1 files changed, 179 insertions, 0 deletions
diff --git a/recipes-security/selinux/policycoreutils_3.5.bb b/recipes-security/selinux/policycoreutils_3.5.bb
new file mode 100644
index 0000000..c106ee7
--- /dev/null
+++ b/recipes-security/selinux/policycoreutils_3.5.bb
@@ -0,0 +1,179 @@
+SUMMARY = "SELinux policy core utilities"
+DESCRIPTION = "policycoreutils contains the policy core utilities that are required \
+for basic operation of a SELinux system.  These utilities include \
+load_policy to load policies, setfiles to label filesystems, newrole \
+to switch roles, and run_init to run /etc/init.d scripts in the proper \
+context."
+SECTION = "base"
+LICENSE = "GPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=393a5ca445f6965873eca0259a17f833"
+require selinux_common.inc
+SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
+            file://policycoreutils-fixfiles-de-bashify.patch \
+           "
+PAM_SRC_URI = "file://pam.d/newrole \
+               file://pam.d/run_init \
+              "
+DEPENDS = "libsepol libselinux libsemanage gettext-native"
+DEPENDS:append:class-target = " libcap-ng"
+S = "${WORKDIR}/git/policycoreutils"
+inherit selinux python3native
+RDEPENDS:${PN}-fixfiles = "\
+    ${PN}-setfiles \
+    grep \
+    findutils \
+"
+RDEPENDS:${PN}-genhomedircon = "\
+    ${PN}-semodule \
+"
+RDEPENDS:${PN}-loadpolicy = "\
+    libselinux \
+    libsepol \
+"
+RDEPENDS:${PN}-newrole = "\
+    libcap-ng \
+    libselinux \
+"
+RDEPENDS:${PN}-runinit = "libselinux"
+RDEPENDS:${PN}-secon = "libselinux"
+RDEPENDS:${PN}-semodule = "\
+    libsepol \
+    libselinux \
+    libsemanage \
+"
+RDEPENDS:${PN}-sestatus = "libselinux"
+RDEPENDS:${PN}-setfiles = "\
+    libselinux \
+    libsepol \
+"
+RDEPENDS:${PN}-setsebool = "\
+    libsepol \
+    libselinux \
+    libsemanage \
+"
+RDEPENDS:${PN}:class-target = "selinux-python"
+PACKAGES =+ "\
+    ${PN}-fixfiles \
+    ${PN}-genhomedircon \
+    ${PN}-hll \
+    ${PN}-loadpolicy \
+    ${PN}-newrole \
+    ${PN}-runinit \
+    ${PN}-secon \
+    ${PN}-semodule \
+    ${PN}-sestatus \
+    ${PN}-setfiles \
+    ${PN}-setsebool \
+"
+FILES:${PN}-fixfiles = "${base_sbindir}/fixfiles"
+FILES:${PN}-genhomedircon = "${base_sbindir}/genhomedircon"
+FILES:${PN}-loadpolicy = "\
+    ${base_sbindir}/load_policy \
+"
+FILES:${PN}-newrole = "\
+    ${bindir}/newrole \
+    ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/newrole', '', d)} \
+"
+FILES:${PN}-runinit = "\
+    ${base_sbindir}/run_init \
+    ${base_sbindir}/open_init_pty \
+    ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/run_init', '', d)} \
+"
+FILES:${PN}-dbg += "${prefix}/libexec/selinux/hll/.debug"
+FILES:${PN}-secon = "${bindir}/secon"
+FILES:${PN}-semodule = "${base_sbindir}/semodule"
+FILES:${PN}-hll = "${prefix}/libexec/selinux/hll/*"
+FILES:${PN}-sestatus = "\
+    ${base_sbindir}/sestatus \
+    ${sysconfdir}/sestatus.conf \
+"
+FILES:${PN}-setfiles = "\
+    ${base_sbindir}/restorecon \
+    ${base_sbindir}/restorecon_xattr \
+    ${base_sbindir}/setfiles \
+"
+FILES:${PN}-setsebool = "\
+    ${base_sbindir}/setsebool \
+    ${datadir}/bash-completion/completions/setsebool \
+"
+export STAGING_INCDIR
+export STAGING_LIBDIR
+export BUILD_SYS
+export HOST_SYS
+PACKAGECONFIG:class-target ?= "\
+        ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)} \
+        audit \
+"
+PACKAGECONFIG:class-native ?= ""
+PACKAGECONFIG[libpam] = ",,libpam,"
+PACKAGECONFIG[audit] = ",,audit,"
+EXTRA_OEMAKE = "\
