blob: 7ef58a30006a2c5d5dfdd780f432725ca0b07481 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/policycoreutils-1.24.ebuild,v 1.1 2005/06/25 23:43:25 pebenito Exp $
IUSE="build nls pam"
inherit eutils
EXTRAS_VER="1.12"
SEPOL_VER="1.4"
DESCRIPTION="SELinux core utilities"
HOMEPAGE="http://www.nsa.gov/selinux"
SRC_URI="http://www.nsa.gov/selinux/archives/${P}.tgz
mirror://gentoo/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~x86 ~ppc ~sparc ~amd64"
RDEPEND=">=sys-libs/libselinux-${PV}
!build? ( pam? ( sys-libs/pam ) >=sys-libs/libsepol-${SEPOL_VER} )
build? ( sys-apps/baselayout )"
DEPEND="${RDEPEND}
!build? ( nls? ( sys-devel/gettext ) )"
S2=${WORKDIR}/policycoreutils-extra
throw_pam_warning() {
# this is an extremely important message that needs to be seen
# thus it being shown at the beginning and end of the ebuild
if ! useq pam; then
eerror "PAM is disabled. This is not a supported config for"
eerror "general use. Disabling PAM decreases security with"
eerror "respect to SELinux protection of authentication."
eerror "It also requires policy changes."
ebeep 4
epause 4
fi
}
pkg_setup() {
throw_pam_warning
}
src_unpack() {
unpack ${A}
cd ${S}
epatch ${FILESDIR}/policycoreutils-1.24-genhomedircon-quiet.diff
# This warning makes no sense, in this context
sed -i -e '/FILE/ s/;/=NULL;/' ${S}/audit2why/audit2why.c \
|| die "audit2why sed failed"
# fixfiles is extremely dangerous
sed -i -e '/^all/s/fixfiles//' ${S}/scripts/Makefile \
|| die "fixfiles sed 1 failed"
sed -i -e '/fixfiles/d' ${S}/scripts/Makefile \
|| die "fixfiles sed 2 failed"
if ! useq pam; then
# disable pam
sed -i -e s/-lpam/-lcrypt/ -e s/-lpam_misc// -e s/-DUSE_PAM// \
${S}/run_init/Makefile || die "PAM sed 1 failed"
sed -i -e s/-lpam/-lcrypt/ -e s/-lpam_misc// -e s/-DUSE_PAM// \
${S}/newrole/Makefile || die "PAM sed 2 failed"
sed -i -e s/-lpam/-lcrypt/ -e s/-lpam_misc// -e s/-DUSE_PAM// \
${S2}/src/Makefile || die "PAM sed 3 failed"
fi
if ! useq nls; then
# disable locale stuff
sed -i -e s/-DUSE_NLS// ${S}/run_init/Makefile \
|| die "NLS sed 1 failed"
sed -i -e s/-DUSE_NLS// ${S}/newrole/Makefile \
|| die "NLS sed 2 failed"
sed -i -e s/-DUSE_NLS// ${S}/load_policy/Makefile \
|| die "NLS sed 3 failed"
sed -i -e 's/ po //' ${S}/Makefile \
|| die "NLS sed 4 failed"
fi
# fix up to accept Gentoo CFLAGS
local SUBDIRS="`cd ${S} && find -type d | cut -d/ -f2`"
for i in ${SUBDIRS}; do
sed -i -e "s:-Wall:-Wall ${CFLAGS}:g" ${S}/${i}/Makefile \
|| die "${i} Makefile CFLAGS fix failed."
done
}
src_compile() {
if useq build; then
einfo "Compiling setfiles"
emake -C ${S}/setfiles || die
else
einfo "Compiling policycoreutils"
emake -C ${S} || die
einfo "Compiling policycoreutils-extra"
emake -C ${S2} || die
fi
}
src_install() {
if useq build; then
dosbin ${S}/setfiles/setfiles
else
einfo "Installing policycoreutils"
make DESTDIR="${D}" -C ${S} install || die
einfo "Installing policycoreutils-extra"
make DESTDIR="${D}" -C ${S2} install || die
fi
useq pam || rm -fR ${D}/etc/pam.d
}
pkg_postinst() {
if useq build; then
# need to ensure these
mkdir -p ${ROOT}/selinux
touch ${ROOT}/selinux/.keep
mkdir -p ${ROOT}/sys
touch ${ROOT}/sys/.keep
mkdir -p ${ROOT}/dev/pts
touch ${ROOT}/dev/pts/.keep
chmod 0666 ${ROOT}/dev/{ptmx,tty}
fi
throw_pam_warning
}
|