Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #21405 from jefferyto/selinux-update

Browse source 
selinux: Update selinux packages to 3.5, setools to 4.4.2, reorganize packages
This commit is contained in:
Tianling Shen 2023-06-25 17:04:14 +08:00 committed by GitHub
commit 7414d8c6dd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 479 additions and 212 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
lang/python/python3-libselinux/Makefile → lang/python/python-selinux/Makefile
View file

@ -5,38 +5,38 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
SRC_NAME:=libselinux PKG_NAME:=python-selinux
PKG_NAME:=python3-$(SRC_NAME) PKG_VERSION:=3.5
PKG_VERSION:=3.3 PKG_RELEASE:=1
PKG_RELEASE:=3
PKG_BUILD_DIR:=$(BUILD_DIR)/python-libselinux/$(SRC_NAME)-$(PKG_VERSION) SRC_NAME:=libselinux
PKG_SOURCE:=$(SRC_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(SRC_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION)
PKG_HASH:=acfdee27633d2496508c28727c3d41d3748076f66d42fccde2e6b9f3463a7057 PKG_HASH:=9a3a3705ac13a2ccca2de6d652b6356fead10f36fb33115c185c5ccdf29eec19
PKG_BUILD_DEPENDS:=swig/host PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(SRC_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com> PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PKG_LICENSE:=libselinux-1.0 PKG_LICENSE:=libselinux-1.0
PKG_LICENSE_FILES:=LICENSE PKG_LICENSE_FILES:=LICENSE
PKG_CPE_ID:=cpe:/a:selinuxproject:libselinux PKG_CPE_ID:=cpe:/a:selinuxproject:libselinux
PKG_BUILD_DEPENDS:=swig/host
PKG_BUILD_PARALLEL:=1
PYTHON3_PKG_BUILD:=0 PYTHON3_PKG_BUILD:=0
PKG_INSTALL:=1
MAKE_PATH:=src
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
include ../python3-package.mk include ../python3-package.mk
define Package/python3-libselinux define Package/python3-selinux
TITLE:=Python bindings for the runtime SELinux library
SUBMENU:=Python SUBMENU:=Python
SECTION:=lang SECTION:=lang
CATEGORY:=Languages CATEGORY:=Languages
DEPENDS:=+libpcre +musl-fts +python3 +libselinux TITLE:=SELinux runtime library bindings
DEPENDS:=+python3-light +libselinux
URL:=http://selinuxproject.org/page/Main_Page URL:=http://selinuxproject.org/page/Main_Page
endef endef
define Package/python3-libselinux/description define Package/python3-selinux/description
libselinux is the runtime SELinux library that provides libselinux is the runtime SELinux library that provides
interfaces (e.g. library functions for the SELinux kernel interfaces (e.g. library functions for the SELinux kernel
APIs like getcon(), other support functions like APIs like getcon(), other support functions like
@ -48,34 +48,27 @@ define Package/python3-libselinux/description
This package provides the Python bindings for libselinux. This package provides the Python bindings for libselinux.
endef endef
MAKE_VARS += \
$(PYTHON3_VARS) \
$(HOST_PYTHON3_PIP_VARS) \
PYTHON_SETUP_ARGS=--no-compile
MAKE_FLAGS += \
SHLIBDIR=/usr/lib
ifneq ($(CONFIG_USE_MUSL),) ifneq ($(CONFIG_USE_MUSL),)
MAKE_FLAGS += FTS_LDLIBS=-lfts
TARGET_CFLAGS += -D_LARGEFILE64_SOURCE TARGET_CFLAGS += -D_LARGEFILE64_SOURCE
endif endif
MAKE_FLAGS += \
FTS_LDLIBS=-lfts \
SHLIBDIR=/usr/lib \
PYTHON=$(PYTHON3) \
PYINC="-I $(PYTHON3_INC_DIR)" \
PYLIBS="-lpython$(PYTHON3_VERSION)" \
$(PYTHON3_VARS)
define Build/Compile define Build/Compile
$(call Build/Compile/Default,swigify pywrap) $(call Build/Compile/Default,pywrap)
endef endef
define Build/Install define Build/Install
$(call Build/Install/Default,install-pywrap) $(call Build/Install/Default,install-pywrap)
endef endef
define Build/InstallDev $(eval $(call Py3Package,python3-selinux))
$(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR) $(eval $(call BuildPackage,python3-selinux))
$(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR) $(eval $(call BuildPackage,python3-selinux-src))
endef
define Package/python3-libselinux/install
$(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR)
$(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR)
endef
$(eval $(call BuildPackage,python3-libselinux))

