sys-apps/policycoreutils: bump to 2.7_rc1

Package-Manager: Portage-2.3.5, Repoman-2.3.1

sys-apps/policycoreutils/Manifest

@@ -1,4 +1,6 @@
 DIST policycoreutils-2.5.tar.gz 4986066 SHA256 329382cfe9fa977678abf541dcd8fe3847cf0c83b24654c8f7322343907078a1 SHA512 0eabf046cf44c6fe2e28492f53862f4302551d602e9b678b923f34f35bfc48f03a73b62962ac71465b9d99b411016b2cfc976f3baf113133a6c0adab1e1f6f8b WHIRLPOOL 27a6810d611f50ac1292f614c9936f0b73b7334be80685f1eda6fd72ec7e85fc0f7b4ff930a48c08a61ade84fd46bd9e7285f5a135ea6db6e4fe88e38d73bd16
 DIST policycoreutils-2.6.tar.gz 4660087 SHA256 68891b376f5048edc53c6ccb2fca44da3dc7f4563f4b6894e201d70c04a05a29 SHA512 ba289060bc348f9315bce84a5e5daf145600274289fdd2206edc10bb0ee03f9b02a9e40e9c118809961ddfe7844dee7d8952d8c9a239af7282f4fc1614c21e9d WHIRLPOOL c04a5f0f6bb044090e0d443f4497d828713fd32de4a0f5b5442e70e836da99e5e6e562a9deeedb566b07da1687c0a6b056c33b0bbe9836a71891fc6a449da60c
+DIST policycoreutils-2.7-rc1.tar.gz 2797016 SHA256 d990b00be77838c15bf701494eeddd7d39cb8871dcc69483dd954a2c2a9eb328 SHA512 7669041dbd6a119dde0283335967160cf477d21e5e6f170e7269351bc07e30995b489fd6eb90188e84be0b321e55e77860cbbad588fbf5f5c2b64a6f18334cfb WHIRLPOOL 529f8dfc55844a712bf966b0686e522b563bcbcd2373ec113a90bf78c8a30c3f4250393ea35554e5065065dde9f583f5461a889d825ffcced1b96f383e91a086
 DIST policycoreutils-extra-1.34.tar.bz2 12107 SHA256 56ae2aac57bf104d6a8a7837b25de7978b25e0642744ef95e6e6d483201aa4ca SHA512 b1db6d70cf864023f22583e5bd24c85e796f1541f9c1bc878dd55309464b27346e05e414db3ef81bef2dfe8c8d7d7063ee7e0422878f38a3db56c67d9468b89d WHIRLPOOL 8b094818bed0e438ce4258428afa054cb561f53e303d84e171881add5952cfc0fa577bce2765294905dac8ddd5560906904958f35c96afce0f357feb5333646d
 DIST policycoreutils-extra-1.35.tar.bz2 12124 SHA256 25983df35c0b98fb65423f109d71c02e4d6b86415452b7a7a6e92b5e4fa4a36e SHA512 8cc3c74afee7ec38d7d085744fdd60849d3ae97a75599d2181b12b5b472a6a4445868e8a6aff707e439c10d9c378fb55e329b4db21c0a771f41180bf3b9eabc1 WHIRLPOOL 863ca52e1897cbfb9252f1afe81fef497f27ede10c74e1150c07e9f355390eca0e64c9b0cc0a48e8a7442b310387b1e929b40e2b9c14a9a095850a00983cd5f6
+DIST policycoreutils-extra-1.36.tar.bz2 8830 SHA256 2dfbe799bbbf150e68fab7e168fd71b94505c992623f30c71873213447506e8f SHA512 c6a18e6fb2d65f51dc55b88907f23241f2fbfc033d3d2888b109596d9ed31d509b2c93456727ea4d1f98544831afb15c449ff72d6aedf93b9e474b27817f7fb3 WHIRLPOOL c9772dba472b9b466181204f5bd5fb13d839042c53c84db38999a8b077b0dee1e9e78089b7b5fe4bc4076a1ad1c420528354404b292abd428a73e6f95312d0c4

sys-apps/policycoreutils/files/policycoreutils-2.7-0001-newrole-not-suid.patch

@@ -1,7 +1,7 @@
 diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile
 index bdefbb8..9cff135 100644
---- a/policycoreutils/newrole/Makefile
-+++ b/policycoreutils/newrole/Makefile
+--- policycoreutils/newrole/Makefile
++++ policycoreutils/newrole/Makefile
 @@ -49,7 +49,7 @@ ifeq ($(NAMESPACE_PRIV),y)
  	IS_SUID=y
  endif

