--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007, 2008 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include $(PKGROOT)/Include
+
+PKG_NAME = libsemanage
+PKG_VER = 2.0.45
+PKG_REL = 0
+
+PKG_MAINTAINER =
+PKG_GROUP = System/Libraries
+PKG_URL = http://www.selinuxproject.org
+PKG_LICENSE = LGPLv2+
+PKG_SUMMARY = SELinux binary policy manipulation library.
+
+PKG_BUILD_DEPS+= bison flex libselinux-devel libsepol-devel \
+ python-devel swig ustr-devel
+
+define PKG_DESCRIPTION
+ libsemanage provides an API for the manipulation of SELinux \
+ binary policies.
+endef
+
+PKG_TARBALL = $(THISAPP).tgz
+
+PKG_PACKAGES += $(PKG_NAME_REAL)-devel python-selinux-manage
+
+# Package information for python-selinux-manage
+PKG_SUMMARY-python-selinux-manage = SELinux manage python bindings.
+PKG_DESCRIPTION-selinux-manage = SELinux python bindings for libsemanage.
+
+define PKG_FILES-python-selinux-manage
+ /usr/lib/python*
+endef
+
+define STAGE_BUILD
+ cd $(DIR_APP) && make clean
+ cd $(DIR_APP) && make CC=gcc LIBDIR="/usr/lib" CFLAGS="-g $(CFLAGS)" swigify
+ cd $(DIR_APP) && make CC=gcc LIBDIR="/usr/lib" CFLAGS="-g $(CFLAGS)" all
+ cd $(DIR_APP) && make CC=gcc LIBDIR="/usr/lib" CFLAGS="-g $(CFLAGS)" pywrap
+endef
+
+define STAGE_INSTALL_CMDS
+ cd $(DIR_APP) && make install-pywrap DESTDIR=$(BUILDROOT)
+
+ # Install our config file
+ cp -vf $(DIR_SOURCE)/semanage.conf $(BUILDROOT)/etc/selinux/semanage.conf
+endef
--- /dev/null
+diff --exclude-from=exclude -N -u -r nsalibsemanage/src/genhomedircon.c libsemanage-2.0.44/src/genhomedircon.c
+--- nsalibsemanage/src/genhomedircon.c 2009-09-17 08:59:43.000000000 -0400
++++ libsemanage-2.0.44/src/genhomedircon.c 2010-02-24 14:57:23.000000000 -0500
+@@ -310,6 +310,10 @@
+ }
+ if (strcmp(pwbuf->pw_dir, "/") == 0)
+ continue;
++ if (strcmp(pwbuf->pw_dir, "/root") == 0) {
++ continue;
++ }
++
+ if (semanage_str_count(pwbuf->pw_dir, '/') <= 1)
+ continue;
+ if (!(path = strdup(pwbuf->pw_dir))) {
+@@ -803,6 +807,9 @@
+ * /root */
+ continue;
+ }
++ if (strcmp(pwent->pw_dir, "/root") == 0) {
++ continue;
++ }
+ if (push_user_entry(&head, name, seuname,
+ prefix, pwent->pw_dir) != STATUS_SUCCESS) {
+ *errors = STATUS_ERR;
--- /dev/null
+# Authors: Jason Tang <jtang@tresys.com>
+#
+# Copyright (C) 2004-2005 Tresys Technology, LLC
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+#
+# Specify how libsemanage will interact with a SELinux policy manager.
+# The four options are:
+#
+# "source" - libsemanage manipulates a source SELinux policy
+# "direct" - libsemanage will write directly to a module store.
+# /foo/bar - Write by way of a policy management server, whose
+# named socket is at /foo/bar. The path must begin
+# with a '/'.
+# foo.com:4242 - Establish a TCP connection to a remote policy
+# management server at foo.com. If there is a colon
+# then the remainder is interpreted as a port number;
+# otherwise default to port 4242.
+module-store = direct
+
+# When generating the final linked and expanded policy, by default
+# semanage will set the policy version to POLICYDB_VERSION_MAX, as
+# given in <sepol/policydb.h>. Change this setting if a different
+# version is necessary.
+#policy-version = 19
+
+# expand-check check neverallow rules when executing all semanage commands.
+# Large penalty in time if you turn this on.
+expand-check=0
+
+# usepasswd check tells semanage to scan all pass word records for home directories
+# and setup the labeling correctly. If this is turned off, SELinux will label /home
+# correctly only. You will need to use semanage fcontext command.
+# For example, if you had home dirs in /althome directory you would have to execute
+# semanage fcontext -a -e /home /althome
+usepasswd=False
projects / ipfire-3.x.git / commitdiff
