gnu: Update SELinux packages.
* gnu/packages/selinux.scm (libsepol): Update to 2.7, release 20170804. [source]: Fetch from git. (checkpolicy)[arguments]: Set LIBSEPOLA. (libselinux)[arguments]: Likewise; remove build phase "patch-libsepol-path". (python-sepolgen)[arguments]: Adjust directory name in "enter-dir". (python-setools): Update to 4.1.1. [source]: Fetch from git. (policycoreutils)[source]: Remove patch. [arguments]: Remove build phases "fix-glib-cflags", "fix-linkage-with-libsepol", "fix-target-paths", and "wrap-python-tools". [inputs]: Remove python-wrapper, python-sepolgen, python-setools, python-ipy, libcap-ng, pcre, dbus, dbus-glib, and glib. * gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
This commit is contained in:
parent
6d5a65de7f
commit
7bf0170e9f
|
@ -970,7 +970,6 @@ dist_patch_DATA = \
|
||||||
%D%/packages/patches/plink-endian-detection.patch \
|
%D%/packages/patches/plink-endian-detection.patch \
|
||||||
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
|
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
|
||||||
%D%/packages/patches/polkit-drop-test.patch \
|
%D%/packages/patches/polkit-drop-test.patch \
|
||||||
%D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch \
|
|
||||||
%D%/packages/patches/portaudio-audacity-compat.patch \
|
%D%/packages/patches/portaudio-audacity-compat.patch \
|
||||||
%D%/packages/patches/portmidi-modular-build.patch \
|
%D%/packages/patches/portmidi-modular-build.patch \
|
||||||
%D%/packages/patches/potrace-tests.patch \
|
%D%/packages/patches/potrace-tests.patch \
|
||||||
|
|
|
@ -1,335 +0,0 @@
|
||||||
Downloaded from https://anonscm.debian.org/cgit/selinux/policycoreutils.git/plain/debian/patches/policycoreutils-Make-sepolicy-work-with-python3.patch
|
|
||||||
|
|
||||||
From 2d7ca0b862a35196d562f59bd098df011fd7f0e6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Laurent Bigonville <bigon@bigon.be>
|
|
||||||
Date: Mon, 7 Nov 2016 10:51:08 +0100
|
|
||||||
Subject: [PATCH] policycoreutils: Make sepolicy work with python3
|
|
||||||
|
|
||||||
Add python3 support for sepolicy
|
|
||||||
|
|
||||||
Signed-off-by: Laurent Bigonville <bigon@bigon.be>
|
|
||||||
---
|
|
||||||
policycoreutils/sepolicy/selinux_client.py | 6 ++--
|
|
||||||
policycoreutils/sepolicy/sepolicy.py | 38 ++++++++++++------------
|
|
||||||
policycoreutils/sepolicy/sepolicy/__init__.py | 16 ++++++----
|
|
||||||
policycoreutils/sepolicy/sepolicy/communicate.py | 4 +--
|
|
||||||
policycoreutils/sepolicy/sepolicy/generate.py | 30 +++++++++----------
|
|
||||||
policycoreutils/sepolicy/sepolicy/interface.py | 14 ++++++---
|
|
||||||
policycoreutils/sepolicy/sepolicy/manpage.py | 7 +++--
|
|
||||||
7 files changed, 65 insertions(+), 50 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutils/sepolicy/selinux_client.py
|
|
||||||
index 7f4a91c..dc29f28 100644
|
|
||||||
--- a/sepolicy/selinux_client.py
|
|
||||||
+++ b/sepolicy/selinux_client.py
|
|
||||||
@@ -39,6 +39,6 @@ if __name__ == "__main__":
|
|
||||||
try:
|
|
||||||
dbus_proxy = SELinuxDBus()
|
|
||||||
resp = dbus_proxy.customized()
|
|
||||||
- print convert_customization(resp)
|
|
||||||
- except dbus.DBusException, e:
|
|
||||||
- print e
|
|
||||||
+ print(convert_customization(resp))
|
|
||||||
+ except dbus.DBusException as e:
|
|
||||||
+ print(e)
|
|
||||||
diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
|
|
||||||
index 3e502a7..5bf9b52 100755
|
|
||||||
--- a/sepolicy/sepolicy.py
|
|
||||||
+++ b/sepolicy/sepolicy.py
|
|
||||||