52
lang/python/python3-libsemanage/Makefile → lang/python/python-semanage/Makefile
View file

@ -5,38 +5,38 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
SRC_NAME:=libsemanage PKG_NAME:=python-semanage
PKG_NAME:=python3-$(SRC_NAME) PKG_VERSION:=3.5
PKG_VERSION:=3.2
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/python-libsemanage/$(SRC_NAME)-$(PKG_VERSION) SRC_NAME:=libsemanage
PKG_SOURCE:=$(SRC_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(SRC_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION)
PKG_HASH:=d722a55ca4fe2d4e2b30527720db657e6238b28079e69e2e4affeb8e733ee511 PKG_HASH:=f53534e50247538280ed0d76c6ce81d8fb3939bd64cadb89da10dba42e40dd9c
PKG_BUILD_DEPENDS:=swig/host PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/$(SRC_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com> PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PKG_LICENSE:=LGPL-2.1-or-later PKG_LICENSE:=LGPL-2.1-or-later
PKG_LICENSE_FILES:=COPYING PKG_LICENSE_FILES:=LICENSE
PKG_CPE_ID:=cpe:/a:selinuxproject:libsemanage PKG_CPE_ID:=cpe:/a:selinuxproject:libsemanage
PKG_BUILD_DEPENDS:=swig/host
PKG_BUILD_PARALLEL:=1
PYTHON3_PKG_BUILD:=0 PYTHON3_PKG_BUILD:=0
PKG_INSTALL:=1
MAKE_PATH:=src
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
include ../python3-package.mk include ../python3-package.mk
define Package/python3-libsemanage define Package/python3-semanage
TITLE:=Python bindings for the SELinux policy management library
SUBMENU:=Python SUBMENU:=Python
SECTION:=lang SECTION:=lang
CATEGORY:=Languages CATEGORY:=Languages
DEPENDS:=+python3 +libsemanage TITLE:=SELinux policy management library bindings
DEPENDS:=+python3-light +libsemanage
URL:=http://selinuxproject.org/page/Main_Page URL:=http://selinuxproject.org/page/Main_Page
endef endef
define Package/python3-libsemanage/description define Package/python3-semanage/description
libsemanage is the policy management library. It uses libsemanage is the policy management library. It uses
libsepol for binary policy manipulation and libselinux for libsepol for binary policy manipulation and libselinux for
interacting with the SELinux system. It also exec's helper interacting with the SELinux system. It also exec's helper
@ -46,33 +46,19 @@ define Package/python3-libsemanage/description
change at least for the bootstrapping case (for rpm). change at least for the bootstrapping case (for rpm).
This package provides the Python bindings for libsemanage. This package provides the Python bindings for libsemanage.
endef #' endef
MAKE_FLAGS += \ MAKE_VARS += \
PYTHON=$(PYTHON3) \
PYINC="-I $(PYTHON3_INC_DIR)" \
PYLIBS="-lpython$(PYTHON3_VERSION)" \
$(PYTHON3_VARS) $(PYTHON3_VARS)
define Build/Compile define Build/Compile
$(call Build/Compile/Default,swigify pywrap) $(call Build/Compile/Default,pywrap)
endef endef
define Build/Install define Build/Install
$(call Build/Install/Default,install-pywrap) $(call Build/Install/Default,install-pywrap)
endef endef
define Build/Configure $(eval $(call Py3Package,python3-semanage))
endef $(eval $(call BuildPackage,python3-semanage))
$(eval $(call BuildPackage,python3-semanage-src))
define Build/InstallDev
$(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR)
$(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR)
endef
define Package/python3-libsemanage/install
$(INSTALL_DIR) $(1)$(PYTHON3_PKG_DIR)
$(CP) $(PKG_INSTALL_DIR)$(PYTHON3_PKG_DIR)/* $(1)$(PYTHON3_PKG_DIR)
endef
$(eval $(call BuildPackage,python3-libsemanage))

