diff options
Diffstat (limited to 'sec-policy')
33 files changed, 516 insertions, 24 deletions
diff --git a/sec-policy/selinux-apache/ChangeLog b/sec-policy/selinux-apache/ChangeLog index 2abaa92f8d6e..de35b2c718ca 100644 --- a/sec-policy/selinux-apache/ChangeLog +++ b/sec-policy/selinux-apache/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-apache -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-apache/ChangeLog,v 1.29 2011/11/12 20:53:22 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-apache/ChangeLog,v 1.30 2012/01/14 19:59:58 swift Exp $ + +*selinux-apache-2.20110726-r2 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-apache-2.20110726-r2.ebuild: + Adding aggregated types for use by other web server domains 12 Nov 2011; <swift@gentoo.org> -selinux-apache-2.20101213-r1.ebuild: Removing old policies diff --git a/sec-policy/selinux-apache/selinux-apache-2.20110726-r2.ebuild b/sec-policy/selinux-apache/selinux-apache-2.20110726-r2.ebuild new file mode 100644 index 000000000000..5ef5ff5c3988 --- /dev/null +++ b/sec-policy/selinux-apache/selinux-apache-2.20110726-r2.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-apache/selinux-apache-2.20110726-r2.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +IUSE="kerberos" +MODS="apache" +BASEPOL="2.20110726-r11" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for Apache HTTPD" +DEPEND="${DEPEND} + kerberos? ( sec-policy/selinux-kerberos )" +RDEPEND="${DEPEND}" + +KEYWORDS="~amd64 ~x86" +S="${WORKDIR}/" + +src_unpack() { + selinux-policy-2_src_unpack + if ! use kerberos ; then + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="strict targeted mcs mls"; + for i in ${POLICY_TYPES}; do + sed -i -e "/httpd_keytab_t/d" \ + "${S}/${i}/apache.fc" + done + fi +} + +pkg_postinst() { + selinux-policy-2_pkg_postinst + if use kerberos ; then + einfo "If you decide to uninstall Kerberos, you should clear the" + einfo "kerberos use flag here, and then emerge this module again." + einfo "Failure to do so may result in policy compile errors in the" + einfo "future." + else + einfo "If you install Kerberos later, you should set the kerberos" + einfo "use flag here, and then emerge this module again in order to" + einfo "get all of the relevant policy changes. Failure to do so may" + einfo "result in errors authenticating against kerberos servers by" + einfo "Apache." + fi +} diff --git a/sec-policy/selinux-bacula/ChangeLog b/sec-policy/selinux-bacula/ChangeLog new file mode 100644 index 000000000000..bfe990d13602 --- /dev/null +++ b/sec-policy/selinux-bacula/ChangeLog @@ -0,0 +1,10 @@ +# ChangeLog for sec-policy/selinux-bacula +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-bacula/ChangeLog,v 1.1 2012/01/14 19:59:58 swift Exp $ + +*selinux-bacula-2.20110726 (28 Dec 2011) + + 28 Dec 2011; <swift@gentoo.org> +selinux-bacula-2.20110726.ebuild, + +metadata.xml: + Initial policy for Bacula, thanks to Stan Sander + diff --git a/sec-policy/selinux-bacula/metadata.xml b/sec-policy/selinux-bacula/metadata.xml new file mode 100644 index 000000000000..bcbdae69aef9 --- /dev/null +++ b/sec-policy/selinux-bacula/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>selinux</herd> + <longdescription>Gentoo SELinux policy for bacula</longdescription> +</pkgmetadata> diff --git a/sec-policy/selinux-bacula/selinux-bacula-2.20110726.ebuild b/sec-policy/selinux-bacula/selinux-bacula-2.20110726.ebuild new file mode 100644 index 000000000000..ddb95cdf4301 --- /dev/null +++ b/sec-policy/selinux-bacula/selinux-bacula-2.20110726.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-bacula/selinux-bacula-2.20110726.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +EAPI="4" + +IUSE="" +MODS="bacula" +BASEPOL="2.20110726-r10" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for bacula" + +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-base-policy/ChangeLog b/sec-policy/selinux-base-policy/ChangeLog index 8a808bdff0c8..c302a48cec88 100644 --- a/sec-policy/selinux-base-policy/ChangeLog +++ b/sec-policy/selinux-base-policy/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-base-policy -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.92 2011/12/19 18:17:16 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/ChangeLog,v 1.93 2012/01/14 19:59:58 swift Exp $ + +*selinux-base-policy-2.20110726-r11 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-base-policy-2.20110726-r11.ebuild: + Bumping to rev 11 19 Dec 2011; <swift@gentoo.org> selinux-base-policy-2.20110726-r6.ebuild: Stabilize rev6 diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r11.