@@ -262,7 +262,7 @@ def _print_net(src, protocol, perm):
|
|
||||||
if len(portdict) > 0:
|
|
||||||
bold_start = "\033[1m"
|
|
||||||
bold_end = "\033[0;0m"
|
|
||||||
- print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end
|
|
||||||
+ print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end)
|
|
||||||
port_strings = []
|
|
||||||
boolean_text = ""
|
|
||||||
for p in portdict:
|
|
||||||
@@ -275,7 +275,7 @@ def _print_net(src, protocol, perm):
|
|
||||||
port_strings.append("%s (%s)" % (", ".join(recs), t))
|
|
||||||
port_strings.sort(numcmp)
|
|
||||||
for p in port_strings:
|
|
||||||
- print "\t" + p
|
|
||||||
+ print("\t" + p)
|
|
||||||
|
|
||||||
|
|
||||||
def network(args):
|
|
||||||
@@ -286,7 +286,7 @@ def network(args):
|
|
||||||
if i[0] not in all_ports:
|
|
||||||
all_ports.append(i[0])
|
|
||||||
all_ports.sort()
|
|
||||||
- print "\n".join(all_ports)
|
|
||||||
+ print("\n".join(all_ports))
|
|
||||||
|
|
||||||
for port in args.port:
|
|
||||||
found = False
|
|
||||||
@@ -297,18 +297,18 @@ def network(args):
|
|
||||||
else:
|
|
||||||
range = "%s-%s" % (i[0], i[1])
|
|
||||||
found = True
|
|
||||||
- print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range)
|
|
||||||
+ print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range))
|
|
||||||
if not found:
|
|
||||||
if port < 500:
|
|
||||||
- print "Undefined reserved port type"
|
|
||||||
+ print("Undefined reserved port type")
|
|
||||||
else:
|
|
||||||
- print "Undefined port type"
|
|
||||||
+ print("Undefined port type")
|
|
||||||
|
|
||||||
for t in args.type:
|
|
||||||
if (t, 'tcp') in portrecs.keys():
|
|
||||||
- print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))
|
|
||||||
+ print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])))
|
|
||||||
if (t, 'udp') in portrecs.keys():
|
|
||||||
- print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))
|
|
||||||
+ print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])))
|
|
||||||
|
|
||||||
for a in args.applications:
|
|
||||||
d = sepolicy.get_init_transtype(a)
|
|
||||||
@@ -357,7 +357,7 @@ def manpage(args):
|
|
||||||
|
|
||||||
for domain in test_domains:
|
|
||||||
m = ManPage(domain, path, args.root, args.source_files, args.web)
|
|
||||||
- print m.get_man_page_path()
|
|
||||||
+ print(m.get_man_page_path())
|
|
||||||
|
|
||||||
if args.web:
|
|
||||||
HTMLManPages(manpage_roles, manpage_domains, path, args.os)
|
|
||||||
@@ -418,7 +418,7 @@ def communicate(args):
|
|
||||||
out = list(set(writable) & set(readable))
|
|
||||||
|
|
||||||
for t in out:
|
|
||||||
- print t
|
|
||||||
+ print(t)
|
|
||||||
|
|
||||||
|
|
||||||
def gen_communicate_args(parser):
|
|
||||||
@@ -445,7 +445,7 @@ def booleans(args):
|
|
||||||
args.booleans.sort()
|
|
||||||
|
|
||||||
for b in args.booleans:
|
|
||||||
- print "%s=_(\"%s\")" % (b, boolean_desc(b))
|
|
||||||
+ print("%s=_(\"%s\")" % (b, boolean_desc(b)))
|
|
||||||
|
|
||||||
|
|
||||||
def gen_booleans_args(parser):
|
|
||||||
@@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=""):
|
|
||||||
for i in interfaces:
|
|
||||||
if args.verbose:
|
|
||||||
try:
|
|
||||||
- print get_interface_format_text(i + append)
|
|
||||||
+ print(get_interface_format_text(i + append))
|
|
||||||
except KeyError:
|
|
||||||
- print i
|
|
||||||
+ print(i)
|
|
||||||
if args.compile:
|
|
||||||
try:
|
|
||||||
interface_compile_test(i)
|
|
||||||
except KeyError:
|
|
||||||
- print i
|
|
||||||
+ print(i)
|
|
||||||
else:
|
|
||||||
- print i
|