+        ${@bb.utils.contains('PACKAGECONFIG', 'libpam', 'PAMH=y', 'PAMH=', d)} \
+        ${@bb.utils.contains('PACKAGECONFIG', 'audit', 'AUDITH=y', 'AUDITH=', d)} \
+        INOTIFYH=n \
+        PREFIX=${prefix} \
+        SBINDIR=${base_sbindir} \
+"
+BBCLASSEXTEND = "native"
+PCU_NATIVE_CMDS = "setfiles semodule hll"
+do_compile:prepend() {
+    export PYTHON=python3
+    export PYLIBVER='python${PYTHON_BASEVERSION}'
+    export PYTHON_CPPFLAGS="-I${STAGING_INCDIR}/${PYLIBVER}"
+    export PYTHON_LDFLAGS="${STAGING_LIBDIR}/lib${PYLIBVER}.so"
+    export PYTHON_SITE_PKG="${PYTHON_SITEPACKAGES_DIR}"
+}
+do_compile:class-native() {
+    for PCU_CMD in ${PCU_NATIVE_CMDS} ; do
+        oe_runmake -C $PCU_CMD \
+            INCLUDEDIR='${STAGING_INCDIR}' \
+            LIBDIR='${STAGING_LIBDIR}'
+    done
+}
+sysroot_stage_dirs:append:class-native() {
+    cp -R $from/${prefix}/libexec $to/${prefix}/libexec
+}
+do_install:prepend() {
+    export PYTHON=python3
+    export SBINDIR="${D}/${base_sbindir}"
+}
+do_install:class-native() {
+    for PCU_CMD in ${PCU_NATIVE_CMDS} ; do
+        oe_runmake -C $PCU_CMD install \
+            DESTDIR="${D}" \
+            PREFIX="${prefix}" \
+            SBINDIR="${base_sbindir}"
+    done
+}
+do_install:append:class-target() {
+    if [ -e ${WORKDIR}/pam.d ]; then
+        install -d ${D}${sysconfdir}/pam.d/
+        install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
+    fi
+    # /var/lib/selinux is involved by seobject.py:
+    #   + dirname = "/var/lib/selinux"
+    # and it's required for running command:
+    #   $ semanage permissive [OPTS]
+    install -d ${D}${localstatedir}/lib/selinux
+}

diff --git a/recipes-security/selinux/policycoreutils_3.5.bb b/recipes-security/selinux/policycoreutils_3.5.bb new file mode 100644 index 0000000..c106ee7 --- /dev/null +++ b/recipes-security/selinux/policycoreutils_3.5.bb
@@ -0,0 +1,179 @@
	1	SUMMARY = "SELinux policy core utilities"
	2	DESCRIPTION = "policycoreutils contains the policy core utilities that are required \
	3	for basic operation of a SELinux system. These utilities include \
	4	load_policy to load policies, setfiles to label filesystems, newrole \
	5	to switch roles, and run_init to run /etc/init.d scripts in the proper \
	6	context."
	7	SECTION = "base"
	8	LICENSE = "GPL-2.0-or-later"
	9	LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=393a5ca445f6965873eca0259a17f833"
	10
	11	require selinux_common.inc
	12
	13	SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
	14	file://policycoreutils-fixfiles-de-bashify.patch \
	15	"
	16
	17	PAM_SRC_URI = "file://pam.d/newrole \
	18	file://pam.d/run_init \
	19	"
	20
	21	DEPENDS = "libsepol libselinux libsemanage gettext-native"
	22	DEPENDS:append:class-target = " libcap-ng"
	23
	24	S = "${WORKDIR}/git/policycoreutils"
	25
	26	inherit selinux python3native
	27
	28	RDEPENDS:${PN}-fixfiles = "\
	29	${PN}-setfiles \
	30	grep \
	31	findutils \
	32	"
	33	RDEPENDS:${PN}-genhomedircon = "\
	34	${PN}-semodule \
	35	"
	36	RDEPENDS:${PN}-loadpolicy = "\
	37	libselinux \
	38	libsepol \
	39	"
	40	RDEPENDS:${PN}-newrole = "\
	41	libcap-ng \
	42	libselinux \
	43	"
	44	RDEPENDS:${PN}-runinit = "libselinux"
	45	RDEPENDS:${PN}-secon = "libselinux"
	46	RDEPENDS:${PN}-semodule = "\
	47	libsepol \
	48	libselinux \
	49	libsemanage \
	50	"
	51	RDEPENDS:${PN}-sestatus = "libselinux"
	52	RDEPENDS:${PN}-setfiles = "\
	53	libselinux \
	54	libsepol \
	55	"
	56	RDEPENDS:${PN}-setsebool = "\
	57	libsepol \
	58	libselinux \
	59	libsemanage \
