--- libselinux-2.0.65.orig/.gitmodules +++ libselinux-2.0.65/.gitmodules @@ -0,0 +1,3 @@ +[submodule "debian"] + path = debian + url = git://git.debian.org/~srivasta/debian-dir.git --- libselinux-2.0.65.orig/man/man3/security_setenforce.3 +++ libselinux-2.0.65/man/man3/security_setenforce.3 @@ -1 +1 @@ -.so security_getenforce.3 +.so man3/security_getenforce.3.gz --- libselinux-2.0.65.orig/src/Makefile +++ libselinux-2.0.65/src/Makefile @@ -1,5 +1,5 @@ # Installation directories. -PREFIX ?= $(DESTDIR)/usr +PREFIX ?= /usr LIBDIR ?= $(PREFIX)/lib SHLIBDIR ?= $(DESTDIR)/lib INCLUDEDIR ?= $(PREFIX)/include @@ -12,6 +12,7 @@ LIBA=libselinux.a TARGET=libselinux.so +LIBPC=libselinux.pc SWIGIF= selinuxswig_python.i SWIGCOUT= selinuxswig_wrap.c SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) @@ -46,7 +47,7 @@ GENERATED=$(SWIGCOUT) -all: $(LIBA) $(LIBSO) +all: $(LIBA) $(LIBSO) $(LIBPC) pywrap: all $(SWIGSO) $(AUDIT2WHYSO) @@ -64,6 +65,9 @@ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro ln -sf $@ $(TARGET) +$(LIBPC): $(LIBPC).in + sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):' < $< > $@ + audit2why.lo: audit2why.c $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $< @@ -82,24 +86,27 @@ swigify: $(SWIGIF) $(SWIG) $^ -install: all - test -d $(LIBDIR) || install -m 755 -d $(LIBDIR) - install -m 644 $(LIBA) $(LIBDIR) +install: all $(LIBPC) + test -d $(DESTDIR)$(LIBDIR) || install -m 755 -d $(DESTDIR)$(LIBDIR) + install -m 644 $(LIBA) $(DESTDIR)$(LIBDIR) + test -d $(DESTDIR)$(LIBDIR)/pkgconfig || install -m 755 -d $(DESTDIR)$(LIBDIR)/pkgconfig + install -m 644 $(LIBPC) $(DESTDIR)$(LIBDIR)/pkgconfig test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR) install -m 755 $(LIBSO) $(SHLIBDIR) - cd $(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET) + cd $(DESTDIR)$(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET) install-pywrap: pywrap - test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux - install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux - install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux - install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py + test -d $(DESTDIR)$(PYTHONLIBDIR)/site-packages/selinux || \ + install -m 755 -d $(DESTDIR)$(PYTHONLIBDIR)/site-packages/selinux + install -m 755 $(SWIGSO) $(DESTDIR)$(PYTHONLIBDIR)/site-packages/selinux + install -m 755 $(AUDIT2WHYSO) $(DESTDIR)$(PYTHONLIBDIR)/site-packages/selinux + install -m 644 selinux.py $(DESTDIR)$(PYTHONLIBDIR)/site-packages/selinux/__init__.py relabel: /sbin/restorecon $(SHLIBDIR)/$(LIBSO) clean: - -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(AUDIT2WHYSO) *.o *.lo *~ + -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(LIBPC) $(AUDIT2WHYSO) *.o *.lo *~ distclean: clean rm -f $(SWIGCOUT) $(SWIGFILES) --- libselinux-2.0.65.orig/src/libselinux.pc.in +++ libselinux-2.0.65/src/libselinux.pc.in @@ -0,0 +1,14 @@ +prefix=@prefix@ +exec_prefix=${prefix} +libdir=${exec_prefix}/lib +includedir=@includedir@ + +Name: libselinux +Description: Security Enhanced Linux library +Version: @VERSION@ +URL: http://www.nsa.gov/selinux/ +Requires.private: libsepol >= 1.12 +Libs: -L${libdir} -lselinux +Libs.private: -pthread +Cflags: -I${includedir} + --- libselinux-2.0.65.orig/debian/changelog +++ libselinux-2.0.65/debian/changelog @@ -0,0 +1,875 @@ +libselinux (2.0.65-5build1) jaunty; urgency=low + + * No-change rebuild for Python 2.6 transition. + + -- Luca Falavigna Thu, 05 Mar 2009 23:07:47 +0000 + +libselinux (2.0.65-5) unstable; urgency=high + + * Bug fix: "Python errors during upgrade", thanks to Frans Pop + This is a serious bug. (Closes: #499086). + * mount point /selinux does not exist. Fixed, though I believe it should + go into base-files. But we need the fix for lenny, and I am not + interested in bug-pong. (Closes: #498010) + * Updated Standards-Version: No changes required. + + -- Manoj Srivastava Tue, 16 Sep 2008 00:51:17 -0500 + +libselinux (2.0.65-4) unstable; urgency=high + + * Set urgency=high for Lenny + + -- Russell Coker Sat, 02 Aug 2008 15:52:31 +1000 + +libselinux (2.0.65-3) unstable; urgency=low + + * Added patch from Josselin Mouette to fix build problem. + Closes: #493316 + + -- Russell Coker Sat, 02 Aug 2008 15:46:31 +1000 + +libselinux (2.0.65-2) unstable; urgency=low + + * Added exec_prefix to libselinux.pc. + Closes: #489724 + + -- Russell Coker Sat, 12 Jul 2008 10:24:02 +1000 + +libselinux (2.0.65-1) unstable; urgency=low + + * Non-maintainer upload. + * New release needed for the latest policy. + + -- Russell Coker Sat, 12 Jul 2008 00:02:04 +1000 + +libselinux (2.0.59-1) unstable; urgency=high + + * New upstream release + * Merged new X label "poly_selection" namespace from Eamon Walsh. + * Merged reset_selinux_config() for load policy from Dan Walsh. + * Merged avc_has_perm() errno fix from Eamon Walsh. + * Regenerated Flask headers from refpolicy flask definitions. + * Merged compute_member AVC function and manpages from Eamon Walsh. + * Provide more error reporting on load policy failures from Stephen Smalley. + * Merged new X label "poly_prop" namespace from Eamon Walsh. + * Disable setlocaldefs if no local boolean or users files are present + from Stephen Smalley. + * Skip userspace preservebools processing for Linux >= 2.6.22 from + Stephen Smalley. + * Merged fix for audit2why from Dan Walsh. + * Merged audit2why python binding from Dan Walsh. + * Merged updated swig bindings from Dan Walsh, including typemap for pid_t. + * Fix for the avc: granted null message bug from Stephen Smalley. + * matchpathcon(8) man page update from Dan Walsh. + * dlopen libsepol.so.1 rather than libsepol.so from Stephen Smalley. + * Based on a suggestion from Ulrich Drepper, defer regex compilation + until we have a stem match, by Stephen Smalley. + A further optimization would be to defer regex compilation until we + have a complete match of the constant prefix of the regex - TBD. + * Regenerated Flask headers from policy. + * AVC enforcing mode override patch from Eamon Walsh. + * Aligned attributes in AVC netlink code from Eamon Walsh. + * Merged refactored AVC netlink code from Eamon Walsh. + * Merged new X label namespaces from Eamon Walsh. + * Bux fix and minor refactoring in string representation code. + * Merged selinux_get_callback, avc_open, empty string mapping from + Eamon Walsh. + * Fix segfault resulting from missing file_contexts file. + * Bug fix: "libselinux: selinux_default_type_path implicitly converted + to pointer", thanks to dann frazier . Closed by the new upstream + release. (Closes: #465287). + + -- Manoj Srivastava Mon, 17 Mar 2008 16:30:52 -0500 + +libselinux (2.0.35-1) unstable; urgency=low + + * New upstream release + * Make netlink socket close-on-exec to avoid descriptor leakage from + Dan Walsh. + * Pass CFLAGS when using gcc for linking from Dennis Gilmore. + * Fix selabel option flag setting for 64-bit from Stephen Smalley. + * Re-map a getxattr return value of 0 to a getfilecon return value of + -1 with errno EOPNOTSUPP from Stephen Smalley. + * Fall back to the compat code for security_class_to_string and + security_av_perm_to_string from Stephen Smalley. + * Fix swig binding for rpm_execcon from James Athey. + * Fix file_contexts.homedirs path from Todd Miller. + * Fix segfault resulting from uninitialized print-callback pointer. + * Added x_contexts path function patch from Eamon Walsh. + * Fix build for EMBEDDED=y from Yuichi Nakamura. + * Fix markup problems in selinux man pages from Dan Walsh. + * Updated av_permissions.h and flask.h to include new nscd permissions + from Dan Walsh. + * Added swigify to top-level Makefile from Dan Walsh. + * Fix for string_to_security_class segfault on x86_64 from Stephen + Smalley. + * Fix for getfilecon() for zero-length contexts from Stephen Smalley. + * Refactored SWIG bindings from James Athey. + * Labeling and callback interface patches from Eamon Walsh. + * Class and permission mapping support patches from Eamon Walsh. + * Object class discovery support patches from Chris PeBenito. + * Refactoring and errno support in string representation code. + * Merged patch to reduce size of libselinux and remove need for + libsepol for embedded systems from Yuichi Nakamura. + This patch also turns the link-time dependency on libsepol into a + runtime (dlopen) dependency even in the non-embedded case. + * Updated Lindent script and reindented two header files. + * Merged additional swig python bindings from Dan Walsh. + * When selinux_init_load_policy calls mount() it "knows" when selinux is + not wanted due to being disabled or having no kernel device handle and + sets *enforce to 0, but still allows the following fprintf to display + a rather misleading error message. The solution was provided by Kel + Modderman, but has been refactored slightly. + Closes: Bug#424011, Bug#447762 + * Reverted the fix for bug#448008 fixed in an NMU, and applied a + different fix for the issue. Thanks for the NMU, Clint Adams. + + -- Manoj Srivastava Wed, 06 Feb 2008 12:55:41 -0600 + +libselinux (2.0.15-2) unstable; urgency=low + + * Fix accidental deletion of selinux.py while building. + * Bump the version of python supported, since we no longer build for + python 2.3 + + -- Manoj Srivastava Mon, 7 May 2007 14:32:39 -0500 + +libselinux (2.0.15-1) unstable; urgency=low + + * New upstream SVN HEAD. + + Merged class/av string conversion and avc_compute_create patch from + Eamon Walsh. + + Merged sidput(NULL) patch from Eamon Walsh. + + Merged userspace AVC patch to follow kernel's behavior for permissive + mode in caching previous denials from Eamon Walsh. + + Merged support for getting initial contexts from James Carter. + + Merged rpm_execcon python binding fix, matchpathcon man page fix, and + getsebool -a handling for EACCES from Dan Walsh. + + Merged build fix for avc_internal.c from Joshua Brindle. + + Merged helpful message when selinuxfs mount fails patch from Dax + Kelson. + + -- Manoj Srivastava Sun, 6 May 2007 17:35:24 -0500 + +libselinux (2.0.8-1) unstable; urgency=low + + * New upstream trunk release. Bumped shlibs. + * Merged patch to drop support for CACHETRANS=0 config option from + Steve Grubb. + * Merged patch to drop support for old /etc/sysconfig/selinux and + /etc/security policy file layout from Steve Grubb. + * Merged init_selinuxmnt() and is_selinux_enabled() improvements from + Steve Grubb. + + + -- Manoj Srivastava Thu, 19 Apr 2007 17:48:44 -0500 + +libselinux (1.34.7-1) unstable; urgency=low + + * New upstream release + * Merged fix for avc.h #include's from Eamon Walsh. + * Removed sending of setrans init message. + * Merged matchpathcon memory leak fix from Steve Grubb. + * Merged more swig initializers from Dan Walsh. + * Merged patch from Todd Miller to convert int types over to C99 style. + * Merged patch from Todd Miller to remove sscanf in matchpathcon.c because + of the use of the non-standard format %as. (original patch changed + for style). + * Merged patch from Todd Miller to fix memory leak in matchpathcon.c. + * Merged python binding fixes from Dan Walsh. + * Updated version for stable branch. + * Merged man page updates to make "apropos selinux" work from Dan Walsh. + * Merged getdefaultcon utility from Dan Walsh. + * Merged selinux_check_securetty_context() and support from Dan Walsh. + * Merged patch for matchpathcon utility to use file mode information + when available from Dan Walsh. + * Merged patch to compile with -fPIC instead of -fpic from + Manoj Srivastava to prevent hitting the global offset table + limit. Patch changed to include libsepol and libsemanage in + addition to libselinux. + * Merged updated flask definitions from Darrel Goeddel. + This adds the context security class, and also adds + the string definitions for setsockcreate and polmatch. + * Added XS-VCS-Arch and XS-VCS-Browse to debian/control + + -- Manoj Srivastava Wed, 18 Apr 2007 23:43:43 -0500 + +libselinux (1.32-3) unstable; urgency=high + + * Bug fix: "python-selinux: package almost empty (except on i386)", + thanks to Martin Dickopp. Actually, any time the sources are built + straight from the .dsc, there exists a possibility that that the swig + output .x file could be older than the source; and while it is + feasible to use "touch" and md5sums of source files to fix this, it is + far less kludgy to just build depend on swig. No other changes are + made, and the swig output is only used by the python-selinux package. + This fixes a grave bug on python-selinux (Closes: #395915). + + -- Manoj Srivastava Sun, 5 Nov 2006 13:19:27 -0600 + +libselinux (1.32-2) unstable; urgency=medium + + * Fix an instance of dpkg-shlibs being called with no arguments on some + arches (I am not sure why it works for me on i386 UML's, but not on + the buildd's, but the current version fixes the obvious bug). + + -- Manoj Srivastava Fri, 20 Oct 2006 14:40:36 -0500 + +libselinux (1.32-1) unstable; urgency=low + + * New upstream release + * Merged av_permissions.h update from Steve Grubb, adding + setsockcreate and polmatch definitions. + * Merged patch from Darrel Goeddel to always use untranslated contexts + in the userspace