|
||||||
+ print(i)
|
|
||||||
|
|
||||||
|
|
||||||
def interface(args):
|
|
||||||
@@ -565,7 +565,7 @@ def generate(args):
|
|
||||||
if args.policytype in APPLICATIONS:
|
|
||||||
mypolicy.gen_writeable()
|
|
||||||
mypolicy.gen_symbols()
|
|
||||||
- print mypolicy.generate(args.path)
|
|
||||||
+ print(mypolicy.generate(args.path))
|
|
||||||
|
|
||||||
|
|
||||||
def gen_interface_args(parser):
|
|
||||||
@@ -698,12 +698,12 @@ if __name__ == '__main__':
|
|
||||||
args = parser.parse_args(args=parser_args)
|
|
||||||
args.func(args)
|
|
||||||
sys.exit(0)
|
|
||||||
- except ValueError, e:
|
|
||||||
+ except ValueError as e:
|
|
||||||
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
|
|
||||||
sys.exit(1)
|
|
||||||
- except IOError, e:
|
|
||||||
+ except IOError as e:
|
|
||||||
sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
|
|
||||||
sys.exit(1)
|
|
||||||
except KeyboardInterrupt:
|
|
||||||
- print "Out"
|
|
||||||
+ print("Out")
|
|
||||||
sys.exit(0)
|
|
||||||
diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
|
|
||||||
index 8fbd5b4..fee6438 100644
|
|
||||||
--- a/sepolicy/sepolicy/__init__.py
|
|
||||||
+++ b/sepolicy/sepolicy/__init__.py
|
|
||||||
@@ -695,7 +695,7 @@ def get_methods():
|
|
||||||
# List of per_role_template interfaces
|
|
||||||
ifs = interfaces.InterfaceSet()
|
|
||||||
ifs.from_file(fd)
|
|
||||||
- methods = ifs.interfaces.keys()
|
|
||||||
+ methods = list(ifs.interfaces.keys())
|
|
||||||
fd.close()
|
|
||||||
except:
|
|
||||||
sys.stderr.write("could not open interface info [%s]\n" % fn)
|
|
||||||
@@ -752,7 +752,10 @@ def get_all_entrypoint_domains():
|
|
||||||
|
|
||||||
|
|
||||||
def gen_interfaces():
|
|
||||||
- import commands
|
|
||||||
+ try:
|
|
||||||
+ from commands import getstatusoutput
|
|
||||||
+ except ImportError:
|
|
||||||
+ from subprocess import getstatusoutput
|
|
||||||
ifile = defaults.interface_info()
|
|
||||||
headers = defaults.headers()
|
|
||||||
try:
|
|
||||||
@@ -763,7 +766,7 @@ def gen_interfaces():
|
|
||||||
|
|
||||||
if os.getuid() != 0:
|
|
||||||
raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen"))
|
|
||||||
- print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
|
|
||||||
+ print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
|
|
||||||
|
|
||||||
|
|
||||||
def gen_port_dict():
|
|
||||||
@@ -1085,8 +1088,11 @@ def get_os_version():
|
|
||||||
os_version = ""
|
|
||||||
pkg_name = "selinux-policy"
|
|
||||||
try:
|
|
||||||
- import commands
|
|
||||||
- rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
|
|
||||||
+ try:
|
|
||||||
+ from commands import getstatusoutput
|
|
||||||
+ except ImportError:
|
|
||||||
+ from subprocess import getstatusoutput
|
|
||||||
+ rc, output = getstatusoutput("rpm -q '%s'" % pkg_name)
|
|
||||||
if rc == 0:
|
|
||||||
os_version = output.split(".")[-2]
|
|
||||||
except:
|
|
||||||
diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policycoreutils/sepolicy/sepolicy/communicate.py
|
|
||||||
index b96c4b9..299316e 100755
|
|
||||||
--- a/sepolicy/sepolicy/communicate.py
|
|
||||||
+++ b/sepolicy/sepolicy/communicate.py
|
|
||||||
@@ -34,8 +34,8 @@ def usage(parser, msg):
|
|
||||||
|
|
||||||
def expand_attribute(attribute):
|
|
||||||
try:
|
|
||||||
- return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"]
|
|
||||||
- except RuntimeError:
|
|
||||||
+ return list(next(sepolicy.info(sepolicy.ATTRIBUTE, attribute))["types"])
|
|
||||||
+ except StopIteration:
|
|
||||||
return [attribute]
