diff options
| author |   Sven Vermeulen <swift@gentoo.org> | 2013-01-26 15:01:52 +0000 |
|---|---|---|
| committer | Sven Vermeulen <swift@gentoo.org> | 2013-01-26 15:01:52 +0000 |
| commit | 446d63c3485e22367518f606183590c075f3e077 (patch) | |
| tree | 1854cbdb026c669725f26c2c700e86635e94d418 /eclass | |
| parent | Fix build with ffmpeg-0.11, part of bug #443208 (diff) | |
| download | historical-446d63c3485e22367518f606183590c075f3e077.tar.gz historical-446d63c3485e22367518f606183590c075f3e077.tar.bz2 historical-446d63c3485e22367518f606183590c075f3e077.zip | |
Support removing SELinux modules of the defined policy stores
Diffstat (limited to 'eclass')
| -rw-r--r-- | eclass/ChangeLog | 5 | ||||
| -rw-r--r-- | eclass/selinux-policy-2.eclass | 34 |
2 files changed, 35 insertions, 4 deletions
diff --git a/eclass/ChangeLog b/eclass/ChangeLog index 423108a1a75e..53761d247add 100644 --- a/eclass/ChangeLog +++ b/eclass/ChangeLog @@ -1,6 +1,9 @@ # ChangeLog for eclass directory # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/ChangeLog,v 1.640 2013/01/26 11:39:41 mgorny Exp $ +# $Header: /var/cvsroot/gentoo-x86/eclass/ChangeLog,v 1.641 2013/01/26 15:01:52 swift Exp $ + + 26 Jan 2013; Sven Vermeulen <swift@gentoo.org> selinux-policy-2.eclass: + Supporting removal of SELinux modules 26 Jan 2013; Michał Górny <mgorny@gentoo.org> autotools-multilib.eclass: Set USE defaults to make sure IUSE_IMPLICIT does not fool us. diff --git a/eclass/selinux-policy-2.eclass b/eclass/selinux-policy-2.eclass index 86cf6280518e..8ddcb14935a4 100644 --- a/eclass/selinux-policy-2.eclass +++ b/eclass/selinux-policy-2.eclass @@ -1,6 +1,6 @@ -# Copyright 1999-2012 Gentoo Foundation +# Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/eclass/selinux-policy-2.eclass,v 1.15 2012/09/27 16:35:42 axs Exp $ +# $Header: /var/cvsroot/gentoo-x86/eclass/selinux-policy-2.eclass,v 1.16 2013/01/26 15:01:52 swift Exp $ # Eclass for installing SELinux policy, and optionally # reloading the reference-policy based modules. @@ -98,7 +98,7 @@ DEPEND="${RDEPEND} sys-devel/m4 >=sys-apps/checkpolicy-2.0.21" -SELINUX_EXPF="src_unpack src_compile src_install pkg_postinst" +SELINUX_EXPF="src_unpack src_compile src_install pkg_postinst pkg_postrm" case "${EAPI:-0}" in 2|3|4|5) SELINUX_EXPF+=" src_prepare" ;; *) ;; @@ -281,3 +281,31 @@ selinux-policy-2_pkg_postinst() { done } +# @FUNCTION: selinux-policy-2_pkg_postrm +# @DESCRIPTION: +# Uninstall the module(s) from the SELinux policy stores, effectively +# deactivating the policy on the system. +selinux-policy-2_pkg_postrm() { + # Only if we are not upgrading + if [[ "${EAPI}" -lt 4 || -z "${REPLACED_BY_VERSION}" ]]; + then + # build up the command in the case of multiple modules + local COMMAND + for i in ${MODS}; do + COMMAND="-r ${i} ${COMMAND}" + done + + for i in ${POLICY_TYPES}; do + einfo "Removing the following modules from the $i module store: ${MODS}" + + semodule -s ${i} ${COMMAND} + if [ $? -ne 0 ]; + then + ewarn "SELinux module unload failed."; + else + einfo "SELinux modules unloaded succesfully." + fi + done + fi +} + |