sys-apps/policycoreutils/policycoreutils-2.7_rc1.ebuild

@@ -0,0 +1,181 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+PYTHON_COMPAT=( python{2_7,3_4,3_5} )
+PYTHON_REQ_USE="xml"
+
+inherit multilib python-r1 toolchain-funcs bash-completion-r1
+
+MY_P="${P//_/-}"
+
+MY_RELEASEDATE="20170609"
+EXTRAS_VER="1.36"
+SEMNG_VER="${PV}"
+SELNX_VER="${PV}"
+SEPOL_VER="${PV}"
+
+IUSE="audit pam dbus"
+REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+
+DESCRIPTION="SELinux core utilities"
+HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki"
+
+if [[ ${PV} == 9999 ]] ; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git"
+	SRC_URI="https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
+	S1="${WORKDIR}/${MY_P}/${PN}"
+	S2="${WORKDIR}/policycoreutils-extra"
+	S="${S1}"
+else
+	SRC_URI="https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/${MY_RELEASEDATE}/${MY_P}.tar.gz
+		https://dev.gentoo.org/~perfinion/distfiles/policycoreutils-extra-${EXTRAS_VER}.tar.bz2"
+	KEYWORDS="~amd64 ~arm64 ~mips ~x86"
+	S1="${WORKDIR}/${MY_P}"
+	S2="${WORKDIR}/policycoreutils-extra"
+	S="${S1}"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+
+DEPEND=">=sys-libs/libselinux-${SELNX_VER}:=[python,${PYTHON_USEDEP}]
+	>=sys-libs/glibc-2.4
+	>=sys-libs/libcap-1.10-r10:=
+	>=sys-libs/libsemanage-${SEMNG_VER}:=[python,${PYTHON_USEDEP}]
+	sys-libs/libcap-ng:=
+	>=sys-libs/libsepol-${SEPOL_VER}:=
+	>=app-admin/setools-4.0[${PYTHON_USEDEP}]
+	sys-devel/gettext
+	dev-python/ipy[${PYTHON_USEDEP}]
+	dbus? (
+		sys-apps/dbus
+		dev-libs/dbus-glib:=
+	)
+	audit? ( >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}] )
+	pam? ( sys-libs/pam:= )
+	${PYTHON_DEPS}
+	!<sec-policy/selinux-base-policy-2.20151208-r6"
+# 2.20151208-r6 and higher has support for new setfiles
+
+### libcgroup -> seunshare
+### dbus -> restorecond
+
+# pax-utils for scanelf used by rlpkg
+RDEPEND="${DEPEND}
+	app-misc/pax-utils
+	!<sys-apps/openrc-0.14"
+
+PDEPEND="sys-apps/semodule-utils
+	sys-apps/selinux-python"
+
+src_unpack() {
+	# Override default one because we need the SRC_URI ones even in case of 9999 ebuilds
+	default
+	if [[ ${PV} == 9999 ]] ; then
+		git-r3_src_unpack
+	fi
+}
+
+src_prepare() {
+	S="${S1}"
+	cd "${S}" || die "Failed to switch to ${S}"
+	if [[ ${PV} != 9999 ]] ; then
+		# If needed for live ebuilds please use /etc/portage/patches
+		eapply "${FILESDIR}/policycoreutils-2.7-0001-newrole-not-suid.patch"
+	fi
+
+	# rlpkg is more useful than fixfiles
+	sed -i -e '/^all/s/fixfiles//' "${S}/scripts/Makefile" \
+		|| die "fixfiles sed 1 failed"
+	sed -i -e '/fixfiles/d' "${S}/scripts/Makefile" \
+		|| die "fixfiles sed 2 failed"
+
+	eapply_user
+
+	sed -i 's/-Werror//g' "${S1}"/*/Makefile || die "Failed to remove Werror"
+
+	python_copy_sources
+	# Our extra code is outside the regular directory, so set it to the extra
+	# directory. We really should optimize this as it is ugly, but the extra
+	# code is needed for Gentoo at the same time that policycoreutils is present
+	# (so we cannot use an additional package for now).
+	S="${S2}"
+	python_copy_sources
+}
+
+src_compile() {
+	building() {
+		emake -C "${BUILD_DIR}" \
+			AUDIT_LOG_PRIVS="y" \
+			AUDITH="$(usex audit y n)" \
+			PAMH="$(usex pam y n)" \
+			INOTIFYH="$(usex dbus y n)" \
+			SESANDBOX="n" \
+			CC="$(tc-getCC)" \
+			PYLIBVER="${EPYTHON}" \
+			LIBDIR="\$(PREFIX)/$(get_libdir)"
+	}
+	S="${S1}" # Regular policycoreutils
+	python_foreach_impl building
+	S="${S2}" # Extra set
+	python_foreach_impl building
+}
+
+src_install() {
+	# Python scripts are present in many places. There are no extension modules.
+	installation-policycoreutils() {
+		einfo "Installing policycoreutils"
+		emake -C "${BUILD_DIR}" DESTDIR="${D}" \
+			AUDITH="$(usex audit y n)" \
+			PAMH="$(usex pam y n)" \
+			INOTIFYH="$(usex dbus y n)" \
+			SESANDBOX="n" \
+			AUDIT_LOG_PRIV="y" \
+			LIBDIR="\$(PREFIX)/$(get_libdir)" \
+			install
+		python_optimize
+	}
+
+	installation-extras() {
+		einfo "Installing policycoreutils-extra"
+		emake -C "${BUILD_DIR}" \
+			DESTDIR="${D}" \
+			INOTIFYH="$(usex dbus)" \
+			SHLIBDIR="${D}$(get_libdir)/rc" \
+			install
+		python_optimize
+	}
+
+	S="${S1}" # policycoreutils
+	python_foreach_impl installation-policycoreutils
+	S="${S2}" # extras
+	python_foreach_impl installation-extras
+	S="${S1}" # back for later
+
+	# remove redhat-style init script
+	rm -fR "${D}/etc/rc.d" || die
+
+	# compatibility symlinks
+	dosym /sbin/setfiles /usr/sbin/setfiles
+	bashcomp_alias setsebool getsebool
+
+	# location for policy definitions
+	dodir /var/lib/selinux
+	keepdir /var/lib/selinux
+
+	# Set version-specific scripts
+	for pyscript in rlpkg; do
+	  python_replicate_script "${ED}/usr/sbin/${pyscript}"
+	done
+}
+
+pkg_postinst() {
+	for POLICY_TYPE in ${POLICY_TYPES} ; do
+		# There have been some changes to the policy store, rebuilding now.
+		# https://marc.info/?l=selinux&m=143757277819717&w=2
+		einfo "Rebuilding store ${POLICY_TYPE} (without re-loading)."
+		semodule -s "${POLICY_TYPE}" -n -B || die "Failed to rebuild policy store ${POLICY_TYPE}"
+	done
+}