11
lang/python/python3-libselinux/patches/010-setup-py-custom-cc.patch
View file

@ -1,11 +0,0 @@
--- a/src/Makefile
+++ b/src/Makefile
@@ -139,7 +139,7 @@ SWIGRUBY = swig -Wall -ruby -o $(SWIGRUB
all: $(LIBA) $(LIBSO) $(LIBPC)
pywrap: all selinuxswig_python_exception.i
- CFLAGS="$(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) setup.py build_ext
+ LDSHARED="$(CC) -shared" CFLAGS="$(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) setup.py build_ext
rubywrap: all $(SWIGRUBYSO)

21
lang/python/python3-libselinux/patches/020-Make-use-of-variables-when-defining-libdir-and-inclu.patch
View file

@ -1,21 +0,0 @@
Pkg-config definitions commonly make use of ${exec_prefix} and ${prefix}
when defining libdir and includedir, respectively. OpenWrt, for example,
relies on this when it adjusts things for cross compiling.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
---
src/libselinux.pc.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/src/libselinux.pc.in
+++ b/src/libselinux.pc.in
@@ -1,7 +1,7 @@
prefix=@prefix@
exec_prefix=${prefix}
-libdir=@libdir@
-includedir=@includedir@
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
Name: libselinux
Description: SELinux utility library

