diff options
author | Chris PeBenito <pebenito@gentoo.org> | 2003-07-29 02:55:56 +0000 |
---|---|---|
committer | Chris PeBenito <pebenito@gentoo.org> | 2003-07-29 02:55:56 +0000 |
commit | 574c673f4f1611c93879c18c86b5230154191a33 (patch) | |
tree | e866e5a9850e3f244c843db196b7019ce934dd16 /eclass/selinux-policy.eclass | |
parent | unified SITEFILE location (diff) | |
download | gentoo-2-574c673f4f1611c93879c18c86b5230154191a33.tar.gz gentoo-2-574c673f4f1611c93879c18c86b5230154191a33.tar.bz2 gentoo-2-574c673f4f1611c93879c18c86b5230154191a33.zip |
initial commit
Diffstat (limited to 'eclass/selinux-policy.eclass')
-rw-r--r-- | eclass/selinux-policy.eclass | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/eclass/selinux-policy.eclass b/eclass/selinux-policy.eclass new file mode 100644 index 000000000000..89a7fcbce561 --- /dev/null +++ b/eclass/selinux-policy.eclass @@ -0,0 +1,102 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/eclass/selinux-policy.eclass,v 1.1 2003/07/29 02:55:56 pebenito Exp $ + +# Eclass for installing SELinux policy, and optionally +# reloading the policy + +ECLASS="selinux-policy" +INHERITED="$INHERITED $ECLASS" + +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" +SRC_URI="mirror://gentoo/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +S="${WORKDIR}/policy" + +IUSE="loadpolicy" + +newrdepend sys-apps/selinux-small sec-policy/selinux-base-policy + +[ -z ${POLICYDIR} ] && POLICYDIR="/etc/security/selinux/src/policy" + +SAVENAME="`date +%Y%m%d%H%M`-${PN}.tar.bz2" +SAVEDIR="`echo "${POLICYDIR}" | cut -d/ -f6`" + +selinux-policy_src_compile() { + cd ${S} + + einfo "Backup of policy source is \"${SAVENAME}\"." + debug-print "POLICYDIR is \"${POLICYDIR}\"" + debug-print "SAVEDIR is \"${SAVEDIR}\"" + + # create a backup of the current policy + tar -C /etc/security/selinux/src --exclude policy.12 --exclude tmp \ + --exclude policy.conf -jcf ${SAVENAME} ${SAVEDIR}/ +} + +selinux-policy_src_install() { + cd ${S} + + insinto /etc/security/selinux/src/policy-backup + doins ${SAVENAME} + + if [ -n "${TEFILES}" ]; then + debug-print "TEFILES is \"${TEFILES}\"" + insinto ${POLICYDIR}/domains/program + doins ${TEFILES} + fi + + if [ -n "${FCFILES}" ]; then + debug-print "FCFILES is \"${FCFILES}\"" + insinto ${POLICYDIR}/file_contexts/program + doins ${FCFILES} + fi + + if [ -n "${MACROS}" ]; then + debug-print "MACROS is \"${MACROS}\"" + insinto ${POLICYDIR}/macros/program + doins ${MACROS} + fi +} + +selinux-policy_pkg_postinst() { + if [ "`use loadpolicy`" ]; then + ebegin "Automatically loading policy" + make -C ${POLICYDIR} load + eend $? + + ebegin "Regenerating file contexts" + [ -f ${POLICYDIR}/file_contexts/file_contexts ] && \ + rm -f ${POLICYDIR}/file_contexts/file_contexts + make -C ${POLICYDIR} file_contexts/file_contexts &> /dev/null + + # do a test relabel to make sure file + # contexts work (doesnt change any labels) + echo "/etc/passwd" | /usr/sbin/setfiles \ + ${POLICYDIR}/file_contexts/file_contexts -sqn + eend $? + else + echo + echo + eerror "Policy has not been loaded. It is strongly suggested" + eerror "that the policy be loaded before continuing!!" + echo + einfo "Automatic policy loading can be enabled by adding" + einfo "\"loadpolicy\" to the USE flags." + echo + echo + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1 + sleep 4 + fi +} + +EXPORT_FUNCTIONS src_compile src_install pkg_postinst |