From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SR0zZ-0004gu-2D for garchives@archives.gentoo.org; Sun, 06 May 2012 12:55:14 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 03157E06B1; Sun, 6 May 2012 12:55:02 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 97D21E06B1 for ; Sun, 6 May 2012 12:55:02 +0000 (UTC) Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id C4E111B4012 for ; Sun, 6 May 2012 12:55:01 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by hornbill.gentoo.org (Postfix) with ESMTP id 8E991E5402 for ; Sun, 6 May 2012 12:55:00 +0000 (UTC) From: "Sven Vermeulen" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" Message-ID: <1336308864.e95413ff93f9f24d287d65591ff5746d277842ec.SwifT@gentoo> Subject: [gentoo-commits] proj/hardened-dev:master commit in: sys-libs/libselinux/files/, sys-libs/libselinux/ X-VCS-Repository: proj/hardened-dev X-VCS-Files: sys-libs/libselinux/ChangeLog sys-libs/libselinux/files/libselinux-2.1.9-mountsys.patch sys-libs/libselinux/libselinux-2.1.9-r1.ebuild sys-libs/libselinux/metadata.xml X-VCS-Directories: sys-libs/libselinux/files/ sys-libs/libselinux/ X-VCS-Committer: SwifT X-VCS-Committer-Name: Sven Vermeulen X-VCS-Revision: e95413ff93f9f24d287d65591ff5746d277842ec X-VCS-Branch: master Date: Sun, 6 May 2012 12:55:00 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 0dfd66e9-7b2e-43ad-8f60-1492fbb2b49c X-Archives-Hash: 00ae6f54587248f208f6b6e180c5dcb9 commit: e95413ff93f9f24d287d65591ff5746d277842ec Author: Sven Vermeulen siphos be> AuthorDate: Sun May 6 12:54:24 2012 +0000 Commit: Sven Vermeulen siphos be> CommitDate: Sun May 6 12:54:24 2012 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/hardened-dev.= git;a=3Dcommit;h=3De95413ff Fix bug #414779 --- sys-libs/libselinux/ChangeLog | 353 ++++++++++++++= ++++++ .../files/libselinux-2.1.9-mountsys.patch | 22 ++ sys-libs/libselinux/libselinux-2.1.9-r1.ebuild | 85 +++++ sys-libs/libselinux/metadata.xml | 10 + 4 files changed, 470 insertions(+), 0 deletions(-) diff --git a/sys-libs/libselinux/ChangeLog b/sys-libs/libselinux/ChangeLo= g new file mode 100644 index 0000000..f7e1862 --- /dev/null +++ b/sys-libs/libselinux/ChangeLog @@ -0,0 +1,353 @@ +# ChangeLog for sys-libs/libselinux +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/libselinux/ChangeLog,v 1.78 = 2012/04/29 10:06:56 swift Exp $ + +*libselinux-2.1.9-r1 (06 May 2012) + + 06 May 2012; +libselinux-2.1.9-r1.ebuild, + +files/libselinux-2.1.9-mountsys.patch, +metadata.xml: + Fix bug #414779 + + 29 Apr 2012; libselinux-2.1.9.ebuild: + Stabilization + +*libselinux-2.1.9 (31 Mar 2012) + + 31 Mar 2012; +libselinux-2.1.9.ebuild: + Bump to version 2.1.9 + + 12 Nov 2011; -libselinux-2.0.94.ebuild, + -libselinux-2.0.98.ebuild: + Remove deprecated ebuilds + + 23 Oct 2011; libselinux-2.1.0.ebuild: + Stabilization (tracker #384231) + + 12 Aug 2011; Anthony G. Basile + -libselinux-2.0.71.ebuild, -libselinux-2.0.85.ebuild, + -files/libselinux-2.0.85-headers.patch, -files/compat.py: + Removed deprecated versions + +*libselinux-2.1.0 (03 Aug 2011) + + 03 Aug 2011; Anthony G. Basile + +libselinux-2.1.0.ebuild: + Bump to 20110727 SELinux userspace release + +*libselinux-2.0.98 (15 Jul 2011) + + 15 Jul 2011; Anthony G. Basile + +libselinux-2.0.98.ebuild: + Bump to 2.0.98 - proxy for SwifT + + 28 May 2011; Anthony G. Basile + libselinux-2.0.94.ebuild: + Stable amd64 x86 + + 13 Feb 2011; Anthony G. Basile metadata.xml: + Updated metadata.xml to reflect new selinux herd. + + 06 Feb 2011; Arfrever Frehtes Taifersar Arahesis + libselinux-2.0.94.ebuild: + Add "python" USE flag. + + 05 Feb 2011; Arfrever Frehtes Taifersar Arahesis + libselinux-2.0.94.ebuild: + Set SUPPORT_PYTHON_ABIS (bug #353763). Respect AR and CC. + +*libselinux-2.0.94 (05 Feb 2011) + + 05 Feb 2011; Anthony G. Basile + +libselinux-2.0.94.ebuild: + New upstream release. + + 29 Sep 2010; Mike Frysinger libselinux-2.0.85.ebui= ld, + +files/libselinux-2.0.85-headers.patch: + Fix by Chris Richards for building with glibc-2.12 #338302. + + 16 Apr 2010; Arfrever Frehtes Taifersar Arahesis + libselinux-2.0.71.ebuild, libselinux-2.0.85.ebuild: + Delete calls to deprecated python_version(). + + 02 Aug 2009; Chris PeBenito + libselinux-2.0.71.ebuild, libselinux-2.0.85.ebuild: + Add python_need_rebuild. + +*libselinux-2.0.85 (02 Aug 2009) + + 02 Aug 2009; Chris PeBenito + +libselinux-2.0.85.ebuild: + New upstream release. + + 18 Jul 2009; Chris PeBenito + -libselinux-1.34.14.ebuild, libselinux-2.0.71.ebuild: + Mark stable. Remove old ebuilds. + +*libselinux-2.0.71 (03 Oct 2008) + + 03 Oct 2008; Chris PeBenito + +libselinux-2.0.71.ebuild: + Initial commit of 2.0 libselinux. + + 29 May 2008; Ali Polatel libselinux-1.34.14.ebuil= d: + python_mod_optimize is ROOT aware. Fixed python_mod_cleanup. + + 13 May 2008; Chris PeBenito + -libselinux-1.28-r1.ebuild, -libselinux-1.30.ebuild, + -libselinux-1.34.0.ebuild, -libselinux-1.34.13.ebuild, + libselinux-1.34.14.ebuild: + Mark 1.34.14 stable, clear old ebuilds. + + 11 May 2008; Chris PeBenito + libselinux-1.34.0.ebuild, libselinux-1.34.13.ebuild, + libselinux-1.34.14.ebuild: + Fix bug #221501. + +*libselinux-1.34.14 (29 Jan 2008) + + 29 Jan 2008; Chris PeBenito + +libselinux-1.34.14.ebuild: + New upstream bugfix release. + +*libselinux-1.34.13 (18 Oct 2007) + + 18 Oct 2007; Chris PeBenito + +libselinux-1.34.13.ebuild: + New upstream release. + + 04 Jun 2007; Chris PeBenito + libselinux-1.34.0.ebuild: + Mark stable. + + 16 Feb 2007; Stephen Bennett libselinux-1.34.0.ebuild= : + Add missing swig depend. Bug #167007 + +*libselinux-1.34.0 (15 Feb 2007) + + 15 Feb 2007; Chris PeBenito + +libselinux-1.34.0.ebuild: + New upstream release. + + 23 Oct 2006; Chris PeBenito + libselinux-1.30.29.ebuild: + Fix depend for glibc + + 09 Oct 2006; Chris PeBenito + libselinux-1.30.29.ebuild: + Stable to make repoman happy. + +*libselinux-1.30.29 (05 Oct 2006) + + 05 Oct 2006; Chris PeBenito + +libselinux-1.30.29.ebuild: + Add SVN snapshot. + + 31 Jul 2006; Chris PeBenito libselinux-1.30.ebui= ld: + Mark stable, long overdue. + + 07 Apr 2006; Chris PeBenito libselinux-1.30.ebui= ld: + Split python wrapper compile into a separate emake to ensure the main + library is built before trying to build the wrapper. Fixes bug #129074= . + + 22 Mar 2006; Chris PeBenito -libselinux-1.24.ebu= ild, + -libselinux-1.28.ebuild, libselinux-1.28-r1.ebuild: + Mark 1.28-r1 stable, clean out old ebuilds. + +*libselinux-1.30 (18 Mar 2006) + + 18 Mar 2006; Chris PeBenito +libselinux-1.30.ebu= ild: + New upstream release. + + 22 Feb 2006; Stephen Bennett libselinux-1.28.ebuild: + Alpha stable + +*libselinux-1.28-r1 (20 Feb 2006) + + 20 Feb 2006; Chris PeBenito +files/compat.py, + +libselinux-1.28-r1.ebuild: + Add python-selinux compatability aliases to swig wrapper. + + 19 Feb 2006; Joshua Kinard libselinux-1.28.ebuild: + Marked stable on mips. + + 09 Feb 2006; Chris PeBenito libselinux-1.28.ebui= ld: + Move python_version out of global scope. + + 29 Jan 2006; Chris PeBenito libselinux-1.28.ebui= ld: + Add python version handling to fix #120829, and add -fPIC to LDFLAGS t= o + hopefully fix #119271. + + 17 Jan 2006; Chris PeBenito libselinux-1.28.ebui= ld: + Mark stable, x86, amd64, ppc, sparc. + + 14 Jan 2006; Stephen Bennett libselinux-1.28.ebuild: + Added ~alpha + + 15 Dec 2005; Chris PeBenito libselinux-1.28.ebui= ld: + Tighten up versioning to try to prevent mismatch problems as seen in #= 112348. + +*libselinux-1.28 (09 Dec 2005) + + 09 Dec 2005; Chris PeBenito + -files/libselinux-1.22.diff, -libselinux-1.22-r1.ebuild, + +libselinux-1.28.ebuild: + New upstream release. + + 09 Sep 2005; Chris PeBenito libselinux-1.24.ebui= ld: + Mark stable. + +*libselinux-1.24 (25 Jun 2005) + + 25 Jun 2005; Chris PeBenito -libselinux-1.20.ebu= ild, + -libselinux-1.22.ebuild, +libselinux-1.24.ebuild: + New upstream release. + + 13 May 2005; Chris PeBenito + libselinux-1.22-r1.ebuild: + Mark stable. + + 10 May 2005; Stephen Bennett libselinux-1.22.ebuild: + mips stable + +*libselinux-1.22-r1 (08 May 2005) + + 08 May 2005; Chris PeBenito + +files/libselinux-1.22.diff, +libselinux-1.22-r1.ebuild: + A couple fixes, including one for bug #91921. + + 01 May 2005; Stephen Bennett libselinux-1.22.ebuild: + Mark ~mips. + + 01 May 2005; Chris PeBenito libselinux-1.22.ebui= ld: + Mark stable. + +*libselinux-1.22 (13 Mar 2005) + + 13 Mar 2005; Chris PeBenito +libselinux-1.22.ebu= ild: + New upstream release. + + 13 Feb 2005; Chris PeBenito libselinux-1.20.ebui= ld: + Mark stable. + +*libselinux-1.20 (07 Jan 2005) + + 07 Jan 2005; Chris PeBenito libselinux-1.18.ebui= ld, + +libselinux-1.20.ebuild: + New upstream release. Mark 1.18 stable. + + 03 Jan 2005; Chris PeBenito libselinux-1.16.ebui= ld, + libselinux-1.18.ebuild: + Switch to libc virtual for DEP since uclibc now has xattr support. + +*libselinux-1.18 (14 Nov 2004) + + 14 Nov 2004; Chris PeBenito + +files/selinuxconfig.c.diff, +libselinux-1.18.ebuild: + New upstream release. + +*libselinux-1.16 (07 Sep 2004) + + 07 Sep 2004; Chris PeBenito +libselinux-1.16.ebu= ild: + New upstream release. + +*libselinux-1.14 (02 Jul 2004) + + 02 Jul 2004; Chris PeBenito +libselinux-1.14.ebu= ild: + New upstream version. + + 11 Jun 2004; Chris PeBenito -libselinux-1.10.ebu= ild, + libselinux-1.12.ebuild: + Mark stable + +*libselinux-1.12 (14 May 2004) + + 14 May 2004; Chris PeBenito +libselinux-1.12.ebu= ild: + New upstream release. + +*libselinux-1.10 (17 Apr 2004) + + 17 Apr 2004; Chris PeBenito +libselinux-1.10.ebu= ild: + New upstream version. + + 08 Apr 