294
utils/selinux-python/Makefile
View file

@ -6,18 +6,20 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=selinux-python PKG_NAME:=selinux-python
PKG_VERSION:=3.2 PKG_VERSION:=3.5
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION)
PKG_HASH:=770855ea8120ef23007fdb9db94b1ed6e8cd77917b584ed8877bbee9c16e74fb PKG_HASH:=8245bb4dae59333461f19ca0c79a829081f07972fa5e3ad4c2b2b917dd71d96b
PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com> PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PKG_LICENSE:=GPL-2.0-only PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=COPYING PKG_LICENSE_FILES:=LICENSE
PYTHON3_PKG_BUILD:=0
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1 PKG_INSTALL:=1
PYTHON3_PKG_BUILD:=0
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
include ../../lang/python/python3-package.mk include ../../lang/python/python3-package.mk
@ -27,107 +29,87 @@ include ../../lang/python/python3-package.mk
# #
define Package/selinux-python/Default define Package/selinux-python/Default
SECTION:=utils
DEPENDS:=+python3 +python3-libselinux
CATEGORY:=Utilities
URL:=http://selinuxproject.org/page/Main_Page URL:=http://selinuxproject.org/page/Main_Page
DEPENDS:=+python3-light
endef
define Package/selinux-python/Default/python
$(call Package/selinux-python/Default)
SUBMENU:=Python
SECTION:=lang
CATEGORY:=Languages
endef
define Package/selinux-python/Default/util
$(call Package/selinux-python/Default)
SECTION:=utils
CATEGORY:=Utilities
TITLE:=SELinux management utility
endef endef
define Package/selinux-python/Default/description define Package/selinux-python/Default/description
A set of SELinux tools written in python that help with A set of SELinux tools written in Python that help with managing a
managing a system with SELinux enabled. system with SELinux enabled.
endef endef
MAKE_VARS = \ MAKE_VARS = \
PYTHON=$(HOST_PYTHON3_BIN) \ $(PYTHON3_VARS) \
PYTHONLIBDIR=$(PYTHON3_PKG_DIR) \ $(HOST_PYTHON3_PIP_VARS) \
$(PYTHON3_VARS) PYTHON_SETUP_ARGS=--no-compile
define Build/Compile define Build/Compile
$(call Build/Compile/Default,all) $(call Build/Compile/Default,all)
endef endef
# #
# selinux-audit2allow # python3-seobject
# #
define Package/selinux-audit2allow define Package/python3-seobject
$(call Package/selinux-python/Default) $(call Package/selinux-python/Default/python)
TITLE:=selinux-audit2allow TITLE:=SELinux seobject library
DEPENDS+=+python3-sepolgen +libselinux +libsepol DEPENDS+= +python3-selinux +python3-semanage +python3-sepolicy +python3-setools
endef endef
define Package/selinux-audit2allow/description define Package/python3-seobject/description
$(call Package/selinux-python/Default/description) $(call Package/selinux-python/Default/description)
This package contains the audit2allow and audit2why tools.
This package contains the seobject library.
endef endef
define Package/selinux-audit2allow/install define Py3Package/python3-seobject/filespec
$(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/audit2allow DESTDIR=$(1) install +|$(PYTHON3_PKG_DIR)/seobject.py
rm -rf $(1)/usr/share/man
endef endef
# Py3Package/python3-seobject/install:=:
# selinux-chchat
#
define Package/selinux-chcat
$(call Package/selinux-python/Default)
TITLE:=selinux-chcat
endef
define Package/selinux-chcat/description
$(call Package/selinux-python/Default/description)
This package contains the chcat tool.
endef
define Package/selinux-chcat/install
$(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/chcat DESTDIR=$(1) install
rm -rf $(1)/usr/share
endef
#
# selinux-semanage
#
define Package/selinux-semanage
$(call Package/selinux-python/Default)
TITLE:=selinux-semanage
DEPENDS+=+python3-sepolicy +python3-libsemanage +setools
endef
define Package/selinux-semanage/description
$(call Package/selinux-python/Default/description)
This package contains the semanage tool.
endef
define Package/selinux-semanage/install
$(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/semanage DESTDIR=$(1) install
rm -rf $(1)/usr/share
endef
# #
# python3-sepolgen # python3-sepolgen
# #
define Package/python3-sepolgen define Package/python3-sepolgen
$(call Package/selinux-python/Default) $(call Package/selinux-python/Default/python)
SUBMENU:=Python TITLE:=SELinux policy generation library
SECTION:=lang DEPENDS+= +python3-selinux
CATEGORY:=Languages
TITLE:=python3-sepolgen
endef endef
define Package/python3-sepolgen/description define Package/python3-sepolgen/description
$(call Package/selinux-python/Default/description) $(call Package/selinux-python/Default/description)
This package contains the sepolgen Python library.
This package contains the SELinux policy generation Python library.
endef endef
define Package/python3-sepolgen/install define Package/python3-sepolgen/conffiles
$(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/sepolgen DESTDIR=$(1) install /etc/sepolgen/
$(INSTALL_DIR) $(1)/usr/share/sepolgen/ endef
$(INSTALL_DATA) $(1)/var/lib/sepolgen/perm_map $(1)/usr/share/sepolgen/perm_map
$(RM) -rf $(1)/var define Py3Package/python3-sepolgen/filespec
+|$(PYTHON3_PKG_DIR)/sepolgen