AVC. + * Updated version for release. + + -- Manoj Srivastava Fri, 20 Oct 2006 12:43:14 -0500 + +libselinux (1.30.28-2) unstable; urgency=high + + * Bug fix: "dpkg FTBFS", thanks to Nicolas François. Urgency high, since + it makes an unrelated essential package FTBS, (Closes: #389291). + + -- Manoj Srivastava Tue, 26 Sep 2006 01:11:35 -0500 + +libselinux (1.30.28-1) unstable; urgency=high + + * New upstream point release + * Merged patch from Steve Smalley to fix SIGPIPE in setrans_client + * Merged c++ class identifier fix from Joe Nall. + * Bug fix: "libselinux1-dev: pkgconfig file needs Libs.private: + -lpthread", thanks to Daniel Schepler . Since this is a serious bug, + and makes important libraries FTBS, I am making the urgency high. + (Closes: #388375). + + -- Manoj Srivastava Wed, 20 Sep 2006 13:20:24 -0500 + +libselinux (1.30.27-3) unstable; urgency=low + + * Recompile with new libsepol1 version, to fix dependencies. + + -- Manoj Srivastava Mon, 11 Sep 2006 15:37:51 -0500 + +libselinux (1.30.27-2) unstable; urgency=low + + * The strategy of not building setrans_client on machines that lack + tls support fell flat on its face, so switch to using posix thread + mutexes instead. + + -- Manoj Srivastava Thu, 7 Sep 2006 02:12:49 -0500 + +libselinux (1.30.27-1) unstable; urgency=low + + * New upstream point release + * Merged patch to not log avc stats upon a reset from Steve Grubb. + * Applied patch to revert compat_net setting upon policy load. + * Provide md5sums + * Bug fix: "FTBFS on architectures lacking TLS support", thanks to Marco + d'Itri. We don't build setrans_client on machines that lack tls + support, and matchpathcon has been fixed to not require thread local + storage. (Closes: #384667). + * Bug fix: "libselinux: .version file for python package + (python-selinux) contains spaces", thanks to Rudolph Pereira + (Closes: #385099). + + -- Manoj Srivastava Wed, 6 Sep 2006 23:55:37 -0500 + +libselinux (1.30.26-2) unstable; urgency=low + + * Fix wrong directory the extensions were installed in. + + -- Manoj Srivastava Tue, 15 Aug 2006 00:04:39 -0500 + +libselinux (1.30.26-1) unstable; urgency=low + + * New upstream point release + * Merged file context homedir and local path functions from Chris + PeBenito. + * Rework functions that access /proc/pid/attr to access the per-thread + nodes, and unify the code to simplify maintenance. + * Merged return value fix for *getfilecon() from Dan Walsh. + * Merged sockcreate interfaces from Eric Paris. + + -- Manoj Srivastava Sun, 13 Aug 2006 00:24:19 -0500 + +libselinux (1.30.22-2) unstable; urgency=low + + * Fix a thinko in the python dependency generation code. + + -- Manoj Srivastava Fri, 11 Aug 2006 09:35:56 -0500 + +libselinux (1.30.22-1) unstable; urgency=low + + * New upstream point release + * Merged no-tls-direct-seg-refs patch from Jeremy Katz. + * Merged netfilter_contexts support patch from Chris PeBenito. + * Merged context_*_set errno patch from Jim Meyering. + * Bug fix: "libselinux: FTBFS on powerpc (refers to PAGE_SIZE not + supplied by ppc kernel-headers)", thanks to Devin Carraway. This was + fixed in the point release. (Closes: #381666). + * Bug fix: "libselinux1: Should run "telinit u" in postinst script", + thanks to Piotr Kaczuba (Closes: #382021). + * Moved the package to the new Python policy. This means that the old + python2.4-selinux package is now a virtual package, and now we provide + python packages for all supported versions of python, determining the + depends and the provides relationships of the python package + dynamically. The build depends has been changed to acoomodate it. The + package uses the python-support utility to help with byte compilation + and other modules handling. + + -- Manoj Srivastava Wed, 9 Aug 2006 21:22:21 -0500 + +libselinux (1.30.19-1) unstable; urgency=low + + * New upstream point release. + * Lindent. + * Merged {get,set}procattrcon patch set from Eric Paris. + * Merged re-base of keycreate patch originally by Michael LeMay from Eric Paris. + * Regenerated Flask headers from refpolicy. + * Merged patch from Dan Walsh with: + - Added selinux_file_context_{cmp,verify}. + - Added selinux_lsetfilecon_default. + - Delay translation of contexts in matchpathcon. + * Merged patch from Dan Walsh with: + * Added selinux_getpolicytype() function. + * Modified setrans code to skip processing if !mls_enabled. + * Set errno in the !selinux_mnt case. + * Allocate large buffers from the heap, not on stack. + Affects is_context_customizable, selinux_init_load_policy, + and selinux_getenforcemode. + * Merged !selinux_mnt checks from Ian Kent. + * Merged matchmediacon and trans_to_raw_context fixes from + Serge Hallyn. + * Merged simple setrans client cache from Dan Walsh. + Merged avcstat patch from Russell Coker. + * Modified selinux_mkload_policy() to also set /selinux/compat_net + appropriately for the loaded policy. + * Added matchpathcon_fini() function to free memory allocated by + matchpathcon_init(). + * Merged setrans client cleanup patch from Steve Grubb. + * Merged getfscreatecon man page fix from Dan Walsh. + * Updated booleans(8) man page to drop references to the old + booleans file and to note that setsebool can be used to set + the boot-time defaults via -P. + * Merged fix warnings patch from Karl MacMillan. + * Merged setrans client support from Dan Walsh. + This removes use of libsetrans. + * Merged patch to eliminate use of PAGE_SIZE constant from Dan Walsh. + * Merged swig typemap fixes from Glauber de Oliveira Costa. + * Added distclean target to Makefile. + * Regenerated swig files. + * Changed matchpathcon_init to verify that the spec file is + a regular file. + * Merged python binding t_output_helper removal patch from Dan Walsh. + * Merged Makefile PYLIBVER definition patch from Dan Walsh. + + -- Manoj Srivastava Wed, 19 Jul 2006 16:19:43 -0500 + +libselinux (1.30-1) unstable; urgency=low + + * New upstream release + * Updated version for release. + * Altered rpm_execcon fallback logic for permissive mode to also + handle case where /selinux/enforce is not available. + * Merged install-pywrap Makefile patch from Joshua Brindle. + * Merged pywrap Makefile patch from Dan Walsh. + * Added getseuser test program. + * Added format attribute to myprintf in matchpathcon.c and + removed obsoleted rootlen variable in init_selinux_config(). + * Merged several fixes and improvements from Ulrich Drepper + (Red Hat), including: + - corrected use of getline + - further calls to __fsetlocking for local files + - use of strdupa and asprintf + - proper handling