summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason Zaman <perfinion@gentoo.org>2015-10-26 13:50:25 +0800
committerJason Zaman <perfinion@gentoo.org>2015-10-26 13:51:15 +0800
commitf92f6a99787e10d1713ab2b81892ece30573d474 (patch)
treedc555501b507b392e5fb021026258180602af03c /sec-policy
parentdev-ruby/listen: fix file collision, bug 564122 (diff)
downloadgentoo-f92f6a99787e10d1713ab2b81892ece30573d474.tar.gz
gentoo-f92f6a99787e10d1713ab2b81892ece30573d474.tar.bz2
gentoo-f92f6a99787e10d1713ab2b81892ece30573d474.zip
sec-policy/selinux-base: Add selinux useflag to live ebuild
Package-Manager: portage-2.2.20.1
Diffstat (limited to 'sec-policy')
-rw-r--r--sec-policy/selinux-base/selinux-base-9999.ebuild39
1 files changed, 20 insertions, 19 deletions
diff --git a/sec-policy/selinux-base/selinux-base-9999.ebuild b/sec-policy/selinux-base/selinux-base-9999.ebuild
index c67def266af..d86db33d977 100644
--- a/sec-policy/selinux-base/selinux-base-9999.ebuild
+++ b/sec-policy/selinux-base/selinux-base-9999.ebuild
@@ -20,7 +20,7 @@ else
KEYWORDS="~amd64 ~x86"
fi
-IUSE="+peer_perms +open_perms +ubac +unconfined doc"
+IUSE="doc +open_perms +peer_perms systemd +ubac +unconfined"
DESCRIPTION="Gentoo base policy for SELinux"
HOMEPAGE="https://www.gentoo.org/proj/en/hardened/selinux/"
@@ -36,10 +36,6 @@ DEPEND="${RDEPEND}
S=${WORKDIR}/
-#src_unpack() {
-# git-2_src_unpack
-#}
-
src_prepare() {
if [[ ${PV} != 9999* ]]; then
# Apply the gentoo patches to the policy. These patches are only necessary
@@ -64,12 +60,12 @@ src_configure() {
if ! use peer_perms; then
sed -i -e '/network_peer_controls/d' \
- "${S}/refpolicy/policy/policy_capabilities"
+ "${S}/refpolicy/policy/policy_capabilities" || die
fi
if ! use open_perms; then
sed -i -e '/open_perms/d' \
- "${S}/refpolicy/policy/policy_capabilities"
+ "${S}/refpolicy/policy/policy_capabilities" || die
fi
if ! use ubac; then
@@ -77,20 +73,25 @@ src_configure() {
|| die "Failed to disable User Based Access Control"
fi
- echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf"
+ if use systemd; then
+ sed -i -e '/^SYSTEMD/s/n/y/' "${S}/refpolicy/build.conf" \
+ || die "Failed to enable SystemD"
+ fi
+
+ echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" || die
# Prepare initial configuration
- cd "${S}/refpolicy";
+ cd "${S}/refpolicy" || die
make conf || die "Make conf failed"
# Setup the policies based on the types delivered by the end user.
# These types can be "targeted", "strict", "mcs" and "mls".
for i in ${POLICY_TYPES}; do
- cp -a "${S}/refpolicy" "${S}/${i}"
- cd "${S}/${i}";
+ cp -a "${S}/refpolicy" "${S}/${i}" || die
+ cd "${S}/${i}" || die
#cp "${FILESDIR}/modules-2.20120215.conf" "${S}/${i}/policy/modules.conf"
- sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf"
+ sed -i -e "/= module/d" "${S}/${i}/policy/modules.conf" || die
sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \
"${S}/${i}/build.conf" || die "build.conf setup failed."
@@ -120,10 +121,10 @@ src_compile() {
[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs"
for i in ${POLICY_TYPES}; do
- cd "${S}/${i}"
- emake base || die "${i} compile failed"
+ cd "${S}/${i}" || die
+ emake base
if use doc; then
- make html || die
+ emake html
fi
done
}
@@ -132,7 +133,7 @@ src_install() {
[ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs"
for i in ${POLICY_TYPES}; do
- cd "${S}/${i}"
+ cd "${S}/${i}" || die
make DESTDIR="${D}" install \
|| die "${i} install failed."
@@ -140,9 +141,9 @@ src_install() {
make DESTDIR="${D}" install-headers \
|| die "${i} headers install failed."
- echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type"
+ echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" || die
- echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types"
+ echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" || die
# libsemanage won't make this on its own
keepdir "/etc/selinux/${i}/policy"
@@ -164,5 +165,5 @@ src_install() {
doins "${FILESDIR}/config"
insinto /usr/share/portage/config/sets
- doins "${FILESDIR}/selinux.conf" || die "failed to install selinux-rebuild portage set"
+ doins "${FILESDIR}/selinux.conf"
}