endef
define Py3Package/python3-sepolgen/install
$(INSTALL_DIR) $(1)/etc/sepolgen
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/var/lib/sepolgen/perm_map $(1)/etc/sepolgen/
endef endef
# #
@ -135,25 +117,173 @@ endef
# #
define Package/python3-sepolicy define Package/python3-sepolicy
$(call Package/selinux-python/Default) $(call Package/selinux-python/Default/python)
SUBMENU:=Python TITLE:=SELinux Policy Analyses binding
SECTION:=lang DEPENDS+= +python3-selinux +python3-sepolgen +python3-xml +python3-setools
CATEGORY:=Languages
TITLE:=python3-sepolicy
endef endef
define Package/python3-sepolicy/description define Package/python3-sepolicy/description
$(call Package/selinux-python/Default/description) $(call Package/selinux-python/Default/description)
This package contains the sepolicy Python library.
This package contains a Python binding for SELinux Policy Analyses.
endef endef
define Package/python3-sepolicy/install define Py3Package/python3-sepolicy/filespec
$(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/sepolicy DESTDIR=$(1) install +|$(PYTHON3_PKG_DIR)/sepolicy
rm -rf $(1)/usr/share -|$(PYTHON3_PKG_DIR)/sepolicy/gui.py
-|$(PYTHON3_PKG_DIR)/sepolicy/sedbus.py
+|$(PYTHON3_PKG_DIR)/sepolicy-$(PKG_VERSION).dist-info
endef endef
Py3Package/python3-sepolicy/install:=:
#
# selinux-audit2allow
#
define Package/selinux-audit2allow
$(call Package/selinux-python/Default/util)
TITLE+= audit2allow
DEPENDS+= +python3-selinux +python3-sepolgen
endef
define Package/selinux-audit2allow/description
$(call Package/selinux-python/Default/description)
This package contains the audit2allow and audit2why tools.
endef
define Package/selinux-audit2allow/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/audit2allow $(1)/usr/bin/
$(LN) audit2allow $(1)/usr/bin/audit2why
endef
#
# selinux-chchat
#
define Package/selinux-chcat
$(call Package/selinux-python/Default/util)
TITLE+= chcat
DEPENDS+= +python3-selinux +python3-seobject +selinux-semanage
endef
define Package/selinux-chcat/description
$(call Package/selinux-python/Default/description)
This package contains the chcat tool.
endef
define Package/selinux-chcat/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/chcat $(1)/usr/bin/
endef
#
# selinux-python
#
define Package/selinux-python
$(call Package/selinux-python/Default/util)
TITLE+= meta-package
DEPENDS:= \
+selinux-audit2allow \
+selinux-chcat \
+selinux-semanage \
+selinux-sepolgen-ifgen \
+selinux-sepolicy
endef
define Package/selinux-python/description
$(call Package/selinux-python/Default/description)
This is a meta-package that installs all of the SELinux management
utilities.
endef
Package/selinux-python/install:=:
#
# selinux-semanage
#
define Package/selinux-semanage
$(call Package/selinux-python/Default/util)
TITLE+= semanage
DEPENDS+= +python3-seobject
endef
define Package/selinux-semanage/description
$(call Package/selinux-python/Default/description)
This package contains the semanage tool.
endef
define Package/selinux-semanage/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/semanage $(1)/usr/sbin/
endef
#
# selinux-sepolgen-ifgen
#
define Package/selinux-sepolgen-ifgen
$(call Package/selinux-python/Default/util)
TITLE+= sepolgen-ifgen
DEPENDS+= +python3-selinux +python3-sepolgen +libselinux
endef
define Package/selinux-sepolgen-iften/description
$(call Package/selinux-python/Default/description)
This package contains the sepolgen-ifgen tool.
endef
define Package/selinux-sepolgen-ifgen/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sepolgen-ifgen $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sepolgen-ifgen-attr-helper $(1)/usr/bin/
endef
#
# selinux-sepolicy
#
define Package/selinux-sepolicy
$(call Package/selinux-python/Default/util)
TITLE+= sepolicy
DEPENDS+= +python3-multiprocessing +python3-selinux +python3-sepolicy
endef
define Package/selinux-sepolicy/description
$(call Package/selinux-python/Default/description)
This package contains the sepolicy and sepolgen tools.
endef
define Package/selinux-sepolicy/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sepolicy $(1)/usr/bin/
$(LN) sepolicy $(1)/usr/bin/sepolgen
endef
$(eval $(call Py3Package,python3-seobject))
$(eval $(call Py3Package,python3-sepolgen))
$(eval $(call Py3Package,python3-sepolicy))
$(eval $(call BuildPackage,python3-seobject))
$(eval $(call BuildPackage,python3-sepolgen))
$(eval $(call BuildPackage,python3-sepolicy))
$(eval $(call BuildPackage,python3-seobject-src))
$(eval $(call BuildPackage,python3-sepolgen-src))
$(eval $(call BuildPackage,python3-sepolicy-src))
$(eval $(call BuildPackage,selinux-audit2allow)) $(eval $(call BuildPackage,selinux-audit2allow))
$(eval $(call BuildPackage,selinux-chcat)) $(eval $(call BuildPackage,selinux-chcat))
$(eval $(call BuildPackage,selinux-python))
$(eval $(call BuildPackage,selinux-semanage)) $(eval $(call BuildPackage,selinux-semanage))
$(eval $(call BuildPackage,python3-sepolgen)) $(eval $(call BuildPackage,selinux-sepolgen-ifgen))
$(eval $(call BuildPackage,python3-sepolicy)) $(eval $(call BuildPackage,selinux-sepolicy))

