diff options
9 files changed, 0 insertions, 1151 deletions
diff --git a/sys-libs/libsemanage/Manifest b/sys-libs/libsemanage/Manifest index 1f49a874c604..87c6ec03cc0e 100644 --- a/sys-libs/libsemanage/Manifest +++ b/sys-libs/libsemanage/Manifest @@ -1,4 +1 @@ -DIST libsemanage-2.2.tar.gz 138208 SHA256 11f60bfa0f1c6063cd9bd99ce0cb4acc9d6d9e9b8d7743d39e847bcd7803bd75 SHA512 09032b1b322fec7346164939ade118034812cb538ebc72121640d4ac5c89d2a66b59caa465027cfbebb590dee039a26d4345eafedf365d7f6ad0b5e90377d50f WHIRLPOOL 49170c5ee9ff57dcc4a15aa72386f37993f76436f0da25808c60dab2d03ba52932d0d4fa753c326900d83d2fae30f8bcf659251f17327783f2e2be3deb4842f4 -DIST libsemanage-2.3.tar.gz 138231 SHA256 03e09e35e611c286e446bef92b6023ef2623815996f5a53394bb02e49a312e4b SHA512 defe3bbdbe51abdaa13a39f693c33446d8a1a8509ac1eb25c7770da2df6487bcb0ca31259d02b4531d4c81db5e221e94e95bec97f6a1a155e1de2f65e6f0da34 WHIRLPOOL 943d4d300aa8ad49c411b10b41c0c3e751c46dbcbbe129bdd1d2e975e231c58391d6ecdee6b27699fff9f6e6facf5b48fc8d57c2ff68692694c7de430750fac9 -DIST libsemanage-2.4.tar.gz 151173 SHA256 1a4cace4ef16786531ec075c0e7b2f961e2fee5dc86c5f983a689058899a6484 SHA512 54f993253b22207b053daf4d34e72c65c72279866416089b6c0f047ef77bca3e307eac0ce6dfe40bd14e2e47e79841b358d5607501779f38d9b5f7c35f3b7729 WHIRLPOOL 7303c06515ed59b5756a87d08aff07671e51d26ce9fa452ca75643dd0ce4658571dc69d86434c943d691a4ab0d90cbdccdaa27e5aaec5fdf8057cf2d5d30631e DIST libsemanage-2.5.tar.gz 152884 SHA256 46e2f36254369b6e91d1eea0460c262b139361b055a3a67d3ceea2d8ef72e006 SHA512 cf644b77d8a24f76c630ece582df1b49a0c5f48f1c9f79b1caee0df10372008954406974472a072360dbe6de5ebc19b1b21bb247084d75b7186f61b32f33b8ec WHIRLPOOL 397b7fd2e9b2c00dbc2f58bdc023501dcd7ecf1212fef9ad7993b4763a041068416ef06552c0abf0beef8c69f4704933feca36951866c43d867181332971f6be diff --git a/sys-libs/libsemanage/files/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch b/sys-libs/libsemanage/files/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch deleted file mode 100644 index e5e821e6976e..000000000000 --- a/sys-libs/libsemanage/files/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch +++ /dev/null @@ -1,318 +0,0 @@ -From 9638af24a1e890d673549f0b25d854458e07032e Mon Sep 17 00:00:00 2001 -From: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> -Date: Thu, 2 Jul 2015 09:27:36 -0400 -Subject: [PATCH] libsemanage: Add policy binary and file_contexts.local to the - store - -This patch writes policy.kern and file_contexts.local to the policy store as -well as /etc/selinux/. Additionally, policy.kern and file_contexts.local -are now parsed from the store rather than the final directory which was -the old behavior. This allows all policy related files to be kept in the -policy store. - -This patch also renames /var/lib/selinux/tmp to 'final' and changes -policy.kern in the store to longer be a symlink. - -Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> ---- - libsemanage/src/booleans_policydb.c | 6 ++-- - libsemanage/src/direct_api.c | 33 +++++++++++++++---- - libsemanage/src/interfaces_policydb.c | 6 ++-- - libsemanage/src/nodes_policydb.c | 6 ++-- - libsemanage/src/ports_policydb.c | 6 ++-- - libsemanage/src/semanage_store.c | 55 ++++++++++++++++++++++++-------- - libsemanage/src/semanage_store.h | 5 +++ - libsemanage/src/users_base_policydb.c | 6 ++-- - libsemanage/utils/semanage_migrate_store | 3 +- - 9 files changed, 86 insertions(+), 40 deletions(-) - -diff --git a/libsemanage/src/booleans_policydb.c b/libsemanage/src/booleans_policydb.c -index 74af2a3..6869d6c 100644 ---- a/libsemanage/src/booleans_policydb.c -+++ b/libsemanage/src/booleans_policydb.c -@@ -55,10 +55,8 @@ int bool_policydb_dbase_init(semanage_handle_t * handle, - { - - if (dbase_policydb_init(handle, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_KERNEL), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_KERNEL), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), - &SEMANAGE_BOOL_RTABLE, - &SEMANAGE_BOOL_POLICYDB_RTABLE, - &dconfig->dbase) < 0) -diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c -index d57f934..3c6b168 100644 ---- a/libsemanage/src/direct_api.c -+++ b/libsemanage/src/direct_api.c -@@ -196,10 +196,8 @@ int semanage_direct_connect(semanage_handle_t * sh) - goto err; - - if (fcontext_file_dbase_init(sh, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_FC_LOCAL), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_FC_LOCAL), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_FC_LOCAL), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL), - semanage_fcontext_dbase_local(sh)) < 0) - goto err; - -@@ -1041,7 +1039,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) - size_t fc_buffer_len = 0; - const char *ofilename = NULL; - const char *path; -- int retval = -1, num_modinfos = 0, i; -+ int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0; - sepol_policydb_t *out = NULL; - struct cil_db *cildb = NULL; - semanage_module_info_t *modinfos = NULL; -@@ -1143,8 +1141,20 @@ static int semanage_direct_commit(semanage_handle_t * sh) - modified |= dontaudit_modified; - modified |= preserve_tunables_modified; - -+ /* This is for systems that have already migrated with an older version -+ * of semanage_migrate_store. The older version did not copy policy.kern so -+ * the policy binary must be rebuilt here. -+ */ -+ if (!sh->do_rebuild && !modified) { -+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL); -+ -+ if (access(path, F_OK) != 0) { -+ missing_policy_kern = 1; -+ } -+ } -+ - /* If there were policy changes, or explicitly requested, rebuild the policy */ -- if (sh->do_rebuild || modified) { -+ if (sh->do_rebuild || modified || missing_policy_kern) { - /* =================== Module expansion =============== */ - - retval = semanage_get_active_modules(sh, &modinfos, &num_modinfos); -@@ -1302,6 +1312,17 @@ static int semanage_direct_commit(semanage_handle_t * sh) - if (retval < 0) - goto cleanup; - -+ retval = semanage_copy_policydb(sh); -+ if (retval < 0) -+ goto cleanup; -+ -+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); -+ if (access(path, F_OK) == 0) { -+ retval = semanage_copy_fc_local(sh); -+ if (retval < 0) -+ goto cleanup; -+ } -+ - /* run genhomedircon if its enabled, this should be the last operation - * which requires the out policydb */ - if (!sh->conf->disable_genhomedircon) { -diff --git a/libsemanage/src/interfaces_policydb.c b/libsemanage/src/interfaces_policydb.c -index 6a42eed..552ce7d 100644 ---- a/libsemanage/src/interfaces_policydb.c -+++ b/libsemanage/src/interfaces_policydb.c -@@ -51,10 +51,8 @@ int iface_policydb_dbase_init(semanage_handle_t * handle, - { - - if (dbase_policydb_init(handle, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_KERNEL), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_KERNEL), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), - &SEMANAGE_IFACE_RTABLE, - &SEMANAGE_IFACE_POLICYDB_RTABLE, - &dconfig->dbase) < 0) -diff --git a/libsemanage/src/nodes_policydb.c b/libsemanage/src/nodes_policydb.c -index 56012fb..7224f00 100644 ---- a/libsemanage/src/nodes_policydb.c -+++ b/libsemanage/src/nodes_policydb.c -@@ -50,10 +50,8 @@ int node_policydb_dbase_init(semanage_handle_t * handle, - { - - if (dbase_policydb_init(handle, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_KERNEL), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_KERNEL), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), - &SEMANAGE_NODE_RTABLE, - &SEMANAGE_NODE_POLICYDB_RTABLE, - &dconfig->dbase) < 0) -diff --git a/libsemanage/src/ports_policydb.c b/libsemanage/src/ports_policydb.c -index b9600f0..37d7deb 100644 ---- a/libsemanage/src/ports_policydb.c -+++ b/libsemanage/src/ports_policydb.c -@@ -50,10 +50,8 @@ int port_policydb_dbase_init(semanage_handle_t * handle, - { - - if (dbase_policydb_init(handle, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_KERNEL), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_KERNEL), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), - &SEMANAGE_PORT_RTABLE, - &SEMANAGE_PORT_POLICYDB_RTABLE, - &dconfig->dbase) < 0) -diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c -index 6051691..2856aaf 100644 ---- a/libsemanage/src/semanage_store.c -+++ b/libsemanage/src/semanage_store.c -@@ -110,10 +110,12 @@ static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = { - "/disable_dontaudit", - "/preserve_tunables", - "/modules/disabled", -+ "/policy.kern", -+ "/file_contexts.local" - }; - - static char const * const semanage_final_prefix[SEMANAGE_FINAL_NUM] = { -- "/tmp", -+ "/final", - "", - }; - -@@ -943,9 +945,7 @@ int semanage_make_final(semanage_handle_t *sh) - goto cleanup; - } - -- /* Copy in exported databases. -- * i = 1 to avoid copying the top level directory. -- */ -+ // Build final directory structure - int i; - for (i = 1; i < SEMANAGE_FINAL_PATH_NUM; i++) { - if (strlen(semanage_final_path(SEMANAGE_FINAL_TMP, i)) >= sizeof(fn)) { -@@ -959,12 +959,6 @@ int semanage_make_final(semanage_handle_t *sh) - status = -1; - goto cleanup; - } -- -- semanage_copy_file( -- semanage_final_path(SEMANAGE_FINAL_SELINUX, i), -- semanage_final_path(SEMANAGE_FINAL_TMP, i), -- sh->conf->file_mode); -- /* ignore errors, these files may not exist */ - } - - cleanup: -@@ -2019,8 +2013,7 @@ int semanage_read_policydb(semanage_handle_t * sh, sepol_policydb_t * in) - FILE *infile = NULL; - - if ((kernel_filename = -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_KERNEL)) == NULL) { -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL)) == NULL) { - goto cleanup; - } - if ((infile = fopen(kernel_filename, "r")) == NULL) { -@@ -2061,7 +2054,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out) - FILE *outfile = NULL; - - if ((kernel_filename = -- semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL)) == NULL) { -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL)) == NULL) { - goto cleanup; - } - if ((outfile = fopen(kernel_filename, "wb")) == NULL) { -@@ -2921,3 +2914,39 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, - - return 0; - } -+ -+int semanage_copy_policydb(semanage_handle_t *sh) -+{ -+ const char *src = NULL; -+ const char *dst = NULL; -+ int rc = -1; -+ -+ src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL); -+ dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL); -+ -+ rc = semanage_copy_file(src, dst, sh->conf->file_mode); -+ if (rc != 0) { -+ goto cleanup; -+ } -+ -+cleanup: -+ return rc; -+} -+ -+int semanage_copy_fc_local(semanage_handle_t *sh) -+{ -+ const char *src = NULL; -+ const char *dst = NULL; -+ int rc = -1; -+ -+ src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); -+ dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL); -+ -+ rc = semanage_copy_file(src, dst, sh->conf->file_mode); -+ if (rc != 0) { -+ goto cleanup; -+ } -+ -+cleanup: -+ return rc; -+} -diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h -index 62c7079..ade43f2 100644 ---- a/libsemanage/src/semanage_store.h -+++ b/libsemanage/src/semanage_store.h -@@ -55,6 +55,8 @@ enum semanage_sandbox_defs { - SEMANAGE_DISABLE_DONTAUDIT, - SEMANAGE_PRESERVE_TUNABLES, - SEMANAGE_MODULES_DISABLED, -+ SEMANAGE_STORE_KERNEL, -+ SEMANAGE_STORE_FC_LOCAL, - SEMANAGE_STORE_NUM_PATHS - }; - -@@ -148,4 +150,7 @@ int semanage_nc_sort(semanage_handle_t * sh, - size_t buf_len, - char **sorted_buf, size_t * sorted_buf_len); - -+int semanage_copy_policydb(semanage_handle_t *sh); -+int semanage_copy_fc_local(semanage_handle_t *sh); -+ - #endif -diff --git a/libsemanage/src/users_base_policydb.c b/libsemanage/src/users_base_policydb.c -index 0a6ab9c..b42279c 100644 ---- a/libsemanage/src/users_base_policydb.c -+++ b/libsemanage/src/users_base_policydb.c -@@ -50,10 +50,8 @@ int user_base_policydb_dbase_init(semanage_handle_t * handle, - { - - if (dbase_policydb_init(handle, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_KERNEL), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_KERNEL), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_KERNEL), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), - &SEMANAGE_USER_BASE_RTABLE, - &SEMANAGE_USER_BASE_POLICYDB_RTABLE, - &dconfig->dbase) < 0) -diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store -index 2f85e9c..b170eda 100755 ---- a/libsemanage/utils/semanage_migrate_store -+++ b/libsemanage/utils/semanage_migrate_store -@@ -243,7 +243,8 @@ if __name__ == "__main__": - "users.local", - "users_extra.local", - "disable_dontaudit", -- "preserve_tunables" ] -+ "preserve_tunables", -+ "policy.kern" ] - - - create_dir(newroot_path(), 0o755) --- -2.4.6 - diff --git a/sys-libs/libsemanage/files/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch b/sys-libs/libsemanage/files/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch deleted file mode 100644 index 24e9778015ab..000000000000 --- a/sys-libs/libsemanage/files/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch +++ /dev/null @@ -1,265 +0,0 @@ -From d56c2b434e99f60612c1290e82021ecbcbfaf5e6 Mon Sep 17 00:00:00 2001 -From: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> -Date: Tue, 21 Jul 2015 15:08:15 -0400 -Subject: [PATCH] libsemanage: Add file_contexts and seusers to the store - -This patch writes file_contexts and seusers to the policy store as well as -/etc/selinux/. Additionally, file_contexts and seusers are now parsed from the -store rather than the final directory which was the old behavior. This allows -all policy related files to be kept in the policy store. - -Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> ---- - libsemanage/src/direct_api.c | 69 +++++++++++++++++++++++++------- - libsemanage/src/semanage_store.c | 49 ++++------------------- - libsemanage/src/semanage_store.h | 5 ++- - libsemanage/utils/semanage_migrate_store | 3 +- - 4 files changed, 66 insertions(+), 60 deletions(-) - -diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c -index 3c6b168..b11f2ba 100644 ---- a/libsemanage/src/direct_api.c -+++ b/libsemanage/src/direct_api.c -@@ -248,18 +248,14 @@ int semanage_direct_connect(semanage_handle_t * sh) - goto err; - - if (fcontext_file_dbase_init(sh, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_FC), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_FC), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_FC), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), - semanage_fcontext_dbase_policy(sh)) < 0) - goto err; - - if (seuser_file_dbase_init(sh, -- semanage_final_path(SEMANAGE_FINAL_SELINUX, -- SEMANAGE_SEUSERS), -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_SEUSERS), -+ semanage_path(SEMANAGE_ACTIVE, SEMANAGE_STORE_SEUSERS), -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS), - semanage_seuser_dbase_policy(sh)) < 0) - goto err; - -@@ -602,7 +598,7 @@ static int semanage_direct_update_seuser(semanage_handle_t * sh, cil_db_t *cildb - } - - if (size > 0) { -- ofilename = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_SEUSERS); -+ ofilename = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS); - if (ofilename == NULL) { - return -1; - } -@@ -1039,7 +1035,8 @@ static int semanage_direct_commit(semanage_handle_t * sh) - size_t fc_buffer_len = 0; - const char *ofilename = NULL; - const char *path; -- int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0; -+ int retval = -1, num_modinfos = 