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r11.ebuild new file mode 100644 index 000000000000..33ef6cdbd5ad --- /dev/null +++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r11.ebuild @@ -0,0 +1,164 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-base-policy/selinux-base-policy-2.20110726-r11.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ + +EAPI="4" +IUSE="+peer_perms +open_perms +ubac doc" + +inherit eutils + +DESCRIPTION="Gentoo base policy for SELinux" +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/selinux/" +SRC_URI="http://oss.tresys.com/files/refpolicy/refpolicy-${PV}.tar.bz2 + http://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PF}.tar.bz2" +LICENSE="GPL-2" +SLOT="0" + +KEYWORDS="~amd64 ~x86" + +RDEPEND=">=sys-apps/policycoreutils-1.30.30 + >=sys-fs/udev-151" +DEPEND="${RDEPEND} + sys-devel/m4 + >=sys-apps/checkpolicy-1.30.12" + +S=${WORKDIR}/ + +src_prepare() { + # Apply the gentoo patches to the policy. These patches are only necessary + # for base policies, or for interface changes on modules. + EPATCH_MULTI_MSG="Applying SELinux policy updates ... " \ + EPATCH_SUFFIX="patch" \ + EPATCH_SOURCE="${WORKDIR}" \ + EPATCH_FORCE="yes" \ + epatch + + cd "${S}/refpolicy" + # Fix bug 257111 - Correct the initial sid for cron-started jobs in the + # system_r role + sed -i -e 's:system_crond_t:system_cronjob_t:g' \ + "${S}/refpolicy/config/appconfig-standard/default_contexts" + sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ + "${S}/refpolicy/config/appconfig-mls/default_contexts" + sed -i -e 's|system_r:cronjob_t|system_r:system_cronjob_t|g' \ + "${S}/refpolicy/config/appconfig-mcs/default_contexts" +} + +src_configure() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + # Update the SELinux refpolicy capabilities based on the users' USE flags. + + if ! use peer_perms; then + sed -i -e '/network_peer_controls/d' \ + "${S}/refpolicy/policy/policy_capabilities" + fi + + if ! use open_perms; then + sed -i -e '/open_perms/d' \ + "${S}/refpolicy/policy/policy_capabilities" + fi + + if ! use ubac; then + sed -i -e '/^UBAC/s/y/n/' "${S}/refpolicy/build.conf" \ + || die "Failed to disable User Based Access Control" + fi + + echo "DISTRO = gentoo" >> "${S}/refpolicy/build.conf" + + # Setup the policies based on the types delivered by the end user. + # These types can be "targeted", "strict", "mcs" and "mls". + for i in ${POLICY_TYPES}; do + cp -a "${S}/refpolicy" "${S}/${i}" + + cd "${S}/${i}"; + make conf || die "Make conf in ${i} failed" + + # Define what we see as "base" and what we want to remain modular. + cp "${FILESDIR}/modules.conf" \ + "${S}/${i}/policy/modules.conf" \ + || die "failed to set up modules.conf" + # In case of "targeted", we add the "unconfined" to the base policy + if [[ "${i}" == "targeted" ]]; + then + echo "unconfined = base" >> "${S}/${i}/policy/modules.conf" + fi + + sed -i -e '/^QUIET/s/n/y/' -e "/^NAME/s/refpolicy/$i/" \ + "${S}/${i}/build.conf" || die "build.conf setup failed." + + if [[ "${i}" == "mls" ]] || [[ "${i}" == "mcs" ]]; + then + # MCS/MLS require additional settings + sed -i -e "/^TYPE/s/standard/${i}/" "${S}/${i}/build.conf" \ + || die "failed to set type to mls" + fi + + if [ "${i}" == "targeted" ]; then + sed -i -e '/root/d' -e 's/user_u/unconfined_u/' \ + "${S}/${i}/config/appconfig-standard/seusers" \ + || die "targeted seusers setup failed." + fi + done +} + +src_compile() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" + make base || die "${i} compile failed" + if use doc; then + make html || die + fi + done +} + +src_install() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + cd "${S}/${i}" + + make DESTDIR="${D}" install \ + || die "${i} install failed." + + make DESTDIR="${D}" install-headers \ + || die "${i} headers install failed." + + echo "run_init_t" > "${D}/etc/selinux/${i}/contexts/run_init_type" + + echo "textrel_shlib_t" >> "${D}/etc/selinux/${i}/contexts/customizable_types" + + # libsemanage won't make this on its own + keepdir "/etc/selinux/${i}/policy" + + if use doc; then + dohtml doc/html/*; + fi + done + + dodoc doc/Makefile.example doc/example.