of dirent in booleans code + - use of -z relro + - several other optimizations + * Merged getpidcon python wrapper from Dan Walsh (Red Hat). + * Merged call to finish_context_translations from Dan Walsh. + This eliminates a memory leak from failing to release memory + allocated by libsetrans. + * Merged patch for swig interfaces from Dan Walsh. + + -- Manoj Srivastava Wed, 22 Mar 2006 17:25:54 -0600 + +libselinux (1.28-4) unstable; urgency=low + + * Bug fix: "libselinux: please include a pkg-config file", thanks to + Guillem Jover. Really include it this time. (Closes: #348961). + + -- Manoj Srivastava Tue, 7 Feb 2006 11:32:21 -0600 + +libselinux (1.28-3) unstable; urgency=low + + * Bug fix: "libselinux: please include a pkg-config file", thanks to + Guillem Jover In Debian, dpkg compiles in libselinux statically -- in + order to prevent dependency loops. Now, as libselinux acquired a build + time dependency on libsepol, automated dpkg builds failed -- since + there was no way for packages to detect the transitive dependencies + when linking statically. This patch fixes that issue -- by generating + a .pc file to be used with pkg-config. + pkg-config --static --libs libselinux + libsepol has also been modified to provide a .pc file (Closes: #348961). + + -- Manoj Srivastava Sat, 28 Jan 2006 21:44:44 -0600 + +libselinux (1.28-2) unstable; urgency=low + + * Create a new python2.4-selinux package to hold the python bindings + + -- Manoj Srivastava Sun, 1 Jan 2006 00:33:50 -0600 + +libselinux (1.28-1) unstable; urgency=low + + * New upstream release + * Added MATCHPATHCON_VALIDATE flag for set_matchpathcon_flags() and + modified matchpathcon implementation to make context validation/ + canonicalization optional at matchpathcon_init time, deferring it + to a successful matchpathcon by default unless the new flag is set + by the caller. + * Added matchpathcon_init_prefix() interface, and + reworked matchpathcon implementation to support selective + loading of file contexts entries based on prefix matching + between the pathname regex stems and the specified path + prefix (stem must be a prefix of the specified path prefix). + * Merged getsebool patch from Dan Walsh. + * Added -f file_contexts option to matchpathcon util. + Fixed warning message in matchpathcon_init(). + * Merged Makefile python definitions patch from Dan Walsh. + * Merged swigify patch from Dan Walsh. + * Merged make failure in rpm_execcon non-fatal in permissive mode + patch from Ivan Gyurdiev. + * Added MATCHPATHCON_NOTRANS flag for set_matchpathcon_flags() + and modified matchpathcon_init() to skip context translation + if it is set by the caller. + * Added security_canonicalize_context() interface and + set_matchpathcon_canoncon() interface for obtaining + canonical contexts. Changed matchpathcon internals + to obtain canonical contexts by default. Provided + fallback for kernels that lack extended selinuxfs context + interface. + * Merged seusers parser changes from Ivan Gyurdiev. + * Merged setsebool to libsemanage patch from Ivan Gyurdiev. + * Changed seusers parser to reject empty fields. + * Merged seusers empty level handling patch from Jonathan Kim (TCS). + * Changed default entry for seusers to use __default__ to avoid + ambiguity with users named "default". + * Fixed init_selinux_config() handling of missing /etc/selinux/config + or missing SELINUXTYPE= definition. + * Merged selinux_translations_path() patch from Dan Walsh. + * Added hidden_proto/def for get_default_context_with_role. + * Merged selinux_path() and selinux_homedir_context_path() + functions from Joshua Brindle. + * Merged fixes for make DESTDIR= builds from Joshua Brindle. + * Merged get_default_context_with_rolelevel and man pages from + Dan Walsh (Red Hat). + * Updated call to sepol_policydb_to_image for sepol changes. + * Changed getseuserbyname to ignore empty lines and to handle + no matching entry in the same manner as no seusers file. + * Changed selinux_mkload_policy to try downgrading the + latest policy version available to the kernel-supported version. + * Changed selinux_mkload_policy to fall back to the maximum + policy version supported by libsepol if the kernel policy version + falls outside of the supported range. + * Changed getseuserbyname to fall back to the Linux username and + NULL level if seusers config file doesn't exist unless + REQUIRESEUSERS=1 is set in /etc/selinux/config. + * Moved seusers.conf under $SELINUXTYPE and renamed to seusers. + * Added selinux_init_load_policy() function as an even higher level + interface for the initial policy load by /sbin/init. This obsoletes + the load_policy() function in the sysvinit-selinux.patch. + * Added selinux_mkload_policy() function as a higher level interface + for loading policy than the security_load_policy() interface. + * Merged fix for matchpathcon (regcomp error checking) from Johan + Fischer. Also added use of regerror to obtain the error string + for inclusion in the error message. + * Changed getseuserbyname to not require (and ignore if present) + the MLS level in seusers.conf if MLS is disabled, setting *level + to NULL in this case. + * Merged getseuserbyname patch from Dan Walsh. + * Merged STRIP_LEVEL patch for matchpathcon from Dan Walsh. + This allows file_contexts with MLS fields to be processed on + non-MLS-enabled systems with policies that are otherwise + identical (e.g. same type definitions). + * Merged get_ordered_context_list_with_level() function from + Dan Walsh, and added get_default_context_with_level(). + This allows MLS level selection for users other than the + default level. + + -- Manoj Srivastava Sat, 10 Dec 2005 13:30:12 -0600 + +libselinux (1.26-1) unstable; urgency=low + + * New upstream release + * Updated version for release. + * Merged modified form of patch to avoid dlopen/dlclose by + the static libselinux from Dan Walsh. Users of the static libselinux + will not have any context translation by default. + * Added public functions to export context translation to + users of libselinux (selinux_trans_to_raw_context, + selinux_raw_to_trans_context). + * Remove special definition for context_range_set; use + common code. + * Hid translation-related symbols entirely and ensured that + raw functions have hidden definitions for internal use. + * Allowed setting NULL via context_set* functions. + * Allowed whitespace in MLS component of context. + * Changed rpm_execcon to use translated functions to workaround + lack of MLS level on upgraded systems. + * Merged context translation patch, originally by TCS, + with