1 # Copyright 1999-2019 Gentoo Authors
2 # Distributed under the terms of the GNU General Public License v2
5 PYTHON_COMPAT=( python{2_7,3_5,3_6} )
7 inherit multilib python-r1 toolchain-funcs multilib-minimal
10 MY_RELEASEDATE="20170804"
15 DESCRIPTION="SELinux kernel and policy management library"
16 HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
18 if [[ ${PV} == 9999 ]]; then
20 EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
21 S="${WORKDIR}/${MY_P}/${PN}"
23 SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz"
24 KEYWORDS="amd64 ~arm ~arm64 ~mips x86"
25 S="${WORKDIR}/${MY_P}"
31 REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
33 RDEPEND=">=sys-libs/libsepol-${SEPOL_VER}[${MULTILIB_USEDEP}]
34 >=sys-libs/libselinux-${SELNX_VER}[${MULTILIB_USEDEP}]
35 >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}]
36 >=dev-libs/ustr-1.0.4-r2[${MULTILIB_USEDEP}]
37 python? ( ${PYTHON_DEPS} )"
42 >=dev-lang/swig-2.0.4-r1
46 # tests are not meant to be run outside of the
47 # full SELinux userland repo
51 echo "# Set this to true to save the linked policy." >> "${S}/src/semanage.conf"
52 echo "# This is normally only useful for analysis" >> "${S}/src/semanage.conf"
53 echo "# or debugging of policy." >> "${S}/src/semanage.conf"
54 echo "save-linked=false" >> "${S}/src/semanage.conf"
55 echo >> "${S}/src/semanage.conf"
56 echo "# Set this to 0 to disable assertion checking." >> "${S}/src/semanage.conf"
57 echo "# This should speed up building the kernel policy" >> "${S}/src/semanage.conf"
58 echo "# from policy modules, but may leave you open to" >> "${S}/src/semanage.conf"
59 echo "# dangerous rules which assertion checking" >> "${S}/src/semanage.conf"
60 echo "# would catch." >> "${S}/src/semanage.conf"
61 echo "expand-check=1" >> "${S}/src/semanage.conf"
62 echo >> "${S}/src/semanage.conf"
63 echo "# Modules in the module store can be compressed" >> "${S}/src/semanage.conf"
64 echo "# with bzip2. Set this to the bzip2 blocksize" >> "${S}/src/semanage.conf"
65 echo "# 1-9 when compressing. The higher the number," >> "${S}/src/semanage.conf"
66 echo "# the more memory is traded off for disk space." >> "${S}/src/semanage.conf"
67 echo "# Set to 0 to disable bzip2 compression." >> "${S}/src/semanage.conf"
68 echo "bzip-blocksize=0" >> "${S}/src/semanage.conf"
69 echo >> "${S}/src/semanage.conf"
70 echo "# Reduce memory usage for bzip2 compression and" >> "${S}/src/semanage.conf"
71 echo "# decompression of modules in the module store." >> "${S}/src/semanage.conf"
72 echo "bzip-small=true" >> "${S}/src/semanage.conf"
79 multilib_src_compile() {
83 LIBDIR="${EPREFIX}/usr/$(get_libdir)" \
86 if multilib_is_native_abi && use python; then
91 LIBDIR="${EPREFIX}/usr/$(get_libdir)" \
94 python_foreach_impl building_py swigify
95 python_foreach_impl building_py pywrap
99 multilib_src_install() {
101 LIBDIR="${ED}/usr/$(get_libdir)" \
102 SHLIBDIR="${ED}/usr/$(get_libdir)" \
103 DESTDIR="${ED}" install
105 if multilib_is_native_abi && use python; then
107 emake DESTDIR="${ED}" \
108 LIBDIR="${ED}/usr/$(get_libdir)" \
109 SHLIBDIR="${ED}/usr/$(get_libdir)" \
110 LIBSEPOLA="${EPREFIX%/}/usr/$(get_libdir)/libsepol.a" \
112 python_optimize # bug 531638
114 python_foreach_impl installation_py
119 # Migrate the SELinux semanage configuration store if not done already
120 local selinuxtype=$(awk -F'=' '/SELINUXTYPE=/ {print $2}' "${EROOT}"/etc/selinux/config 2>/dev/null)
121 if [ -n "${selinuxtype}" ] && [ ! -d "${EROOT}"/var/lib/selinux/${mcs}/active ] ; then
122 ewarn "Since the 2.4 SELinux userspace, the policy module store is moved"
123 ewarn "from /etc/selinux to /var/lib/selinux. The migration will be run now."
124 ewarn "If there are any issues, it can be done manually by running:"
125 ewarn "/usr/libexec/selinux/semanage_migrate_store"
126 ewarn "For more information, please see"
127 ewarn "- https://github.com/SELinuxProject/selinux/wiki/Policy-Store-Migration"
130 # Run the store migration without rebuilds
131 for POLICY_TYPE in ${POLICY_TYPES} ; do
132 if [ ! -d "${EROOT}/var/lib/selinux/${POLICY_TYPE}/active" ] ; then
133 einfo "Migrating store ${POLICY_TYPE} (without policy rebuild)."
134 /usr/libexec/selinux/semanage_migrate_store -n -s "${POLICY_TYPE}" || die "Failed to migrate store ${POLICY_TYPE}"