diff options
| author |   Kenton Groombridge <concord@gentoo.org> | 2022-11-15 15:10:08 -0500 |
|---|---|---|
| committer | Kenton Groombridge <concord@gentoo.org> | 2022-11-15 15:13:43 -0500 |
| commit | e19fe5aa6d91136cb0d7f728de2decbb676662f1 (patch) | |
| tree | a8d96ebc537d7644c40301e7398e21a576a0ddea /sec-policy/selinux-base-policy | |
| parent | sec-policy: stabilize SELinux policies 2.20221101-r2 (diff) | |
| download | gentoo-e19fe5aa6d91136cb0d7f728de2decbb676662f1.tar.gz gentoo-e19fe5aa6d91136cb0d7f728de2decbb676662f1.tar.bz2 gentoo-e19fe5aa6d91136cb0d7f728de2decbb676662f1.zip | |
sec-policy: drop old SELinux policies
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
Diffstat (limited to 'sec-policy/selinux-base-policy')
| -rw-r--r-- | sec-policy/selinux-base-policy/Manifest | 2 | ||||
| -rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20220106-r3.ebuild | 141 |
2 files changed, 0 insertions, 143 deletions
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index fc5012b48849..101847927d32 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -1,6 +1,4 @@ -DIST patchbundle-selinux-base-policy-2.20220106-r3.tar.bz2 309416 BLAKE2B 89852cce079300edcb00da41cfe42ea5041507f7d0a2a9897a4bd14f3ac68edfcc40ef49320e5ab826b1abb7fe7fc7ca4268042bbc019b3c76a58b9e112601c3 SHA512 4e23ad5e83df6c3501f0ac0a7201786d9f00809bedef248ae3a4b6af994e0006aaf70151c29ca21bb1c9c8887cc5bfeb18389d4f8e3bd3861c61d2d95d3a4e75 DIST patchbundle-selinux-base-policy-2.20220520-r1.tar.bz2 294472 BLAKE2B 12dbda1952bde3db32758470735327c9934f42128dd54513c5a5d082d41cc73e39f49567dafa6abca3fd9d7d036e3a032a26a572e3ba3871de451a78f3757057 SHA512 d75e66f484281d1987e9c6fbe18a483934af39f28f908cfd21c14ba72acbf2ce9afc3bb9211f83e17badbbfaeadbd5263845dc8535eb28bf3b6b56f89db62d43 DIST patchbundle-selinux-base-policy-2.20221101-r2.tar.bz2 285989 BLAKE2B e6c5851c4f9b4cbe3f0b478d72e20a1ce05ce85dd0b11d2be7a9a6a4a6c4091e70c092307ed8a1c626a39e13e6437417bc78875fc5985e7d652c69f4644d347e SHA512 8d881cd42f1da699af7ea39023fcc2d89fab5b2476975e2ab8764ad110b237cbf44d1688499d6cbc0514ee538f7770f391a3e2df32e8980f1af6a509ea9ffd78 -DIST refpolicy-2.20220106.tar.bz2 560342 BLAKE2B bc0e65466333e02acb48adbb28b8176d3c8e508b2ff97d4f8a876d7c0a65534a62d86c9816ac59f6eed583f4b5c51cf432643edd2dad24dd51eb3cf22e2b75ac SHA512 794327d2dd07196b5f36771f9a961cdf294cf68f690735418d6bdd859499b7007c518cc022ccca9c245a5266b85bdb7cacdcaeefee14e4800937c9101476b373 DIST refpolicy-2.20220520.tar.bz2 577155 BLAKE2B d4352009ef5eb8599feb4adbec0ecef7fd5c9617b820300ab5e95723ddc790dc9244628417c71097ea3f7fff47c1d47a6e4a39da539e6b662acfd9d7ea8cc190 SHA512 eeeca3817fd305f82f62a53ae9c5120775fdf6f6c57d5420584e225019cd66357f7da119e8ea8f21549631d14b1c8076e9ac81aa4907de6c6fa0d7fc827b67ff DIST refpolicy-2.20221101.tar.bz2 583183 BLAKE2B 783d8af40fd77d7ddb848dba32e91921dd7c1380c094c45b719ada7b15f91aacbb52b410ffa6341f2f705ecbc9674b8570bd4867ce998e944fa0054ffd8bdf74 SHA512 29e5a29d90f714018c88fead2d5006ea90338fb5b7a1e4e98cb2e588c96cd861871d32176f6cc6f7c4e864ce5acae1aeed85d4c706ce2da8168986535baaf3a6 diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20220106-r3.