4
utils/selinux-python/patches/0001-sepolgen-adjust-data_dir.patch
View file

@ -4,6 +4,8 @@ Date: Wed, 2 Oct 2019 12:04:24 +0200
Subject: [PATCH] sepolgen: adjust data_dir() Subject: [PATCH] sepolgen: adjust data_dir()
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(changed data_dir prefix from /usr/share to /etc)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
--- ---
sepolgen/src/sepolgen/defaults.py | 2 +- sepolgen/src/sepolgen/defaults.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-) 1 file changed, 1 insertion(+), 1 deletion(-)
@ -15,7 +17,7 @@ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
def data_dir(): def data_dir():
- return "/var/lib/sepolgen" - return "/var/lib/sepolgen"
+ return "/usr/share/sepolgen" + return "/etc/sepolgen"
def perm_map(): def perm_map():
return data_dir() + "/perm_map" return data_dir() + "/perm_map"

23
utils/selinux-python/patches/0003-sepolicy-no-gui.patch Normal file
View file

@ -0,0 +1,23 @@
--- a/sepolicy/sepolicy.py
+++ b/sepolicy/sepolicy.py
@@ -685,7 +685,6 @@ if __name__ == '__main__':
gen_booleans_args(subparsers)
gen_communicate_args(subparsers)
gen_generate_args(subparsers)
- gen_gui_args(subparsers)
gen_interface_args(subparsers)
gen_manpage_args(subparsers)
gen_network_args(subparsers)
--- a/sepolicy/setup.py
+++ b/sepolicy/setup.py
@@ -13,10 +13,5 @@ setup(
packages=[
"sepolicy",
"sepolicy.templates",
- "sepolicy.help"
],
- package_data={
- 'sepolicy': ['*.glade'],
- 'sepolicy.help': ['*.txt', '*.png']
- }
)

39
utils/selinux-python/patches/0004-sepolicy-fix-get_os_version-except.patch Normal file
View file

@ -0,0 +1,39 @@
commit 80ba6c49dec9c2c48775e70a4d4564ba5e59eea1
Author: Jeffery To <jeffery.to@gmail.com>
Date: Mon Jun 19 14:15:45 2023 +0800
python/sepolicy: Fix get_os_version except clause
This adds more exceptions to be handled by the except clause in
`get_os_version()`:
* If the `distro` package is not installed, then `import distro` raises
a `ModuleNotFoundError` exception.
* The distro documentation[1] lists `OSError` and `UnicodeError` as
exceptions that can be raised.
* Older versions of distro (<= 1.6.0) may also raise
`subprocessCalledProcessError`[2].
[1]: https://github.com/python-distro/distro/blob/v1.8.0/src/distro/distro.py#L749-L753
[2]: https://github.com/python-distro/distro/blob/v1.6.0/distro.py#L726-L728
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
--- a/sepolicy/sepolicy/__init__.py
+++ b/sepolicy/sepolicy/__init__.py
@@ -1240,11 +1240,12 @@ def boolean_desc(boolean):
def get_os_version():
+ import subprocess
system_release = ""
try:
import distro
system_release = distro.name(pretty=True)
- except IOError:
+ except (ModuleNotFoundError, OSError, IOError, UnicodeError, subprocess.CalledProcessError):
system_release = "Misc"
return system_release

8
utils/selinux-python/patches/0005-no-translations.patch Normal file
View file

@ -0,0 +1,8 @@
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-SUBDIRS = sepolicy audit2allow semanage sepolgen chcat po
+SUBDIRS = sepolicy audit2allow semanage sepolgen chcat
all install relabel clean indent test:
@for subdir in $(SUBDIRS); do \