0, i, missing_policy_kern = 0, -+ missing_seusers = 0, missing_fc = 0, missing = 0; - sepol_policydb_t *out = NULL; - struct cil_db *cildb = NULL; - semanage_module_info_t *modinfos = NULL; -@@ -1151,10 +1148,26 @@ static int semanage_direct_commit(semanage_handle_t * sh) - if (access(path, F_OK) != 0) { - missing_policy_kern = 1; - } -+ -+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC); -+ -+ if (access(path, F_OK) != 0) { -+ missing_fc = 1; -+ } -+ -+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS); -+ -+ if (access(path, F_OK) != 0) { -+ missing_seusers = 1; -+ } - } - -+ missing |= missing_policy_kern; -+ missing |= missing_fc; -+ missing |= missing_seusers; -+ - /* If there were policy changes, or explicitly requested, rebuild the policy */ -- if (sh->do_rebuild || modified || missing_policy_kern) { -+ if (sh->do_rebuild || modified || missing) { - /* =================== Module expansion =============== */ - - retval = semanage_get_active_modules(sh, &modinfos, &num_modinfos); -@@ -1312,15 +1325,41 @@ static int semanage_direct_commit(semanage_handle_t * sh) - if (retval < 0) - goto cleanup; - -- retval = semanage_copy_policydb(sh); -- if (retval < 0) -+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), -+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL), -+ sh->conf->file_mode); -+ if (retval < 0) { - goto cleanup; -+ } - - path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); - if (access(path, F_OK) == 0) { -- retval = semanage_copy_fc_local(sh); -- if (retval < 0) -+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL), -+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL), -+ sh->conf->file_mode); -+ if (retval < 0) { - goto cleanup; -+ } -+ } -+ -+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC); -+ if (access(path, F_OK) == 0) { -+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), -+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC), -+ sh->conf->file_mode); -+ if (retval < 0) { -+ goto cleanup; -+ } -+ } -+ -+ path = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS); -+ if (access(path, F_OK) == 0) { -+ retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS), -+ semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_SEUSERS), -+ sh->conf->file_mode); -+ if (retval < 0) { -+ goto cleanup; -+ } - } - - /* run genhomedircon if its enabled, this should be the last operation -diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c -index 2856aaf..fa0876f 100644 ---- a/libsemanage/src/semanage_store.c -+++ b/libsemanage/src/semanage_store.c -@@ -111,7 +111,9 @@ static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = { - "/preserve_tunables", - "/modules/disabled", - "/policy.kern", -- "/file_contexts.local" -+ "/file_contexts.local", -+ "/file_contexts", -+ "/seusers" - }; - - static char const * const semanage_final_prefix[SEMANAGE_FINAL_NUM] = { -@@ -666,7 +668,7 @@ static int semanage_filename_select(const struct dirent *d) - - /* Copies a file from src to dst. If dst already exists then - * overwrite it. Returns 0 on success, -1 on error. */ --static int semanage_copy_file(const char *src, const char *dst, mode_t mode) -+int semanage_copy_file(const char *src, const char *dst, mode_t mode) - { - int in, out, retval = 0, amount_read, n, errsv = errno; - char tmp[PATH_MAX]; -@@ -1425,11 +1427,11 @@ int semanage_split_fc(semanage_handle_t * sh) - goto cleanup; - } - -- fc = open(semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC), -+ fc = open(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), - O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); - if (fc < 0) { - ERR(sh, "Could not open %s for writing.", -- semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC)); -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC)); - goto cleanup; - } - hd = open(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL), -@@ -1454,8 +1456,7 @@ int semanage_split_fc(semanage_handle_t * sh) - } else { - if (write(fc, buf, strlen(buf)) < 0) { - ERR(sh, "Write to %s failed.", -- semanage_final_path(SEMANAGE_FINAL_TMP, -- SEMANAGE_FC)); -+ semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC)); - goto cleanup; - } - } -@@ -2914,39 +2915,3 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, - - return 0; - } -- --int semanage_copy_policydb(semanage_handle_t *sh) --{ -- const char *src = NULL; -- const char *dst = NULL; -- int rc = -1; -- -- src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL); -- dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL); -- -- rc = semanage_copy_file(src, dst, sh->conf->file_mode); -- if (rc != 0) { -- goto cleanup; -- } -- --cleanup: -- return rc; --} -- --int semanage_copy_fc_local(semanage_handle_t *sh) --{ -- const char *src = NULL; -- const char *dst = NULL; -- int rc = -1; -- -- src = semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL); -- dst = semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL); -- -- rc = semanage_copy_file(src, dst, sh->conf->file_mode); -- if (rc != 0) { -- goto cleanup; -- } -- --cleanup: -- return rc; --} -diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h -index ade43f2..acb6e3f 100644 ---- a/libsemanage/src/semanage_store.h -+++ b/libsemanage/src/semanage_store.h -@@ -57,6 +57,8 @@ enum semanage_sandbox_defs { - SEMANAGE_MODULES_DISABLED, - SEMANAGE_STORE_KERNEL, - SEMANAGE_STORE_FC_LOCAL, -+ SEMANAGE_STORE_FC, -+ SEMANAGE_STORE_SEUSERS, - SEMANAGE_STORE_NUM_PATHS - }; - -@@ -150,7 +152,6 @@ int semanage_nc_sort(semanage_handle_t * sh, - size_t buf_len, - char **sorted_buf, size_t * sorted_buf_len); - --int semanage_copy_policydb(semanage_handle_t *sh); --int semanage_copy_fc_local(semanage_handle_t *sh); -+int semanage_copy_file(const char *src, const char *dst, mode_t mode); - - #endif -diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store -index b170eda..6443002 100755 ---- a/libsemanage/utils/semanage_migrate_store -+++ b/libsemanage/utils/semanage_migrate_store -@@ -244,7 +244,8 @@ if __name__ == "__main__": - "users_extra.local", - "disable_dontaudit", - "preserve_tunables", -- "policy.kern" ] -+ "policy.kern", -+ "file_contexts"] - - - create_dir(newroot_path(), 0o755) --- -2.4.6 - diff --git a/sys-libs/libsemanage/files/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch b/sys-libs/libsemanage/files/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch deleted file mode 100644 index 3bc1370ccb10..000000000000 --- a/sys-libs/libsemanage/files/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 75dd8c062d1f6f0e0a7a9f1856c0957b423e8a02 Mon Sep 17 00:00:00 2001 -From: Steve Lawrence <slawrence@tresys.com> -Date: Thu, 3 Sep 2015 09:28:08 -0400 -Subject: [PATCH 1/3] libsemanage: save homedir_template in the policy store - for genhomedircon - -We don't currently store homedir_template in the policy store, which -means genhomedircon only has a template file to use if the -homedir_template was generated from the file contexts in the same -transaction. But homedir_template isn't always generated, as in the -case with setsebool -P. In this and other cases, genhomedircon will not -have a template file resulting in an empty file_contexts.homedir file. - -This commit changes this so that homedir_template is always stored in -the policy store so it can be used by genhomedircon regardless of how -policy was built. Also add the homedir_template file to the migration -script. - -Signed-off by: Steve Lawrence <slawrence@tresys.com> -Acked-by: Stephen Smalley <sds@tycho.nsa.gov> ---- - libsemanage/src/direct_api.c | 1 - - libsemanage/utils/semanage_migrate_store | 3 ++- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c -index 90a7b22..6e49cae 100644 ---- a/libsemanage/src/direct_api.c -+++ b/libsemanage/src/direct_api.c -@@ -1415,7 +1415,6 @@ static int semanage_direct_commit(semanage_handle_t * sh) - - /* remove files that are automatically generated and no longer needed */ - unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); -- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL)); - unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA)); - - if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) { -diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store -index 539f469..297c71b 100755 ---- a/libsemanage/utils/semanage_migrate_store -+++ b/libsemanage/utils/semanage_migrate_store -@@ -251,7 +251,8 @@ if __name__ == "__main__": - "disable_dontaudit", - "preserve_tunables", - "policy.kern", -- "file_contexts"] -+ "file_contexts", -+ "homedir_template"] - - - create_dir(newroot_path(), 0o755) --- -2.4.6 - diff --git a/sys-libs/libsemanage/files/0005-libsemanage-store-users_extra-in-the-policy-store.patch b/sys-libs/libsemanage/files/0005-libsemanage-store-users_extra-in-the-policy-store.patch deleted file mode 100644 index 1aca2addb67c..000000000000 --- a/sys-libs/libsemanage/files/0005-libsemanage-store-users_extra-in-the-policy-store.patch +++ /dev/null @@ -1,57 +0,0 @@ -From dbc639a35af71eec1a1b386b74a822d794bb59df Mon Sep 17 00:00:00 2001 -From: Steve Lawrence <slawrence@tresys.com> -Date: Thu, 3 Sep 2015 13:07:36 -0400 -Subject: [PATCH 2/3] libsemanage: store users_extra in the policy store - -users_extra is needed by genhomedircon and when listing seusers, so it -must be kept in the policy store. Also move the FC_TMPL unlink() closer -to where the FC_TMPL is created; not a functional change, but eaiser to -follow. - -Signed-off-by: Steve Lawrence <slawrence@tresys.com> -Acked-by: Stephen Smalley <sds@tycho.nsa.gov> ---- - libsemanage/src/direct_api.c | 7 +++---- - libsemanage/utils/semanage_migrate_store | 1 + - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c -index 6e49cae..68dd0d1 100644 ---- a/libsemanage/src/direct_api.c -+++ b/libsemanage/src/direct_api.c -@@ -1272,6 +1272,9 @@ static int semanage_direct_commit(semanage_handle_t * sh) - if (retval < 0) - goto cleanup; - -+ /* remove FC_TMPL now that it is now longer needed */ -+ unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); -+ - pfcontexts->dtable->drop_cache(pfcontexts->dbase); - - /* SEUsers */ -@@ -1413,10 +1416,6 @@ static int semanage_direct_commit(semanage_handle_t * sh) - sepol_policydb_free(out); - out = NULL; - -- /* remove