{te,fc,if} + + insinto /etc/selinux + doins "${FILESDIR}/config" +} + +pkg_preinst() { + has_version "<${CATEGORY}/${PN}-2.20101213-r13" + previous_less_than_r13=$? +} + +pkg_postinst() { + [ -z "${POLICY_TYPES}" ] && local POLICY_TYPES="targeted strict mls mcs" + + for i in ${POLICY_TYPES}; do + einfo "Inserting base module into ${i} module store." + + cd "${ROOT}/usr/share/selinux/${i}" + semodule -s "${i}" -b base.pp || die "Could not load in new base policy" + done + elog "Updates on policies might require you to relabel files. If you, after" + elog "installing new SELinux policies, get 'permission denied' errors," + elog "relabelling your system using 'rlpkg -a -r' might resolve the issues." +} diff --git a/sec-policy/selinux-dbus/ChangeLog b/sec-policy/selinux-dbus/ChangeLog index a2578bb37c6e..3cfb963d25b9 100644 --- a/sec-policy/selinux-dbus/ChangeLog +++ b/sec-policy/selinux-dbus/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-dbus -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dbus/ChangeLog,v 1.19 2011/11/27 18:12:40 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dbus/ChangeLog,v 1.20 2012/01/14 19:59:58 swift Exp $ + +*selinux-dbus-2.20110726-r2 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-dbus-2.20110726-r2.ebuild: + Adding dontaudits so that our logs do not get cluttered 27 Nov 2011; <swift@gentoo.org> selinux-dbus-2.20110726-r1.ebuild: Stable on x86/amd64 diff --git a/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r2.ebuild b/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r2.ebuild new file mode 100644 index 000000000000..ded4d938cb20 --- /dev/null +++ b/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r2.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dbus/selinux-dbus-2.20110726-r2.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +EAPI="4" + +IUSE="" +MODS="dbus" +BASEPOL="2.20110726-r11" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for dbus" + +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-dracut/ChangeLog b/sec-policy/selinux-dracut/ChangeLog new file mode 100644 index 000000000000..6003dfb0b7ca --- /dev/null +++ b/sec-policy/selinux-dracut/ChangeLog @@ -0,0 +1,10 @@ +# ChangeLog for sec-policy/selinux-dracut +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dracut/ChangeLog,v 1.1 2012/01/14 19:59:58 swift Exp $ + +*selinux-dracut-2.20110726 (03 Jan 2012) + + 03 Jan 2012; <swift@gentoo.org> +selinux-dracut-2.20110726.ebuild, + +metadata.xml: + Initial policy for dracut + diff --git a/sec-policy/selinux-dracut/metadata.xml b/sec-policy/selinux-dracut/metadata.xml new file mode 100644 index 000000000000..60e5eff72fa3 --- /dev/null +++ b/sec-policy/selinux-dracut/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>selinux</herd> + <longdescription>Gentoo SELinux policy for dracut</longdescription> +</pkgmetadata> diff --git a/sec-policy/selinux-dracut/selinux-dracut-2.20110726.ebuild b/sec-policy/selinux-dracut/selinux-dracut-2.20110726.ebuild new file mode 100644 index 000000000000..abe7cc211031 --- /dev/null +++ b/sec-policy/selinux-dracut/selinux-dracut-2.20110726.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-dracut/selinux-dracut-2.20110726.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +EAPI="4" + +IUSE="" +MODS="dracut" +BASEPOL="2.20110726-r11" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for dracut" + +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-fail2ban/ChangeLog b/sec-policy/selinux-fail2ban/ChangeLog index dcc241879188..3875fa7ce4e8 100644 --- a/sec-policy/selinux-fail2ban/ChangeLog +++ b/sec-policy/selinux-fail2ban/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-fail2ban -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-fail2ban/ChangeLog,v 1.6 2011/12/17 10:39:15 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-fail2ban/ChangeLog,v 1.7 2012/01/14 19:59:58 swift Exp $ + +*selinux-fail2ban-2.20110726-r2 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-fail2ban-2.20110726-r2.ebuild: + Numerous fixes in policy *selinux-fail2ban-2.20110726-r1 (17 Dec 2011) diff --git a/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r2.ebuild b/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r2.ebuild new file mode 100644 index 000000000000..44170fd3c640 --- /dev/null +++ b/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r2.