64
utils/semodule-utils/Makefile
View file

@ -6,46 +6,76 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=semodule-utils PKG_NAME:=semodule-utils
PKG_VERSION:=3.3 PKG_VERSION:=3.5
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION)
PKG_HASH:=3098ec5e5f04a1dbbf4aa569b63a4570750a9fe0d4da14ce45954aa300a17063 PKG_HASH:=c9a550a737051ebaf2c102f665c7ec2f85e7232870980aa0067998459b414283
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=GPL-2.0-only PKG_LICENSE:=GPL-2.0-only
PKG_LICENSE_FILES:=COPYING PKG_LICENSE_FILES:=LICENSE
PKG_INSTALL:=1 PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1 PKG_BUILD_PARALLEL:=1
HOST_BUILD_DEPENDS:=libsemanage/host
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/host-build.mk
define Package/semodule-utils define Package/semodule-utils/Default
SECTION:=utils SECTION:=utils
CATEGORY:=Utilities CATEGORY:=Utilities
DEPENDS:=+libsepol DEPENDS:=+libsepol
TITLE:=SELinux policy utilities for dealing with modules TITLE:=SELinux policy module utility
URL:=http://selinuxproject.org/page/Main_Page URL:=http://selinuxproject.org/page/Main_Page
endef endef
define Package/semodule-utils/Default/description
semodule-utils is a collection of utilities for dealing with policy
modules.
endef
define Package/semodule-utils
$(call Package/semodule-utils/Default)
TITLE+= meta-package
DEPENDS:= \
semodule-expand \
semodule-link \
semodule-package \
semodule-unpackage
endef
define Package/semodule-utils/description define Package/semodule-utils/description
Semodule-utils is a collection of utilities for dealing with $(call Package/semodule-utils/Default/description)
policy modules.
This is a meta-package that installs all of the semodule-utils tools.
endef endef
HOST_MAKE_FLAGS += \ Package/semodule-utils/install:=:
PREFIX=$(STAGING_DIR_HOSTPKG) \
SBINDIR=$(STAGING_DIR_HOSTPKG)/sbin \
ETCDIR=$(STAGING_DIR_HOSTPKG)/etc
define Package/semodule-utils/install define BuildUtil
$(INSTALL_DIR) $(1)/usr/bin define Package/semodule-$(1)
$(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ $(call Package/semodule-utils/Default)
TITLE+= semodule_$(1)
endef
define Package/semodule-$(1)/description
$(call Package/semodule-utils/Default/description)
This contains the semodule_$(1) tool.
endef
define Package/semodule-$(1)/install
$$(INSTALL_DIR) $$(1)/usr/bin
$$(INSTALL_BIN) $$(PKG_INSTALL_DIR)/usr/bin/semodule_$(1) $$(1)/usr/bin/
endef
$$(eval $$(call BuildPackage,semodule-$(1)))
endef endef
$(eval $(call HostBuild))
$(eval $(call BuildPackage,semodule-utils)) $(eval $(call BuildPackage,semodule-utils))
$(eval $(call BuildUtil,expand))
$(eval $(call BuildUtil,link))
$(eval $(call BuildUtil,package))
$(eval $(call BuildUtil,unpackage))

93
utils/setools/Makefile
View file

@ -6,36 +6,109 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=setools PKG_NAME:=setools
PKG_VERSION:=4.4.0 PKG_VERSION:=4.4.2
PKG_RELEASE:=2 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://github.com/SELinuxProject/setools/releases/download/$(PKG_VERSION) PKG_SOURCE_URL:=https://github.com/SELinuxProject/setools/releases/download/$(PKG_VERSION)
PKG_HASH:=f3786677e40b7f16a226f48f233dcf835e700739614a7dbed2ff61cc9607814e PKG_HASH:=f23e3c8635aa289096ca0218ca6f4568a4346e088bc46f374cb0917b7fb66f05
PKG_BUILD_DIR:=$(BUILD_DIR)/setools
PKG_BUILD_DEPENDS:=python-cython/host # Cython>=0.27 PKG_BUILD_DEPENDS:=python-cython/host # Cython>=0.27
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org> PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=GPL-2.0-or-later LGPL-2.1-or-later PKG_LICENSE:=GPL-2.0-only LGPL-2.1-only
PKG_LICENSE_FILES:=COPYING COPYING.GPL COPYING.LGPL PKG_LICENSE_FILES:=COPYING COPYING.GPL COPYING.LGPL
PKG_CPE_ID:=cpe:/a:selinuxproject:setools PKG_CPE_ID:=cpe:/a:selinuxproject:setools
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
include ../../lang/python/python3-package.mk include ../../lang/python/python3-package.mk
define Package/setools TAR_OPTIONS+= --strip-components 1
TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS)
define Package/setools/Default
SECTION:=utils SECTION:=utils
CATEGORY:=Utilities CATEGORY:=Utilities
DEPENDS:=+python3 +python3-pkg-resources +python3-networkx +libselinux +libsepol TITLE:=SELinux policy analysis tool
TITLE:=Policy analysis tools for SELinux
URL:=http://selinuxproject.org/page/Main_Page URL:=http://selinuxproject.org/page/Main_Page
DEPENDS:=+python3-light +python3-logging +python3-setools
endef endef
define Package/setools/description define Package/setools/Default/description
SETools is a collection of tools and libraries designed to facilitate SETools is a collection of tools and libraries designed to facilitate
SELinux policy analysis. SELinux policy analysis.
endef endef
$(eval $(call Py3Package,setools)) define Package/python3-setools
SECTION:=lang
CATEGORY:=Languages
SUBMENU:=Python
TITLE:=SETools Python bindings
URL:=http://selinuxproject.org/page/Main_Page
DEPENDS:=+python3-light +python3-logging +python3-pkg-resources +libselinux +libsepol
endef
define Package/python3-setools/description
$(call Package/setools/Default/description)
This contains the SETools Python binding.
endef
Py3Package/python3-setools/install:=:
define Package/setools
$(call Package/setools/Default)
TITLE+= meta-package
DEPENDS:= \
setools-sechecker \
setools-sediff \
setools-sedta \
setools-seinfo \
setools-seinfoflow \
setools-sesearch
endef
define Package/setools/description
$(call Package/setools/Default/description)
This is a meta-package that installs all of the SETools tools.
endef
Package/setools/install:=:
define BuildUtil
define Package/setools-$(1)
$(call Package/setools/Default)
TITLE+= $(1)
DEPENDS+= $(2)
endef
define Package/setools-$(1)/description
$(call Package/setools/Default/description)
This contains the $(1) tool.
endef
define Py3Package/setools-$(1)/install
$$(INSTALL_DIR) $$(1)/usr/bin
$$(INSTALL_BIN) $$(PKG_INSTALL_DIR)/usr/bin/$(1) $$(1)/usr/bin/
endef
Py3Package/setools-$(1)/filespec:=
$$(eval $$(call Py3Package,setools-$(1)))
$$(eval $$(call BuildPackage,setools-$(1)))
endef
$(eval $(call Py3Package,python3-setools))
$(eval $(call BuildPackage,python3-setools))
$(eval $(call BuildPackage,python3-setools-src))
$(eval $(call BuildPackage,setools)) $(eval $(call BuildPackage,setools))
$(eval $(call BuildUtil,sechecker))
$(eval $(call BuildUtil,sediff))
$(eval $(call BuildUtil,sedta,+python3-networkx))
$(eval $(call BuildUtil,seinfo))
$(eval $(call BuildUtil,seinfoflow,+python3-networkx))
$(eval $(call BuildUtil,sesearch))

