - - 17 Dec 2012; Sven Vermeulen -selinux-virt-2.20120215-r1.ebuild, - -selinux-virt-2.20120215-r14.ebuild, -selinux-virt-2.20120215-r15.ebuild, - -selinux-virt-2.20120215.ebuild: - Removing older ebuilds - - 13 Dec 2012; Sven Vermeulen selinux-virt-2.20120725-r8.ebuild: - Stabilization - -*selinux-virt-2.20120725-r8 (03 Dec 2012) - - 03 Dec 2012; Sven Vermeulen +files/fix-qemu-is-optional-r8.patch, - +selinux-virt-2.20120725-r8.ebuild: - Bumping to revision 8 - -*selinux-virt-2.20120725-r7 (18 Nov 2012) - - 18 Nov 2012; Sven Vermeulen +selinux-virt-2.20120725-r7.ebuild: - Pushing out rev 7 - -*selinux-virt-9999 (13 Oct 2012) - - 13 Oct 2012; Sven Vermeulen +selinux-virt-9999.ebuild: - Adding live ebuild - - 04 Oct 2012; Sven Vermeulen selinux-virt-2.20120725-r5.ebuild: - Stabilization - -*selinux-virt-2.20120725-r5 (21 Sep 2012) - - 21 Sep 2012; Sven Vermeulen +selinux-virt-2.20120725-r5.ebuild: - Introducing policy for 2.20120725, rev5 - - 30 Jul 2012; Sven Vermeulen selinux-virt-2.20120215-r14.ebuild: - Stabilization of revision 14 of the SELinux policy modules - -*selinux-virt-2.20120215-r15 (26 Jul 2012) - - 26 Jul 2012; Sven Vermeulen +selinux-virt-2.20120215-r15.ebuild: - Bump to rev15 - -*selinux-virt-2.20120215-r14 (16 Jul 2012) - - 16 Jul 2012; Sven Vermeulen +selinux-virt-2.20120215-r14.ebuild: - Bumping to rev14 - -*selinux-virt-2.20120215-r1 (27 Jun 2012) - - 27 Jun 2012; Sven Vermeulen +selinux-virt-2.20120215-r1.ebuild: - Bump to revision 13 - - 13 May 2012; Sven Vermeulen -selinux-virt-2.20110726.ebuild, - -selinux-virt-2.20110726-r1.ebuild: - Removing deprecated ebuilds (cleanup) - - 29 Apr 2012; Sven Vermeulen selinux-virt-2.20120215.ebuild: - Stabilizing revision 7 - -*selinux-virt-2.20120215 (31 Mar 2012) - - 31 Mar 2012; Sven Vermeulen +selinux-virt-2.20120215.ebuild: - Bumping to 2.20120215 policies - - 23 Feb 2012; Sven Vermeulen selinux-virt-2.20110726-r1.ebuild: - Stabilizing - -*selinux-virt-2.20110726-r1 (14 Jan 2012) - - 14 Jan 2012; Sven Vermeulen +selinux-virt-2.20110726-r1.ebuild: - Fix bug #330767 to support libvirt better in gentoo - - 12 Nov 2011; Sven Vermeulen -selinux-virt-2.20101213.ebuild: - Removing old policies - - 23 Oct 2011; Sven Vermeulen selinux-virt-2.20110726.ebuild: - Stabilization (tracker #384231) - -*selinux-virt-2.20110726 (28 Aug 2011) - - 28 Aug 2011; Sven Vermeulen +selinux-virt-2.20110726.ebuild: - Updating policy builds to refpolicy 20110726 - - 02 Jun 2011; Anthony G. Basile - selinux-virt-2.20101213.ebuild: - Stable amd64 x86 - - 06 Feb 2011; Anthony G. Basile - selinux-virt-2.20101213.ebuild: - Fixed unquoted variable. - - 05 Feb 2011; Anthony G. Basile ChangeLog: - Initial commit to portage. - - 01 Jan 2011; Chris Richards - +selinux-virt-2.20101213.ebuild, +metadata.xml: - New upstream release - -*selinux-virt-2.20101213 (01 Jan 2011) - - 01 Jan 2011; Chris Richards - +selinux-virt-2.20101213.ebuild, +metadata.xml: - Initial commit diff --git a/sec-policy/selinux-virt/Manifest b/sec-policy/selinux-virt/Manifest index 8c79c9abb3..078b47ab6a 100644 --- a/sec-policy/selinux-virt/Manifest +++ b/sec-policy/selinux-virt/Manifest @@ -1,2 +1,18 @@ -DIST patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 299602 SHA256 e8518004942a6c57170a609683e22b1410c93a2a195829c41dc8fbc703d941b5 SHA512 ce6484fbca1d2d074e50d1a3953392bd3ce0a4617df98fbac37747b469b4f160a9331586dfe1c3ddccb1ccbee24876a2f05ab49e37c8492a48baf83c2d01d140 WHIRLPOOL 1fd7b956e98e95a64c3a713a944d4531259bd156a7feabf6a89c4b5f33ac846377730eede97889e85183be086f282ebd18e860214f6ca3f01b40f2323470ee04 -DIST refpolicy-2.20141203.tar.bz2 680243 SHA256 f438209c430d8a2d4ddcbe4bdd3edb46f6af7dc4913637af0b73c635e40c1522 SHA512 682e4280c5799e4c12ec7594afc1389f67be35055748d2e0dbdc3419159a16c96d4946ca6178daee8370515951f8653b2e452efe8c962b8d7f9bc192f0b15a0c WHIRLPOOL 74bca232534e7af9051bb1ab9f77c1ff6c425781cf4561f781d6e9a40cc5ca0d9add540249ea5493e8782a9372aea296ead6c165c6c440ae1509eb319d151ee5 +DIST patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 327838 BLAKE2B 8b8f6241636c0aaa472df3b4ad035d3f6ed8bafa25f9d5b2106f41e6e9e589cd3105f91fbcb9a5972998b6deda3eaf034755bcb13b57cd51957b473a60dfcbfe SHA512 727dd11bc5a777388199fb1da67add940a6051cca874456cdc4bb65f567216481e70b92fcf37ac59cc48d907fbe87b67e97c3813c4c97d5f31b7c66b7246f166 +DIST patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 354083 BLAKE2B 9296ea072f27774e7e6b055be9c24ba5717a1502cb2b20f57768231d2fdc267cc2e340ff9e301e072a199e80434f5f5caeed6151ea424b52380665a9927c23d6 SHA512 ac907590cefdc69638fce25de481d3dce625f0f1511e0fa3d0bcc78b2a18c57c0bea392c225d314645b1aec5abbcedf67bfc50b66be8580447bbcac7223ea66d +DIST patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 342266 BLAKE2B 4b4fb4d495f9507152ef05815273bc3d09927f9cdb3e63aa6050a620a061c133519b503dc6dbdb658c04a81a0917a7a4872668ee3fef8c2a049e0006e1c103de SHA512 df46b785a17c633d6fcd063b48258a362a0df13fcb71fb699b6c19281f4d647db43639e08e083157fcd49405c5c38c8408534decff99536d28ada64e9192d130 +DIST patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 373731 BLAKE2B cb291e14e181c68d95c77dc07185ba6d186d4a7f2bf163cbe32670d54cdf29e32ecfac49d449d8631df7df67992499e2bec6b39f6096f4d9e9394a87f2b24654 SHA512 93a0644440064d85db32c56a381478f8ef94824a04531e6fbad26dd79be02dacd939b804759db35d0627908ff653f8107e18c48858df458c80ae785d80374667 +DIST patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 314854 BLAKE2B 483d04f364195eb8627153647118eb23812a610db63a40d50819b42c19fc20ffd0a36cd5c1959a764eab2109bd2e5317f74fd3a5cc1c7ddd17d8c85be05579a5 SHA512 1358db158945b82e0e41907e3919a6888564b4f15ad765f0fe2dc7bf284485c18d11c5502d598268e33b2163a6fa0be2a4029a8e9f774abfd4377031ee9afd32 +DIST patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 324834 BLAKE2B ecc3b0425987aa648b3dd52977a6e1fd987e605fe302c3b6d8742d3eac9a1c89697de1f97331e9863b132bb95814ae7577e161a024cdda297fb84458aa9417fd SHA512 62ec2e70397d06d464e95305a4c0699cc07063d879d986a74442955fb8076a00cbe4a4f7a3cda46876cbf2ad38189be06f0c05ce9698aadafa6e9f02a8daf668 +DIST patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 689641 BLAKE2B 1accfbecd4825a6cdb8c3c189c9e23898d1dbe8415d2fe26a842782dec634958f01861916a3c040740359562984718b61cee7af7d9395b125590931110e67eff SHA512 2067b090cd054e47d6496c9513d69a7a37a72de8dc873159a8055e27fe2380dc73006354d790c455ae893645f956c6be6d6ad2d30be7428ff8a442604a0c5400 +DIST refpolicy-2.20170204.tar.bz2 709965 BLAKE2B 7fb10d6054d74204f8c7d6d8ee88603f37b6600ed4a03e937a3a233ea7a80feef6ab90ba01af8d444fa79b266456260b14af3be0ad6a311baff6e3408af7d1ba SHA512 30deabb02a5bde51c463e3e89988d850cff51596c2e72733a064245dec152ea46317eea79550dbe82a7a0d327ec0bcfbd9474ff8a902507392df0da00df6397f +DIST refpolicy-2.20170805.tar.bz2 740430 BLAKE2B 0597f51fceb5ca88b3506aa16cbd2d7f3df3a1d9c6afdf4cc5fc7eca25fa19c5810889f90ed1ee0abef401d41384558abb69f6638caf50341f71d075fa99e561 SHA512 dbb6809b028ae75296ad26d5997cc21d835c49555a0e37957cb39b36b144af6e817320073a29247448eba1876ab9e29d3956ff4456f1542b66ba38af459ec586 +EBUILD selinux-virt-2.20170204-r1.ebuild 280 BLAKE2B 165c00867db4af8d38122bb325d82ece7b41c7289cdfcc33a5f94cbf359d3cfe59836ab27fc3ae96f0d1474338223ca2fc657cf7a9ea6c72410b3142577f41ac SHA512 5bf96dc492c14c5e49420e5f709039551ed5ac0684110913c98b9dad3bcc1bf4dc842f85a44f368592f3091eb67b97b9b42398451a7fb5a9cf649dd18f0ff69d +EBUILD selinux-virt-2.20170204-r2.ebuild 278 BLAKE2B 306b0a61f279bfa7defa2988d0c60c3a66fe15240200c2d0f294e5c6b7f259a48e9c4db4fb033a8389ecf92b3eb710f6553a06d417b13e906f8ab60a83f56a91 SHA512 fe61f61f2c0d1af1ce896029ee5159f6fcf93368890565f77f2aa64c28d84313c3cd635104330ad610633ab37bdf16578617b846ab9831bcb842d6396e2a1330 +EBUILD selinux-virt-2.20170204-r3.ebuild 278 BLAKE2B 306b0a61f279bfa7defa2988d0c60c3a66fe15240200c2d0f294e5c6b7f259a48e9c4db4fb033a8389ecf92b3eb710f6553a06d417b13e906f8ab60a83f56a91 SHA512 fe61f61f2c0d1af1ce896029ee5159f6fcf93368890565f77f2aa64c28d84313c3cd635104330ad610633ab37bdf16578617b846ab9831bcb842d6396e2a1330 +EBUILD selinux-virt-2.20170204-r4.ebuild 278 BLAKE2B 306b0a61f279bfa7defa2988d0c60c3a66fe15240200c2d0f294e5c6b7f259a48e9c4db4fb033a8389ecf92b3eb710f6553a06d417b13e906f8ab60a83f56a91 SHA512 fe61f61f2c0d1af1ce896029ee5159f6fcf93368890565f77f2aa64c28d84313c3cd635104330ad610633ab37bdf16578617b846ab9831bcb842d6396e2a1330 +EBUILD selinux-virt-2.20170805-r2.ebuild 278 BLAKE2B 306b0a61f279bfa7defa2988d0c60c3a66fe15240200c2d0f294e5c6b7f259a48e9c4db4fb033a8389ecf92b3eb710f6553a06d417b13e906f8ab60a83f56a91 SHA512 fe61f61f2c0d1af1ce896029ee5159f6fcf93368890565f77f2aa64c28d84313c3cd635104330ad610633ab37bdf16578617b846ab9831bcb842d6396e2a1330 +EBUILD selinux-virt-2.20170805-r3.ebuild 278 BLAKE2B 306b0a61f279bfa7defa2988d0c60c3a66fe15240200c2d0f294e5c6b7f259a48e9c4db4fb033a8389ecf92b3eb710f6553a06d417b13e906f8ab60a83f56a91 SHA512 fe61f61f2c0d1af1ce896029ee5159f6fcf93368890565f77f2aa64c28d84313c3cd635104330ad610633ab37bdf16578617b846ab9831bcb842d6396e2a1330 +EBUILD selinux-virt-2.20170805-r4.ebuild 280 BLAKE2B 165c00867db4af8d38122bb325d82ece7b41c7289cdfcc33a5f94cbf359d3cfe59836ab27fc3ae96f0d1474338223ca2fc657cf7a9ea6c72410b3142577f41ac SHA512 5bf96dc492c14c5e49420e5f709039551ed5ac0684110913c98b9dad3bcc1bf4dc842f85a44f368592f3091eb67b97b9b42398451a7fb5a9cf649dd18f0ff69d +EBUILD selinux-virt-9999.ebuild 280 BLAKE2B 165c00867db4af8d38122bb325d82ece7b41c7289cdfcc33a5f94cbf359d3cfe59836ab27fc3ae96f0d1474338223ca2fc657cf7a9ea6c72410b3142577f41ac SHA512 5bf96dc492c14c5e49420e5f709039551ed5ac0684110913c98b9dad3bcc1bf4dc842f85a44f368592f3091eb67b97b9b42398451a7fb5a9cf649dd18f0ff69d +MISC metadata.xml 314 BLAKE2B ddfe4853a8e46120ae40067c91e5aae0b9398391620fdead4a2bd05ecb7aab29e9125e287b86a08fd5c7c11c31f231b1c82a5cb98bbaddbdff638bc87a779eb3 SHA512 0a2c6884ff96c1bab8de52467afdba253e06c6d873d5e389ac2f84c485e4e4fa1bd5cb95a907b0ab49777755afcc1a26446f653ded9b3e3f64b576af14013296 diff --git a/sec-policy/selinux-virt/files/fix-qemu-is-optional-r8.patch b/sec-policy/selinux-virt/files/fix-qemu-is-optional-r8.patch deleted file mode 100644 index 07518c5b1c..0000000000 --- a/sec-policy/selinux-virt/files/fix-qemu-is-optional-r8.