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-fail2ban/selinux-fail2ban-2.20110726-r2.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +EAPI="4" + +IUSE="" +MODS="fail2ban" +BASEPOL="2.20110726-r10" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for fail2ban" + +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-mozilla/ChangeLog b/sec-policy/selinux-mozilla/ChangeLog index f33e6f256911..2a5872de8b5c 100644 --- a/sec-policy/selinux-mozilla/ChangeLog +++ b/sec-policy/selinux-mozilla/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-mozilla -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mozilla/ChangeLog,v 1.13 2011/12/17 10:39:16 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mozilla/ChangeLog,v 1.14 2012/01/14 19:59:59 swift Exp $ + +*selinux-mozilla-2.20110726-r5 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-mozilla-2.20110726-r5.ebuild: + Adding dontaudits *selinux-mozilla-2.20110726-r4 (17 Dec 2011) diff --git a/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r5.ebuild b/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r5.ebuild new file mode 100644 index 000000000000..da11a23ca44c --- /dev/null +++ b/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r5.ebuild @@ -0,0 +1,13 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-mozilla/selinux-mozilla-2.20110726-r5.ebuild,v 1.1 2012/01/14 19:59:59 swift Exp $ +EAPI="4" + +IUSE="" +MODS="mozilla" +BASEPOL="2.20110726-r11" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for mozilla" +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-networkmanager/ChangeLog b/sec-policy/selinux-networkmanager/ChangeLog index e371da984c08..a6fd1f5f67cb 100644 --- a/sec-policy/selinux-networkmanager/ChangeLog +++ b/sec-policy/selinux-networkmanager/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-networkmanager -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-networkmanager/ChangeLog,v 1.6 2011/12/04 19:02:19 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-networkmanager/ChangeLog,v 1.7 2012/01/14 19:59:59 swift Exp $ + +*selinux-networkmanager-2.20110726-r3 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-networkmanager-2.20110726-r3.ebuild: + Adding dontaudits *selinux-networkmanager-2.20110726-r2 (04 Dec 2011) diff --git a/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r3.ebuild b/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r3.ebuild new file mode 100644 index 000000000000..c94208d174bc --- /dev/null +++ b/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r3.ebuild @@ -0,0 +1,13 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-networkmanager/selinux-networkmanager-2.20110726-r3.ebuild,v 1.1 2012/01/14 19:59:59 swift Exp $ +EAPI="4" + +IUSE="" +MODS="networkmanager" +BASEPOL="2.20110726-r11" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for networkmanager" +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-oddjob/ChangeLog b/sec-policy/selinux-oddjob/ChangeLog new file mode 100644 index 000000000000..a8ed0a99ab41 --- /dev/null +++ b/sec-policy/selinux-oddjob/ChangeLog @@ -0,0 +1,10 @@ +# ChangeLog for sec-policy/selinux-oddjob +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-oddjob/ChangeLog,v 1.1 2012/01/14 19:59:58 swift Exp $ + +*selinux-oddjob-2.20110726 (28 Dec 2011) + + 28 Dec 2011; <swift@gentoo.org> +selinux-oddjob-2.20110726.ebuild, + +metadata.xml: + Support oddjob (needed for PAM helpers) + diff --git a/sec-policy/selinux-oddjob/metadata.xml b/sec-policy/selinux-oddjob/metadata.xml new file mode 100644 index 000000000000..1a90c82f80fe --- /dev/null +++ b/sec-policy/selinux-oddjob/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>selinux</herd> + <longdescription>Gentoo SELinux policy for oddjob (helpers for PAM)</longdescription> +</pkgmetadata> diff --git a/sec-policy/selinux-oddjob/selinux-oddjob-2.20110726.ebuild b/sec-policy/selinux-oddjob/selinux-oddjob-2.20110726.ebuild new file mode 100644 index 000000000000..7bf010ecfc99 --- /dev/null +++ b/sec-policy/selinux-oddjob/selinux-oddjob-2.20110726.