Bumping to revision 8

Package-Manager: portage-2.1.11.31/cvs/Linux x86_64
Manifest-Sign-Key: 0xCDBA2FDB

3 files changed, 134 insertions, 6 deletions

diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog
index 6f5e85be05a8..510497107fa4 100644
--- a/sec-policy/selinux-base-policy/ChangeLog
+++ b/sec-policy/selinux-base-policy/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for sec-policy/selinux-base-policy
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.114 2012/11/18 15:18:26 swift Exp $
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.115 2012/12/03 08:52:14 swift Exp $
+
+*selinux-base-policy-2.20120725-r8 (03 Dec 2012)
+
+  03 Dec 2012; Sven Vermeulen +selinux-base-policy-2.20120725-r8.ebuild:
+  Bumping to revision 8
 
 *selinux-base-policy-2.20120725-r7 (18 Nov 2012)
 
@@ -717,4 +722,3 @@
   19 Apr 2003; Chris PeBenito <pebenito@gentoo.org> Manifest,
   selinux-base-policy-20030419.ebuild:
   Initial commit.  Base policies for SELinux, with Gentoo-specifics
-
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest
index 53cb3119b9d3..de8d428ad279 100644
--- a/sec-policy/selinux-base-policy/Manifest
+++ b/sec-policy/selinux-base-policy/Manifest
@@ -12,6 +12,7 @@ DIST patchbundle-selinux-base-policy-2.20120215-r8.tar.bz2 29993 SHA256 0d2b6b35
 DIST patchbundle-selinux-base-policy-2.20120215-r9.tar.bz2 45823 SHA256 5f93d185536f3bc2d700ca98ce9100651b0d6114a3a41fc6e93d27d458b0da80 SHA512 fede639615f0a32c14a8f32a527904a896871ff341b839adb57c54d6568856368552254077212e82fc66cf21c01000491edd373ce21ea74fa6fcd78aabd92ab5 WHIRLPOOL 96900a5a70fb2743eddb566333d5efd99b99999215287551bb5c7cf96e3344bd1cc5c60a6f93f1ee6fab466221f30bdf87c5b9e992f79d4fa1ebcdd82932620c
 DIST patchbundle-selinux-base-policy-2.20120725-r5.tar.bz2 46546 SHA256 ac46f21fd5be9588f7462b9ec41a9033f1c0347f46e01b6f9477fb381779ec92 SHA512 3ac3f06cdf7ff645d5b1db7430e9857eb2b55cc6e522ab96300e5120f390f905f3ce614973eb3fd03f0f28e25eebad53517c91b69bba191dc7ddc4e97a3f1756 WHIRLPOOL ed75b62a29a5c9aba2b4da87b2845609ce89ce288f245430bb7dc34504dfa84a7261e40c3f6b776af041d219ac6ba7ef501bdacda56488451b2cb6d8b5051b9e
 DIST patchbundle-selinux-base-policy-2.20120725-r7.tar.bz2 334263 SHA256 f96436d819f6905c8f604488d309795874eb0fa884933c706851b4021a8c158a SHA512 9a17101e2a623e171f9ae203b1892801873f60c64be5a06077b04c1c7edb7c0639f4943c67f9df5f5790fde9d7f1456cd06b849ecd5915ce849353d6069dac6e WHIRLPOOL cd0b8f412c4b64a561d563a1132f986254d9c7d895772d2977988a8c7fb8dd41c53b5d7f2a69d99db85916c00a6de9eb9a35231ca4bd8759c86a58891e070705
+DIST patchbundle-selinux-base-policy-2.20120725-r8.tar.bz2 335267 SHA256 17e5534f966b46ef101e452082d8349636d38e1850cdf55cd7c268e14bdb0124 SHA512 f167e5691a3769d7eb66ddba6a000df860387a3df2cc581df60e924e51495fe94247acfbc9991cd815f05ade747f7806a67c965929fe12994e8b362ab4da15df WHIRLPOOL 533a98fc8860aa8e91d738c2e4d932f2c16dddf02966716649e78d74126bc949524653e0a5443ca6e1e073ae37265ca3b0e28f1ceea510b7adfd510cf3167ac4