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- contrib/virt.te 2012-11-25 21:35:09.181247450 +0100 -+++ contrib/virt.te 2012-11-25 21:34:09.223216815 +0100 -@@ -281,7 +281,11 @@ - userdom_search_user_home_dirs(virt_domain) - userdom_read_all_users_state(virt_domain) - --qemu_exec(virt_domain) -+ifdef(`distro_gentoo',` -+ optional_policy(` -+ qemu_exec(virt_domain) -+ ') -+') - - tunable_policy(`virt_use_execmem',` - allow virt_domain self:process { execmem execstack }; diff --git a/sec-policy/selinux-virt/files/virt.diff b/sec-policy/selinux-virt/files/virt.diff deleted file mode 100644 index bc321aba61..0000000000 --- a/sec-policy/selinux-virt/files/virt.diff +++ /dev/null @@ -1,36 +0,0 @@ -diff -u contrib.orig/virt.te contrib/virt.te ---- modules/contrib.orig/virt.te 2016-02-20 13:18:44.670955920 -0800 -+++ modules/contrib/virt.te 2016-02-20 13:22:24.186318856 -0800 -@@ -1299,3 +1299,32 @@ - - virt_append_log(virtlockd_t) - virt_read_config(virtlockd_t) -+ -+require { -+ type kernel_t; -+ type tmpfs_t; -+ type var_lib_t; -+} -+allow kernel_t svirt_lxc_net_t:process transition; -+fs_manage_tmpfs_chr_files(svirt_lxc_net_t) -+fs_manage_tmpfs_dirs(svirt_lxc_net_t) -+fs_manage_tmpfs_files(svirt_lxc_net_t) -+fs_manage_tmpfs_sockets(svirt_lxc_net_t) -+fs_manage_tmpfs_symlinks(svirt_lxc_net_t) -+fs_remount_tmpfs(svirt_lxc_net_t) -+kernel_read_messages(svirt_lxc_net_t) -+kernel_sigchld(svirt_lxc_net_t) -+kernel_use_fds(svirt_lxc_net_t) -+allow svirt_lxc_net_t self:process getcap; -+files_read_var_lib_files(svirt_lxc_net_t) -+files_read_var_lib_symlinks(svirt_lxc_net_t) -+term_use_generic_ptys(svirt_lxc_net_t) -+term_setattr_generic_ptys(svirt_lxc_net_t) -+allow svirt_lxc_net_t tmpfs_t:chr_file { read write open }; -+allow svirt_lxc_net_t svirt_lxc_file_t:chr_file { manage_file_perms }; -+allow svirt_lxc_net_t self:capability sys_chroot; -+allow svirt_lxc_net_t self:process getpgid; -+allow svirt_lxc_net_t svirt_lxc_file_t:file { entrypoint mounton }; -+allow svirt_lxc_net_t var_lib_t:file { entrypoint execute execute_no_trans }; -+allow svirt_lxc_net_t kernel_t:fifo_file { getattr ioctl read write open append }; -+ diff --git a/sec-policy/selinux-virt/metadata.xml b/sec-policy/selinux-virt/metadata.xml index 58b7e06937..fe2f23733b 100644 --- a/sec-policy/selinux-virt/metadata.xml +++ b/sec-policy/selinux-virt/metadata.xml @@ -1,6 +1,9 @@ - selinux + + selinux@gentoo.org + SELinux Team + Gentoo SELinux policy for virt diff --git a/sec-policy/selinux-virt/selinux-virt-2.20141203-r14.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20141203-r14.ebuild deleted file mode 100644 index 8e6c4604b4..0000000000 --- a/sec-policy/selinux-virt/selinux-virt-2.20141203-r14.ebuild +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/selinux-virt-2.20141203-r5.ebuild,v 1.2 2015/06/05 16:10:23 perfinion Exp $ -EAPI="5" - -IUSE="" -MODS="virt" - -inherit selinux-policy-2 - -DESCRIPTION="SELinux policy for virt" - -POLICY_PATCH="${FILESDIR}/virt.diff" - -if [[ $PV == 9999* ]] ; then - KEYWORDS="" -else - KEYWORDS="amd64 x86" -fi diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170204-r1.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170204-r1.ebuild new file mode 100644 index 0000000000..1e81f92d5c --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20170204-r1.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="virt" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" +fi diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170204-r2.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170204-r2.ebuild new file mode 100644 index 0000000000..6c625e7785 --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20170204-r2.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="virt" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170204-r3.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170204-r3.ebuild new file mode 100644 index 0000000000..6c625e7785 --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20170204-r3.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="virt" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170204-r4.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170204-r4.ebuild new file mode 100644 index 0000000000..6c625e7785 --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20170204-r4.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="virt" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170805-r2.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170805-r2.ebuild new file mode 100644 index 0000000000..6c625e7785 --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20170805-r2.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="virt" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild new file mode 100644 index 0000000000..6c625e7785 --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="virt" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="amd64 -arm ~arm64 ~mips x86" +fi diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170805-r4.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170805-r4.ebuild new file mode 100644 index 0000000000..1e81f92d5c --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20170805-r4.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +IUSE="" +MODS="virt" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" + +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" +fi diff --git a/sec-policy/selinux-virt/selinux-virt-9999.ebuild b/sec-policy/selinux-virt/selinux-virt-9999.ebuild index 1463dfde74..1e81f92d5c 100644 --- a/sec-policy/selinux-virt/selinux-virt-9999.ebuild +++ b/sec-policy/selinux-virt/selinux-virt-9999.ebuild @@ -1,7 +1,7 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/selinux-virt-9999.ebuild,v 1.4 2015/03/22 13:47:21 swift Exp $ -EAPI="5" + +EAPI="6" IUSE="" MODS="virt" @@ -10,8 +10,6 @@ inherit selinux-policy-2 DESCRIPTION="SELinux policy for virt" -if [[ $PV == 9999* ]] ; then - KEYWORDS="" -else - KEYWORDS="~amd64 ~x86" +if [[ ${PV} != 9999* ]] ; then + KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86" fi From 74edf387994cf53341b794da89baf4a51c3fcef4 Mon Sep 17 00:00:00 2001 From: David Michael Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 39/42] sec-policy/selinux-virt: Enable building on arm64 From: David Michael [Rebase to latest] Signed-off-by: Geoff Levand --- sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild index 6c625e7785..f0ebfb229f 100644 --- a/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild +++ b/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild @@ -11,5 +11,5 @@ inherit selinux-policy-2 DESCRIPTION="SELinux policy for virt" if [[ ${PV} != 9999* ]] ; then - KEYWORDS="amd64 -arm ~arm64 ~mips x86" + KEYWORDS="amd64 -arm arm64 ~mips x86" fi From 1f3b9d733f8423e464333d18a8d93b7585cc9534 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 40/42] sec-policy/selinux-virt: Fixups for Container Linux Signed-off-by: Geoff Levand --- sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild index f0ebfb229f..3942dd815d 100644 --- a/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild +++ b/sec-policy/selinux-virt/selinux-virt-2.20170805-r3.ebuild @@ -6,7 +6,7 @@ EAPI="6" IUSE="" MODS="virt" -inherit selinux-policy-2 +inherit coreos-sec-policy DESCRIPTION="SELinux policy for virt" From ba1cdfb1776531ca8699df891910287f5256f209 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 41/42] sys-kernel/bootengine: Update for SELinux labels Signed-off-by: Geoff Levand --- sys-kernel/bootengine/bootengine-9999.