|
|
||||||
|
|
||||||
|
|
||||||
diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
|
|
||||||
index 65b33b6..5696110 100644
|
|
||||||
--- a/sepolicy/sepolicy/generate.py
|
|
||||||
+++ b/sepolicy/sepolicy/generate.py
|
|
||||||
@@ -31,21 +31,21 @@ import time
|
|
||||||
import types
|
|
||||||
import platform
|
|
||||||
|
|
||||||
-from templates import executable
|
|
||||||
-from templates import boolean
|
|
||||||
-from templates import etc_rw
|
|
||||||
-from templates import unit_file
|
|
||||||
-from templates import var_cache
|
|
||||||
-from templates import var_spool
|
|
||||||
-from templates import var_lib
|
|
||||||
-from templates import var_log
|
|
||||||
-from templates import var_run
|
|
||||||
-from templates import tmp
|
|
||||||
-from templates import rw
|
|
||||||
-from templates import network
|
|
||||||
-from templates import script
|
|
||||||
-from templates import spec
|
|
||||||
-from templates import user
|
|
||||||
+from .templates import executable
|
|
||||||
+from .templates import boolean
|
|
||||||
+from .templates import etc_rw
|
|
||||||
+from .templates import unit_file
|
|
||||||
+from .templates import var_cache
|
|
||||||
+from .templates import var_spool
|
|
||||||
+from .templates import var_lib
|
|
||||||
+from .templates import var_log
|
|
||||||
+from .templates import var_run
|
|
||||||
+from .templates import tmp
|
|
||||||
+from .templates import rw
|
|
||||||
+from .templates import network
|
|
||||||
+from .templates import script
|
|
||||||
+from .templates import spec
|
|
||||||
+from .templates import user
|
|
||||||
import sepolgen.interfaces as interfaces
|
|
||||||
import sepolgen.defaults as defaults
|
|
||||||
|
|
||||||
diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py
|
|
||||||
index c2cb971..8956f39 100644
|
|
||||||
--- a/sepolicy/sepolicy/interface.py
|
|
||||||
+++ b/sepolicy/sepolicy/interface.py
|
|
||||||
@@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name="compiletest"):
|
|
||||||
def get_xml_file(if_file):
|
|
||||||
""" Returns xml format of interfaces for given .if policy file"""
|
|
||||||
import os
|
|
||||||
- import commands
|
|
||||||
+ try:
|
|
||||||
+ from commands import getstatusoutput
|
|
||||||
+ except ImportError:
|
|
||||||
+ from subprocess import getstatusoutput
|
|
||||||
basedir = os.path.dirname(if_file) + "/"
|
|
||||||
filename = os.path.basename(if_file).split(".")[0]
|
|
||||||
- rc, output = commands.getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
|
|
||||||
+ rc, output = getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
|
|
||||||
if rc != 0:
|
|
||||||
sys.stderr.write("\n Could not proceed selected interface file.\n")
|
|
||||||
sys.stderr.write("\n%s" % output)
|
|
||||||
@@ -208,7 +211,10 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
|
|
||||||
exclude_interfaces = ["userdom", "kernel", "corenet", "files", "dev"]
|
|
||||||
exclude_interface_type = ["template"]
|
|
||||||
|
|
||||||
- import commands
|
|
||||||
+ try:
|
|
||||||
+ from commands import getstatusoutput
|
|
||||||
+ except ImportError:
|
|
||||||
+ from subprocess import getstatusoutput
|
|
||||||
import os
|
|
||||||
policy_files = {'pp': "compiletest.pp", 'te': "compiletest.te", 'fc': "compiletest.fc", 'if': "compiletest.if"}
|
|
||||||
idict = get_interface_dict(path)
|
|
||||||
@@ -219,7 +225,7 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
|
|
||||||
fd = open(policy_files['te'], "w")
|
|
||||||
fd.write(generate_compile_te(interface, idict))
|
