1 # Copyright 1999-2020 Gentoo Authors
2 # Distributed under the terms of the GNU General Public License v2
5 PYTHON_COMPAT=( python{3_6,3_7} )
8 inherit multilib python-r1 toolchain-funcs bash-completion-r1
12 MY_RELEASEDATE="20191204"
18 IUSE="audit dbus pam split-usr"
19 REQUIRED_USE="${PYTHON_REQUIRED_USE}"
21 DESCRIPTION="SELinux core utilities"
22 HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
24 if [[ ${PV} == 9999 ]]; then
26 EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
27 SRC_URI="https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
28 S1="${WORKDIR}/${MY_P}/${PN}"
29 S2="${WORKDIR}/policycoreutils-extra"
32 SRC_URI="https://github.com/SELinuxProject/selinux/releases/download/${MY_RELEASEDATE}/${MY_P}.tar.gz
33 https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
34 KEYWORDS="amd64 ~arm64 ~mips x86"
35 S1="${WORKDIR}/${MY_P}"
36 S2="${WORKDIR}/policycoreutils-extra"
43 DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}]
44 >=sys-libs/libcap-1.10-r10:=
45 >=sys-libs/libsemanage-${SEMNG_VER}:=[python,${PYTHON_USEDEP}]
47 >=sys-libs/libsepol-${SEPOL_VER}:=
48 >=app-admin/setools-4.2.0[${PYTHON_USEDEP}]
50 dev-python/ipy[${PYTHON_USEDEP}]
55 audit? ( >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}] )
56 pam? ( sys-libs/pam:= )
59 ### libcgroup -> seunshare
60 ### dbus -> restorecond
62 # pax-utils for scanelf used by rlpkg
66 PDEPEND="sys-apps/semodule-utils
67 sys-apps/selinux-python"
70 # Override default one because we need the SRC_URI ones even in case of 9999 ebuilds
72 if [[ ${PV} == 9999 ]] ; then
79 cd "${S}" || die "Failed to switch to ${S}"
80 if [[ ${PV} != 9999 ]] ; then
81 # If needed for live ebuilds please use /etc/portage/patches
82 eapply "${FILESDIR}/policycoreutils-2.7-0001-newrole-not-suid.patch"
85 # rlpkg is more useful than fixfiles
86 sed -i -e '/^all/s/fixfiles//' "${S}/scripts/Makefile" \
87 || die "fixfiles sed 1 failed"
88 sed -i -e '/fixfiles/d' "${S}/scripts/Makefile" \
89 || die "fixfiles sed 2 failed"
93 sed -i 's/-Werror//g' "${S1}"/*/Makefile || die "Failed to remove Werror"
96 # Our extra code is outside the regular directory, so set it to the extra
97 # directory. We really should optimize this as it is ugly, but the extra
98 # code is needed for Gentoo at the same time that policycoreutils is present
99 # (so we cannot use an additional package for now).
106 emake -C "${BUILD_DIR}" \
107 AUDIT_LOG_PRIVS="y" \
108 AUDITH="$(usex audit y n)" \
109 PAMH="$(usex pam y n)" \
110 INOTIFYH="$(usex dbus y n)" \
113 LIBDIR="\$(PREFIX)/$(get_libdir)"
115 S="${S1}" # Regular policycoreutils
116 python_foreach_impl building
117 S="${S2}" # Extra set
118 python_foreach_impl building
122 # Python scripts are present in many places. There are no extension modules.
123 installation-policycoreutils() {
124 einfo "Installing policycoreutils"
125 emake -C "${BUILD_DIR}" DESTDIR="${D}" \
126 AUDIT_LOG_PRIVS="y" \
127 AUDITH="$(usex audit y n)" \
128 PAMH="$(usex pam y n)" \
129 INOTIFYH="$(usex dbus y n)" \
132 LIBDIR="\$(PREFIX)/$(get_libdir)" \
137 installation-extras() {
138 einfo "Installing policycoreutils-extra"
139 emake -C "${BUILD_DIR}" \
145 S="${S1}" # policycoreutils
146 python_foreach_impl installation-policycoreutils
148 python_foreach_impl installation-extras
149 S="${S1}" # back for later
151 # remove redhat-style init script
152 rm -fR "${D}/etc/rc.d" || die
154 # compatibility symlinks
155 use split-usr && dosym ../../sbin/setfiles /usr/sbin/setfiles
157 bashcomp_alias setsebool getsebool
159 # location for policy definitions
160 dodir /var/lib/selinux
161 keepdir /var/lib/selinux
163 # Set version-specific scripts
164 for pyscript in rlpkg; do
165 python_replicate_script "${ED}/usr/sbin/${pyscript}"
170 for POLICY_TYPE in ${POLICY_TYPES} ; do
171 # There have been some changes to the policy store, rebuilding now.
172 # https://marc.info/?l=selinux&m=143757277819717&w=2
173 einfo "Rebuilding store ${POLICY_TYPE} (without re-loading)."
174 semodule -s "${POLICY_TYPE}" -n -B || die "Failed to rebuild policy store ${POLICY_TYPE}"