commit: dff61709d44bbd83f843d88ff1c7c8069039069c Author: Grzegorz Filo <gf578 <AT> wp <DOT> pl> AuthorDate: Wed Dec 29 19:53:34 2021 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sat Jan 1 22:43:16 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dff61709
sec-policy/selinux-base-policy: Remove obsolete selinux modules Closes: https://github.com/gentoo/gentoo/pull/23568 Signed-off-by: Grzegorz Filo <gf578 <AT> wp.pl> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> .../selinux-base-policy-2.20210203-r1.ebuild | 12 ++++++++++++ .../selinux-base-policy-2.20210908-r1.ebuild | 12 ++++++++++++ .../selinux-base-policy/selinux-base-policy-9999.ebuild | 12 ++++++++++++ 3 files changed, 36 insertions(+) diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild index 56db7e92b5d0..cb444f4de09d 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild @@ -28,6 +28,7 @@ BDEPEND=" sys-devel/m4" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" +DEL_MODS="hotplug" LICENSE="GPL-2" SLOT="0" S="${WORKDIR}/" @@ -60,6 +61,10 @@ src_prepare() { modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" done + for i in ${DEL_MODS}; do + [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" + done + for i in ${POLICY_TYPES}; do mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ @@ -111,6 +116,13 @@ pkg_postinst() { cd "${ROOT}/usr/share/selinux/${i}" semodule ${root_opts} -s ${i} ${COMMAND} + + for mod in ${DEL_MODS}; do + if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then + einfo "Removing obsolete ${i} ${mod} policy package" + semodule ${root_opts} -s ${i} -r ${mod} + fi + done done # Don't relabel when cross compiling diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild index 56db7e92b5d0..cb444f4de09d 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild @@ -28,6 +28,7 @@ BDEPEND=" sys-devel/m4" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" +DEL_MODS="hotplug" LICENSE="GPL-2" SLOT="0" S="${WORKDIR}/" @@ -60,6 +61,10 @@ src_prepare() { modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" done + for i in ${DEL_MODS}; do + [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" + done + for i in ${POLICY_TYPES}; do mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ @@ -111,6 +116,13 @@ pkg_postinst() { cd "${ROOT}/usr/share/selinux/${i}" semodule ${root_opts} -s ${i} ${COMMAND} + + for mod in ${DEL_MODS}; do + if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then + einfo "Removing obsolete ${i} ${mod} policy package" + semodule ${root_opts} -s ${i} -r ${mod} + fi + done done # Don't relabel when cross compiling diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild index 76791df9dcb2..adeb92d6f444 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild @@ -28,6 +28,7 @@ BDEPEND=" sys-devel/m4" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" +DEL_MODS="hotplug" LICENSE="GPL-2" SLOT="0" S="${WORKDIR}/" @@ -60,6 +61,10 @@ src_prepare() { modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" done + for i in ${DEL_MODS}; do + [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" + done + for i in ${POLICY_TYPES}; do mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ @@ -111,6 +116,13 @@ pkg_postinst() { cd "${ROOT}/usr/share/selinux/${i}" semodule ${root_opts} -s ${i} ${COMMAND} + + for mod in ${DEL_MODS}; do + if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then + einfo "Removing obsolete ${i} ${mod} policy package" + semodule ${root_opts} -s ${i} -r ${mod} + fi + done done # Don't relabel when cross compiling