|
||||||
fd.close()
|
|
||||||
- rc, output = commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
|
|
||||||
+ rc, output = getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
|
|
||||||
if rc != 0:
|
|
||||||
sys.stderr.write(output)
|
|
||||||
sys.stderr.write(_("\nCompile test for %s failed.\n") % interface)
|
|
||||||
diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
|
|
||||||
index 7365f93..773a9ab 100755
|
|
||||||
--- a/sepolicy/sepolicy/manpage.py
|
|
||||||
+++ b/sepolicy/sepolicy/manpage.py
|
|
||||||
@@ -27,7 +27,6 @@ __all__ = ['ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_d
|
|
||||||
import string
|
|
||||||
import selinux
|
|
||||||
import sepolicy
|
|
||||||
-import commands
|
|
||||||
import os
|
|
||||||
import time
|
|
||||||
|
|
||||||
@@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list):
|
|
||||||
|
|
||||||
|
|
||||||
def convert_manpage_to_html(html_manpage, manpage):
|
|
||||||
- rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
|
|
||||||
+ try:
|
|
||||||
+ from commands import getstatusoutput
|
|
||||||
+ except ImportError:
|
|
||||||
+ from subprocess import getstatusoutput
|
|
||||||
+ rc, output = getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
|
|
||||||
if rc == 0:
|
|
||||||
print(html_manpage, "has been created")
|
|
||||||
fd = open(html_manpage, 'w')
|
|
||||||
--
|
|
||||||
2.10.2
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
;;; GNU Guix --- Functional package management for GNU
|
;;; GNU Guix --- Functional package management for GNU
|
||||||
;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
|
;;; Copyright © 2016, 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
|
||||||
;;;
|
;;;
|
||||||
;;; This file is part of GNU Guix.
|
;;; This file is part of GNU Guix.
|
||||||
;;;
|
;;;
|
||||||
|
@ -20,6 +20,7 @@
|
||||||
#:use-module ((guix licenses) #:prefix license:)
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
#:use-module (guix packages)
|
#:use-module (guix packages)
|
||||||
#:use-module (guix download)
|
#:use-module (guix download)
|
||||||
|
#:use-module (guix git-download)
|
||||||
#:use-module (guix utils)
|
#:use-module (guix utils)
|
||||||
#:use-module (guix build-system gnu)
|
#:use-module (guix build-system gnu)
|
||||||
#:use-module (guix build-system python)
|
#:use-module (guix build-system python)
|
||||||
|
@ -44,16 +45,17 @@
|
||||||
(define-public libsepol
|
(define-public libsepol
|
||||||
(package
|
(package
|
||||||
(name "libsepol")
|
(name "libsepol")
|
||||||
(version "2.6")
|
(version "2.7")
|
||||||
(source (let ((release "20161014"))
|
(source (let ((release "20170804"))
|
||||||
(origin
|
(origin
|
||||||
(method url-fetch)
|
(method git-fetch)
|
||||||
(uri (string-append "https://github.com/SELinuxProject/selinux/"
|
(uri (git-reference
|
||||||
"archive/" release ".tar.gz"))
|
(url "https://github.com/SELinuxProject/selinux.git")
|
||||||
(file-name (string-append "selinux-" release ".tar.gz"))
|
(commit release)))
|
||||||
|
(file-name (string-append "selinux-" release "-checkout"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"1dpwynfb6n31928343blac4159g4jbrwxdp61q5yffmxpy3c3czi")))))
|
"1l1nn8bx08v4cxkw5kb0wgr61rfqj5ra9dh1dy5jslillj93vivq")))))
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
(arguments
|
(arguments
|
||||||
`(#:tests? #f ; tests require checkpolicy, which requires libsepol
|
`(#:tests? #f ; tests require checkpolicy, which requires libsepol
|
||||||
|
@ -92,11 +94,9 @@ boolean settings).")