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20220106-r3.ebuild deleted file mode 100644 index 53278241d091..000000000000 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20220106-r3.ebuild +++ /dev/null @@ -1,141 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -if [[ ${PV} == 9999* ]]; then - EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}" - EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}" - EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy" - - inherit git-r3 -else - SRC_URI="https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_${PV/./_}/refpolicy-${PV}.tar.bz2 - https://dev.gentoo.org/~perfinion/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2" - KEYWORDS="amd64 arm arm64 ~mips x86" -fi - -HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux" -DESCRIPTION="SELinux policy for core modules" - -IUSE="systemd +unconfined" - -PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" -DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" -RDEPEND="${DEPEND}" -BDEPEND=" - sys-apps/checkpolicy - sys-devel/m4" - -MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" -DEL_MODS="hotplug" -LICENSE="GPL-2" -SLOT="0" -S="${WORKDIR}/" - -# Code entirely copied from selinux-eclass (cannot inherit due to dependency on -# itself), when reworked reinclude it. Only postinstall (where -b base.pp is -# added) needs to remain then. - -pkg_pretend() { - for i in ${POLICY_TYPES}; do - if [[ "${i}" == "targeted" ]] && ! use unconfined; then - die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory." - fi - done -} - -src_prepare() { - local modfiles - - if [[ ${PV} != 9999* ]]; then - einfo "Applying SELinux policy updates ... " - eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch" - fi - - eapply_user - - # Collect only those files needed for this particular module - for i in ${MODS}; do - modfiles="$(find "${S}"/refpolicy/policy/modules -iname $i.te) $modfiles" - modfiles="$(find "${S}"/refpolicy/policy/modules -iname $i.fc) $modfiles" - done - - for i in ${DEL_MODS}; do - [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" - done - - for i in ${POLICY_TYPES}; do - mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" - cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ - || die "Failed to copy Makefile.example to ${S}/${i}/Makefile" - - cp ${modfiles} "${S}"/${i} \ - || die "Failed to copy the module files to ${S}/${i}" - done -} - -src_compile() { - for i in ${POLICY_TYPES}; do - emake NAME=$i SHAREDIR="${SYSROOT%/}/usr/share/selinux" -C "${S}"/${i} - done -} - -src_install() { - local BASEDIR="/usr/share/selinux" - - for i in ${POLICY_TYPES}; do - for j in ${MODS}; do - einfo "Installing ${i} ${j} policy package" - insinto ${BASEDIR}/${i} - doins "${S}"/${i}/${j}.pp - done - done -} - -pkg_postinst() { - # Set root path and don't load policy into the kernel when cross compiling - local root_opts="" - if [[ "${ROOT}" != "" ]]; then - root_opts="-p ${ROOT} -n" - fi - - # Override the command from the eclass, we need to load in base as well here - local COMMAND="-i base.pp" - if has_version "<sys-apps/policycoreutils-2.5"; then - COMMAND="-b base.pp" - fi - - for i in ${MODS}; do - COMMAND="${COMMAND} -i ${i}.pp" - done - - for i in ${POLICY_TYPES}; do - einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - - cd "${ROOT}/usr/share/selinux/${i}" - - semodule ${root_opts} -s ${i} ${COMMAND} - - for mod in ${DEL_MODS}; do - if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then - einfo "Removing obsolete ${i} ${mod} policy package" - semodule ${root_opts} -s ${i} -r ${mod} - fi - done - done - - # Don't relabel when cross compiling - if [[ "${ROOT}" == "" ]]; then - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; - fi - fi -} |