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys-kernel/bootengine/bootengine-9999.ebuild b/sys-kernel/bootengine/bootengine-9999.ebuild index 181612779b..5d42be848c 100644 --- a/sys-kernel/bootengine/bootengine-9999.ebuild +++ b/sys-kernel/bootengine/bootengine-9999.ebuild @@ -10,7 +10,7 @@ CROS_WORKON_REPO="git://github.com" if [[ "${PV}" == 9999 ]]; then KEYWORDS="~amd64 ~arm ~arm64 ~x86" else - CROS_WORKON_COMMIT="deba0732daec569545cf456f0cc514f17c7529b5" + CROS_WORKON_COMMIT="HEAD" KEYWORDS="amd64 arm arm64 x86" fi From 8195b8c8149b9606483a89fb0813c498ad2e2836 Mon Sep 17 00:00:00 2001 From: Geoff Levand Date: Wed, 23 May 2018 09:40:06 -0700 Subject: [PATCH 42/42] chore(metadata): Regenerate cache --- metadata/md5-cache/app-admin/setools-3.3.8-r7 | 9 +++++---- metadata/md5-cache/app-admin/setools-4.0.1 | 14 ++++++++++++++ metadata/md5-cache/app-admin/setools-4.1.1 | 13 +++++++++++++ metadata/md5-cache/app-admin/setools-9999 | 12 ++++++++++++ .../coreos-devel/{mantle-0.9.0 => mantle-0.9.1} | 2 +- metadata/md5-cache/coreos-devel/mantle-9999 | 2 +- .../sec-policy/selinux-base-2.20141203-r14 | 13 ------------- .../sec-policy/selinux-base-2.20170204-r1 | 12 ++++++++++++ .../sec-policy/selinux-base-2.20170204-r2 | 12 ++++++++++++ .../sec-policy/selinux-base-2.20170204-r3 | 12 ++++++++++++ .../sec-policy/selinux-base-2.20170204-r4 | 12 ++++++++++++ .../sec-policy/selinux-base-2.20170805-r2 | 12 ++++++++++++ .../sec-policy/selinux-base-2.20170805-r3 | 13 +++++++++++++ .../sec-policy/selinux-base-2.20170805-r4 | 12 ++++++++++++ metadata/md5-cache/sec-policy/selinux-base-9999 | 16 ++++++++-------- .../selinux-base-policy-2.20141203-r14 | 13 ------------- .../sec-policy/selinux-base-policy-2.20170204-r1 | 12 ++++++++++++ .../sec-policy/selinux-base-policy-2.20170204-r2 | 12 ++++++++++++ .../sec-policy/selinux-base-policy-2.20170204-r3 | 12 ++++++++++++ .../sec-policy/selinux-base-policy-2.20170204-r4 | 12 ++++++++++++ .../sec-policy/selinux-base-policy-2.20170805-r2 | 12 ++++++++++++ .../sec-policy/selinux-base-policy-2.20170805-r3 | 14 ++++++++++++++ .../sec-policy/selinux-base-policy-2.20170805-r4 | 12 ++++++++++++ .../sec-policy/selinux-base-policy-9999 | 15 +++++++-------- .../sec-policy/selinux-unconfined-2.20141203-r14 | 12 ------------ .../sec-policy/selinux-unconfined-2.20170204-r1 | 12 ++++++++++++ .../sec-policy/selinux-unconfined-2.20170204-r2 | 12 ++++++++++++ .../sec-policy/selinux-unconfined-2.20170204-r3 | 12 ++++++++++++ .../sec-policy/selinux-unconfined-2.20170204-r4 | 12 ++++++++++++ .../sec-policy/selinux-unconfined-2.20170805-r2 | 12 ++++++++++++ .../sec-policy/selinux-unconfined-2.20170805-r3 | 12 ++++++++++++ .../sec-policy/selinux-unconfined-2.20170805-r4 | 12 ++++++++++++ .../md5-cache/sec-policy/selinux-unconfined-9999 | 8 ++++---- .../sec-policy/selinux-virt-2.20141203-r14 | 12 ------------ .../sec-policy/selinux-virt-2.20170204-r1 | 12 ++++++++++++ .../sec-policy/selinux-virt-2.20170204-r2 | 12 ++++++++++++ .../sec-policy/selinux-virt-2.20170204-r3 | 12 ++++++++++++ .../sec-policy/selinux-virt-2.20170204-r4 | 12 ++++++++++++ .../sec-policy/selinux-virt-2.20170805-r2 | 12 ++++++++++++ .../sec-policy/selinux-virt-2.20170805-r3 | 12 ++++++++++++ .../sec-policy/selinux-virt-2.20170805-r4 | 12 ++++++++++++ metadata/md5-cache/sec-policy/selinux-virt-9999 | 8 ++++---- metadata/md5-cache/sys-apps/checkpolicy-2.4-r2 | 13 ------------- metadata/md5-cache/sys-apps/checkpolicy-2.6 | 13 +++++++++++++ metadata/md5-cache/sys-apps/checkpolicy-2.7 | 13 +++++++++++++ metadata/md5-cache/sys-apps/checkpolicy-9999 | 11 +++++++++++ .../{ignition-0.25.0 => ignition-0.25.1} | 4 ++-- metadata/md5-cache/sys-apps/ignition-9999 | 2 +- .../md5-cache/sys-apps/policycoreutils-2.6-r1 | 14 ++++++++++++++ metadata/md5-cache/sys-apps/policycoreutils-2.7 | 15 +++++++++++++++ metadata/md5-cache/sys-apps/policycoreutils-9999 | 14 ++++++++++++++ metadata/md5-cache/sys-apps/semodule-utils-2.7 | 12 ++++++++++++ metadata/md5-cache/sys-apps/semodule-utils-9999 | 10 ++++++++++ metadata/md5-cache/sys-kernel/bootengine-0.0.33 | 2 +- metadata/md5-cache/sys-kernel/bootengine-9999 | 2 +- metadata/md5-cache/sys-libs/libsemanage-2.4-r2 | 14 -------------- metadata/md5-cache/sys-libs/libsemanage-2.6 | 15 +++++++++++++++ metadata/md5-cache/sys-libs/libsemanage-2.7 | 15 +++++++++++++++ metadata/md5-cache/sys-libs/libsemanage-9999 | 15 ++++++++------- 59 files changed, 553 insertions(+), 119 deletions(-) create mode 100644 metadata/md5-cache/app-admin/setools-4.0.1 create mode 100644 metadata/md5-cache/app-admin/setools-4.1.1 create mode 100644 metadata/md5-cache/app-admin/setools-9999 rename metadata/md5-cache/coreos-devel/{mantle-0.9.0 => mantle-0.9.1} (96%) delete mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20141203-r14 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20170204-r1 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20170204-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20170204-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20170204-r4 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20170805-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20170805-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-2.20170805-r4 delete mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20141203-r14 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r1 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r4 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r4 delete mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20141203-r14 create mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r1 create mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r4 create mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r4 delete mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20141203-r14 create mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r1 create mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r4 create mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r2 create mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r3 create mode 100644 metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r4 delete mode 100644 metadata/md5-cache/sys-apps/checkpolicy-2.4-r2 create mode 100644 metadata/md5-cache/sys-apps/checkpolicy-2.6 create mode 100644 metadata/md5-cache/sys-apps/checkpolicy-2.7 create mode 100644 metadata/md5-cache/sys-apps/checkpolicy-9999 rename metadata/md5-cache/sys-apps/{ignition-0.25.0 => ignition-0.25.1} (95%) create mode 100644 metadata/md5-cache/sys-apps/policycoreutils-2.6-r1 create mode 100644 metadata/md5-cache/sys-apps/policycoreutils-2.7 create mode 100644 metadata/md5-cache/sys-apps/policycoreutils-9999 create mode 100644 metadata/md5-cache/sys-apps/semodule-utils-2.7 create mode 100644 metadata/md5-cache/sys-apps/semodule-utils-9999 delete mode 100644 metadata/md5-cache/sys-libs/libsemanage-2.4-r2 create mode 100644 metadata/md5-cache/sys-libs/libsemanage-2.6 create mode 100644 metadata/md5-cache/sys-libs/libsemanage-2.7 diff --git a/metadata/md5-cache/app-admin/setools-3.3.8-r7 b/metadata/md5-cache/app-admin/setools-3.3.8-r7 index c192ff9d84..29e4a0c937 100644 --- a/metadata/md5-cache/app-admin/setools-3.3.8-r7 +++ b/metadata/md5-cache/app-admin/setools-3.3.8-r7 @@ -2,13 +2,14 @@ DEFINED_PHASES=compile configure install preinst prepare setup DEPEND=>=sys-libs/libsepol-2.4 >=sys-libs/libselinux-2.4 >=dev-db/sqlite-3.2:3 dev-libs/libxml2:2 python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-)] ) X? ( >=dev-lang/tk-8.4.9:0= >=gnome-base/libglade-2.0 >=x11-libs/gtk+-2.8:2 ) >=sys-devel/automake-1.12.1 sys-devel/bison sys-devel/flex virtual/pkgconfig java? ( dev-lang/swig virtual/jdk:= ) python? ( dev-lang/swig ) >=app-portage/elt-patches-20170422 !=sys-devel/automake-1.15:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4 java? ( >=dev-java/java-config-2.2.0-r3 ) DESCRIPTION=SELinux policy tools EAPI=5 -HOMEPAGE=http://www.tresys.com/selinux/selinux_policy_tools.shtml +HOMEPAGE=https://github.com/TresysTechnology/setools/wiki IUSE=X debug java python elibc_FreeBSD java python_targets_python2_7 python_targets_python3_4 -KEYWORDS=amd64 x86 +KEYWORDS=amd64 ~arm ~arm64 ~mips x86 LICENSE=GPL-2 RDEPEND=>=sys-libs/libsepol-2.4 >=sys-libs/libselinux-2.4 >=dev-db/sqlite-3.2:3 dev-libs/libxml2:2 python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-)] ) X? ( >=dev-lang/tk-8.4.9:0= >=gnome-base/libglade-2.0 >=x11-libs/gtk+-2.8:2 ) java? ( >=virtual/jre-1.4:= ) X? ( >=dev-tcltk/bwidget-1.8 ) java? ( >=dev-java/java-config-2.2.0-r3 ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 ) ) RESTRICT=test SLOT=0 -SRC_URI=http://oss.tresys.com/projects/setools/chrome/site/dists/setools-3.3.8/setools-3.3.8.tar.bz2 http://dev.gentoo.org/~perfinion/patches/setools/setools-3.3.8-04-gentoo-patches.tar.bz2 +SRC_URI=http://oss.tresys.com/projects/setools/chrome/site/dists/setools-3.3.8/setools-3.3.8.tar.bz2 https://dev.gentoo.org/~perfinion/patches/setools/setools-3.3.8-04-gentoo-patches.tar.bz2 _eclasses_=autotools dc412f38566b91012efd58b9c203e6c3 epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 java-pkg-opt-2 77d2e22d0de7640f817d20e861c0ff3f java-utils-2 1971a6927fcd7ec839f7e12b28a24bdd libtool 0081a71a261724730ec4c248494f044d ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af versionator c80ccf29e90adea7c5cae94b42eb76d0 -_md5_=7a03a1b5f2260cd59a146259a7366db0 +_md5_=14135f4e18ea744865147b4bbe7d6dcd diff --git a/metadata/md5-cache/app-admin/setools-4.0.1 b/metadata/md5-cache/app-admin/setools-4.0.1 new file mode 100644 index 0000000000..9e43949880 --- /dev/null +++ b/metadata/md5-cache/app-admin/setools-4.0.1 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile configure install prepare test +DEPEND=python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/libselinux-2.4:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=dev-python/networkx-1.8[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] app-arch/bzip2:= dev-libs/libpcre:= X? ( dev-python/PyQt5 ) >=dev-lang/swig-2.0.12:0 sys-devel/bison sys-devel/flex >=sys-libs/libsepol-2.5 test? ( python_targets_python2_7? ( dev-python/mock[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) dev-python/tox[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] +DESCRIPTION=Policy Analysis Tools for SELinux +EAPI=6 +HOMEPAGE=https://github.com/TresysTechnology/setools/wiki +IUSE=X debug test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 +KEYWORDS=amd64 ~arm64 ~mips x86 +LICENSE=GPL-2 LGPL-2.1 +RDEPEND=python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/libselinux-2.4:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=dev-python/networkx-1.8[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] app-arch/bzip2:= dev-libs/libpcre:= X? ( dev-python/PyQt5 ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] +REQUIRED_USE=|| ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 ) +SLOT=0 +SRC_URI=https://github.com/TresysTechnology/setools/archive/4.0.1.tar.gz -> setools-4.0.1.tar.gz +_eclasses_=distutils-r1 372bbe39047c0a2550319a3a82f3e063 multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multiprocessing 6f5991c7101863d0b29df63990ad852e python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af xdg-utils f2c8335407f0b935b0a96d4adf23ef25 +_md5_=8810206bc4119ac80d2a424ec84dd23e diff --git a/metadata/md5-cache/app-admin/setools-4.1.1 b/metadata/md5-cache/app-admin/setools-4.1.1 new file mode 100644 index 0000000000..87b6e2d763 --- /dev/null +++ b/metadata/md5-cache/app-admin/setools-4.1.1 @@ -0,0 +1,13 @@ +DEFINED_PHASES=- +DEPEND=python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) >=sys-libs/libsepol-2.7:= >=sys-libs/libselinux-2.7:=[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] networkx? ( >=dev-python/networkx-1.8[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) networkx? ( virtual/python-enum34[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) dev-libs/libpcre:= X? ( dev-python/PyQt5[gui,widgets,python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) >=dev-lang/swig-2.0.12:0 sys-devel/bison sys-devel/flex >=sys-libs/libsepol-2.5 test? ( python_targets_python2_7? ( dev-python/mock[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) dev-python/tox[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) +DESCRIPTION=Policy Analysis Tools for SELinux +EAPI=6 +HOMEPAGE=https://github.com/TresysTechnology/setools/wiki +IUSE=X debug test networkx python python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 +KEYWORDS=amd64 x86 arm64 +LICENSE=GPL-2 LGPL-2.1 +RDEPEND=python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) >=sys-libs/libsepol-2.7:= >=sys-libs/libselinux-2.7:=[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] networkx? ( >=dev-python/networkx-1.8[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) networkx? ( virtual/python-enum34[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) dev-libs/libpcre:= X? ( dev-python/PyQt5[gui,widgets,python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) +SLOT=0 +SRC_URI=https://github.com/TresysTechnology/setools/archive/4.1.1.tar.gz -> setools-4.1.1.tar.gz +_eclasses_=distutils-r1 372bbe39047c0a2550319a3a82f3e063 multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multiprocessing 6f5991c7101863d0b29df63990ad852e python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af xdg-utils f2c8335407f0b935b0a96d4adf23ef25 +_md5_=2e5eb1bbd2cad573454b68282956d9fc diff --git a/metadata/md5-cache/app-admin/setools-9999 b/metadata/md5-cache/app-admin/setools-9999 new file mode 100644 index 0000000000..49fcf41d07 --- /dev/null +++ b/metadata/md5-cache/app-admin/setools-9999 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install prepare test unpack +DEPEND=python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/libsepol-2.7:= >=sys-libs/libselinux-2.7:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=dev-python/networkx-1.8[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] virtual/python-enum34[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] dev-libs/libpcre:= X? ( dev-python/PyQt5[gui,widgets,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) >=dev-lang/swig-2.0.12:0 sys-devel/bison sys-devel/flex >=sys-libs/libsepol-2.5 test? ( python_targets_python2_7? ( dev-python/mock[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) dev-python/tox[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=dev-vcs/git-1.8.2.1 +DESCRIPTION=Policy Analysis Tools for SELinux +EAPI=6 +HOMEPAGE=https://github.com/TresysTechnology/setools/wiki +IUSE=X debug test python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 +LICENSE=GPL-2 LGPL-2.1 +RDEPEND=python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/libsepol-2.7:= >=sys-libs/libselinux-2.7:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=dev-python/networkx-1.8[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] virtual/python-enum34[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] dev-libs/libpcre:= X? ( dev-python/PyQt5[gui,widgets,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] +REQUIRED_USE=|| ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 ) +SLOT=0 +_eclasses_=distutils-r1 372bbe39047c0a2550319a3a82f3e063 git-r3 52a888802d25387c2c74cb845d1219bc multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multiprocessing 6f5991c7101863d0b29df63990ad852e python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af xdg-utils f2c8335407f0b935b0a96d4adf23ef25 +_md5_=63471e8319b0373d457cdc26f0fad48e diff --git a/metadata/md5-cache/coreos-devel/mantle-0.9.0 b/metadata/md5-cache/coreos-devel/mantle-0.9.1 similarity index 96% rename from metadata/md5-cache/coreos-devel/mantle-0.9.0 rename to metadata/md5-cache/coreos-devel/mantle-0.9.1 index 45d199239c..19e013eb00 100644 --- a/metadata/md5-cache/coreos-devel/mantle-0.9.0 +++ b/metadata/md5-cache/coreos-devel/mantle-0.9.1 @@ -10,4 +10,4 @@ RDEPEND=>=net-dns/dnsmasq-2.72[dhcp,ipv6] REQUIRED_USE=go_version_go1_10 SLOT=0 _eclasses_=coreos-go 43a394c18570b3dd8dd6e74fc9853493 coreos-go-depend 0c1747ddda8ae24e0d2e88cdfddaa7d1 coreos-go-utils c34072f13165bb85e5106cc6e082a4e1 cros-workon 4ad6e6491a1010ad7c875302b3be18ba epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e multiprocessing 6f5991c7101863d0b29df63990ad852e toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=88a3ebf81bdb7579a96d3630e1a7c761 +_md5_=1ec8cec73749d3c47469541240faaa12 diff --git a/metadata/md5-cache/coreos-devel/mantle-9999 b/metadata/md5-cache/coreos-devel/mantle-9999 index 9c6406c173..6aacf936fc 100644 --- a/metadata/md5-cache/coreos-devel/mantle-9999 +++ b/metadata/md5-cache/coreos-devel/mantle-9999 @@ -10,4 +10,4 @@ RDEPEND=>=net-dns/dnsmasq-2.72[dhcp,ipv6] REQUIRED_USE=go_version_go1_10 SLOT=0 _eclasses_=coreos-go 43a394c18570b3dd8dd6e74fc9853493 coreos-go-depend 0c1747ddda8ae24e0d2e88cdfddaa7d1 coreos-go-utils c34072f13165bb85e5106cc6e082a4e1 cros-workon 4ad6e6491a1010ad7c875302b3be18ba epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e multiprocessing 6f5991c7101863d0b29df63990ad852e toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=88a3ebf81bdb7579a96d3630e1a7c761 +_md5_=1ec8cec73749d3c47469541240faaa12 diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20141203-r14 b/metadata/md5-cache/sec-policy/selinux-base-2.20141203-r14 deleted file mode 100644 index a99774598c..0000000000 --- a/metadata/md5-cache/sec-policy/selinux-base-2.20141203-r14 +++ /dev/null @@ -1,13 +0,0 @@ -DEFINED_PHASES=compile configure install preinst prepare -DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev !<=sec-policy/selinux-base-policy-2.20120725 sys-devel/m4 >=sys-apps/checkpolicy-2.3 virtual/pkgconfig -DESCRIPTION=Gentoo base policy for SELinux -EAPI=5 -HOMEPAGE=http://www.gentoo.org/proj/en/hardened/selinux/ -IUSE=+peer_perms +open_perms +ubac +unconfined doc -KEYWORDS=amd64 x86 -LICENSE=GPL-2 -RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev !