sys-apps/policycoreutils/policycoreutils-3.0.ebuild

   1 # Copyright 1999-2020 Gentoo Authors
   2 # Distributed under the terms of the GNU General Public License v2
   3
   4 EAPI="6"
   5 PYTHON_COMPAT=( python{3_6,3_7} )
   6 PYTHON_REQ_USE="xml"
   7
   8 inherit multilib python-r1 toolchain-funcs bash-completion-r1
   9
  10 MY_P="${P//_/-}"
  11
  12 MY_RELEASEDATE="20191204"
  13 EXTRAS_VER="1.36"
  14 SEMNG_VER="${PV}"
  15 SELNX_VER="${PV}"
  16 SEPOL_VER="${PV}"
  17
  18 IUSE="audit dbus pam split-usr"
  19 REQUIRED_USE="${PYTHON_REQUIRED_USE}"
  20
  21 DESCRIPTION="SELinux core utilities"
  22 HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
  23
  24 if [[ ${PV} == 9999 ]]; then
  25         inherit git-r3
  26         EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
  27         SRC_URI="https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
  28         S1="${WORKDIR}/${MY_P}/${PN}"
  29         S2="${WORKDIR}/policycoreutils-extra"
  30         S="${S1}"
  31 else
  32         SRC_URI="https://github.com/SELinuxProject/selinux/releases/download/${MY_RELEASEDATE}/${MY_P}.tar.gz
  33                 https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
  34         KEYWORDS="amd64 ~arm64 ~mips x86"
  35         S1="${WORKDIR}/${MY_P}"
  36         S2="${WORKDIR}/policycoreutils-extra"
  37         S="${S1}"
  38 fi
  39
  40 LICENSE="GPL-2"
  41 SLOT="0"
  42
  43 DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}]
  44         >=sys-libs/libcap-1.10-r10:=
  45         >=sys-libs/libsemanage-${SEMNG_VER}:=[python,${PYTHON_USEDEP}]
  46         sys-libs/libcap-ng:=
  47         >=sys-libs/libsepol-${SEPOL_VER}:=
  48         >=app-admin/setools-4.2.0[${PYTHON_USEDEP}]
  49         sys-devel/gettext
  50         dev-python/ipy[${PYTHON_USEDEP}]
  51         dbus? (
  52                 sys-apps/dbus
  53                 dev-libs/dbus-glib:=
  54         )
  55         audit? ( >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}] )
  56         pam? ( sys-libs/pam:= )
  57         ${PYTHON_DEPS}"
  58
  59 ### libcgroup -> seunshare
  60 ### dbus -> restorecond
  61
  62 # pax-utils for scanelf used by rlpkg
  63 RDEPEND="${DEPEND}
  64         app-misc/pax-utils"
  65
  66 PDEPEND="sys-apps/semodule-utils
  67         sys-apps/selinux-python"
  68
  69 src_unpack() {
  70         # Override default one because we need the SRC_URI ones even in case of 9999 ebuilds
  71         default
  72         if [[ ${PV} == 9999 ]] ; then
  73                 git-r3_src_unpack
  74         fi
  75 }
  76
  77 src_prepare() {
  78         S="${S1}"
  79         cd "${S}" || die "Failed to switch to ${S}"
  80         if [[ ${PV} != 9999 ]] ; then
  81                 # If needed for live ebuilds please use /etc/portage/patches
  82                 eapply "${FILESDIR}/policycoreutils-2.7-0001-newrole-not-suid.patch"
  83         fi
  84
  85         # rlpkg is more useful than fixfiles
  86         sed -i -e '/^all/s/fixfiles//' "${S}/scripts/Makefile" \
  87                 || die "fixfiles sed 1 failed"
  88         sed -i -e '/fixfiles/d' "${S}/scripts/Makefile" \
  89                 || die "fixfiles sed 2 failed"
  90
  91         eapply_user
  92
  93         sed -i 's/-Werror//g' "${S1}"/*/Makefile || die "Failed to remove Werror"
  94
  95         python_copy_sources
  96         # Our extra code is outside the regular directory, so set it to the extra
  97         # directory. We really should optimize this as it is ugly, but the extra
  98         # code is needed for Gentoo at the same time that policycoreutils is present
  99         # (so we cannot use an additional package for now).
 100         S="${S2}"
 101         python_copy_sources
 102 }
 103
 104 src_compile() {
 105         building() {
 106                 emake -C "${BUILD_DIR}" \
 107                         AUDIT_LOG_PRIVS="y" \
 108                         AUDITH="$(usex audit y n)" \
 109                         PAMH="$(usex pam y n)" \
 110                         INOTIFYH="$(usex dbus y n)" \
 111                         SESANDBOX="n" \
 112                         CC="$(tc-getCC)" \
 113                         LIBDIR="\$(PREFIX)/$(get_libdir)"
 114         }
 115         S="${S1}" # Regular policycoreutils
 116         python_foreach_impl building
 117         S="${S2}" # Extra set
 118         python_foreach_impl building
 119 }
 120
 121 src_install() {
 122         # Python scripts are present in many places. There are no extension modules.
 123         installation-policycoreutils() {
 124                 einfo "Installing policycoreutils"
 125                 emake -C "${BUILD_DIR}" DESTDIR="${D}" \
 126                         AUDIT_LOG_PRIVS="y" \
 127                         AUDITH="$(usex audit y n)" \
 128                         PAMH="$(usex pam y n)" \
 129                         INOTIFYH="$(usex dbus y n)" \
 130                         SESANDBOX="n" \
 131                         CC="$(tc-getCC)" \
 132                         LIBDIR="\$(PREFIX)/$(get_libdir)" \
 133                         install
 134                 python_optimize
 135         }
 136
 137         installation-extras() {
 138                 einfo "Installing policycoreutils-extra"
 139                 emake -C "${BUILD_DIR}" \
 140                         DESTDIR="${D}" \
 141                         install
 142                 python_optimize
 143         }
 144
 145         S="${S1}" # policycoreutils
 146         python_foreach_impl installation-policycoreutils
 147         S="${S2}" # extras
 148         python_foreach_impl installation-extras
 149         S="${S1}" # back for later
 150
 151         # remove redhat-style init script
 152         rm -fR "${D}/etc/rc.d" || die
 153
 154         # compatibility symlinks
 155         use split-usr && dosym ../../sbin/setfiles /usr/sbin/setfiles
 156
 157         bashcomp_alias setsebool getsebool
 158
 159         # location for policy definitions
 160         dodir /var/lib/selinux
 161         keepdir /var/lib/selinux
 162
 163         # Set version-specific scripts
 164         for pyscript in rlpkg; do
 165           python_replicate_script "${ED}/usr/sbin/${pyscript}"
 166         done
 167 }
 168
 169 pkg_postinst() {
 170         for POLICY_TYPE in ${POLICY_TYPES} ; do
 171                 # There have been some changes to the policy store, rebuilding now.
 172                 # https://marc.info/?l=selinux&m=143757277819717&w=2
 173                 einfo "Rebuilding store ${POLICY_TYPE} (without re-loading)."
 174                 semodule -s "${POLICY_TYPE}" -n -B || die "Failed to rebuild policy store ${POLICY_TYPE}"
 175         done
 176 }