diff options
| author |   Chris PeBenito <pebenito@gentoo.org> | 2003-12-26 04:24:12 +0000 |
|---|---|---|
| committer | Chris PeBenito <pebenito@gentoo.org> | 2003-12-26 04:24:12 +0000 |
| commit | 997a48b9743c0c8d546278e2c49cd15e29382fa7 (patch) | |
| tree | f65ebcb2ee707f715276a6b5d68c8af27a7b916d /sec-policy | |
| parent | version bump thanks to suka <suka@t0.or.at> in bug #35464 (diff) | |
| download | gentoo-2-997a48b9743c0c8d546278e2c49cd15e29382fa7.tar.gz gentoo-2-997a48b9743c0c8d546278e2c49cd15e29382fa7.tar.bz2 gentoo-2-997a48b9743c0c8d546278e2c49cd15e29382fa7.zip | |
new release
Diffstat (limited to 'sec-policy')
4 files changed, 87 insertions, 2 deletions
diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog index 346a737284a4..406c56e8aaf4 100644 --- a/sec-policy/selinux-base-policy/ChangeLog +++ b/sec-policy/selinux-base-policy/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for sec-policy/selinux-base-policy # Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.10 2003/11/27 17:51:43 pebenito Exp $ +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.11 2003/12/26 04:24:05 pebenito Exp $ + +*selinux-base-policy-20031225 (25 Dec 2003) + + 25 Dec 2003; Chris PeBenito <pebenito@gentoo.org> + selinux-base-policy-20031225.ebuild: + New release, with merged NSA 1.4 policy. One critical note, this policy + requires pam 0.77. Much work has been done to minimize access to /etc/shadow, + and one requirement is in the patch for pam 0.77. If you do not use this pam + version or newer, you will be unable to authenticate in enforcing. You should + merge the changes, and relabel. 27 Nov 2003; Chris PeBenito <pebenito@gentoo.org> selinux-base-policy-20031010-r1.ebuild: diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest index df53a7e9e10c..0bb961ba02cd 100644 --- a/sec-policy/selinux-base-policy/Manifest +++ b/sec-policy/selinux-base-policy/Manifest @@ -1,5 +1,7 @@ -MD5 2b5532ca200eefb37dd9c17fd2308839 ChangeLog 4374 +MD5 444a06c3e498908c776b23a3851a8bfe ChangeLog 4858 MD5 808b5f7f5d6654666e9193672d463229 metadata.xml 473 MD5 cf680c66e6bb71484cd79a66b893a8db selinux-base-policy-20031010-r1.ebuild 2226 +MD5 ff1e33b04880dd2f33bfa7843f19660a selinux-base-policy-20031225.ebuild 2253 MD5 58ed8d91932fc65a3cf102265e86ef3a files/digest-selinux-base-policy-20031010-r1 80 +MD5 09e663114ddafd06e4686e4bafefebf1 files/digest-selinux-base-policy-20031225 80 MD5 73ed970a243dc34033a2f2c29f5b63e1 files/selinux-base-policy-20031010-cvs.diff 4268 diff --git a/sec-policy/selinux-base-policy/files/digest-selinux-base-policy-20031225 b/sec-policy/selinux-base-policy/files/digest-selinux-base-policy-20031225 new file mode 100644 index 000000000000..750ee996cae0 --- /dev/null +++ b/sec-policy/selinux-base-policy/files/digest-selinux-base-policy-20031225 @@ -0,0 +1 @@ +MD5 9f559174c3f48736eafd3e35fe2c7c6f selinux-base-policy-20031225.tar.bz2 60974 diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-20031225.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-20031225.ebuild new file mode 100644 index 000000000000..2f58c8b9d62b --- /dev/null +++ b/sec-policy/selinux-base-policy/selinux-base-policy-20031225.ebuild @@ -0,0 +1,72 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-20031225.ebuild,v 1.1 2003/12/26 04:24:05 pebenito Exp $ + +IUSE="build" + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +SRC_URI="mirror://gentoo/${P}.tar.bz2" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc" +DEPEND="build? ( sys-devel/make )" +RDEPEND="sys-devel/m4 + sys-devel/make + >=sys-libs/pam-0.77" + +S=${WORKDIR}/base-policy + +[ -z ${POLICYDIR} ] && POLICYDIR="/etc/security/selinux/src/policy" + +#src_unpack() { +# unpack ${A} +# cd ${S} +# epatch ${FILESDIR}/${P}-cvs.diff +#} + +src_install() { + if use build; then + # generate a file_contexts + dodir ${POLICYDIR}/file_contexts + einfo "Ignore the checkpolicy error on the next line." + make -C ${S} \ + FC=${D}/${POLICYDIR}/file_contexts/file_contexts \ + ${D}/${POLICYDIR}/file_contexts/file_contexts + + [ ! -f ${D}/${POLICYDIR}/file_contexts/file_contexts ] && \ + die "file_contexts was not generated." + else + # install full policy + dodir /etc/security/selinux/src + + insinto /etc/security + doins ${S}/appconfig/* + + cp -a ${S} ${D}/${POLICYDIR} + rm -fR ${D}/${POLICYDIR}/appconfig + fi +} + +pkg_postinst() { + echo + einfo "This is the base policy for SELinux on Gentoo. This policy" + einfo "package only covers the applications in the system profile." + einfo "More policy may need to be added according to your requirements." + echo + eerror "It is STRONGLY suggested that you evaluate and merge the" + eerror "policy changes. If any of the file contexts (*.fc) have" + eerror "changed, you should also relabel." + echo + ewarn "Please check the Changelog, there may be important information." + echo + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + sleep 8 +} |