<=sec-policy/selinux-base-policy-2.20120725 -SLOT=0 -SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20141203.tar.bz2 http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=73e74ad047fab0d99206213fb53f342c diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r1 b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r1 new file mode 100644 index 0000000000..d591844e99 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r1 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install prepare +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 +DESCRIPTION=Gentoo base policy for SELinux +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 +_md5_=f97d90cf1377d8737b7f97f10593e058 diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r2 b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r2 new file mode 100644 index 0000000000..25e116f89d --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install prepare +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 +DESCRIPTION=Gentoo base policy for SELinux +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 +_md5_=89ce623050a73be4c563930afd1ac1de diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r3 b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r3 new file mode 100644 index 0000000000..2c7650b8a1 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r3 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install prepare +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 +DESCRIPTION=Gentoo base policy for SELinux +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 +_md5_=89ce623050a73be4c563930afd1ac1de diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r4 b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r4 new file mode 100644 index 0000000000..103fe1c376 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-2.20170204-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install prepare +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 +DESCRIPTION=Gentoo base policy for SELinux +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 +_md5_=89ce623050a73be4c563930afd1ac1de diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r2 b/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r2 new file mode 100644 index 0000000000..b5e83fd233 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install prepare +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 +DESCRIPTION=Gentoo base policy for SELinux +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 +_md5_=8bde40876bb8a690f3e153f6785686e9 diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r3 b/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r3 new file mode 100644 index 0000000000..f9ac7d00f3 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r3 @@ -0,0 +1,13 @@ +DEFINED_PHASES=compile configure install postinst prepare +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 virtual/pkgconfig +DESCRIPTION=Gentoo base policy for SELinux +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined +KEYWORDS=amd64 -arm arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 +_eclasses_=coreos-sec-policy 3c6997d11d1365391bbd4951cc42d2cc multilib 97f470f374f2e94ccab04a2fb21d811e systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=8c3c368945d4abd30375f2a82d9c0eda diff --git a/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r4 b/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r4 new file mode 100644 index 0000000000..e857770f97 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-2.20170805-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile configure install prepare +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 +DESCRIPTION=Gentoo base policy for SELinux +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 +_md5_=16009f3b7bae4c75ec79bbee6e8aea68 diff --git a/metadata/md5-cache/sec-policy/selinux-base-9999 b/metadata/md5-cache/sec-policy/selinux-base-9999 index f7582bac0b..ce826e2c88 100644 --- a/metadata/md5-cache/sec-policy/selinux-base-9999 +++ b/metadata/md5-cache/sec-policy/selinux-base-9999 @@ -1,11 +1,11 @@ -DEFINED_PHASES=compile configure install preinst prepare unpack -DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev !<=sec-policy/selinux-base-policy-2.20120725 sys-devel/m4 >=sys-apps/checkpolicy-2.3 >=dev-vcs/git-1.8.2.1 +DEFINED_PHASES=compile configure install prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev sys-devel/m4 >=sys-apps/checkpolicy-2.3 >=dev-vcs/git-1.8.2.1 DESCRIPTION=Gentoo base policy for SELinux -EAPI=5 -HOMEPAGE=http://www.gentoo.org/proj/en/hardened/selinux/ -IUSE=+peer_perms +open_perms +ubac +unconfined doc +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=doc +open_perms +peer_perms systemd +ubac +unconfined LICENSE=GPL-2 -RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev !<=sec-policy/selinux-base-policy-2.20120725 +RDEPEND=>=sys-apps/policycoreutils-2.3 virtual/udev SLOT=0 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=52e689f1dba9de04a7f73e276143c7d9 +_eclasses_=git-r3 52a888802d25387c2c74cb845d1219bc +_md5_=16009f3b7bae4c75ec79bbee6e8aea68 diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20141203-r14 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20141203-r14 deleted file mode 100644 index f19542e525..0000000000 --- a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20141203-r14 +++ /dev/null @@ -1,13 +0,0 @@ -DEFINED_PHASES=compile install prepare pretend -DESCRIPTION=SELinux policy for core modules -EAPI=5 -HOMEPAGE=http://www.gentoo.org/proj/en/hardened/selinux/ -IUSE=+unconfined -KEYWORDS=amd64 x86 -LICENSE=GPL-2 -PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) -RDEPEND==sec-policy/selinux-base-2.20141203-r14 -SLOT=0 -SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20141203.tar.bz2 http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=b2789d0cd4b8c0bc36cc23d4b33e38bb diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r1 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r1 new file mode 100644 index 0000000000..0afa4bf51b --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r1 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst prepare pretend setup +DEPEND==sec-policy/selinux-base-2.20170204-r1[systemd?] +DESCRIPTION=SELinux policy for core modules +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 +_md5_=10ca714ecd3813d78773a0485abf3560 diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r2 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r2 new file mode 100644 index 0000000000..e20c540536 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst prepare pretend setup +DEPEND==sec-policy/selinux-base-2.20170204-r2[systemd?] +DESCRIPTION=SELinux policy for core modules +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 +_md5_=3f68a9fde52a65d1bfdef0939aaa0842 diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r3 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r3 new file mode 100644 index 0000000000..f534c35642 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r3 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst prepare pretend setup +DEPEND==sec-policy/selinux-base-2.20170204-r3[systemd?] +DESCRIPTION=SELinux policy for core modules +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 +_md5_=3f68a9fde52a65d1bfdef0939aaa0842 diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r4 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r4 new file mode 100644 index 0000000000..fc6f4de87c --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170204-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst prepare pretend setup +DEPEND==sec-policy/selinux-base-2.20170204-r4[systemd?] +DESCRIPTION=SELinux policy for core modules +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 +_md5_=3f68a9fde52a65d1bfdef0939aaa0842 diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r2 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r2 new file mode 100644 index 0000000000..840dc03a31 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst prepare pretend setup +DEPEND==sec-policy/selinux-base-2.20170805-r2[systemd?] +DESCRIPTION=SELinux policy for core modules +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 +_md5_=36671fcbc6557faef4277f718f7da6c9 diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r3 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r3 new file mode 100644 index 0000000000..47fc487df1 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r3 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile install postinst prepare pretend setup +DEPEND==sec-policy/selinux-base-2.20170805-r3[systemd?] +DESCRIPTION=SELinux policy for core modules +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined +KEYWORDS=amd64 -arm arm64 ~mips ~x86 +LICENSE=GPL-2 +PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) +RDEPEND=>=sec-policy/selinux-base-2.20170805 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 +_eclasses_=coreos-sec-policy 3c6997d11d1365391bbd4951cc42d2cc +_md5_=1078dc241f859c2b684f45adabdf1e9f diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r4 b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r4 new file mode 100644 index 0000000000..a046f14c28 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-2.20170805-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst prepare pretend setup +DEPEND==sec-policy/selinux-base-2.20170805-r4[systemd?] +DESCRIPTION=SELinux policy for core modules +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 +_md5_=9f877a91032bc051ba67ec6a7a2b1540 diff --git a/metadata/md5-cache/sec-policy/selinux-base-policy-9999 b/metadata/md5-cache/sec-policy/selinux-base-policy-9999 index ebd03e3d16..ffae42169a 100644 --- a/metadata/md5-cache/sec-policy/selinux-base-policy-9999 +++ b/metadata/md5-cache/sec-policy/selinux-base-policy-9999 @@ -1,12 +1,11 @@ -DEFINED_PHASES=compile install postinst prepare pretend unpack -DEPEND=>=dev-vcs/git-1.8.2.1 +DEFINED_PHASES=compile install postinst prepare pretend setup unpack +DEPEND==sec-policy/selinux-base-9999[systemd?] >=dev-vcs/git-1.8.2.1 DESCRIPTION=SELinux policy for core modules -EAPI=5 -HOMEPAGE=http://www.gentoo.org/proj/en/hardened/selinux/ -IUSE=+unconfined +EAPI=6 +HOMEPAGE=https://www.gentoo.org/proj/en/hardened/selinux/ +IUSE=systemd +unconfined LICENSE=GPL-2 