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-oddjob/selinux-oddjob-2.20110726.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +EAPI="4" + +IUSE="" +MODS="oddjob" +BASEPOL="2.20110726-r10" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for oddjob" + +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-postfix/ChangeLog b/sec-policy/selinux-postfix/ChangeLog index f88b8213aeb4..9ef45efffb11 100644 --- a/sec-policy/selinux-postfix/ChangeLog +++ b/sec-policy/selinux-postfix/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-postfix -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/ChangeLog,v 1.38 2011/11/12 20:53:31 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/ChangeLog,v 1.39 2012/01/14 19:59:59 swift Exp $ + +*selinux-postfix-2.20110726-r2 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-postfix-2.20110726-r2.ebuild: + Allow startup to create necessary directories, spool, etc. 12 Nov 2011; <swift@gentoo.org> -files/fix-services-postfix-r1.patch, -files/fix-services-postfix-r2.patch, -files/fix-services-postfix-r3.patch, diff --git a/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r2.ebuild b/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r2.ebuild new file mode 100644 index 000000000000..52be54ac47ed --- /dev/null +++ b/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r2.ebuild @@ -0,0 +1,13 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-postfix/selinux-postfix-2.20110726-r2.ebuild,v 1.1 2012/01/14 19:59:59 swift Exp $ +EAPI="4" + +IUSE="" +MODS="postfix" +BASEPOL="2.20110726-r10" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for postfix" +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-qemu/ChangeLog b/sec-policy/selinux-qemu/ChangeLog index c23da9de6e14..2fd2d68e6a3c 100644 --- a/sec-policy/selinux-qemu/ChangeLog +++ b/sec-policy/selinux-qemu/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-qemu -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-qemu/ChangeLog,v 1.7 2011/12/17 10:39:16 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-qemu/ChangeLog,v 1.8 2012/01/14 19:59:58 swift Exp $ + +*selinux-qemu-2.20110726-r3 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-qemu-2.20110726-r3.ebuild: + Allow qemu to call itself 17 Dec 2011; <swift@gentoo.org> selinux-qemu-2.20110726-r2.ebuild: Add dependency on selinux-virt; also add dontaudit statement for unneeded diff --git a/sec-policy/selinux-qemu/selinux-qemu-2.20110726-r3.ebuild b/sec-policy/selinux-qemu/selinux-qemu-2.20110726-r3.ebuild new file mode 100644 index 000000000000..2483ed8486d9 --- /dev/null +++ b/sec-policy/selinux-qemu/selinux-qemu-2.20110726-r3.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-qemu/selinux-qemu-2.20110726-r3.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +EAPI="4" + +IUSE="" +MODS="qemu" +BASEPOL="2.20110726-r9" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for qemu" +KEYWORDS="~amd64 ~x86" +RDEPEND="sec-policy/selinux-virt" diff --git a/sec-policy/selinux-skype/ChangeLog b/sec-policy/selinux-skype/ChangeLog index 63d214d5925a..f1643923d523 100644 --- a/sec-policy/selinux-skype/ChangeLog +++ b/sec-policy/selinux-skype/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-skype -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-skype/ChangeLog,v 1.9 2011/11/27 18:12:40 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-skype/ChangeLog,v 1.10 2012/01/14 19:59:59 swift Exp $ + +*selinux-skype-2.20110726-r3 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-skype-2.20110726-r3.ebuild: + Allow network state reading as well as writing to xdg_config_home_t 27 Nov 2011; <swift@gentoo.org> selinux-skype-2.20110726-r2.ebuild: Stable on amd64/x86 diff --git a/sec-policy/selinux-skype/selinux-skype-2.20110726-r3.ebuild b/sec-policy/selinux-skype/selinux-skype-2.20110726-r3.ebuild