# Maintainer: Tycho Andersen pkgname=refpolicy pkgver=20170204 pkgrel=0 pkgdesc="SELinux policy reference" url="https://github.com/TresysTechnology/refpolicy/wiki" arch="noarch" license="GPL-2.0" depends="" depends_dev="" makedepends="$depends_dev checkpolicy python gawk" install="" subpackages="$pkgname-doc" source="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-2.$pkgver.tar.bz2 Makefile.devel" builddir="$srcdir/refpolicy" # refpolicy config monolithic=n distro=gentoo # unknown perms here means what to do with perms that are unknown to the # current userspace, because the kernel version is newer. By default, we deny. unknown_perms=deny # These are somewhat related to what is in the CentOS spec file, although they # are slightly differnet in what they install. # # https://selinuxproject.org/page/NB_RefPolicy#Reference_Policy_Build_Options_-_build.conf # are the build options: M{L,C}S_CATS are the number of categories for m{l,c}s policies. make_cmds() { make UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 bare || return 1 make UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 conf || return 1 } install_cmds() { make UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 SEMOD_EXP="/usr/bin/semodule_expand -a" base.pp make validate UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 SEMOD_EXP="/usr/bin/semodule_expand -a" modules make UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 DESTDIR="$pkgdir" install make UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 DESTDIR="$pkgdir" install-appconfig make UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 DESTDIR="$pkgdir" install-docs make UNK_PERMS=$3 NAME=$1 TYPE=$2 DISTRO=$distro UBAC=n DIRECT_INITRC=y MONOLITHIC=$monolithic MLS_CATS=1024 MCS_CATS=1024 DESTDIR="$pkgdir" install-headers } build() { cd "$builddir" make_cmds targeted mcs $unknown_perms || return 1 } package() { cd "$builddir" install_cmds targeted mcs $unknown_perms || return 1 mkdir -p $pkgdir/usr/share/selinux/devel || return 1 cp -r "$pkgdir/usr/share/selinux/targeted/include" "$pkgdir/usr/share/selinux/devel/include" cp $srcdir/Makefile.devel "$pkgdir/usr/share/selinux/devel/Makefile" || return 1 install -m 644 doc/example.* "$pkgdir/usr/share/selinux/devel" || return 1 install -m 644 doc/policy.* "$pkgdir/usr/share/selinux/devel" || return 1 # TODO: libselinux needs to build the python bindings for this to work # sepolicy manpage -a -p "$pkgdir/usr/share/man/man8/" -w -r "$pkgdir" || return 1 } sha512sums="30deabb02a5bde51c463e3e89988d850cff51596c2e72733a064245dec152ea46317eea79550dbe82a7a0d327ec0bcfbd9474ff8a902507392df0da00df6397f refpolicy-2.20170204.tar.bz2 01bd5f58e05feba2f318f6b80fb4c6cbe405691f947fee48566ad75c935d6e824ccfda5de88c5dad74b531ed28c18615d8ef4e2c2371d71c776b78767eb33740 Makefile.devel"