files that are automatically generated and no longer needed */ -- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); -- unlink(semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA)); -- - if (sh->do_rebuild || modified || bools_modified || fcontexts_modified) { - retval = semanage_install_sandbox(sh); - } -diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store -index 297c71b..b5eefaa 100755 ---- a/libsemanage/utils/semanage_migrate_store -+++ b/libsemanage/utils/semanage_migrate_store -@@ -247,6 +247,7 @@ if __name__ == "__main__": - "file_contexts.local", - "seusers", - "users.local", -+ "users_extra", - "users_extra.local", - "disable_dontaudit", - "preserve_tunables", --- -2.4.6 - diff --git a/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild b/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild deleted file mode 100644 index 2d6bc07413ea..000000000000 --- a/sys-libs/libsemanage/libsemanage-2.2-r2.ebuild +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" -PYTHON_COMPAT=( python2_7 python3_3 ) - -inherit multilib python-r1 toolchain-funcs eutils multilib-minimal - -SEPOL_VER="2.2" -SELNX_VER="2.2.2-r1" - -DESCRIPTION="SELinux kernel and policy management library" -HOMEPAGE="http://userspace.selinuxproject.org" -SRC_URI="http://userspace.selinuxproject.org/releases/20131030/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="python" - -RDEPEND=">=sys-libs/libsepol-${SEPOL_VER} - >=sys-libs/libselinux-${SELNX_VER} - dev-libs/ustr - sys-process/audit" -DEPEND="${RDEPEND} - sys-devel/bison - sys-devel/flex - python? ( - >=dev-lang/swig-2.0.4-r1 - virtual/pkgconfig - ${PYTHON_DEPS} - )" - -# tests are not meant to be run outside of the -# full SELinux userland repo -RESTRICT="test" - -src_prepare() { - echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" - echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" - echo "# or debugging of policy." >> "${S}/src/semanage.conf" - echo "save-linked=false" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" - echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" - echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" - echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" - echo "# would catch." >> "${S}/src/semanage.conf" - echo "expand-check=1" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" - echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" - echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" - echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" - echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" - echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" - echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" - echo "bzip-small=true" >> "${S}/src/semanage.conf" - - epatch_user - - multilib_copy_sources -} - -multilib_src_compile() { - emake AR="$(tc-getAR)" CC="$(tc-getCC)" all || die - - if multilib_is_native_abi && use python; then - building() { - python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH - emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" - } - python_foreach_impl building swigify - python_foreach_impl building pywrap - fi -} - -multilib_src_install() { - LIBDIR="\$(PREFIX)/$(get_libdir)" SHLIBDIR="\$(PREFIX)/$(get_libdir)" \ - emake DESTDIR="${D}" install - - if multilib_is_native_abi && use python; then - installation() { - emake DESTDIR="${D}" install-pywrap - } - python_foreach_impl installation - fi -} diff --git a/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild b/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild deleted file mode 100644 index 3e52b94dee8f..000000000000 --- a/sys-libs/libsemanage/libsemanage-2.3-r4.ebuild +++ /dev/null @@ -1,104 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" -PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) - -inherit multilib python-r1 toolchain-funcs eutils multilib-minimal - -MY_P="${P//_/-}" - -SEPOL_VER="2.3" -SELNX_VER="2.3" - -DESCRIPTION="SELinux kernel and policy management library" -HOMEPAGE="http://userspace.selinuxproject.org" -SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20140506/${MY_P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="python" - -RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] - >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] - >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] - >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] - " -DEPEND="${RDEPEND} - sys-devel/bison - sys-devel/flex - python? ( - >=dev-lang/swig-2.0.4-r1 - virtual/pkgconfig - ${PYTHON_DEPS} - )" - -# tests are not meant to be run outside of the -# full SELinux userland repo -RESTRICT="test" - -S="${WORKDIR}/${MY_P}" - -src_prepare() { - echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" - echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" - echo "# or debugging of policy." >> "${S}/src/semanage.conf" - echo "save-linked=false" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" - echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" - echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" - echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" - echo "# would catch." >> "${S}/src/semanage.conf" - echo "expand-check=1" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" - echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" - echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" - echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" - echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" - echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" - echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" - echo "bzip-small=true" >> "${S}/src/semanage.conf" - - epatch_user - - multilib_copy_sources -} - -multilib_src_compile() { - emake \ - AR="$(tc-getAR)" \ - CC="$(tc-getCC)" \ - LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ - all - - if multilib_is_native_abi && use python; then - building_py() { - python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH - emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" - python_optimize # bug 531638 - } - python_foreach_impl building_py swigify - python_foreach_impl building_py pywrap - fi -} - -multilib_src_install() { - emake \ - LIBDIR="${ED}/usr/$(get_libdir)" \ - SHLIBDIR="${ED}/usr/$(get_libdir)" \ - DESTDIR="${ED}" install - - if multilib_is_native_abi && use python; then - installation_py() { - emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ - SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap - } - python_foreach_impl installation_py - fi -} diff --git a/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild b/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild deleted file mode 100644 index f28af4cb58c8..000000000000 --- a/sys-libs/libsemanage/libsemanage-2.4-r1.ebuild +++ /dev/null @@ -1,127 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" -PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) - -inherit multilib python-r1 toolchain-funcs eutils multilib-minimal - -MY_P="${P//_/-}" - -SEPOL_VER="${PV}" -SELNX_VER="${PV}" - -DESCRIPTION="SELinux kernel and policy management library" -HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" -SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="python" - -RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] - >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] - >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] - >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] - " -DEPEND="${RDEPEND} - sys-devel/bison - sys-devel/flex - python? ( - >=dev-lang/swig-2.0.4-r1 - virtual/pkgconfig - ${PYTHON_DEPS} - )" - -# tests are not meant to be run outside of the -# full SELinux userland repo -RESTRICT="test" - -S="${WORKDIR}/${MY_P}" - -src_prepare() { - echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" - echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" - echo "# or debugging of policy." >> "${S}/src/semanage.conf" - echo "save-linked=false" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" - echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" - echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" - echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" - echo "# would catch." >> "${S}/src/semanage.conf" - echo "expand-check=1" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" - echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" - echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" - echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" - echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" - echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" - echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" - echo "bzip-small=true" >> "${S}/src/semanage.conf" - - epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" - - epatch_user - - multilib_copy_sources -} - -multilib_src_compile() { - emake \ - AR="$(tc-getAR)" \ - CC="$(tc-getCC)" \ - LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ - all - - if multilib_is_native_abi && use python; then - building_py() { - python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH - emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" - } - python_foreach_impl building_py swigify - python_foreach_impl building_py pywrap - fi -} - -multilib_src_install() { - emake \ - LIBDIR="${ED}/usr/$(get_libdir)" \ - SHLIBDIR="${ED}/usr/$(get_libdir)" \ - DESTDIR="${ED}" install - - if multilib_is_native_abi && use python; then - installation_py() { - emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ - SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap - python_optimize # bug 531638 - } - python_foreach_impl installation_py - fi -} - -pkg_postinst() { - # Migrate the SELinux semanage configuration store if not done already - local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' /etc/selinux/config); - if [ -n "${selinuxtype}" ] && [ ! -d /var/lib/selinux/${mcs}/active ] ; then - ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" - ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." - ewarn "If there are any issues, it can be done manually by running:" - ewarn "/usr/libexec/selinux/semanage_migrate_store" - ewarn "For more information, please see" - ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" - fi - - # Run the store migration without rebuilds - for POLICY_TYPE in ${POLICY_TYPES} ; do - if [ ! -d "${ROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then - einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." - /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" - fi - done -} diff --git a/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild b/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild deleted file mode 100644 index 9e0890f8c6a7..000000000000 --- a/sys-libs/libsemanage/libsemanage-2.4-r2.