diff options
| author |   Grzegorz Filo <gf578@wp.pl> | 2021-12-29 20:53:34 +0100 |
|---|---|---|
| committer |   Jason Zaman <perfinion@gentoo.org> | 2022-01-01 14:43:16 -0800 |
| commit | dff61709d44bbd83f843d88ff1c7c8069039069c (patch) | |
| tree | 701b5770be356e6ab3a41b8ce49e80944f339f07 /sec-policy | |
| parent | sec-keys/openpgp-keys-gentoo-release: Bump to 20220101 (diff) | |
| download | gentoo-dff61709d44bbd83f843d88ff1c7c8069039069c.tar.gz gentoo-dff61709d44bbd83f843d88ff1c7c8069039069c.tar.bz2 gentoo-dff61709d44bbd83f843d88ff1c7c8069039069c.zip | |
sec-policy/selinux-base-policy: Remove obsolete selinux modules
Closes: https://github.com/gentoo/gentoo/pull/23568
Signed-off-by: Grzegorz Filo <gf578@wp.pl>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
Diffstat (limited to 'sec-policy')
3 files changed, 36 insertions, 0 deletions
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild index 56db7e92b5d0..cb444f4de09d 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210203-r1.ebuild @@ -28,6 +28,7 @@ BDEPEND=" sys-devel/m4" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" +DEL_MODS="hotplug" LICENSE="GPL-2" SLOT="0" S="${WORKDIR}/" @@ -60,6 +61,10 @@ src_prepare() { modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" done + for i in ${DEL_MODS}; do + [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" + done + for i in ${POLICY_TYPES}; do mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ @@ -111,6 +116,13 @@ pkg_postinst() { cd "${ROOT}/usr/share/selinux/${i}" semodule ${root_opts} -s ${i} ${COMMAND} + + for mod in ${DEL_MODS}; do + if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then + einfo "Removing obsolete ${i} ${mod} policy package" + semodule ${root_opts} -s ${i} -r ${mod} + fi + done done # Don't relabel when cross compiling diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild index 56db7e92b5d0..cb444f4de09d 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20210908-r1.ebuild @@ -28,6 +28,7 @@ BDEPEND=" sys-devel/m4" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" +DEL_MODS="hotplug" LICENSE="GPL-2" SLOT="0" S="${WORKDIR}/" @@ -60,6 +61,10 @@ src_prepare() { modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" done + for i in ${DEL_MODS}; do + [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" + done + for i in ${POLICY_TYPES}; do mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ @@ -111,6 +116,13 @@ pkg_postinst() { cd "${ROOT}/usr/share/selinux/${i}" semodule ${root_opts} -s ${i} ${COMMAND} + + for mod in ${DEL_MODS}; do + if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then + einfo "Removing obsolete ${i} ${mod} policy package" + semodule ${root_opts} -s ${i} -r ${mod} + fi + done done # Don't relabel when cross compiling diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild index 76791df9dcb2..adeb92d6f444 100644 --- a/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild +++ b/sec-policy/selinux-base-policy/selinux-base-policy-9999.ebuild @@ -28,6 +28,7 @@ BDEPEND=" sys-devel/m4" MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork systemd tmpfiles udev userdomain usermanage unprivuser xdg" +DEL_MODS="hotplug" LICENSE="GPL-2" SLOT="0" S="${WORKDIR}/" @@ -60,6 +61,10 @@ src_prepare() { modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles" done + for i in ${DEL_MODS}; do + [[ "${MODS}" != *${i}* ]] || die "Duplicate module in MODS and DEL_MODS: ${i}" + done + for i in ${POLICY_TYPES}; do mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}" cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \ @@ -111,6 +116,13 @@ pkg_postinst() { cd "${ROOT}/usr/share/selinux/${i}" semodule ${root_opts} -s ${i} ${COMMAND} + + for mod in ${DEL_MODS}; do + if semodule ${root_opts} -s ${i} -l | grep -q "\b${mod}\b"; then + einfo "Removing obsolete ${i} ${mod} policy package" + semodule ${root_opts} -s ${i} -r ${mod} + fi + done done # Don't relabel when cross compiling |