 DIST refpolicy-2.20120215.tar.bz2 589917 SHA256 6df77faf62f73bd1f6e3bfca3fa2f77cdfd2cada94a7dcc4816ed9bbcf3545dc SHA512 47c84e29bd4f9f24b20d7ad86ccc9ef6619af3256b3d8590239165e9ea3b1fb45ceb105517b46a969bff2009b5f34d50c2f2d244e80080d9b667c51b11dcaf81 WHIRLPOOL ec038e60cda6dedea008347b6b5dd82d07b242d5b30921cb0912dc8712aa3db8a108c9f374bb3690328cef3cd531b251761cddb5410c1a09d7ab20654a06e551
 DIST refpolicy-2.20120725.tar.bz2 594120 SHA256 7cd46ed908a4001368e6509d93e306ec6c9af2bfa6b70db88c9eaaefe257c635 SHA512 9cbe27fe30460c018da2bb3d94f321d656a259bf4f2e7ce6c2b015d02b5801de8a68c765c154c30ba5abf4f986957c9f303fc95b453f53db4fc4040443512333 WHIRLPOOL 107c10e89e99a3c63f8a806989e869dffd5baca1b9e41e2b02b12067a796d11abc87ac41a9c44a44a61215ed36df127f79e045b00cfb67d3c5318a766ff78b89
 EBUILD selinux-base-policy-2.20120215-r13.ebuild 3826 SHA256 1ab232ec296fb64c2949aaf40a32a5a02c1c603f13e7692519c6ffbe0c37f84b SHA512 eaf7c4df87f1805d984daf7e4acc4f990bf0a158f284cde1a16608e1845eb0f2a1d3aacf491da87a2bc5efa0eb537cacb4cbceaf2144ebcd788f1b3a1eabc77d WHIRLPOOL a3cbbb78f656cb3083ad6a9e28217af18db498cab5fa8c27f6bd45a59278ca6f77b102e63b76bd13070d4d1300990e9e048510a7aa529d0eaff8b1e331b9e3c3
@@ -23,13 +24,14 @@ EBUILD selinux-base-policy-2.20120215-r8.ebuild 3823 SHA256 b42b5c5eff6e6544223b
 EBUILD selinux-base-policy-2.20120215-r9.ebuild 3823 SHA256 d06e5e77bbd9d16db74ab950ed27490dc40456c74ff98c188181d343364eb4fb SHA512 7edcc584faa03dd889ae084b7c38d9b23aa00826ae01cf096bb14dad684d74984be65334effcb80c0c35fd400d09328fb3736a4d980e24e5f6effd70b4ed0b0c WHIRLPOOL 365e3b74d6ddfe88177c525e9fbbacffe6ca4aca4fac0792450b0e9d143f911b7b20a5f323246072a10c9925dc515e2abe56e46c98ce23a3155d6c6d88e1c3dd
 EBUILD selinux-base-policy-2.20120725-r5.ebuild 3821 SHA256 0cf134d0dcebd4139f808bad2627f1c16959ef4199d05a177a31a967bc1e85c9 SHA512 c5609321c8be53cea48b43f34b637dde6a0daaf38a3f87fea71066778c224ffd5d549c7db2d29e01b2dd792aa6b37424b04a2915cda7434e5e5ad9cda89eeb52 WHIRLPOOL 14a72df7dc83b2405b9c8d96e7f48332663d2ace1e851c8bbac7fb76a278f5f2f23ce615b924632135850ac809a1c4dba32e1bfcbe08ba12e8fd7caa478b8820
 EBUILD selinux-base-policy-2.20120725-r7.ebuild 3823 SHA256 fb9eb84a21543251a9249e76fe84461381d2d1af00afd6cd1fcf18f4b89dbcbe SHA512 a1d4ec29c1331be33bf451cf2e180aae8f478c7738a6d653c0bda01f7744bc405cb7818deaf3280b040a241cc0fa99bb1386f527592fe664d2d6fef98fb04439 WHIRLPOOL 4e510ef48009684917b90057efae5b6dc2bcad6905b3b629d7679eb7ea94651f5f6efc8810cb13797e6a73a0f814791c2553717790a262b2bd3de45f39a0bd8d
+EBUILD selinux-base-policy-2.20120725-r8.ebuild 3809 SHA256 e221daf9c41c50c5c662c98eae69ff46cc161e43d4aac209c32c1cf74ba300bd SHA512 a89c9b831d2b04376fd3ae0287a34d0c6ef284b6639a0500f639d13f8069437572a866054982aa3deb91c14babb81bbaee232888696cfbcd40745b5da3dfd6e7 WHIRLPOOL 24f1c9015b7b1001cc10ee2cb51e96117ace2478477d4f63bd296cb95f9b6d2fd1b9b2ec32b405304d78e9b489373ea5f2ad2193b77a274a51e03b8627a97c85
