diff options
author | Jason Zaman <perfinion@gentoo.org> | 2018-06-09 12:07:41 +0800 |
---|---|---|
committer | Jason Zaman <perfinion@gentoo.org> | 2018-06-09 12:27:04 +0800 |
commit | 8f88bc159a81c30c0d49aad62cfe63df5a0d9815 (patch) | |
tree | d81a9c641ec9ef465a55a091a7c456c28525d880 /sec-policy | |
parent | x11-apps/xkbcomp: Version bump 1.4.2 (diff) | |
download | gentoo-8f88bc159a81c30c0d49aad62cfe63df5a0d9815.tar.gz gentoo-8f88bc159a81c30c0d49aad62cfe63df5a0d9815.tar.bz2 gentoo-8f88bc159a81c30c0d49aad62cfe63df5a0d9815.zip |
sec-policy/selinux-base-policy: Fix policy load when cross compiling
Package-Manager: Portage-2.3.40, Repoman-2.3.9
Diffstat (limited to 'sec-policy')
-rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild | 34 | ||||
-rw-r--r-- | sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild | 34 |
2 files changed, 44 insertions, 24 deletions
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild index ffcbe80f607c..b2976ccee54b 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild @@ -22,6 +22,7 @@ IUSE="systemd +unconfined" PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" +RDEPEND="$DEPEND" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" LICENSE="GPL-2" @@ -74,7 +75,7 @@ src_prepare() { src_compile() { for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" + emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed" done } @@ -91,6 +92,12 @@ src_install() { } pkg_postinst() { + # Set root path and don't load policy into the kernel when cross compiling + local root_opts="" + if [[ "${ROOT%/}" != "" ]]; then + root_opts="-p ${ROOT%/} -n" + fi + # Override the command from the eclass, we need to load in base as well here local COMMAND="-i base.pp" if has_version "<sys-apps/policycoreutils-2.5"; then @@ -104,19 +111,22 @@ pkg_postinst() { for i in ${POLICY_TYPES}; do einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - cd /usr/share/selinux/${i} + cd "${ROOT%/}/usr/share/selinux/${i}" - semodule -s ${i} ${COMMAND} + semodule ${root_opts} -s ${i} ${COMMAND} done - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; + # Don't relabel when cross compiling + if [[ "${ROOT%/}" == "" ]]; then + # Relabel depending packages + local PKGSET=""; + if [[ -x /usr/bin/qdepends ]] ; then + PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + elif [[ -x /usr/bin/equery ]] ; then + PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + fi + if [[ -n "${PKGSET}" ]] ; then + rlpkg ${PKGSET}; + fi fi } diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild index ffcbe80f607c..b2976ccee54b 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild @@ -22,6 +22,7 @@ IUSE="systemd +unconfined" PDEPEND="unconfined? ( sec-policy/selinux-unconfined )" DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]" +RDEPEND="$DEPEND" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg" LICENSE="GPL-2" @@ -74,7 +75,7 @@ src_prepare() { src_compile() { for i in ${POLICY_TYPES}; do - emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" + emake NAME=$i SHAREDIR="${ROOT%/}"/usr/share/selinux -C "${S}"/${i} || die "${i} compile failed" done } @@ -91,6 +92,12 @@ src_install() { } pkg_postinst() { + # Set root path and don't load policy into the kernel when cross compiling + local root_opts="" + if [[ "${ROOT%/}" != "" ]]; then + root_opts="-p ${ROOT%/} -n" + fi + # Override the command from the eclass, we need to load in base as well here local COMMAND="-i base.pp" if has_version "<sys-apps/policycoreutils-2.5"; then @@ -104,19 +111,22 @@ pkg_postinst() { for i in ${POLICY_TYPES}; do einfo "Inserting the following modules, with base, into the $i module store: ${MODS}" - cd /usr/share/selinux/${i} + cd "${ROOT%/}/usr/share/selinux/${i}" - semodule -s ${i} ${COMMAND} + semodule ${root_opts} -s ${i} ${COMMAND} done - # Relabel depending packages - local PKGSET=""; - if [[ -x /usr/bin/qdepends ]] ; then - PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - elif [[ -x /usr/bin/equery ]] ; then - PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); - fi - if [[ -n "${PKGSET}" ]] ; then - rlpkg ${PKGSET}; + # Don't relabel when cross compiling + if [[ "${ROOT%/}" == "" ]]; then + # Relabel depending packages + local PKGSET=""; + if [[ -x /usr/bin/qdepends ]] ; then + PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + elif [[ -x /usr/bin/equery ]] ; then + PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-'); + fi + if [[ -n "${PKGSET}" ]] ; then + rlpkg ${PKGSET}; + fi fi } |