summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChris PeBenito <pebenito@gentoo.org>2003-07-29 02:55:56 +0000
committerChris PeBenito <pebenito@gentoo.org>2003-07-29 02:55:56 +0000
commit574c673f4f1611c93879c18c86b5230154191a33 (patch)
treee866e5a9850e3f244c843db196b7019ce934dd16 /eclass/selinux-policy.eclass
parentunified SITEFILE location (diff)
downloadgentoo-2-574c673f4f1611c93879c18c86b5230154191a33.tar.gz
gentoo-2-574c673f4f1611c93879c18c86b5230154191a33.tar.bz2
gentoo-2-574c673f4f1611c93879c18c86b5230154191a33.zip
initial commit
Diffstat (limited to 'eclass/selinux-policy.eclass')
-rw-r--r--eclass/selinux-policy.eclass102
1 files changed, 102 insertions, 0 deletions
diff --git a/eclass/selinux-policy.eclass b/eclass/selinux-policy.eclass
new file mode 100644
index 000000000000..89a7fcbce561
--- /dev/null
+++ b/eclass/selinux-policy.eclass
@@ -0,0 +1,102 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/eclass/selinux-policy.eclass,v 1.1 2003/07/29 02:55:56 pebenito Exp $
+
+# Eclass for installing SELinux policy, and optionally
+# reloading the policy
+
+ECLASS="selinux-policy"
+INHERITED="$INHERITED $ECLASS"
+
+HOMEPAGE="http://www.gentoo.org/proj/en/hardened/"
+SRC_URI="mirror://gentoo/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+S="${WORKDIR}/policy"
+
+IUSE="loadpolicy"
+
+newrdepend sys-apps/selinux-small sec-policy/selinux-base-policy
+
+[ -z ${POLICYDIR} ] && POLICYDIR="/etc/security/selinux/src/policy"
+
+SAVENAME="`date +%Y%m%d%H%M`-${PN}.tar.bz2"
+SAVEDIR="`echo "${POLICYDIR}" | cut -d/ -f6`"
+
+selinux-policy_src_compile() {
+ cd ${S}
+
+ einfo "Backup of policy source is \"${SAVENAME}\"."
+ debug-print "POLICYDIR is \"${POLICYDIR}\""
+ debug-print "SAVEDIR is \"${SAVEDIR}\""
+
+ # create a backup of the current policy
+ tar -C /etc/security/selinux/src --exclude policy.12 --exclude tmp \
+ --exclude policy.conf -jcf ${SAVENAME} ${SAVEDIR}/
+}
+
+selinux-policy_src_install() {
+ cd ${S}
+
+ insinto /etc/security/selinux/src/policy-backup
+ doins ${SAVENAME}
+
+ if [ -n "${TEFILES}" ]; then
+ debug-print "TEFILES is \"${TEFILES}\""
+ insinto ${POLICYDIR}/domains/program
+ doins ${TEFILES}
+ fi
+
+ if [ -n "${FCFILES}" ]; then
+ debug-print "FCFILES is \"${FCFILES}\""
+ insinto ${POLICYDIR}/file_contexts/program
+ doins ${FCFILES}
+ fi
+
+ if [ -n "${MACROS}" ]; then
+ debug-print "MACROS is \"${MACROS}\""
+ insinto ${POLICYDIR}/macros/program
+ doins ${MACROS}
+ fi
+}
+
+selinux-policy_pkg_postinst() {
+ if [ "`use loadpolicy`" ]; then
+ ebegin "Automatically loading policy"
+ make -C ${POLICYDIR} load
+ eend $?
+
+ ebegin "Regenerating file contexts"
+ [ -f ${POLICYDIR}/file_contexts/file_contexts ] && \
+ rm -f ${POLICYDIR}/file_contexts/file_contexts
+ make -C ${POLICYDIR} file_contexts/file_contexts &> /dev/null
+
+ # do a test relabel to make sure file
+ # contexts work (doesnt change any labels)
+ echo "/etc/passwd" | /usr/sbin/setfiles \
+ ${POLICYDIR}/file_contexts/file_contexts -sqn
+ eend $?
+ else
+ echo
+ echo
+ eerror "Policy has not been loaded. It is strongly suggested"
+ eerror "that the policy be loaded before continuing!!"
+ echo
+ einfo "Automatic policy loading can be enabled by adding"
+ einfo "\"loadpolicy\" to the USE flags."
+ echo
+ echo
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ echo -ne "\a" ; sleep 0.1 ; echo -ne "\a" ; sleep 1
+ sleep 4
+ fi
+}
+
+EXPORT_FUNCTIONS src_compile src_install pkg_postinst