 EBUILD selinux-base-policy-9999.ebuild 3428 SHA256 88e3160b74a59434e54618f923263d9af44c032e4eadcc9dcbed13f6db3ea4fc SHA512 0a9240d7d7a25bc3103e8e53647b9d30e13eacae66a8d0f93eef716ce6fa1377eb799813209325eb90d723daa70346384e2474f5caf025947d2a59bf659575fe WHIRLPOOL 4d1f891f5d7913a8f68232c31dabbcf8c55987f046d35c430a9bb8f01b362e2d2c5b05d9ddca556599f32316986eb87c1ebcd50894fe811b60378916865f25c6
-MISC ChangeLog 26384 SHA256 0eb9bb782231315761b83e0804a2bf04e01ff51bed237b796f7baf196c1ca5bd SHA512 707e7782441b717420547eea071baaeb988288389131d25834a5adf9de6b9d577bd141ef2c903e0fb0960eab89a43ab123b20fd2f68045f4c587e6dc8a2eee33 WHIRLPOOL e42ce9632fc0bc415653f31efec4b5245659b279d92df70efd43cf256ff987f259b8aa1deb4114c39bda23c4207c26af12586e05de16be81b2f1ada5d9ed6911
+MISC ChangeLog 26531 SHA256 26367e0ff826995b152b6e2cdd7ddbb4143e69f850674b1cf72a08676e2ede42 SHA512 0b4b2d5b3511775eadd5236e6373c5779624cc2bf850d3b6e2a8047d0a61f33825b395276bd5260e39356f19a545bbd546566fa7f9ab23147315c1a802be54f5 WHIRLPOOL d495554d1b5814652a47ebbb0b81c7a88d1c2e711dd3148d88900cced48f7581ccaf802db514d9f78a7bea234b3135dfd3252a31d51e82dd2ddb1b169919de31
 MISC metadata.xml 344 SHA256 c881a8c264aeaa91cbeda1ef927a354c07e2cf189794a5326c0aa7ee3af3e9f2 SHA512 bc1dc0dba1af6cedf35e02c93c5e7c51829708a5792c5ab277dbba8f8a530a3ac55690fe083270b3dfe1de4e342bb5f68d65b257e79e804ac2625ac13248216b WHIRLPOOL a4fc490bdcd3de93b646b4abd2023500a3cad93dffda81de9f589a63d14f00f834920dce7061dda39a8ca8c3b94bf3e36924d44004e9f138ed6437148007e84e
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
-iEYEAREIAAYFAlCo/HEACgkQXfqz7M26L9tq/QCeMludisROOCzOgxB/c3ozOD8G
-b/4AoIvXpYKmUt57PM6VwcEpu2LWROIT
-=Uz1t
+iEYEAREIAAYFAlC8aMIACgkQXfqz7M26L9vnvwCfbbkPM82GEdvQa8aL9BXuDEED
+GIYAnRnZM9tTWiB/bsc2UuTGf4dQIhUm
+=Y64j
 -----END PGP SIGNATURE-----
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r8.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r8.ebuild
new file mode 100644
index 000000000000..93b6f8a090c7
--- /dev/null
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r8.ebuild
@@ -0,0 +1,122 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20120725-r8.ebuild,v 1.1 2012/12/03 08:52:14 swift Exp $
+EAPI="4"
+
+inherit eutils
+
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/"
+DESCRIPTION="SELinux policy for core modules"
+
+IUSE=""
+BASEPOL="${PVR}"
+
+RDEPEND=">=sec-policy/selinux-base-${PVR}"
+DEPEND=""
+SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2
+		http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${BASEPOL}.tar.bz2"
+KEYWORDS="~amd64 ~x86"
+
+MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil ssh staff storage su sysadm sysnetwork udev userdomain usermanage unprivuser xdg unconfined"
+LICENSE="GPL-2"
+SLOT="0"
+S="${WORKDIR}/"
+PATCHBUNDLE="${DISTDIR}/patchbundle-selinux-base-policy-${BASEPOL}.tar.bz2"
+
+# Code entirely copied from selinux-eclass (cannot inherit due to dependency on
+# itself), when reworked reinclude it. Only postinstall (where -b base.pp is
+# added) needs to remain then.