16
utils/setools/patches/010-no-gui.patch Normal file
View file

@ -0,0 +1,16 @@
--- a/setup.py
+++ b/setup.py
@@ -139,10 +139,10 @@ setup(name='setools',
author_email='pebenito@ieee.org',
url='https://github.com/SELinuxProject/setools',
cmdclass={'build_qhc': QtHelpCommand, 'clean': CleanCommand},
- packages=['setools', 'setools.checker', 'setools.diff', 'setoolsgui', 'setoolsgui.apol'],
- scripts=['apol', 'sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta', 'sechecker'],
+ packages=['setools', 'setools.checker', 'setools.diff'],
+ scripts=['sediff', 'seinfo', 'seinfoflow', 'sesearch', 'sedta', 'sechecker'],
data_files=installed_data,
- package_data={'': ['*.ui', '*.qhc', '*.qch'], 'setools': ['perm_map',
+ package_data={'setools': ['perm_map',
'policyrep.pyi',
'py.typed']},
ext_modules=cythonize(ext_py_mods, include_path=['setools/policyrep'],

5
utils/setools/patches/030-remove-host-paths.patch
View file

@ -1,12 +1,11 @@
--- a/setup.py --- a/setup.py
+++ b/setup.py +++ b/setup.py
@@ -79,7 +79,8 @@ class QtHelpCommand(Command): @@ -79,7 +79,7 @@ class QtHelpCommand(Command):
# Library linkage # Library linkage
-lib_dirs = ['.', '/usr/lib64', '/usr/lib', '/usr/local/lib'] -lib_dirs = ['.', '/usr/lib64', '/usr/lib', '/usr/local/lib']
+owrt_staging_dir = os.environ["STAGING_DIR"] +lib_dirs = ['.', os.environ["STAGING_DIR"] + '/usr/lib']
+lib_dirs = ['.', owrt_staging_dir + '/usr/lib64', owrt_staging_dir + '/usr/lib', owrt_staging_dir + '/usr/local/lib' ]
include_dirs = [] include_dirs = []
with suppress(KeyError): with suppress(KeyError):