PDEPEND=unconfined? ( sec-policy/selinux-unconfined ) -RDEPEND==sec-policy/selinux-base-9999 SLOT=0 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=c293780b42cb501f9fa841823bf84db1 +_eclasses_=git-r3 52a888802d25387c2c74cb845d1219bc +_md5_=c557bdd20e8a3139c6f4f2452281aedb diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20141203-r14 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20141203-r14 deleted file mode 100644 index 4cbecefd94..0000000000 --- a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20141203-r14 +++ /dev/null @@ -1,12 +0,0 @@ -DEFINED_PHASES=compile install postrm prepare unpack -DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20141203-r14 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 -DESCRIPTION=SELinux policy for unconfined -EAPI=5 -HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux -KEYWORDS=amd64 x86 -LICENSE=GPL-2 -RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20141203-r14 -SLOT=0 -SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20141203.tar.bz2 http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e selinux-policy-2 d68ba9962726141fa72a66bcdbf82aba toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=0aee430bbb2ae0569a1cad996e4e6107 diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r1 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r1 new file mode 100644 index 0000000000..e2fb1362d1 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r1 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r1 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for unconfined +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r1 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=cef27e967e92949fa04ada84b96b45e4 diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r2 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r2 new file mode 100644 index 0000000000..fdac748342 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r2 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for unconfined +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r2 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=992f8e4e22fa14ba11e787ef857176e9 diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r3 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r3 new file mode 100644 index 0000000000..07a872a183 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r3 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r3 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for unconfined +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r3 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=992f8e4e22fa14ba11e787ef857176e9 diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r4 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r4 new file mode 100644 index 0000000000..b48e5e61d2 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170204-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r4 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for unconfined +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r4 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=992f8e4e22fa14ba11e787ef857176e9 diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r2 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r2 new file mode 100644 index 0000000000..af9d82f474 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r2 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for unconfined +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r2 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=992f8e4e22fa14ba11e787ef857176e9 diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r3 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r3 new file mode 100644 index 0000000000..4af881f493 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r3 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r3 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for unconfined +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r3 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 +_eclasses_=coreos-sec-policy 3c6997d11d1365391bbd4951cc42d2cc selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=3b41d15258a904b298a9f789d061fcdf diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r4 b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r4 new file mode 100644 index 0000000000..7f38918c53 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-2.20170805-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r4 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for unconfined +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r4 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=cef27e967e92949fa04ada84b96b45e4 diff --git a/metadata/md5-cache/sec-policy/selinux-unconfined-9999 b/metadata/md5-cache/sec-policy/selinux-unconfined-9999 index e4462a0169..4de06691bb 100644 --- a/metadata/md5-cache/sec-policy/selinux-unconfined-9999 +++ b/metadata/md5-cache/sec-policy/selinux-unconfined-9999 @@ -1,10 +1,10 @@ -DEFINED_PHASES=compile install postrm prepare unpack +DEFINED_PHASES=compile install postinst postrm prepare unpack DEPEND=>=dev-vcs/git-1.8.2.1 >=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-9999 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 DESCRIPTION=SELinux policy for unconfined -EAPI=5 +EAPI=6 HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux LICENSE=GPL-2 RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-9999 SLOT=0 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e selinux-policy-2 d68ba9962726141fa72a66bcdbf82aba toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=27180d2b51559baa7e152b11615a2030 +_eclasses_=git-r3 52a888802d25387c2c74cb845d1219bc selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=cef27e967e92949fa04ada84b96b45e4 diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20141203-r14 b/metadata/md5-cache/sec-policy/selinux-virt-2.20141203-r14 deleted file mode 100644 index 8e68ea9042..0000000000 --- a/metadata/md5-cache/sec-policy/selinux-virt-2.20141203-r14 +++ /dev/null @@ -1,12 +0,0 @@ -DEFINED_PHASES=compile install postrm prepare unpack -DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20141203-r14 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 -DESCRIPTION=SELinux policy for virt -EAPI=5 -HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux -KEYWORDS=amd64 x86 -LICENSE=GPL-2 -RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20141203-r14 -SLOT=0 -SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20141203.tar.bz2 http://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20141203-r9.tar.bz2 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e selinux-policy-2 d68ba9962726141fa72a66bcdbf82aba toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=7340841221bbf9473f522371e076c012 diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r1 b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r1 new file mode 100644 index 0000000000..e58505a6ec --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r1 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r1 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for virt +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r1 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r1.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=5523f0b9ca2249a1d6460c5d24c355fa diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r2 b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r2 new file mode 100644 index 0000000000..7f2b6e86ee --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r2 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for virt +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r2 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r2.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=b5b142140239a85b1df152f393e7112b diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r3 b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r3 new file mode 100644 index 0000000000..ea8ffb72e3 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r3 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r3 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for virt +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r3 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r3.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=b5b142140239a85b1df152f393e7112b diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r4 b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r4 new file mode 100644 index 0000000000..f629ac5eaa --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-virt-2.20170204-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r4 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for virt +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170204-r4 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170204.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170204-r4.