2004; Chris PeBenito libselinux-1.8.ebuil= d: + Mark stable for 2004.1 + +*libselinux-1.8 (12 Mar 2004) + + 12 Mar 2004; Chris PeBenito libselinux-1.8.ebuil= d: + New upstream release. + +*libselinux-1.6 (24 Feb 2004) + + 24 Feb 2004; Chris PeBenito libselinux-1.6.ebuil= d: + New upstream release. + + 16 Dec 2003; Chris PeBenito libselinux-1.4.ebuil= d: + Mark stable. + +*libselinux-1.4 (06 Dec 2003) + + 06 Dec 2003; Chris PeBenito libselinux-1.4.ebuil= d: + New upstream version. + + 29 Oct 2003; Joshua Brindle libselinux-1.2-r2.ebui= ld: + added sparc + +*libselinux-1.2-r2 (20 Oct 2003) + + 20 Oct 2003; Chris PeBenito libselinux-1.2-r2.eb= uild, + files/libselinux-1.2-attr.diff: + Compile against sys-apps/attr only if linux-headers are older than 2.4= .20. + +*libselinux-1.2-r1 (07 Oct 2003) + + 07 Oct 2003; Chris PeBenito libselinux-1.2-r1.eb= uild, + files/libselinux-1.2-gentoo.diff: + Move libraries to /lib, to fix problems with having a separate /usr du= ring + booting. + +*libselinux-1.2 (03 Oct 2003) + + 03 Oct 2003; Chris PeBenito libselinux-1.2.ebuil= d, + files/libselinux-1.2-const.diff: + New upstream version. + + 22 Sep 2003; metadata.xml: + Fix metadata.xml + + 21 Aug 2003; Chris PeBenito libselinux-1.1-r1.eb= uild: + Add a dep for portage. The newer versions have labelling support for t= he old + API. + + 18 Aug 2003; Chris PeBenito libselinux-1.1-r1.eb= uild, + metadata.xml: + Fix license, this is public-domain, not GPL-2. Use package description= in RPM + spec file as metadata.xml long description. + + 15 Aug 2003; Chris PeBenito libselinux-1.0.ebuil= d, + libselinux-1.1-r1.ebuild, files/libselinux-1.0-gentoo.diff: + Mark stable + +*libselinux-1.1-r1 (14 Aug 2003) + + 14 Aug 2003; Chris PeBenito libselinux-1.1-r1.eb= uild, + libselinux-1.1.ebuild, files/libselinux-1.1-linkfix.diff: + Add fix for a random linking problem that causes libselinux to work + incorrectly. + +*libselinux-1.1 (14 Aug 2003) + + 14 Aug 2003; Chris PeBenito libselinux-1.1.ebuil= d, + files/libselinux-1.1-gentoo.diff: + New upstream version + + 04 Aug 2003; Chris PeBenito + files/libselinux-1.0-gentoo.diff: + Add on a NSA nullbyte patch to the gentoo patch + +*libselinux-1.0 (03 Aug 2003) + + 03 Aug 2003; Chris PeBenito libselinux-1.0.ebuil= d, + metadata.xml, files/libselinux-1.0-gentoo.diff: + Initial commit + diff --git a/sys-libs/libselinux/files/libselinux-2.1.9-mountsys.patch b/= sys-libs/libselinux/files/libselinux-2.1.9-mountsys.patch new file mode 100644 index 0000000..f2a206d --- /dev/null +++ b/sys-libs/libselinux/files/libselinux-2.1.9-mountsys.patch @@ -0,0 +1,22 @@ +diff -ur libselinux-2.1.9.orig/src/load_policy.c libselinux-2.1.9/src/lo= ad_policy.c +--- libselinux-2.1.9.orig/src/load_policy.c 2012-05-05 10:33:06.13071928= 2 +0200 ++++ libselinux-2.1.9/src/load_policy.c 2012-05-05 10:43:45.024720646 +02= 00 +@@ -370,8 +370,16 @@ + * mount it if present for use in the calls below. =20 + */ + char *mntpoint =3D NULL; +- if (mount(SELINUXFS, SELINUXMNT, SELINUXFS, 0, 0) =3D=3D 0 || errno =3D= =3D EBUSY) { +- mntpoint =3D SELINUXMNT; ++ /* First make sure /sys is mounted */ ++ if (mount("sysfs", "/sys", "sysfs", 0, 0) =3D=3D 0 || errno =3D=3D