modifications by Dan Walsh (Red Hat). + * Merged several fixes for error handling paths in the + AVC sidtab, matchpathcon, booleans, context, and get_context_list + code from Serge Hallyn (IBM). Bugs found by Coverity. + * Removed setupns; migrated to pam. + * Merged patches to rename checkPasswdAccess() from Joshua Brindle. + Original symbol is temporarily retained for compatibility until + all callers are updated. + * Bump shlibs + + -- Manoj Srivastava Wed, 14 Sep 2005 10:35:52 -0500 + +libselinux (1.24-4) unstable; urgency=low + + * Bug fix: "Bad section for libselinux1-dev and selinux-utils", thanks + to Vincent Lefevre (Closes: #321959). + + -- Manoj Srivastava Wed, 10 Aug 2005 12:36:16 -0500 + +libselinux (1.24-3) unstable; urgency=low + + * Aaargh. I should have used the patch provided in the BTS. + * Fix FTBFS on ia64 : _syscall2 is not available on ia64, use + INLINE_SYSCALL as defined in glibc sources to define clone(). Credit + for this fix goes to Florian Weimer and Adeodato Simó. + (closes: #320193) + + -- Manoj Srivastava Sun, 7 Aug 2005 09:25:18 -0500 + +libselinux (1.24-2) unstable; urgency=low + + * Bug fix: "doesn't compile on ia64", thanks to Andreas + Barth. Apparently, we cannot use __clone2 because it requires a callback + and automatically invokes _exit in the child. Even if we used longjmp + to work around this problem, we are still using an internal GNU libc + interface. So, we include a GNU libc excerpt to implement a clone + look alike for IA64. Thanks to Florian Weimer for the fix. + (Closes: #320193). + + -- Manoj Srivastava Sat, 6 Aug 2005 09:24:12 -0500 + +libselinux (1.24-1) unstable; urgency=low + + * New upstream release. + * Updated version for release. + * Merged security_setupns() from Chad Sellers. + * Merged avcstat and selinux man page from Dan Walsh. + * Changed security_load_booleans to process booleans.local + even if booleans file doesn't exist. + * Merged set_selinuxmnt patch from Bill Nottingham (Red Hat). + * Rewrote get_ordered_context_list and helpers, including + changing logic to allow variable MLS fields. + * Merged matchpathcon and man page patch from Dan Walsh. + * Changed boolean functions to return -1 with errno ENOENT + rather than assert on a NULL selinux_mnt (i.e. selinuxfs not + mounted). + * Fixed bug in matchpathcon_filespec_destroy. + * Fixed bug in rpm_execcon error handling path. + * Merged fix for set_matchpathcon* functions from Andreas Steinmetz. + * Merged fix for getconlist utility from Andreas Steinmetz. + * Merged security_set_boolean_list patch from Dan Walsh. + This introduces booleans.local support for setsebool. + * Merged destructors patch from Tomas Mraz. + * Added set_matchpathcon_flags() function for setting flags + controlling operation of matchpathcon. MATCHPATHCON_BASEONLY + means only process the base file_contexts file, not + file_contexts.homedirs or file_contexts.local, and is for use by + setfiles -c. + * Updated matchpathcon.3 man page. + + -- Manoj Srivastava Sun, 26 Jun 2005 00:27:09 -0500 + +libselinux (1.22-1) unstable; urgency=low + + * New upstream release + * Fixed bug in matchpathcon_filespec_add() - failure to clear fl_head. + * Changed matchpathcon_common to ignore any non-format bits in the mode. + * Merged several fixes from Ulrich Drepper. + * Merged matchpathcon patch for file_contexts.homedir from Dan Walsh. + * Added selinux_users_path() for path to directory containing + system.users and local.users. + * Changed relabel Makefile target to use restorecon. + * Regenerated av_permissions.h. + * Modified avc_dump_av to explicitly check for any permissions that + cannot be mapped to string names and display them as a hex value. + * Regenerated av_permissions.h. + * Generalized matchpathcon internals, exported more interfaces, + and moved additional code from setfiles into libselinux so that + setfiles can directly use matchpathcon. + * Prevent overflow of spec array in matchpathcon. + * Fixed several uses of internal functions to avoid relocations. + * Changed rpm_execcon to check is_selinux_enabled() and fallback to + a regular execve if not enabled (or unable to determine due to a lack + of /proc, e.g. chroot'd environment). + * Merged minor fix for avcstat from Dan Walsh. + * Merged patch from Dan Walsh, including: + - new is_context_customizable function + - changed matchpathcon to also use file_contexts.local if present + - man page cleanups + * Changed matchpathcon to return -1 with errno ENOENT for + <> entries, and also for an empty file_contexts configuration. + * Removed some trivial utils that were not useful or redundant. + * Changed BINDIR default to /usr/sbin to match change in Fedora. + * Added security_compute_member. + * Added man page for setcon. + * Merged more man pages from Dan Walsh. + * Merged avcstat from James Morris. + * Merged build fix for mips from Manoj Srivastava. + * Merged C++ support from John Ramsdell of MITRE. + * Merged setcon() function from Darrel Goeddel of TCS. + * Merged setsebool/togglesebool enhancement from Steve Grubb. + * Merged cleanup patches from Steve Grubb. + + -- Manoj Srivastava Sat, 12 Mar 2005 16:19:39 -0600 + +libselinux (1.20-1) unstable; urgency=low + + * New upstream release. Excerpted changes: + * Changed matchpathcon to return -1 with errno ENOENT for + <> entries, and also for an empty file_contexts configuration. + * Removed some trivial utils that were not useful or redundant. + * Changed BINDIR default to /usr/sbin to match change in Fedora. + * Added security_compute_member. + * Added man page for setcon. + * Merged more man pages from Dan Walsh. + * Merged avcstat from James Morris. + * Merged build fix for mips from Manoj Srivastava. + * Merged C++ support from John Ramsdell of MITRE. + * Merged setcon() function from Darrel Goeddel of TCS. + * Merged setsebool/togglesebool enhancement from Steve Grubb. + * Merged cleanup patches from Steve Grubb. + * Bug fix: "should have man pages for all the functions", thanks to + Colin Walters A lot of man pages were included in this upstream + release. (Closes: #207028). + + -- Manoj Srivastava Wed, 12 Jan 2005 14:33:16 -0600 + +libselinux (1.18-3) unstable; urgency=low + + * Update download location and copyright file, since the locations we + were pointing to are now forbidden (return a code 403). Bug fix: + "libselinux1: update upstream location in the copyright file", thanks + to Adrian Bunk (Closes: #282736). + + -- Manoj Srivastava Wed, 24 Nov 2004 14:03:21 -0600 + +libselinux (1.18-2) unstable; urgency=low + + * Bug fix: "libselinux doesn't build on mips