|
||||||
#:make-flags
|
#:make-flags
|
||||||
(let ((out (assoc-ref %outputs "out")))
|
(let ((out (assoc-ref %outputs "out")))
|
||||||
(list (string-append "PREFIX=" out)
|
(list (string-append "PREFIX=" out)
|
||||||
(string-append "LDLIBS="
|
(string-append "LIBSEPOLA="
|
||||||
(assoc-ref %build-inputs "libsepol")
|
(assoc-ref %build-inputs "libsepol")
|
||||||
"/lib/libsepol.a "
|
"/lib/libsepol.a")
|
||||||
(assoc-ref %build-inputs "flex")
|
|
||||||
"/lib/libfl.a")
|
|
||||||
"CC=gcc"))
|
"CC=gcc"))
|
||||||
#:phases
|
#:phases
|
||||||
(modify-phases %standard-phases
|
(modify-phases %standard-phases
|
||||||
|
@ -125,6 +125,9 @@ module into a binary representation.")
|
||||||
(substitute-keyword-arguments (package-arguments libsepol)
|
(substitute-keyword-arguments (package-arguments libsepol)
|
||||||
((#:make-flags flags)
|
((#:make-flags flags)
|
||||||
`(cons* "PYTHON=python3"
|
`(cons* "PYTHON=python3"
|
||||||
|
(string-append "LIBSEPOLA="
|
||||||
|
(assoc-ref %build-inputs "libsepol")
|
||||||
|
"/lib/libsepol.a")
|
||||||
(string-append "PYSITEDIR="
|
(string-append "PYSITEDIR="
|
||||||
(assoc-ref %outputs "out")
|
(assoc-ref %outputs "out")
|
||||||
"/lib/python"
|
"/lib/python"
|
||||||
|
@ -135,14 +138,6 @@ module into a binary representation.")
|
||||||
`(modify-phases ,phases
|
`(modify-phases ,phases
|
||||||
(replace 'enter-dir
|
(replace 'enter-dir
|
||||||
(lambda _ (chdir ,name) #t))
|
(lambda _ (chdir ,name) #t))
|
||||||
;; libsepol.a is not located in this package's LIBDIR.
|
|
||||||
(add-after 'enter-dir 'patch-libsepol-path
|
|
||||||
(lambda* (#:key inputs #:allow-other-keys)
|
|
||||||
(substitute* "src/Makefile"
|
|
||||||
(("\\$\\(LIBDIR\\)/libsepol.a")
|
|
||||||
(string-append (assoc-ref inputs "libsepol")
|
|
||||||
"/lib/libsepol.a")))
|
|
||||||
#t))
|
|
||||||
(add-after 'enter-dir 'remove-Werror
|
(add-after 'enter-dir 'remove-Werror
|
||||||
(lambda _
|
(lambda _
|
||||||
;; GCC complains about the fact that the output does not (yet)
|
;; GCC complains about the fact that the output does not (yet)
|
||||||
|
@ -256,7 +251,7 @@ binary policies.")
|
||||||
((#:phases phases)
|
((#:phases phases)
|
||||||
`(modify-phases ,phases
|
`(modify-phases ,phases
|
||||||
(replace 'enter-dir
|
(replace 'enter-dir
|
||||||
(lambda _ (chdir "sepolgen") #t))
|
(lambda _ (chdir "python/sepolgen") #t))
|
||||||
;; By default all Python files would be installed to
|
;; By default all Python files would be installed to
|
||||||
;; $out/gnu/store/...-python-.../, so we override the
|
;; $out/gnu/store/...-python-.../, so we override the
|
||||||
;; PACKAGEDIR to fix this.
|
;; PACKAGEDIR to fix this.
