SELinux fixes and updates to 2012-09-24
This commit is contained in:
parent
f6b28fad73
commit
de70e3739d
@ -8,8 +8,11 @@ stdenv.mkDerivation rec {
|
||||
url = "http://www.and.org/ustr/${version}/${name}.tar.bz2";
|
||||
sha256 = "1i623ygdj7rkizj7985q9d6vj5amwg686aqb5j3ixpkqkyp6xbrx";
|
||||
};
|
||||
|
||||
prePatch = "substituteInPlace Makefile --replace /usr/include/ ${glibc}/include/";
|
||||
|
||||
patches = [ ./va_args.patch ]; # fixes bogus warnings that failed libsemanage
|
||||
|
||||
makeFlags = "DESTDIR=$(out) prefix= LDCONFIG=echo";
|
||||
|
||||
configurePhase = "make ustr-import";
|
||||
@ -21,4 +24,4 @@ stdenv.mkDerivation rec {
|
||||
license = licenses.bsd2;
|
||||
maintainers = [ maintainers.phreedom ];
|
||||
};
|
||||
}
|
||||
}
|
||||
|
23
pkgs/development/libraries/ustr/va_args.patch
Normal file
23
pkgs/development/libraries/ustr/va_args.patch
Normal file
@ -0,0 +1,23 @@
|
||||
diff --git a/ustr-compiler.h b/ustr-compiler.h
|
||||
index 9e71276..c5f847a 100644
|
||||
--- a/ustr-compiler.h
|
||||
+++ b/ustr-compiler.h
|
||||
@@ -11,17 +11,11 @@
|
||||
#define USTR_CONF_HAVE_ATTR_FMT 1
|
||||
#endif
|
||||
|
||||
+#include <stdarg.h>
|
||||
/* We assume this is enough,
|
||||
* C99 specifies that va_copy() exists and is a macro */
|
||||
-#ifdef va_copy
|
||||
# define USTR_CONF_HAVE_VA_COPY 1
|
||||
# define USTR__VA_COPY(x, y) va_copy(x, y)
|
||||
-#elif __va_copy
|
||||
-# define USTR_CONF_HAVE_VA_COPY 1
|
||||
-# define USTR__VA_COPY(x, y) __va_copy(x, y)
|
||||
-#else
|
||||
-# define USTR_CONF_HAVE_VA_COPY 0
|
||||
-#endif
|
||||
|
||||
#ifndef USTR_CONF_HAVE_ATTR_NONNULL
|
||||
#if defined(__GNUC__) && (__GNUC__ > 3) /* not sure */
|
@ -2,11 +2,12 @@
|
||||
stdenv.mkDerivation rec {
|
||||
|
||||
name = "checkpolicy-${version}";
|
||||
version = "2.0.23";
|
||||
version = "2.1.11";
|
||||
inherit (libsepol) se_release se_url;
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://userspace.selinuxproject.org/releases/20101221/devel/checkpolicy-2.0.23.tar.gz";
|
||||
sha256 = "1n34ggacds7xap039r6hqkxmkd4g2wgfkxjdnv3lirq3cqqi8cnd";
|
||||
url = "${se_url}/${se_release}/checkpolicy-${version}.tar.gz";
|
||||
sha256 = "1wahs32l4jjlg0s3lyihdhvwmsy7yyvq5pk96q9lsiilc5vvrb06";
|
||||
};
|
||||
|
||||
buildInputs = [ libsepol libselinux bison flex ];
|
||||
@ -14,10 +15,8 @@ stdenv.mkDerivation rec {
|
||||
preBuild = '' makeFlags="$makeFlags LEX=flex LIBDIR=${libsepol}/lib PREFIX=$out" '';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://userspace.selinuxproject.org/;
|
||||
description = "SELinux policy compiler";
|
||||
license = licenses.gpl2;
|
||||
maintainers = [ maintainers.phreedom ];
|
||||
platforms = platforms.linux;
|
||||
inherit (libsepol.meta) homepage platforms maintainers;
|
||||
};
|
||||
}
|
||||
}
|
||||
|
@ -1,15 +1,34 @@
|
||||
{stdenv, fetchurl, libsepol}:
|
||||
{ stdenv, fetchurl, pkgconfig, libsepol, pcre }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libselinux-${version}";
|
||||
version = "2.0.98";
|
||||
version = "2.1.12";
|
||||
inherit (libsepol) se_release se_url;
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://userspace.selinuxproject.org/releases/20101221/devel/${name}.tar.gz";
|
||||
sha256 = "00irm7nyakgi4z8d6dlm6c70fkbl6rzk5w1w0ny2c564yw0d0dlz";
|
||||
url = "${se_url}/${se_release}/libselinux-${version}.tar.gz";
|
||||