and mipsel", thanks to + Adrian Bunk. (Closes: #281464). + + -- Manoj Srivastava Tue, 16 Nov 2004 01:34:13 -0600 + +libselinux (1.18-1) unstable; urgency=low + + * New upstream release. Excerpted changes: + * Merged cleanup patches from Steve Grubb. + * Added rpm_execcon. + * Merged setenforce and removable context patch from Dan Walsh. + * Merged build fix for alpha from Ulrich Drepper. + * Removed copyright/license from selinux_netlink.h - definitions only. + * Merged matchmediacon from Dan Walsh. + * Regenerated headers for new nscd permissions. + * Added get_default_context_with_role. + * Added set_matchpathcon_printf. + * Reworked av_inherit.h to allow easier re-use by kernel. + * Changed avc_has_perm_noaudit to not fail on netlink errors. + * Changed avc netlink code to check pid based on patch by Steve Grubb. + * Merged second optimization patch from Ulrich Drepper. + * Changed matchpathcon to skip invalid file_contexts entries. + * Made string tables private to libselinux. + * Merged strcat->stpcpy patch from Ulrich Drepper. + * Merged matchpathcon man page from Dan Walsh. + * Merged patch to eliminate PLTs for local syms from Ulrich Drepper. + * Autobind netlink socket. + * Dropped compatibility code from security_compute_user. + * Merged fix for context_range_set from Chad Hanson. + * Merged allocation failure checking patch from Chad Hanson. + * Merged avc netlink error message patch from Colin Walters. + + -- Manoj Srivastava Wed, 3 Nov 2004 17:03:06 -0600 + +libselinux (1.16-8) unstable; urgency=low + + * The dev package was missing a lib. + + -- Manoj Srivastava Wed, 27 Oct 2004 11:41:37 -0500 + +libselinux (1.16-7) unstable; urgency=low + + * The section 3 man pages should be in the -dev package. + + -- Manoj Srivastava Wed, 27 Oct 2004 10:59:55 -0500 + +libselinux (1.16-6) unstable; urgency=low + + * Sigh. Getting late. Remember to sign the upload, this time. + + -- Manoj Srivastava Wed, 27 Oct 2004 02:57:52 -0500 + +libselinux (1.16-5) unstable; urgency=low + + * Added shlibs.local to allow bootstrapping selinux-utils on buildd's. + + -- Manoj Srivastava Wed, 27 Oct 2004 02:27:23 -0500 + +libselinux (1.16-4) unstable; urgency=low + + * Bug fix: "libselinux_1.16-3: FTBFS: dpkg-shlibdeps: need at least one + executable", thanks to Anibal Monsalve Salazar. Actually, the problem + is that we need to build depend on file. (Closes: #278355). + + -- Manoj Srivastava Wed, 27 Oct 2004 02:19:00 -0500 + +libselinux (1.16-3) unstable; urgency=low + + * New maintainer, and new build system. + * Bug fix: "libselinux1: package should not contain libselinux.so file", + thanks to Patrick Caulfield (Closes: #252124). + * Bug fix: "lvm2: FTBFS", thanks to Frederik Schueler (Closes: #251936). + * Bug fix: "lvm2: FTBFS when libselinux1 installed and libselinux1-dev + not.", thanks to Kurt Roeckx (Closes: #265325). + + -- Manoj Srivastava Tue, 26 Oct 2004 04:40:38 -0500 + +libselinux (1.16-2) unstable; urgency=low + + * Patch to catch malloc() failures from Chad Hanson. + + -- Russell Coker Tue, 24 Aug 2004 16:51:00 +1000 + +libselinux (1.16-1) unstable; urgency=low + + * New upstream with better boolean support. + + -- Russell Coker Fri, 20 Aug 2004 18:12:00 +1000 + +libselinux (1.14-3) unstable; urgency=low + + * Rebuild to get the man page links correct. + + -- Russell Coker Tue, 10 Aug 2004 13:12:00 +1000 + +libselinux (1.14-2) unstable; urgency=low + + * Changed selinux_file_context_path to refer to the Debian location. + + -- Russell Coker Tue, 13 Jul 2004 15:05:00 +1000 + +libselinux (1.14-1) unstable; urgency=low + + * New upstream version, more and better man pages, and a bug fix that doesn't + affect Debian. + + -- Russell Coker Wed, 30 Jun 2004 14:33:00 +1000 + +libselinux (1.12-1) unstable; urgency=low + + * New upstream version, fixes some minor bugs and adds SE-X security classes. + + -- Russell Coker Sat, 15 May 2004 16:07:00 +1000 + +libselinux (1.10-1) unstable; urgency=low + + * Take over the package from Colin and make it required/base. + + -- Russell Coker Thu, 13 May 2004 08:14:00 +1000 + +libselinux (1.10-0.1) unstable; urgency=low + + * New upstream version. + + -- Russell Coker Fri, 9 Apr 2004 14:22:00 +1000 + +libselinux (1.8-0.3) unstable; urgency=low + + * Applied a better fix from Steve. + + -- Russell Coker Wed, 24 Mar 2004 15:23:00 +1100 + +libselinux (1.8-0.2) unstable; urgency=low + + * Fixed bug where "selinuxfs" device is mounted. + + -- Russell Coker Tue, 23 Mar 2004 21:19:00 +1100 + +libselinux (1.8-0.1) unstable; urgency=low + + * NMU for new upstream version and to put in some man page links. + + -- Russell Coker Sun, 14 Mar 2004 18:49:00 +1100 + +libselinux (1.6-1) unstable; urgency=low + + * debian/rules: + - Make classes.pl executable (Closes: #235011). + + -- Colin Walters Tue, 2 Mar 2004 16:51:48 +0000 + +libselinux (1.6-0.1) unstable; urgency=low + + * NMU for new upstream version. + + * Added man pages. + + -- Russell Coker Thu, 26 Feb 2004 21:14:00 +1100 + +libselinux (1.4-0.1) unstable; urgency=low + + * New upstream release. + + -- Russell Coker Sat, 6 Dec 2003 22:34:00 +1100 + +libselinux (1.2-1.2) unstable; urgency=low + + * Made libselinux1-dev depend on libselinux1. + + -- Russell Coker Sat, 6 Dec 2003 17:38:00 +1100 + +libselinux (1.2-1.1) unstable; urgency=low + + * NMU to fix some const issues. + + -- Russell Coker Sun, 9 Nov 2003 13:31:00 +1100 + +libselinux (1.2-1) unstable; urgency=low + + * New upstream release. + * debian/libselinux1.install: + - Install libraries in /lib. + - Install libselinux.so here instead of in -dev. + * debian/control: + - Build-depend on cdbs 0.4.12. + + -- Colin Walters Wed, 8 Oct 2003 09:38:04 -0400 + +libselinux (1.1-2) unstable; urgency=low + + * libselinux1-dev.install: + * libselinux1.install: + - Install headers in libselinux1-dev, not libselinux1. + + -- Colin Walters Sun, 24 Aug 2003 13:35:36 -0400 + +libselinux (1.1-1) unstable; urgency=low + + * New upstream release. + + -- Colin Walters Thu, 21 Aug 2003 23:42:55 -0400 + +libselinux (1.0-1) unstable; urgency=low + + * Initial version. + + -- Colin Walters Thu, 3 Jul 2003 17:16:19 -0400 --- libselinux-2.0.65.orig/debian/rules +++ libselinux-2.0.65/debian/rules @@ -0,0 +1,63 @@ +#! /usr/bin/make -f +############################ -*- Mode: Makefile; coding: utf-8 -*- ########################### +## rules --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Fri Nov 14 12:33:34 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Tue Nov 18 17:46:22 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 70 