EBU= SY) { ++ if (mount(SELINUXFS, SELINUXMNT, SELINUXFS, 0, 0) =3D=3D 0 || errno =3D= =3D EBUSY) { ++ mntpoint =3D SELINUXMNT; ++ } else { ++ /* check old mountpoint */ ++ if (mount(SELINUXFS, OLDSELINUXMNT, SELINUXFS, 0, 0) =3D=3D 0 || err= no =3D=3D EBUSY) { ++ mntpoint =3D OLDSELINUXMNT; ++ } ++ } + } else { + /* check old mountpoint */ + if (mount(SELINUXFS, OLDSELINUXMNT, SELINUXFS, 0, 0) =3D=3D 0 || errn= o =3D=3D EBUSY) { diff --git a/sys-libs/libselinux/libselinux-2.1.9-r1.ebuild b/sys-libs/li= bselinux/libselinux-2.1.9-r1.ebuild new file mode 100644 index 0000000..79e06e2 --- /dev/null +++ b/sys-libs/libselinux/libselinux-2.1.9-r1.ebuild @@ -0,0 +1,85 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/libselinux/libselinux-2.1.9.= ebuild,v 1.2 2012/04/29 10:06:56 swift Exp $ + +EAPI=3D"4" +PYTHON_DEPEND=3D"python? *" +SUPPORT_PYTHON_ABIS=3D"1" +RESTRICT_PYTHON_ABIS=3D"*-jython" + +inherit multilib python toolchain-funcs eutils + +SEPOL_VER=3D"2.1.4" + +DESCRIPTION=3D"SELinux userland library" +HOMEPAGE=3D"http://userspace.selinuxproject.org" +SRC_URI=3D"http://userspace.selinuxproject.org/releases/20120216/${P}.ta= r.gz" + +LICENSE=3D"public-domain" +SLOT=3D"0" +KEYWORDS=3D"~amd64 ~x86" +IUSE=3D"python ruby" + +RDEPEND=3D">=3Dsys-libs/libsepol-${SEPOL_VER} + ruby? ( dev-lang/ruby )" +DEPEND=3D"${RDEPEND} + ruby? ( dev-lang/swig ) + python? ( dev-lang/swig )" + +pkg_setup() { + if use python; then + python_pkg_setup + fi +} + +src_prepare() { + # fix up paths for multilib + sed -i -e "/^LIBDIR/s/lib/$(get_libdir)/" "${S}/src/Makefile" \ + || die "Fix for multilib LIBDIR failed." + sed -i -e "/^SHLIBDIR/s/lib/$(get_libdir)/" "${S}/src/Makefile" \ + || die "Fix for multilib SHLIBDIR failed." + epatch "${FILESDIR}/${P}-mountsys.patch" +} + +src_compile() { + emake AR=3D"$(tc-getAR)" CC=3D"$(tc-getCC)" LDFLAGS=3D"-fPIC ${LDFLAGS}= " all || die + + if use python; then + python_copy_sources src + building() { + emake CC=3D"$(tc-getCC)" PYLIBVER=3D"python$(python_get_version)" PYP= REFIX=3D"python-$(python_get_version)" LDFLAGS=3D"-fPIC ${LDFLAGS}" pywra= p + } + python_execute_function -s --source-dir src building + fi + + if use ruby; then + emake CC=3D"$(tc-getCC)" rubywrap || die + fi +} + +src_install() { + emake DESTDIR=3D"${D}" install || die + + if use python; then + installation() { + emake DESTDIR=3D"${D}" PYLIBVER=3D"python$(python_get_version)" PYPRE= FIX=3D"python-$(python_get_version)" install-pywrap + } + python_execute_function -s --source-dir src installation + fi + + if use ruby; then + emake DESTDIR=3D"${D}" install-rubywrap || die + fi +} + +pkg_postinst() { + if use python; then + python_mod_optimize selinux + fi +} + +pkg_postrm() { + if use python; then + python_mod_cleanup selinux + fi +} diff --git a/sys-libs/libselinux/metadata.xml b/sys-libs/libselinux/metad= ata.xml new file mode 100644 index 0000000..0c7f186 --- /dev/null +++ b/sys-libs/libselinux/metadata.xml @@ -0,0 +1,10 @@ + + + + selinux + + Libselinux provides an API for SELinux applications to get and set + process and file security contexts and to obtain security policy + decisions. Required for any applications that use the SELinux API. + +