sha256 = "17navgvljgq35bljzcdwjdj3khajc27s15binr51xkp0h29qgbcd";
|
||||
};
|
||||
|
||||
buildInputs = [ libsepol ];
|
||||
patch_src = fetchurl {
|
||||
url = "http://dev.gentoo.org/~swift/patches/libselinux/patchbundle-${name}-r2.tar.gz";
|
||||
sha256 = "08zaas8iwyf4w9ll1ylyv4gril1nfarckd5h1l53563sxzyf7dqh";
|
||||
};
|
||||
|
||||
preBuild = '' makeFlags="$makeFlags PREFIX=$out DESTDIR=$out" '';
|
||||
patches = [ ./fPIC.patch ]; # libsemanage seems to need -fPIC everywhere
|
||||
|
||||
buildInputs = [ pkgconfig libsepol pcre ];
|
||||
|
||||
prePatch = ''
|
||||
tar xvf ${patch_src}
|
||||
for p in gentoo-patches/*.patch; do
|
||||
patch -p1 < "$p"
|
||||
done
|
||||
'';
|
||||
|
||||
preInstall = '' makeFlags="$makeFlags PREFIX=$out DESTDIR=$out" '';
|
||||
|
||||
meta = {
|
||||
inherit (libsepol.meta) homepage platforms maintainers;
|
||||
};
|
||||
}
|
||||
|
13
pkgs/os-specific/linux/libselinux/fPIC.patch
Normal file
13
pkgs/os-specific/linux/libselinux/fPIC.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/src/Makefile b/src/Makefile
|
||||
index ac019df..00432b9 100644
|
||||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -132,7 +132,7 @@ $(AUDIT2WHYSO): $(AUDIT2WHYLOBJ)
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux $(LIBDIR)/libsepol.a -L$(LIBDIR)
|
||||
|
||||
%.o: %.c policy.h
|
||||
- $(CC) $(CFLAGS) $(TLSFLAGS) -c -o $@ $<
|
||||
+ $(CC) $(CFLAGS) $(TLSFLAGS) -fPIC -c -o $@ $<
|
||||
|
||||
%.lo: %.c policy.h
|
||||
$(CC) $(CFLAGS) -fPIC -DSHARED -c -o $@ $<
|
@ -2,24 +2,24 @@
|
||||
stdenv.mkDerivation rec {
|
||||
|
||||
name = "libsemanage-${version}";
|
||||
version = "2.0.46";
|
||||
version = "2.1.9";
|
||||
inherit (libsepol) se_release se_url;
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://userspace.selinuxproject.org/releases/20101221/devel/${name}.tar.gz";
|
||||
sha256 = "03ljdw48pn8vlk4h26w8z247c9wykp2198s1ksmxrai3avyz87wf";
|
||||
url = "${se_url}/${se_release}/libsemanage-${version}.tar.gz";
|
||||
sha256 = "1k1my3n1pj30c5887spykcdk1brgxfpxmrz6frxjyhaijxzx20bg";
|
||||
};
|
||||
|
||||
NIX_LDFLAGS = "-lsepol";
|
||||
|
||||
makeFlags = "PREFIX=$(out) DESTDIR=$(out)";
|
||||
|
||||
NIX_CFLAGS_COMPILE = "-fstack-protector-all";
|
||||
NIX_CFLAGS_LINK = "-lsepol";
|
||||
|
||||
buildInputs = [ libsepol libselinux ustr bzip2 bison flex ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://userspace.selinuxproject.org/;
|
||||
inherit (libsepol.meta) homepage platforms maintainers;
|
||||
description = "Policy management tools for SELinux";
|
||||
license = licenses.lgpl21;
|
||||
maintainers = [ maintainers.phreedom ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
}
|
||||
|
@ -1,13 +1,24 @@
|
||||
{stdenv, fetchurl}:
|
||||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libsepol-${version}";
|
||||
version = "2.0.42";
|
||||
version = "2.1.8";
|
||||
se_release = "20120924";
|
||||
se_url = "${meta.homepage}/releases";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://userspace.selinuxproject.org/releases/20101221/devel/${name}.tar.gz";
|
||||
sha256 = "0sg61mb9qhyh4vplasar6nwd6j123v453zss93qws3h95fhrfc08";
|
||||
url = "${se_url}/${se_release}/libsepol-${version}.tar.gz";
|
||||
sha256 = "1w38q3lmha5m9aps9w844i51yw4b8q1vhpng2kdywn2n8cpdvvk3";
|
||||
};
|
||||
|
||||
preBuild = '' makeFlags="$makeFlags PREFIX=$out DESTDIR=$out" '';
|