	60	"
	61	RDEPENDS:${PN}:class-target = "selinux-python"
	62
	63	PACKAGES =+ "\
	64	${PN}-fixfiles \
	65	${PN}-genhomedircon \
	66	${PN}-hll \
	67	${PN}-loadpolicy \
	68	${PN}-newrole \
	69	${PN}-runinit \
	70	${PN}-secon \
	71	${PN}-semodule \
	72	${PN}-sestatus \
	73	${PN}-setfiles \
	74	${PN}-setsebool \
	75	"
	76	FILES:${PN}-fixfiles = "${base_sbindir}/fixfiles"
	77	FILES:${PN}-genhomedircon = "${base_sbindir}/genhomedircon"
	78	FILES:${PN}-loadpolicy = "\
	79	${base_sbindir}/load_policy \
	80	"
	81	FILES:${PN}-newrole = "\
	82	${bindir}/newrole \
	83	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/newrole', '', d)} \
	84	"
	85	FILES:${PN}-runinit = "\
	86	${base_sbindir}/run_init \
	87	${base_sbindir}/open_init_pty \
	88	${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${sysconfdir}/pam.d/run_init', '', d)} \
	89	"
	90	FILES:${PN}-dbg += "${prefix}/libexec/selinux/hll/.debug"
	91	FILES:${PN}-secon = "${bindir}/secon"
	92	FILES:${PN}-semodule = "${base_sbindir}/semodule"
	93	FILES:${PN}-hll = "${prefix}/libexec/selinux/hll/*"
	94	FILES:${PN}-sestatus = "\
	95	${base_sbindir}/sestatus \
	96	${sysconfdir}/sestatus.conf \
	97	"
	98	FILES:${PN}-setfiles = "\
	99	${base_sbindir}/restorecon \
	100	${base_sbindir}/restorecon_xattr \
	101	${base_sbindir}/setfiles \
	102	"
	103	FILES:${PN}-setsebool = "\
	104	${base_sbindir}/setsebool \
	105	${datadir}/bash-completion/completions/setsebool \
	106	"
	107
	108	export STAGING_INCDIR
	109	export STAGING_LIBDIR
	110	export BUILD_SYS
	111	export HOST_SYS
	112
	113	PACKAGECONFIG:class-target ?= "\
	114	${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)} \
	115	audit \
	116	"
	117	PACKAGECONFIG:class-native ?= ""
	118
	119	PACKAGECONFIG[libpam] = ",,libpam,"
	120	PACKAGECONFIG[audit] = ",,audit,"
	121
	122	EXTRA_OEMAKE = "\
	123	${@bb.utils.contains('PACKAGECONFIG', 'libpam', 'PAMH=y', 'PAMH=', d)} \
	124	${@bb.utils.contains('PACKAGECONFIG', 'audit', 'AUDITH=y', 'AUDITH=', d)} \
	125	INOTIFYH=n \
	126	PREFIX=${prefix} \
	127	SBINDIR=${base_sbindir} \
	128	"
	129
	130	BBCLASSEXTEND = "native"
	131
	132	PCU_NATIVE_CMDS = "setfiles semodule hll"
	133
	134	do_compile:prepend() {
	135	export PYTHON=python3
	136	export PYLIBVER='python${PYTHON_BASEVERSION}'
	137	export PYTHON_CPPFLAGS="-I${STAGING_INCDIR}/${PYLIBVER}"
	138	export PYTHON_LDFLAGS="${STAGING_LIBDIR}/lib${PYLIBVER}.so"
	139	export PYTHON_SITE_PKG="${PYTHON_SITEPACKAGES_DIR}"
	140	}
	141
	142	do_compile:class-native() {
	143	for PCU_CMD in ${PCU_NATIVE_CMDS} ; do
	144	oe_runmake -C $PCU_CMD \
	145	INCLUDEDIR='${STAGING_INCDIR}' \
	146	LIBDIR='${STAGING_LIBDIR}'
	147	done
	148	}
	149
	150	sysroot_stage_dirs:append:class-native() {
	151	cp -R $from/${prefix}/libexec $to/${prefix}/libexec
	152	}
	153
	154	do_install:prepend() {
	155	export PYTHON=python3
	156	export SBINDIR="${D}/${base_sbindir}"
	157	}
	158
	159	do_install:class-native() {
	160	for PCU_CMD in ${PCU_NATIVE_CMDS} ; do
	161	oe_runmake -C $PCU_CMD install \
	162	DESTDIR="${D}" \
	163	PREFIX="${prefix}" \
	164	SBINDIR="${base_sbindir}"
	165	done
	166	}
	167
	168	do_install:append:class-target() {
	169	if [ -e ${WORKDIR}/pam.d ]; then
	170	install -d ${D}${sysconfdir}/pam.d/
	171	install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
	172	fi
	173
	174	# /var/lib/selinux is involved by seobject.py:
	175	# + dirname = "/var/lib/selinux"
	176	# and it's required for running command:
	177	# $ semanage permissive [OPTS]
	178	install -d ${D}${localstatedir}/lib/selinux
	179	}