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=b5b142140239a85b1df152f393e7112b diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r2 b/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r2 new file mode 100644 index 0000000000..5dba11fc12 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r2 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r2 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for virt +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r2 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=b5b142140239a85b1df152f393e7112b diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r3 b/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r3 new file mode 100644 index 0000000000..7922534e52 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r3 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r3 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for virt +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=amd64 -arm arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r3 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 +_eclasses_=coreos-sec-policy 3c6997d11d1365391bbd4951cc42d2cc selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=914380a2f0c48d02be312554b30aa5a7 diff --git a/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r4 b/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r4 new file mode 100644 index 0000000000..51d0a8fd10 --- /dev/null +++ b/metadata/md5-cache/sec-policy/selinux-virt-2.20170805-r4 @@ -0,0 +1,12 @@ +DEFINED_PHASES=compile install postinst postrm prepare unpack +DEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r4 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 +DESCRIPTION=SELinux policy for virt +EAPI=6 +HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux +KEYWORDS=~amd64 -arm ~arm64 ~mips ~x86 +LICENSE=GPL-2 +RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-2.20170805-r4 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.20170805.tar.bz2 https://dev.gentoo.org/~swift/patches/selinux-base-policy/patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 +_eclasses_=selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=5523f0b9ca2249a1d6460c5d24c355fa diff --git a/metadata/md5-cache/sec-policy/selinux-virt-9999 b/metadata/md5-cache/sec-policy/selinux-virt-9999 index 7c3b176cb8..832c580d93 100644 --- a/metadata/md5-cache/sec-policy/selinux-virt-9999 +++ b/metadata/md5-cache/sec-policy/selinux-virt-9999 @@ -1,10 +1,10 @@ -DEFINED_PHASES=compile install postrm prepare unpack +DEFINED_PHASES=compile install postinst postrm prepare unpack DEPEND=>=dev-vcs/git-1.8.2.1 >=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-9999 sys-devel/m4 >=sys-apps/checkpolicy-2.0.21 DESCRIPTION=SELinux policy for virt -EAPI=5 +EAPI=6 HOMEPAGE=https://wiki.gentoo.org/wiki/Project:SELinux LICENSE=GPL-2 RDEPEND=>=sys-apps/policycoreutils-2.0.82 >=sec-policy/selinux-base-policy-9999 SLOT=0 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e selinux-policy-2 d68ba9962726141fa72a66bcdbf82aba toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=622ff6208275e649184ac8f8e6a81a97 +_eclasses_=git-r3 52a888802d25387c2c74cb845d1219bc selinux-policy-2 426dde83b8cbb78f4bf8e9edf7715355 +_md5_=5523f0b9ca2249a1d6460c5d24c355fa diff --git a/metadata/md5-cache/sys-apps/checkpolicy-2.4-r2 b/metadata/md5-cache/sys-apps/checkpolicy-2.4-r2 deleted file mode 100644 index 7b571f65ca..0000000000 --- a/metadata/md5-cache/sys-apps/checkpolicy-2.4-r2 +++ /dev/null @@ -1,13 +0,0 @@ -DEFINED_PHASES=compile install postinst prepare -DEPEND=>=sys-libs/libsepol-2.4 >=sys-libs/libsemanage-2.4 sys-devel/flex sys-devel/bison -DESCRIPTION=SELinux policy compiler -EAPI=5 -HOMEPAGE=http://userspace.selinuxproject.org -IUSE=debug -KEYWORDS=amd64 x86 -LICENSE=GPL-2 -RDEPEND=>=sys-libs/libsemanage-2.4 -SLOT=0 -SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/checkpolicy-2.4.tar.gz -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=16f78c532a244f9df3edee1c8243d929 diff --git a/metadata/md5-cache/sys-apps/checkpolicy-2.6 b/metadata/md5-cache/sys-apps/checkpolicy-2.6 new file mode 100644 index 0000000000..3eedf71603 --- /dev/null +++ b/metadata/md5-cache/sys-apps/checkpolicy-2.6 @@ -0,0 +1,13 @@ +DEFINED_PHASES=compile install postinst +DEPEND=>=sys-libs/libsepol-2.6 >=sys-libs/libsemanage-2.6 sys-devel/flex sys-devel/bison +DESCRIPTION=SELinux policy compiler +EAPI=6 +HOMEPAGE=http://userspace.selinuxproject.org +IUSE=debug +KEYWORDS=amd64 ~arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsemanage-2.6 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014/checkpolicy-2.6.tar.gz +_eclasses_=multilib 97f470f374f2e94ccab04a2fb21d811e toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=ace4e6405d99b0df995890a86681e639 diff --git a/metadata/md5-cache/sys-apps/checkpolicy-2.7 b/metadata/md5-cache/sys-apps/checkpolicy-2.7 new file mode 100644 index 0000000000..6ce9f7fa5f --- /dev/null +++ b/metadata/md5-cache/sys-apps/checkpolicy-2.7 @@ -0,0 +1,13 @@ +DEFINED_PHASES=compile install postinst +DEPEND=>=sys-libs/libsepol-2.7 >=sys-libs/libsemanage-2.7 sys-devel/flex sys-devel/bison +DESCRIPTION=SELinux policy compiler +EAPI=6 +HOMEPAGE=http://userspace.selinuxproject.org +IUSE=debug +KEYWORDS=amd64 ~arm arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsemanage-2.7 +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/checkpolicy-2.7.tar.gz +_eclasses_=multilib 97f470f374f2e94ccab04a2fb21d811e toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=5e50043b474b6b3652494a9669079f92 diff --git a/metadata/md5-cache/sys-apps/checkpolicy-9999 b/metadata/md5-cache/sys-apps/checkpolicy-9999 new file mode 100644 index 0000000000..df820262e7 --- /dev/null +++ b/metadata/md5-cache/sys-apps/checkpolicy-9999 @@ -0,0 +1,11 @@ +DEFINED_PHASES=compile install postinst unpack +DEPEND=>=sys-libs/libsepol-9999 >=sys-libs/libsemanage-9999 sys-devel/flex sys-devel/bison >=dev-vcs/git-1.8.2.1 +DESCRIPTION=SELinux policy compiler +EAPI=6 +HOMEPAGE=http://userspace.selinuxproject.org +IUSE=debug +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsemanage-9999 +SLOT=0 +_eclasses_=git-r3 52a888802d25387c2c74cb845d1219bc multilib 97f470f374f2e94ccab04a2fb21d811e toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=c066c2f80aec9f65409674a7a001edb9 diff --git a/metadata/md5-cache/sys-apps/ignition-0.25.0 b/metadata/md5-cache/sys-apps/ignition-0.25.1 similarity index 95% rename from metadata/md5-cache/sys-apps/ignition-0.25.0 rename to metadata/md5-cache/sys-apps/ignition-0.25.1 index c1b79d1669..fec9d718d8 100644 --- a/metadata/md5-cache/sys-apps/ignition-0.25.0 +++ b/metadata/md5-cache/sys-apps/ignition-0.25.1 @@ -8,6 +8,6 @@ KEYWORDS=amd64 arm64 LICENSE=Apache-2.0 RDEPEND=sys-apps/coreutils sys-apps/gptfdisk sys-apps/shadow sys-apps/systemd sys-fs/btrfs-progs sys-fs/dosfstools sys-fs/e2fsprogs sys-fs/mdadm sys-fs/xfsprogs sys-apps/util-linux REQUIRED_USE=go_version_go1_10 -SLOT=0/0.25.0 +SLOT=0/0.25.1 _eclasses_=coreos-go 43a394c18570b3dd8dd6e74fc9853493 coreos-go-depend 0c1747ddda8ae24e0d2e88cdfddaa7d1 coreos-go-utils c34072f13165bb85e5106cc6e082a4e1 cros-workon 4ad6e6491a1010ad7c875302b3be18ba epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e multiprocessing 6f5991c7101863d0b29df63990ad852e systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af udev d91cac2c73b94629cad2daea66e0d182 -_md5_=503bf909d796874cf1a0d05b410c4505 +_md5_=b8fd67146fa3b68cb5cc8e5d7b2d8c21 diff --git a/metadata/md5-cache/sys-apps/ignition-9999 b/metadata/md5-cache/sys-apps/ignition-9999 index b23b0ff3f4..2ddf26d3a8 100644 --- a/metadata/md5-cache/sys-apps/ignition-9999 +++ b/metadata/md5-cache/sys-apps/ignition-9999 @@ -10,4 +10,4 @@ RDEPEND=sys-apps/coreutils sys-apps/gptfdisk sys-apps/shadow sys-apps/systemd sy REQUIRED_USE=go_version_go1_10 SLOT=0/9999 _eclasses_=coreos-go 43a394c18570b3dd8dd6e74fc9853493 coreos-go-depend 0c1747ddda8ae24e0d2e88cdfddaa7d1 coreos-go-utils c34072f13165bb85e5106cc6e082a4e1 cros-workon 4ad6e6491a1010ad7c875302b3be18ba epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 flag-o-matic 2274fcc1e7ef6affaff5bcd636275417 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multilib 97f470f374f2e94ccab04a2fb21d811e multiprocessing 6f5991c7101863d0b29df63990ad852e systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af udev d91cac2c73b94629cad2daea66e0d182 -_md5_=503bf909d796874cf1a0d05b410c4505 +_md5_=b8fd67146fa3b68cb5cc8e5d7b2d8c21 diff --git a/metadata/md5-cache/sys-apps/policycoreutils-2.6-r1 b/metadata/md5-cache/sys-apps/policycoreutils-2.6-r1 new file mode 100644 index 0000000000..7a54c1c14c --- /dev/null +++ b/metadata/md5-cache/sys-apps/policycoreutils-2.6-r1 @@ -0,0 +1,14 @@ +DEFINED_PHASES=compile install postinst prepare unpack +DEPEND=>=sys-libs/libselinux-2.6:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10:= >=sys-libs/libsemanage-2.6:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-libs/libcap-ng:= >=sys-libs/libsepol-2.6:= >=app-admin/setools-4.0[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-devel/gettext dev-python/ipy[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] dbus? ( sys-apps/dbus dev-libs/dbus-glib:= ) audit? ( >=sys-process/audit-1.5.1[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) pam? ( sys-libs/pam:= ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] !