|
||||||
|
@ -297,20 +292,19 @@ based on required access.")
|
||||||
;; GPLv2 only
|
;; GPLv2 only
|
||||||
(license license:gpl2)))
|
(license license:gpl2)))
|
||||||
|
|
||||||
;; The latest 4.1.x version does not work with the latest 2.6 release of
|
|
||||||
;; policycoreutils, so we use the last 4.0.x release.
|
|
||||||
(define-public python-setools
|
(define-public python-setools
|
||||||
(package
|
(package
|
||||||
(name "python-setools")
|
(name "python-setools")
|
||||||
(version "4.0.1")
|
(version "4.1.1")
|
||||||
(source (origin
|
(source (origin
|
||||||
(method url-fetch)
|
(method git-fetch)
|
||||||
(uri (string-append "https://github.com/TresysTechnology/"
|
(uri (git-reference
|
||||||
"setools/archive/" version ".tar.gz"))
|
(url "https://github.com/TresysTechnology/setools.git")
|
||||||
(file-name (string-append name "-" version ".tar.gz"))
|
(commit version)))
|
||||||
|
(file-name (string-append name "-" version "-checkout"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"1zndpl4ck5c23p7s4sci06db89q1w87jig3jbd4f8s1ggy3lj82c"))))
|
"0459xxly6zzqc5azcwk3rbbcxvj60dq08f8z6xr05y7dsbb16cg6"))))
|
||||||
(build-system python-build-system)
|
(build-system python-build-system)
|
||||||
(arguments
|
(arguments
|
||||||
`(#:tests? #f ; the test target causes a rebuild
|
`(#:tests? #f ; the test target causes a rebuild
|
||||||
|
@ -352,10 +346,6 @@ tools, and libraries designed to facilitate SELinux policy analysis.")
|
||||||
(define-public policycoreutils
|
(define-public policycoreutils
|
||||||
(package (inherit libsepol)
|
(package (inherit libsepol)
|
||||||
(name "policycoreutils")
|
(name "policycoreutils")
|
||||||
(source
|
|
||||||
(origin (inherit (package-source libsepol))
|
|
||||||
(patches (search-patches "policycoreutils-make-sepolicy-use-python3.patch"))
|
|
||||||
(patch-flags '("-p1" "-d" "policycoreutils"))))
|
|
||||||
(arguments
|
(arguments
|
||||||
`(#:test-target "test"
|
`(#:test-target "test"
|
||||||
#:make-flags
|
#:make-flags
|
||||||
|
@ -399,79 +389,13 @@ tools, and libraries designed to facilitate SELinux policy analysis.")
|
||||||
(string-append (assoc-ref inputs "pam") file))
|
(string-append (assoc-ref inputs "pam") file))
|
||||||
(("/usr(/include/libaudit.h)" _ file)
|
(("/usr(/include/libaudit.h)" _ file)
|
||||||
(string-append (assoc-ref inputs "audit") file)))
|
(string-append (assoc-ref inputs "audit") file)))
|
||||||
#t))
|
|
||||||
(add-after 'enter-dir 'fix-glib-cflags
|
|
||||||
(lambda* (#:key inputs #:allow-other-keys)
|
|
||||||
(substitute* "restorecond/Makefile"
|
|
||||||
(("/usr(/include/glib-2.0|/lib/glib-2.0/include)" _ path)
|
|
||||||
(string-append (assoc-ref inputs "glib") path))
|
|
||||||
(("/usr(/include/dbus-1.0|/lib/dbus-1.0/include)" _ path)
|
|
||||||
(string-append (assoc-ref inputs "dbus") path
|
|
||||||
" -I"
|
|
||||||
(assoc-ref inputs "dbus-glib") path)))
|
|
||||||
#t))
|
|
||||||
(add-after 'enter-dir 'fix-linkage-with-libsepol
|
|
||||||
(lambda* (#:key inputs #:allow-other-keys)
|
|
||||||
(substitute* '("semodule_deps/Makefile"
|
|
||||||
"sepolgen-ifgen/Makefile")
|
|
||||||
(("\\$\\(LIBDIR\\)")
|
|
||||||
(string-append (assoc-ref inputs "libsepol") "/lib/")))))
|
|
||||||
(add-after 'enter-dir 'fix-target-paths
|
|
||||||
(lambda* (#:key outputs #:allow-other-keys)
|
|
||||||
(let ((out (assoc-ref outputs "out")))
|
|
||||||
(substitute* "audit2allow/sepolgen-ifgen"
|
|
||||||
(("ATTR_HELPER = \"/usr/bin/sepolgen-ifgen-attr-helper\"")
|
|
||||||
(string-append "ATTR_HELPER = \"" out
|
|
||||||
"/bin/sepolgen-ifgen-attr-helper\"")))
|
|
||||||
(substitute* "sepolicy/sepolicy/__init__.py"
|
|
||||||
(("/usr/bin/sepolgen-ifgen")
|
|
||||||
(string-append out "/bin/sepolgen-ifgen")))
|
|
||||||
(substitute* "sepolicy/Makefile"
|
|
||||||
;; By default all Python files would be installed to
|
|
||||||
;; $out/gnu/store/...-python-.../.
