From 9e837ea0f35bb232eebfc8603264459ba4ffa52f Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 5 Dec 2019 01:21:27 +0100 Subject: gnu: SELinux: Update to 3.0. * gnu/packages/selinux.scm (libsepol): Update to 3.0. [arguments]: Don't set DESTDIR. Change PYSITEDIR to PYTHONLIBDIR. Drop phase 'remove-Werror'. (libselinux)[arguments]: Add substitution to use the correct Python directory. (libsemanage)[arguments]: Change PYSITEDIR to PYTHONLIBDIR. Add phase 'adjust-semanage-conf-location'. [inputs]: Remove USTR. (policycoreutils)[arguments]: Remove obsolete substitution. --- gnu/packages/selinux.scm | 42 ++++++++++++++++++++---------------------- 1 file changed, 20 insertions(+), 22 deletions(-) (limited to 'gnu/packages/selinux.scm') diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm index 1c45cb8c7e..49362d129b 100644 --- a/gnu/packages/selinux.scm +++ b/gnu/packages/selinux.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016, 2017, 2018 Ricardo Wurmus ;;; Copyright © 2018 Tobias Geerinckx-Rice +;;; Copyright © 2019 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -39,7 +40,6 @@ #:use-module (gnu packages python) #:use-module (gnu packages python-xyz) #:use-module (gnu packages swig) - #:use-module (gnu packages textutils) #:use-module (gnu packages xml)) ;; Update the SELinux packages together! @@ -47,8 +47,8 @@ (define-public libsepol (package (name "libsepol") - (version "2.7") - (source (let ((release "20170804")) + (version "3.0") + (source (let ((release "20191204")) (origin (method git-fetch) (uri (git-reference @@ -57,7 +57,7 @@ (file-name (string-append "selinux-" release "-checkout")) (sha256 (base32 - "1l1nn8bx08v4cxkw5kb0wgr61rfqj5ra9dh1dy5jslillj93vivq"))))) + "05rpzm72cgprd0ccr6lvx9hm8j8b5nkqi4avshlsyg7s3sdlcxjs"))))) (build-system gnu-build-system) (arguments `(#:tests? #f ; tests require checkpolicy, which requires libsepol @@ -65,7 +65,7 @@ #:make-flags (let ((out (assoc-ref %outputs "out"))) (list (string-append "PREFIX=" out) - (string-append "DESTDIR=" out) + (string-append "SHLIBDIR=" out "/lib") (string-append "MAN3DIR=" out "/share/man/man3") (string-append "MAN5DIR=" out "/share/man/man5") (string-append "MAN8DIR=" out "/share/man/man8") @@ -139,7 +139,7 @@ module into a binary representation.") (string-append "LIBSEPOLA=" (assoc-ref %build-inputs "libsepol") "/lib/libsepol.a") - (string-append "PYSITEDIR=" + (string-append "PYTHONLIBDIR=" (assoc-ref %outputs "python") "/lib/python" ,(version-major+minor (package-version python)) @@ -150,19 +150,17 @@ module into a binary representation.") (delete 'portability) (replace 'enter-dir (lambda _ (chdir ,name) #t)) - (add-after 'enter-dir 'remove-Werror - (lambda _ - ;; GCC complains about the fact that the output does not (yet) - ;; have an "include" directory, even though it is referenced. - (substitute* '("src/Makefile" - "utils/Makefile") - (("-Werror ") "")) - #t)) (add-after 'build 'pywrap (lambda* (#:key make-flags #:allow-other-keys) (apply invoke "make" "pywrap" make-flags))) (add-after 'install 'install-pywrap - (lambda* (#:key make-flags #:allow-other-keys) + (lambda* (#:key make-flags outputs #:allow-other-keys) + ;; The build system uses "python setup.py install" to install + ;; Python bindings. Instruct it to use the correct output. + (substitute* "src/Makefile" + (("--prefix=\\$\\(PREFIX\\)") + (string-append "--prefix=" (assoc-ref outputs "python")))) + (apply invoke "make" "install-pywrap" make-flags))))))) ;; These libraries are in "Requires.private" in libselinux.pc. (propagated-inputs @@ -191,7 +189,7 @@ the core SELinux management utilities.") (substitute-keyword-arguments (package-arguments libsepol) ((#:make-flags flags) `(cons* "PYTHON=python3" - (string-append "PYSITEDIR=" + (string-append "PYTHONLIBDIR=" (assoc-ref %outputs "out") "/lib/python" ,(version-major+minor (package-version python)) @@ -202,6 +200,12 @@ the core SELinux management utilities.") (delete 'portability) (replace 'enter-dir (lambda _ (chdir ,name) #t)) + (add-before 'install 'adjust-semanage-conf-location + (lambda _ + (substitute* "src/Makefile" + (("DEFAULT_SEMANAGE_CONF_LOCATION=/etc") + "DEFAULT_SEMANAGE_CONF_LOCATION=$(PREFIX)/etc")) + #t)) (add-after 'build 'pywrap (lambda* (#:key make-flags #:allow-other-keys) (apply invoke "make" "pywrap" make-flags))) @@ -212,7 +216,6 @@ the core SELinux management utilities.") `(("libsepol" ,libsepol) ("libselinux" ,libselinux) ("audit" ,audit) - ("ustr" ,ustr) ;; For pywrap phase ("python" ,python-wrapper))) (native-inputs @@ -393,11 +396,6 @@ tools, and libraries designed to facilitate SELinux policy analysis.") (lambda _ (chdir ,name) #t)) (add-after 'enter-dir 'ignore-/usr-tests (lambda* (#:key inputs #:allow-other-keys) - ;; The Makefile decides to build restorecond only if it finds the - ;; inotify header somewhere under /usr. - (substitute* "Makefile" - (("ifeq.*") "") - (("endif.*") "")) ;; Rewrite lookup paths for header files. (substitute* '("newrole/Makefile" "setfiles/Makefile" -- cgit v1.2.3 From 7981c0be07d4e7723c263bedc5ef258d814a0ffb Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 27 Jan 2020 23:06:40 +0100 Subject: gnu: libsepol: Fix cross-compilation. * gnu/packages/selinux.scm (libsepol)[arguments]: Check for (%CURRENT-TARGET-SYSTEM) and adjust the "CC" flag accordingly. --- gnu/packages/selinux.scm | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'gnu/packages/selinux.scm') diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm index 49362d129b..5c0cbfa639 100644 --- a/gnu/packages/selinux.scm +++ b/gnu/packages/selinux.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016, 2017, 2018 Ricardo Wurmus ;;; Copyright © 2018 Tobias Geerinckx-Rice -;;; Copyright © 2019 Marius Bakke +;;; Copyright © 2019, 2020 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -63,14 +63,19 @@ `(#:tests? #f ; tests require checkpolicy, which requires libsepol #:test-target "test" #:make-flags - (let ((out (assoc-ref %outputs "out"))) + (let ((out (assoc-ref %outputs "out")) + (target ,(%current-target-system))) (list (string-append "PREFIX=" out) (string-append "SHLIBDIR=" out "/lib") (string-append "MAN3DIR=" out "/share/man/man3") (string-append "MAN5DIR=" out "/share/man/man5") (string-append "MAN8DIR=" out "/share/man/man8") (string-append "LDFLAGS=-Wl,-rpath=" out "/lib") - "CC=gcc")) + (string-append "CC=" + (if target + (string-append (assoc-ref %build-inputs "cross-gcc") + "/bin/" target "-gcc") + "gcc")))) #:phases (modify-phases %standard-phases (delete 'configure) -- cgit v1.2.3 From 2401678f56695b80b5a46d2aef931afcde278c2c Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 27 Jan 2020 23:07:23 +0100 Subject: gnu: checkpolicy: Fix cross-compilation. * gnu/packages/selinux.scm (checkpolicy)[arguments]: Check for (%CURRENT-TARGET-SYSTEM) and adjust the "CC" flag accordingly. --- gnu/packages/selinux.scm | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'gnu/packages/selinux.scm') diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm index 5c0cbfa639..1502d167c4 100644 --- a/gnu/packages/selinux.scm +++ b/gnu/packages/selinux.scm @@ -106,12 +106,17 @@ boolean settings).") (arguments `(#:tests? #f ; there is no check target #:make-flags - (let ((out (assoc-ref %outputs "out"))) + (let ((out (assoc-ref %outputs "out")) + (target ,(%current-target-system))) (list (string-append "PREFIX=" out) (string-append "LIBSEPOLA=" (assoc-ref %build-inputs "libsepol") "/lib/libsepol.a") - "CC=gcc")) + (string-append "CC=" + (if target + (string-append (assoc-ref %build-inputs "cross-gcc") + "/bin/" target "-gcc") + "gcc")))) #:phases (modify-phases %standard-phases (delete 'configure) -- cgit v1.2.3