=sys-libs/libselinux-2.6:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10:= >=sys-libs/libsemanage-2.6:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-libs/libcap-ng:= >=sys-libs/libsepol-2.6:= >=app-admin/setools-4.0[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-devel/gettext dev-python/ipy[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] dbus? ( sys-apps/dbus dev-libs/dbus-glib:= ) audit? ( >=sys-process/audit-1.5.1[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) pam? ( sys-libs/pam:= ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] !=sys-libs/libselinux-2.7:=[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10:= >=sys-libs/libsemanage-2.7:=[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-libs/libcap-ng:= >=sys-libs/libsepol-2.7:= >=app-admin/setools-4.1.1[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] nls? ( sys-devel/gettext ) python? ( dev-python/ipy[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) dbus? ( sys-apps/dbus dev-libs/dbus-glib:= ) audit? ( >=sys-process/audit-1.5.1[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) pam? ( sys-libs/pam:= ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) !=sys-libs/libselinux-2.7:=[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10:= >=sys-libs/libsemanage-2.7:=[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-libs/libcap-ng:= >=sys-libs/libsepol-2.7:= >=app-admin/setools-4.1.1[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] nls? ( sys-devel/gettext ) python? ( dev-python/ipy[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) dbus? ( sys-apps/dbus dev-libs/dbus-glib:= ) audit? ( >=sys-process/audit-1.5.1[python?,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) pam? ( sys-libs/pam:= ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) !=sys-libs/libselinux-9999:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10:= >=sys-libs/libsemanage-9999:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-libs/libcap-ng:= >=sys-libs/libsepol-9999:= >=app-admin/setools-4.1.1[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-devel/gettext dev-python/ipy[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] dbus? ( sys-apps/dbus dev-libs/dbus-glib:= ) audit? ( >=sys-process/audit-1.5.1[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) pam? ( sys-libs/pam:= ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] !=dev-vcs/git-1.8.2.1 +DESCRIPTION=SELinux core utilities +EAPI=6 +HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki +IUSE=audit pam dbus python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 +LICENSE=GPL-2 +PDEPEND=sys-apps/semodule-utils sys-apps/selinux-python +RDEPEND=>=sys-libs/libselinux-9999:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] >=sys-libs/glibc-2.4 >=sys-libs/libcap-1.10-r10:= >=sys-libs/libsemanage-9999:=[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-libs/libcap-ng:= >=sys-libs/libsepol-9999:= >=app-admin/setools-4.1.1[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] sys-devel/gettext dev-python/ipy[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] dbus? ( sys-apps/dbus dev-libs/dbus-glib:= ) audit? ( >=sys-process/audit-1.5.1[python,python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) pam? ( sys-libs/pam:= ) python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7[xml] ) python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] !=sys-libs/libsepol-2.7:= +DESCRIPTION=SELinux policy module utilities +EAPI=6 +HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki +KEYWORDS=amd64 ~arm arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-2.7:= !=sys-libs/libsepol-9999:= >=dev-vcs/git-1.8.2.1 +DESCRIPTION=SELinux policy module utilities +EAPI=6 +HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-9999:= !=sys-libs/libsepol-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-)] ) virtual/pkgconfig -DESCRIPTION=SELinux kernel and policy management library -EAPI=5 -HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki -IUSE=python python_targets_python2_7 python_targets_python3_4 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 -KEYWORDS=amd64 x86 -LICENSE=GPL-2 -RDEPEND=>=sys-libs/libsepol-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] -RESTRICT=test -SLOT=0 -SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/libsemanage-2.4.tar.gz -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=2b8c81786513c7ffaa0f228355fc3e5f diff --git a/metadata/md5-cache/sys-libs/libsemanage-2.6 b/metadata/md5-cache/sys-libs/libsemanage-2.6 new file mode 100644 index 0000000000..e012965f71 --- /dev/null +++ b/metadata/md5-cache/sys-libs/libsemanage-2.6 @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst prepare test +DEPEND=>=sys-libs/libsepol-2.6[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.6[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig ) +DESCRIPTION=SELinux kernel and policy management library +EAPI=6 +HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki +IUSE=python python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=amd64 ~arm ~arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-2.6[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.6[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 ) ) +RESTRICT=test +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014/libsemanage-2.6.tar.gz +_eclasses_=multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=be18366d2d2f309894a2179ff4ac39e9 diff --git a/metadata/md5-cache/sys-libs/libsemanage-2.7 b/metadata/md5-cache/sys-libs/libsemanage-2.7 new file mode 100644 index 0000000000..a32a7b3a2e --- /dev/null +++ b/metadata/md5-cache/sys-libs/libsemanage-2.7 @@ -0,0 +1,15 @@ +DEFINED_PHASES=compile configure install postinst prepare test +DEPEND=>=sys-libs/libsepol-2.7[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.7[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig ) virtual/pkgconfig +DESCRIPTION=SELinux kernel and policy management library +EAPI=6 +HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki +IUSE=python postinst python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +KEYWORDS=amd64 ~arm arm64 ~mips x86 +LICENSE=GPL-2 +RDEPEND=>=sys-libs/libsepol-2.7[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-2.7[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 ) ) +RESTRICT=test +SLOT=0 +SRC_URI=https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/libsemanage-2.7.tar.gz +_eclasses_=multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=67fce066f1a05f105a8c7ce3796aa32e diff --git a/metadata/md5-cache/sys-libs/libsemanage-9999 b/metadata/md5-cache/sys-libs/libsemanage-9999 index 4638fe401f..ded6d34241 100644 --- a/metadata/md5-cache/sys-libs/libsemanage-9999 +++ b/metadata/md5-cache/sys-libs/libsemanage-9999 @@ -1,12 +1,13 @@ -DEFINED_PHASES=compile configure install prepare test unpack -DEPEND=>=sys-libs/libsepol-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-)] ) virtual/pkgconfig >=dev-vcs/git-1.8.2.1 +DEFINED_PHASES=compile configure install postinst prepare test unpack +DEPEND=>=sys-libs/libsepol-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) sys-devel/bison sys-devel/flex python? ( >=dev-lang/swig-2.0.4-r1 virtual/pkgconfig ) >=dev-vcs/git-1.8.2.1 DESCRIPTION=SELinux kernel and policy management library -EAPI=5 +EAPI=6 HOMEPAGE=https://github.com/SELinuxProject/selinux/wiki -IUSE=python python_targets_python2_7 python_targets_python3_4 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 +IUSE=python python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 LICENSE=GPL-2 -RDEPEND=>=sys-libs/libsepol-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] +RDEPEND=>=sys-libs/libsepol-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-libs/libselinux-9999[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=sys-process/audit-2.2.2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] >=dev-libs/ustr-1.0.4-r2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?] python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_4? ( dev-lang/python:3.4 ) python_targets_python3_5? ( dev-lang/python:3.5 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_4(-)?,python_targets_python3_5(-)?,-python_single_target_python2_7(-),-python_single_target_python3_4(-),-python_single_target_python3_5(-)] ) +REQUIRED_USE=python? ( || ( python_targets_python2_7 python_targets_python3_4 python_targets_python3_5 ) ) RESTRICT=test SLOT=0 -_eclasses_=epatch 8233751dc5105a6ae8fcd86ce2bb0247 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 227b041a120d309fdefbebb3b8c1dfa9 git-r3 52a888802d25387c2c74cb845d1219bc ltprune 2770eed66a9b8ef944714cd0e968182e multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d systemd 34815d3b76e745c5ca33eec9f95074c2 toolchain-funcs 185a06792159ca143528e7010368e8af -_md5_=162abc9928b85a1de483df66a094ce37 +_eclasses_=git-r3 52a888802d25387c2c74cb845d1219bc multibuild 72647e255187a1fadc81097b3657e5c3 multilib 97f470f374f2e94ccab04a2fb21d811e multilib-build eed53a6313267c9fbcd35fc384bd0087 multilib-minimal 9139c3a57e077cb8e0d0f73ceb080b89 python-r1 e9350ec46bb5c9f3504b4fbe8b8d8987 python-utils-r1 c9de01becf9df3f8c10aeec3dc693f5d toolchain-funcs 185a06792159ca143528e7010368e8af +_md5_=5d2925180a1a17a95b5870c0b37b2f86