+
+src_prepare() {
+	local modfiles
+
+	# Patch the sources with the base patchbundle
+	if [[ -n ${BASEPOL} ]];
+	then
+		cd "${S}"
+		EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \
+		EPATCH_SUFFIX="patch" \
+		EPATCH_SOURCE="${WORKDIR}" \
+		EPATCH_FORCE="yes" \
+		epatch
+	fi
+
+	# Apply the additional patches refered to by the module ebuild.
+	# But first some magic to differentiate between bash arrays and strings
+	if [[ "$(declare -p POLICY_PATCH 2>/dev/null 2>&1)" == "declare -a"* ]];
+	then
+		cd "${S}/refpolicy/policy/modules"
+		for POLPATCH in "${POLICY_PATCH[@]}";
+		do
+			epatch "${POLPATCH}"
+		done
+	else
+		if [[ -n ${POLICY_PATCH} ]];
+		then
+			cd "${S}/refpolicy/policy/modules"
+			for POLPATCH in ${POLICY_PATCH};
+			do
+				epatch "${POLPATCH}"
+			done
+		fi
+	fi
+
+	# Collect only those files needed for this particular module
+	for i in ${MODS}; do
+		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
+		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
+	done
+
+	for i in ${POLICY_TYPES}; do
+		mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
+		cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
+			|| die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
+
+		cp ${modfiles} "${S}"/${i} \
+			|| die "Failed to copy the module files to ${S}/${i}"
+	done
+}
+
+src_compile() {
+	for i in ${POLICY_TYPES}; do
+		# Parallel builds are broken, so we need to force -j1 here
+		emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed"
+	done
+}
+
+src_install() {
+	local BASEDIR="/usr/share/selinux"
+
+	for i in ${POLICY_TYPES}; do
+		for j in ${MODS}; do
+			einfo "Installing ${i} ${j} policy package"
+			insinto ${BASEDIR}/${i}
+			doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
+		done
+	done
+}
+
+pkg_postinst() {
+	# Override the command from the eclass, we need to load in base as well here
+	local COMMAND
+	for i in ${MODS}; do
+		COMMAND="-i ${i}.pp ${COMMAND}"
+	done
+
+	for i in ${POLICY_TYPES}; do
+		local LOCCOMMAND
+		local LOCMODS
+		if [[ "${i}" != "targeted" ]]; then
+			LOCCOMMAND=$(echo "${COMMAND}" | sed -e 's:-i unconfined.pp::g');
+			LOCMODS=$(echo "${MODS}" | sed -e 's: unconfined::g');
+		else
+			LOCCOMMAND="${COMMAND}"
+			LOCMODS="${MODS}"
+		fi
+		einfo "Inserting the following modules, with base, into the $i module store: ${LOCMODS}"
+
+		cd /usr/share/selinux/${i} || die "Could not enter /usr/share/selinux/${i}"
+
+		semodule -s ${i} -b base.pp ${LOCCOMMAND} || die "Failed to load in base and modules ${LOCMODS} in the $i policy store"
+	done
+}