diff options
| author |   Chris PeBenito <pebenito@gentoo.org> | 2004-04-08 19:16:54 +0000 |
|---|---|---|
| committer | Chris PeBenito <pebenito@gentoo.org> | 2004-04-08 19:16:54 +0000 |
| commit | dfa7db1fb7315f13201ff107fb17b8e6436ab379 (patch) | |
| tree | 1e297e32e89bdfc0aed619375f75b390b2ebf62b /sec-policy | |
| parent | set required base-policy version (diff) | |
| download | historical-dfa7db1fb7315f13201ff107fb17b8e6436ab379.tar.gz historical-dfa7db1fb7315f13201ff107fb17b8e6436ab379.tar.bz2 historical-dfa7db1fb7315f13201ff107fb17b8e6436ab379.zip | |
new release for 2004.1
Diffstat (limited to 'sec-policy')
4 files changed, 101 insertions, 2 deletions
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog index 06453f1be6d4..745d408f6dfd 100644 --- a/sec-policy/selinux-base-policy/ChangeLog +++ b/sec-policy/selinux-base-policy/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for sec-policy/selinux-base-policy # Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.17 2004/02/28 20:22:46 pebenito Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.18 2004/04/08 19:16:54 pebenito Exp $ + +*selinux-base-policy-20040408 (08 Apr 2004) + + 08 Apr 2004; Chris PeBenito <pebenito@gentoo.org> + selinux-base-policy-20040408.ebuild: + New update. Users.fc is now deprecated, as the contexts for user directories + is now automatically generated. Portage fetching of distfiles now has a + subdomain, for dropping priviledges. 28 Feb 2004; Chris PeBenito <pebenito@gentoo.org> selinux-base-policy-20040225.ebuild: diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index ffb7009c3873..0c90f40035ae 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -1,4 +1,6 @@ MD5 2b9a3f12ac151d0b4c71816e637589b9 selinux-base-policy-20040225.ebuild 2199 -MD5 8967ecd81105db81d50f1312e9790e3a ChangeLog 6077 +MD5 3dea786efc35e47c1373c7da9420b1dd selinux-base-policy-20040408.ebuild 2705 +MD5 4c3abdbcbd398af341778c856db916be ChangeLog 6406 MD5 808b5f7f5d6654666e9193672d463229 metadata.xml 473 MD5 7afea4eea1a3c5611ca773551fbd1bb5 files/digest-selinux-base-policy-20040225 80 +MD5 c3ac660f2c1daaf6c0148135f502f669 files/digest-selinux-base-policy-20040408 80 diff --git a/sec-policy/selinux-base-policy/files/digest-selinux-base-policy-20040408 b/sec-policy/selinux-base-policy/files/digest-selinux-base-policy-20040408 new file mode 100644 index 000000000000..9112f0a01db0 --- /dev/null +++ b/sec-policy/selinux-base-policy/files/digest-selinux-base-policy-20040408 @@ -0,0 +1 @@ +MD5 466adfa1869ae0c3d7127d9ee62df5da selinux-base-policy-20040408.tar.bz2 65040 diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-20040408.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-20040408.ebuild new file mode 100644 index 000000000000..6f97241edcb9 --- /dev/null +++ b/sec-policy/selinux-base-policy/selinux-base-policy-20040408.ebuild @@ -0,0 +1,88 @@ +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-20040408.ebuild,v 1.1 2004/04/08 19:16:54 pebenito Exp $ + +IUSE="build" + +inherit eutils + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +SRC_URI="mirror://gentoo/${P}.tar.bz2" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="x86 ppc sparc" +DEPEND="build? ( sys-devel/make + sys-devel/m4 )" +RDEPEND="sys-devel/m4 + sys-devel/make + !build? ( >=sys-libs/pam-0.77 )" + +S=${WORKDIR}/base-policy + +[ -z ${POLICYDIR} ] && POLICYDIR="/etc/security/selinux/src/policy" + +# deprecated policies: +DEPRECATED="domains/program/devfsd.te domains/program/opt.te + file_contexts/program/devfsd.fc file_contexts/program/opt.fc + file_contexts/users.fc" + +src_install() { + if use build; then + # generate a file_contexts + dodir ${POLICYDIR}/file_contexts + einfo "Ignore the checkpolicy error on the next line." + make -C ${S} \ + FC=${D}/${POLICYDIR}/file_contexts/file_contexts \ + ${D}/${POLICYDIR}/file_contexts/file_contexts + + [ ! -f ${D}/${POLICYDIR}/file_contexts/file_contexts ] && \ + die "file_contexts was not generated." + else + # install full policy + dodir /etc/security/selinux/src + + insinto /etc/security + doins ${S}/appconfig/* + + cp -a ${S} ${D}/${POLICYDIR} + rm -fR ${D}/${POLICYDIR}/appconfig + fi +} + +pkg_postinst() { + local isdeprecated + echo + einfo "This is the base policy for SELinux on Gentoo. This policy" + einfo "package only covers the applications in the system profile." + einfo "More policy may need to be added according to your requirements." + echo + eerror "It is STRONGLY suggested that you evaluate and merge the" + eerror "policy changes. If any of the file contexts (*.fc) have" + eerror "changed, you should also relabel." + echo + ewarn "Please check the Changelog, there may be important information." + echo + echo + + einfo "Checking for deprecated policy..." + for i in $DEPRECATED; do + if [ -f "${POLICYDIR}/${i}" ]; then + eerror "${POLICYDIR}/${i}" + isdeprecated="y" + fi + done + [ "${isdeprecated}" ] && \ + eerror "The above policy file(s) should be removed if possible." || \ + einfo "None found." + + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + sleep 4 +} |