|
|
||||||
(("setup.py install.*$")
|
|
||||||
(string-append "setup.py install --prefix=" out "\n"))
|
|
||||||
(("\\$\\(DESTDIR\\)/etc")
|
|
||||||
(string-append out "/etc"))
|
|
||||||
(("\\$\\(DESTDIR\\)/usr") out)))
|
|
||||||
#t))
|
|
||||||
(add-after 'install 'wrap-python-tools
|
|
||||||
(lambda* (#:key outputs #:allow-other-keys)
|
|
||||||
(let* ((out (assoc-ref outputs "out"))
|
|
||||||
(var (string-append out "/lib/python"
|
|
||||||
,(version-major+minor (package-version python))
|
|
||||||
"/site-packages:"
|
|
||||||
(getenv "PYTHONPATH"))))
|
|
||||||
;; The scripts' shebangs tell Python to ignore the PYTHONPATH,
|
|
||||||
;; so we need to patch them before wrapping.
|
|
||||||
(for-each (lambda (file)
|
|
||||||
(let ((path (string-append out "/" file)))
|
|
||||||
(substitute* path
|
|
||||||
(("bin/python -Es") "bin/python -s"))
|
|
||||||
(wrap-program path
|
|
||||||
`("PYTHONPATH" ":" prefix (,var)))))
|
|
||||||
'("bin/audit2allow"
|
|
||||||
"bin/chcat"
|
|
||||||
"bin/sandbox"
|
|
||||||
"bin/sepolgen-ifgen"
|
|
||||||
"bin/sepolicy"
|
|
||||||
"sbin/semanage")))
|
|
||||||
#t)))))
|
#t)))))
|
||||||
(inputs
|
(inputs
|
||||||
`(("python" ,python-wrapper)
|
`(("audit" ,audit)
|
||||||
("audit" ,audit)
|
|
||||||
("pam" ,linux-pam)
|
("pam" ,linux-pam)
|
||||||
("libsepol" ,libsepol)
|
("libsepol" ,libsepol)
|
||||||
("libselinux" ,libselinux)
|
("libselinux" ,libselinux)
|
||||||
("libsemanage" ,libsemanage)
|
("libsemanage" ,libsemanage)))
|
||||||
("python-sepolgen" ,python-sepolgen)
|
|
||||||
("python-setools" ,python-setools)
|
|
||||||
("python-ipy" ,python-ipy)
|
|
||||||
("libcap-ng" ,libcap-ng)
|
|
||||||
("pcre" ,pcre)
|
|
||||||
("dbus" ,dbus)
|
|
||||||
("dbus-glib" ,dbus-glib)
|
|
||||||
("glib" ,glib)))
|
|
||||||
(native-inputs
|
(native-inputs
|
||||||
`(("gettext" ,gettext-minimal)))
|
`(("gettext" ,gettext-minimal)))
|
||||||
(synopsis "SELinux core utilities")
|
(synopsis "SELinux core utilities")
|
||||||
|
|
Loading…
Reference in New Issue