new file mode 100644 index 000000000000..8703e970ab54 --- /dev/null +++ b/sec-policy/selinux-skype/selinux-skype-2.20110726-r3.ebuild @@ -0,0 +1,13 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-skype/selinux-skype-2.20110726-r3.ebuild,v 1.1 2012/01/14 19:59:59 swift Exp $ +EAPI="4" + +IUSE="" +MODS="skype" +BASEPOL="2.20110726-r9" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for skype" +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-sudo/ChangeLog b/sec-policy/selinux-sudo/ChangeLog index d5f2010cb1ca..370dc850f5b5 100644 --- a/sec-policy/selinux-sudo/ChangeLog +++ b/sec-policy/selinux-sudo/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-sudo -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-sudo/ChangeLog,v 1.26 2011/12/17 10:39:16 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-sudo/ChangeLog,v 1.27 2012/01/14 19:59:59 swift Exp $ + +*selinux-sudo-2.20110726-r2 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-sudo-2.20110726-r2.ebuild: + Support integrated SELinux support within sudo *selinux-sudo-2.20110726-r1 (17 Dec 2011) diff --git a/sec-policy/selinux-sudo/selinux-sudo-2.20110726-r2.ebuild b/sec-policy/selinux-sudo/selinux-sudo-2.20110726-r2.ebuild new file mode 100644 index 000000000000..c5b8383a3b2a --- /dev/null +++ b/sec-policy/selinux-sudo/selinux-sudo-2.20110726-r2.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-sudo/selinux-sudo-2.20110726-r2.ebuild,v 1.1 2012/01/14 19:59:59 swift Exp $ +EAPI="4" + +IUSE="" +MODS="sudo" +BASEPOL="2.20110726-r9" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for sudo" + +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-virt/ChangeLog b/sec-policy/selinux-virt/ChangeLog index c6d946cc7bf2..58f62ffb8fa8 100644 --- a/sec-policy/selinux-virt/ChangeLog +++ b/sec-policy/selinux-virt/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-virt -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/ChangeLog,v 1.6 2011/11/12 20:52:54 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/ChangeLog,v 1.7 2012/01/14 19:59:58 swift Exp $ + +*selinux-virt-2.20110726-r1 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-virt-2.20110726-r1.ebuild: + Fix bug #330767 to support libvirt better in gentoo 12 Nov 2011; <swift@gentoo.org> -selinux-virt-2.20101213.ebuild: Removing old policies diff --git a/sec-policy/selinux-virt/selinux-virt-2.20110726-r1.ebuild b/sec-policy/selinux-virt/selinux-virt-2.20110726-r1.ebuild new file mode 100644 index 000000000000..67fd120a5449 --- /dev/null +++ b/sec-policy/selinux-virt/selinux-virt-2.20110726-r1.ebuild @@ -0,0 +1,13 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-virt/selinux-virt-2.20110726-r1.ebuild,v 1.1 2012/01/14 19:59:58 swift Exp $ +EAPI="4" + +IUSE="" +MODS="virt" +BASEPOL="2.20110726-r9" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for virt" +KEYWORDS="~amd64 ~x86" diff --git a/sec-policy/selinux-xserver/ChangeLog b/sec-policy/selinux-xserver/ChangeLog index 6b4302501125..575cf0d6070c 100644 --- a/sec-policy/selinux-xserver/ChangeLog +++ b/sec-policy/selinux-xserver/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sec-policy/selinux-xserver -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-xserver/ChangeLog,v 1.7 2011/12/17 10:39:17 swift Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-xserver/ChangeLog,v 1.8 2012/01/14 19:59:59 swift Exp $ + +*selinux-xserver-2.20110726-r2 (14 Jan 2012) + + 14 Jan 2012; <swift@gentoo.org> +selinux-xserver-2.20110726-r2.ebuild: + Dontaudit domain state queries *selinux-xserver-2.20110726-r1 (17 Dec 2011) diff --git a/sec-policy/selinux-xserver/selinux-xserver-2.20110726-r2.ebuild b/sec-policy/selinux-xserver/selinux-xserver-2.20110726-r2.ebuild new file mode 100644 index 000000000000..20c22aa20e7d --- /dev/null +++ b/sec-policy/selinux-xserver/selinux-xserver-2.20110726-r2.ebuild @@ -0,0 +1,14 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sec-policy/selinux-xserver/selinux-xserver-2.20110726-r2.ebuild,v 1.1 2012/01/14 19:59:59 swift Exp $ +EAPI="4" + +IUSE="" +MODS="xserver" +BASEPOL="2.20110726-r9" + +inherit selinux-policy-2 + +DESCRIPTION="SELinux policy for xserver" + +KEYWORDS="~amd64 ~x86" |