||||
|
||||
passthru = { inherit se_release se_url meta; };
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://userspace.selinuxproject.org;
|
||||
platforms = platforms.linux;
|
||||
maintainers = [ maintainers.phreedom ];
|
||||
license = "GPLv2";
|
||||
};
|
||||
}
|
||||
|
@ -1,25 +1,39 @@
|
||||
{ stdenv, fetchurl, libsepol, libselinux }:
|
||||
{ stdenv, fetchurl, intltool, pcre, libcap_ng, libcgroup
|
||||
, libsepol, libselinux, libsemanage
|
||||
, python, sepolgen }:
|
||||
stdenv.mkDerivation rec {
|
||||
|
||||
name = "policycoreutils-${version}";
|
||||
version = "2.0.85";
|
||||
version = "2.1.13";
|
||||
inherit (libsepol) se_release se_url;
|
||||
|
||||
src = fetchurl {
|
||||
url = http://userspace.selinuxproject.org/releases/20101221/devel/policycoreutils-2.0.85.tar.gz;
|
||||
sha256 = "01q5ifacg24k9jdz85j9m17ps2l1p7abvh8pzy6qz55y68rycifb";
|
||||
url = "${se_url}/${se_release}/policycoreutils-${version}.tar.gz";
|
||||
sha256 = "1145nbpwndmhma08vvj1j75bjd8xhjal0vjpazlrw78iyc30y11l";
|
||||
};
|
||||
|
||||
buildInputs = [ libsepol libselinux ];
|
||||
patchPhase = ''
|
||||
substituteInPlace po/Makefile --replace /usr/bin/install install
|
||||
'';
|
||||
|
||||
NIX_LDFLAGS = "-lsepol";
|
||||
buildInputs = [ intltool pcre libcap_ng libcgroup
|
||||
libsepol libselinux libsemanage
|
||||
python sepolgen # ToDo? these are optional
|
||||
];
|
||||
|
||||
makeFlags = "LOCALEDIR=$(out)/share/locale";
|
||||
preBuild = ''
|
||||
mkdir -p "$out/lib" && cp -s "${libsepol}/lib/libsepol.a" "$out/lib"
|
||||
'';
|
||||
|
||||
NIX_CFLAGS_COMPILE = "-fstack-protector-all";
|
||||
NIX_LDFLAGS = "-lsepol -lpcre";
|
||||
|
||||
makeFlags = "PREFIX=$(out) DESTDIR=$(out) LOCALEDIR=$(out)/share/locale";
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://userspace.selinuxproject.org/;
|
||||
description = "SELinux policy core utilities";
|
||||
license = licenses.gpl2;
|
||||
maintainers = [ maintainers.phreedom ];
|
||||
platforms = platforms.linux;
|
||||
inherit (libsepol.meta) homepage platforms maintainers;
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
|
22
pkgs/os-specific/linux/sepolgen/default.nix
Normal file
22
pkgs/os-specific/linux/sepolgen/default.nix
Normal file
@ -0,0 +1,22 @@
|
||||
{ stdenv, fetchurl, libsepol, python }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "sepolgen-${version}";
|
||||
version = "1.1.8";
|
||||
inherit (libsepol) se_release se_url;
|
||||
|
||||
src = fetchurl {
|
||||
url = "${se_url}/${se_release}/sepolgen-${version}.tar.gz";
|
||||
sha256 = "1sssc9d4wz7l23yczlzplsmdr891sqr9w34ccn1bfwlnc4q63xdm";
|
||||
};
|
||||
|
||||
makeFlags = "PREFIX=$(out) DESTDIR=$(out) PYTHONLIBDIR=lib/${python.libPrefix}/site-packages";
|
||||
|
||||
buildInputs = [ python ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
inherit (libsepol.meta) homepage platforms maintainers;
|
||||
description = "SELinux policy generation library";
|
||||
license = licenses.gpl2;
|
||||
};
|
||||
}
|
@ -6174,6 +6174,8 @@ let
|
||||
|
||||
sdparm = callPackage ../os-specific/linux/sdparm { };
|
||||
|
||||
sepolgen = callPackage ../os-specific/linux/sepolgen { };
|
||||
|
||||
shadow = callPackage ../os-specific/linux/shadow { };
|
||||
|
||||
splashutils = callPackage ../os-specific/linux/splashutils/default.nix { };
|
||||
|
Loading…
Reference in New Issue
Block a user