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" -PYTHON_COMPAT=( python2_7 python3_3 python3_4 ) - -inherit multilib python-r1 toolchain-funcs eutils multilib-minimal - -MY_P="${P//_/-}" - -SEPOL_VER="${PV}" -SELNX_VER="${PV}" - -DESCRIPTION="SELinux kernel and policy management library" -HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" -SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20150202/${MY_P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~arm ~arm64 ~mips x86" -IUSE="python" - -RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}] - >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}] - >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] - >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}] - " -DEPEND="${RDEPEND} - sys-devel/bison - sys-devel/flex - python? ( - >=dev-lang/swig-2.0.4-r1 - virtual/pkgconfig - ${PYTHON_DEPS} - )" - -# tests are not meant to be run outside of the -# full SELinux userland repo -RESTRICT="test" - -S="${WORKDIR}/${MY_P}" - -src_prepare() { - echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf" - echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf" - echo "# or debugging of policy." >> "${S}/src/semanage.conf" - echo "save-linked=false" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf" - echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf" - echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf" - echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf" - echo "# would catch." >> "${S}/src/semanage.conf" - echo "expand-check=1" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf" - echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf" - echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf" - echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf" - echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf" - echo "bzip-blocksize=0" >> "${S}/src/semanage.conf" - echo >> "${S}/src/semanage.conf" - echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf" - echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf" - echo "bzip-small=true" >> "${S}/src/semanage.conf" - - epatch "${FILESDIR}/0001-libsemanage-do-not-copy-contexts-in-semanage_migrate.patch" \ - "${FILESDIR}/0002-libsemanage-Add-policy-binary-and-file_contexts.loca.patch" \ - "${FILESDIR}/0003-libsemanage-Add-file_contexts-and-seusers-to-the-sto.patch" \ - "${FILESDIR}/0004-libsemanage-save-homedir_template-in-the-policy-stor.patch" \ - "${FILESDIR}/0005-libsemanage-store-users_extra-in-the-policy-store.patch" - epatch "${FILESDIR}"/${PN}-2.4-build-paths.patch - - epatch_user - - multilib_copy_sources -} - -multilib_src_compile() { - emake \ - AR="$(tc-getAR)" \ - CC="$(tc-getCC)" \ - LIBDIR="${EPREFIX}/usr/$(get_libdir)" \ - all - - if multilib_is_native_abi && use python; then - building_py() { - python_export PYTHON_INCLUDEDIR PYTHON_LIBPATH - emake CC="$(tc-getCC)" PYINC="-I${PYTHON_INCLUDEDIR}" PYTHONLBIDIR="${PYTHON_LIBPATH}" PYPREFIX="${EPYTHON##*/}" "$@" - } - python_foreach_impl building_py swigify - python_foreach_impl building_py pywrap - fi -} - -multilib_src_install() { - emake \ - LIBDIR="${ED}/usr/$(get_libdir)" \ - SHLIBDIR="${ED}/usr/$(get_libdir)" \ - DESTDIR="${ED}" install - - if multilib_is_native_abi && use python; then - installation_py() { - emake DESTDIR="${ED}" LIBDIR="${ED}/usr/$(get_libdir)" \ - SHLIBDIR="${ED}/usr/$(get_libdir)" install-pywrap - python_optimize # bug 531638 - } - python_foreach_impl installation_py - fi -} - -pkg_postinst() { - # Migrate the SELinux semanage configuration store if not done already - local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' "${EROOT}"/etc/selinux/config 2>/dev/null) - if [ -n "${selinuxtype}" ] && [ ! -d "${EROOT}"/var/lib/selinux/${mcs}/active ] ; then - ewarn "Since the 2.4 SELinux userspace, the policy module store is moved" - ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now." - ewarn "If there are any issues, it can be done manually by running:" - ewarn "/usr/libexec/selinux/semanage_migrate_store" - ewarn "For more information, please see" - ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration" - fi - - # Run the store migration without rebuilds - for POLICY_TYPE in ${POLICY_TYPES} ; do - if [ ! -d "${EROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then - einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)." - /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}" - fi - done -} |