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: 9a5063f4-1e20-4fff-b22a-de94c1e3d954 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +## +############################################################################### + +# Include dpkg-architecture generated variables +include debian/common/archvars.mk + +# Set variables with information extracted from control and changelog files +include debian/common/pkgvars.mk + +# variables useful for perl packages +include debian/common/perlvars.mk + +# Install commands +include debian/common/install_cmds.mk + +include debian/local-vars.mk + +include debian/common/copt.mk + +include debian/common/automake.mk + + + +all: + @echo nothing to be done + +include debian/common/targets.mk + +include debian/local.mk + + +#Local variables: +#mode: makefile +#End: --- libselinux-2.0.65.orig/debian/shlibs +++ libselinux-2.0.65/debian/shlibs @@ -0,0 +1,2 @@ +# arch-tag: 98eb5091-80f4-4527-87e9-8d9f577515a2 +libselinux 1 libselinux1 (>= 2.0.59) --- libselinux-2.0.65.orig/debian/python_postinst +++ libselinux-2.0.65/debian/python_postinst @@ -0,0 +1,221 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# postinst --- +# Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +# Created On : Fri Nov 14 11:25:07 2003 +# Created On Node : glaurung.green-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Wed Aug 9 22:54:49 2006 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 16 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 8c502749-1a6e-44fb-a655-48b21e245130 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# + +# Abort if any command returns an error value +set -e + +package_name=python-selinux + +if [ -z "$package_name" ]; then + print >&2 "Internal Error. Please report a bug." + exit 1; +fi + +# This script is called as the last step of the installation of the +# package. All the package's files are in place, dpkg has already done +# its automatic conffile handling, and all the packages we depend of +# are already fully installed and configured. +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +# The following idempotent stuff doesn't generally need protecting +# against being run in the abort-* cases. + +# Install info files into the dir file +##: install-info --quiet --section "section pattern" "Section Title" \ +##: --description="Name of the document" /usr/info/${package_name}.info + +# Create stub directories under /usr/local +##: if test ! -d /usr/local/lib/${package_name}; then +##: if test ! -d /usr/local/lib; then +##: if mkdir /usr/local/lib; then +##: chown root.staff /usr/local/lib || true +##: chmod 2775 /usr/local/lib || true +##: fi +##: fi +##: if mkdir /usr/local/lib/${package_name}; then +##: chown root.staff /usr/local/lib/${package_name} || true +##: chmod 2775 /usr/local/lib/${package_name} || true +##: fi +##: fi + +# Ensure the menu system is updated +##: [ ! -x /usr/bin/update-menus ] || /usr/bin/update-menus + +# Arrange for a daemon to be started at system boot time +##: update-rc.d ${package_name} default >/dev/null + +case "$1" in + configure) + # Configure this package. If the package must prompt the user for + # information, do it here. + # Install emacs lisp files + ##:if [ -x /usr/lib/emacsen-common/emacs-package-install ]; then + ##: /usr/lib/emacsen-common/emacs-package-install $package_name + ##:fi + + + # Activate menu-methods script + ##: chmod a+x /etc/menu-methods/${package_name} + + # Update ld.so cache + #ldconfig + + if which update-python-modules >/dev/null 2>&1; then + update-python-modules -i /usr/share/python-support/${package_name} + fi + + # Make our version of a program available + ##: update-alternatives \ + ##: --install /usr/bin/program program /usr/bin/alternative 50 \ + ##: --slave /usr/man/man1/program.1.gz program.1.gz \ + ##: /usr/man/man1/alternative.1.gz + + # Tell ucf that the file in /usr/share/foo is the latest + # maintainer version, and let it handle how to manage the real + # confuguration file in /etc. This is how a static configuration + # file can be handled: + ##:if which ucf >/dev/null 2>&1; then + ##: ucf /usr/share/${package_name}/configuration /etc/${package_name}.conf + ##:fi + + ### We could also do this on the fly. The following is from Tore + ### Anderson: + + #. /usr/share/debconf/confmodule + + ### find out what the user answered. + # db_get foo/run_on_boot + # run_on_boot=$RET + # db_stop + + ### safely create a temporary file to generate our suggested + ### configuration file. + # tempfile=`tempfile` + # cat << _eof > $tempfile + ### Configuration file for Foo. + + ### this was answered by you, the user in a debconf dialogue + # RUNONBOOT=$run_on_boot + + ### this was not, as it has a sane default value. + # COLOUROFSKY=blue + + #_eof + + ### Note that some versions of debconf do not release stdin, so + ### the following invocation of ucf may not work, since the stdin + ### is never coneected to ucfr. + + ### now, invoke ucf, which will take care of the rest, and ask + ### the user if he wants to update his file, if it is modified. + #ucf $tempfile /etc/foo.conf + + ### done! now we'll just clear up our cruft. + #rm -f $tempfile + + + + # There are three sub-cases: + if test "${2+set}" != set; then + # We're being installed by an ancient dpkg which doesn't remember + # which version was most recently configured, or even whether + # there is a most recently configured version. + : + + elif test -z "$2" || test "$2" = ""; then + # The package has not ever been configured on this system, or was + # purged since it was last configured. + : + + else + # Version $2 is the most recently configured version of this + # package. + : + + fi ;; + abort-upgrade) + # Back out of an attempt to upgrade this package FROM THIS VERSION + # to version $2. Undo the effects of "prerm upgrade $2". + : + + ;; + abort-remove) + if test "$2" != in-favour; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to remove this package, which was due to + # a conflict with package $3 (version $4). Undo the effects of + # "prerm remove in-favour $3 $4". + : + + ;; + abort-deconfigure) + if test "$2" != in-favour || test "$5" != removing; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to deconfigure this package, which was + # due to package $6 (version $7) which we depend on being removed + # to make way for package $3 (version $4). Undo the effects of + # "prerm deconfigure in-favour $3 $4 removing $6 $7". + : + + ;; + *) echo "$0: didn't understand being called with \`$1'" 1>&2 + exit 0;; +esac + +# Install doc base documentation +##:if which install-docs >/dev/null 2>&1; then +##: if [ -e /usr/share/doc-base/${package_name} ]; then +##: install-docs -i /usr/share/doc-base/${package_name} +##: fi +##:fi + +exit 0 --- libselinux-2.0.65.orig/debian/postrm +++ libselinux-2.0.65/debian/postrm @@ -0,0 +1,170 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# postrm --- +# Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +# Created On : Fri Nov 14 12:22:20 2003 +# Created On Node : glaurung.green-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Tue Oct 26 03:33:48 2004 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 10 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 56802d51-d980-4822-85c0-28fce19ed430 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + + +# Abort if any command returns an error value +set -e + +package_name=libselinux1 + +if [ -z "$package_name" ]; then + print >&2 "Internal Error. Please report a bug." + exit 1; +fi + +# This script is called twice during the removal of the package; once +# after the removal of the package's files from the system, and as +# the final step in the removal of this package, after the package's +# conffiles have been removed. +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +# Ensure the menu system is updated +##: [ ! -x /usr/bin/update-menus ] || /usr/bin/update-menus + +case "$1" in + remove) + # This package is being removed, but its configuration has not yet + # been purged. + : + + # Remove diversion + ##: dpkg-divert --package ${package_name} --remove --rename \ + ##: --divert /usr/bin/other.real /usr/bin/other + + ldconfig + + ;; + purge) + # This package has previously been removed and is now having + # its configuration purged from the system. + : + + # we mimic dpkg as closely as possible, so we remove configuration + # files with dpkg backup extensions too: + ### Some of the following is from Tore Anderson: + ##: for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist; do + ##: rm -f /etc/${package_name}.conf$ext + ##: done + + # remove the configuration file itself + ##: rm -f /etc/${package_name}.conf + + # and finally clear it out from the ucf database + ##: ucf --purge /etc/${package_name}.conf + + # Remove symlinks from /etc/rc?.d + ##: update-rc.d ${package_name} remove >/dev/null + + ##: if [ -e /usr/share/debconf/confmodule ]; then + ##: # Purge this package's data from the debconf database. + ##: . /usr/share/debconf/confmodule + ##: db_purge + ##: fi + + # This package has previously been removed and is now having + # its configuration purged from the system. + ##: for flavour in emacs20 emacs21; do + ##: STARTDIR=/etc/$flavour/site-start.d; + ##: STARTFILE="${package_name}-init.el"; + ##: if [ -e "$STARTDIR/20$STARTFILE" ]; then + ##: rm -f "$STARTDIR/20$STARTFILE" + ##: fi + ##: done + + ;; + disappear) + if test "$2" != overwriter; then + echo "$0: undocumented call to \`postrm $*'" 1>&2 + exit 0 + fi + # This package has been completely overwritten by package $3 + # (version $4). All our files are already gone from the system. + # This is a special case: neither "prerm remove" nor "postrm remove" + # have been called, because dpkg didn't know that this package would + # disappear until this stage. + : + + ;; + upgrade) + # About to upgrade FROM THIS VERSION to version $2 of this package. + # "prerm upgrade" has been called for this version, and "preinst + # upgrade" has been called for the new version. Last chance to + # clean up. + : + + ;; + failed-upgrade) + # About to upgrade from version $2 of this package TO THIS VERSION. + # "prerm upgrade" has been called for the old version, and "preinst + # upgrade" has been called for this version. This is only used if + # the previous version's "postrm upgrade" couldn't handle it and + # returned non-zero. (Fix old postrm bugs here.) + : + + ;; + abort-install) + # Back out of an attempt to install this package. Undo the effects of + # "preinst install...". There are two sub-cases. + : + + if test "${2+set}" = set; then + # When the install was attempted, version $2's configuration + # files were still on the system. Undo the effects of "preinst + # install $2". + : + + else + # We were being installed from scratch. Undo the effects of + # "preinst install". + : + + fi ;; + abort-upgrade) + # Back out of an attempt to upgrade this package from version $2 + # TO THIS VERSION. Undo the effects of "preinst upgrade $2". + : + + ;; + *) echo "$0: didn't understand being called with \`$1'" 1>&2 + exit 0;; +esac + +exit 0 --- libselinux-2.0.65.orig/debian/local-vars.mk +++ libselinux-2.0.65/debian/local-vars.mk @@ -0,0 +1,71 @@ +############################ -*- Mode: Makefile -*- ########################### +## local-vars.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 10:43:00 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Aug 12 03:57:31 2006 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 22 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: 1a76a87e-7af5-424a-a30d-61660c8f243e +## +############################################################################### + +FILES_TO_CLEAN = debian/files debian/substvars substvars.utils +STAMPS_TO_CLEAN = +DIRS_TO_CLEAN = + +# Location of the source dir +SRCTOP := $(shell if [ "$$PWD" != "" ]; then echo $$PWD; else pwd; fi) +TMPTOP = $(SRCTOP)/debian/$(package) +LINTIANDIR = $(TMPTOP)/usr/share/lintian/overrides + +PREFIX = /usr +BINDIR = $(TMPTOP)$(PREFIX)/bin +LIBDIR = $(TMPTOP)/lib +INCLUDE = $(TMPTOP)$(PREFIX)/include +INCDIR = $(INCLUDE)/selinux + +MANDIR = $(TMPTOP)/usr/share/man/ +MAN1DIR = $(TMPTOP)/usr/share/man/man1 +MAN3DIR = $(TMPTOP)/usr/share/man/man3 +MAN5DIR = $(TMPTOP)/usr/share/man/man5 +MAN7DIR = $(TMPTOP)/usr/share/man/man7 +MAN8DIR = $(TMPTOP)/usr/share/man/man8 +INFODIR = $(TMPTOP)/usr/share/info +DOCTOP = $(TMPTOP)/usr/share/doc +DOCDIR = $(DOCTOP)/$(package) +COMMA = , + +PY_VERSIONS =>= 2.3 +PYDEFAULT =$(strip $(shell pyversions -vd)) +ALL_PY_VERSIONS=$(sort $(shell pyversions -vr)) +MIN_PY_VERSIONS=$(firstword $(sort $(shell pyversions -vr))) +MAX_PY_VERSIONS=$(lastword $(sort $(shell pyversions -vr))) +STOP_VERSION :=$(shell perl -e '$$ARGV[0] =~ m/^(\d)\.(\d)/;$$maj=$$1;$$min=$$2 +1; print "$$maj.$$min\n";' $(MAX_PY_VERSIONS)) + + +PY_VIRTUALS :=$(patsubst %,%-selinux$(strip $(COMMA)),$(sort $(shell pyversions -r))) +PY_PROVIDES :=$(strip $(shell pyversions -r | \ + perl -ple 's/(\d) p/$$1-selinux, p/g; s/$$/-selinux/')) + +MODULES_DIR=$(TMPTOP)/usr/share/python-support/$(package) +EXTENSIONS_DIR=$(TMPTOP)/usr/lib/python-support/$(package) +PYTHONLIBDIRTOP=/usr/lib/python-support/$(package)/ + +SWIGCOUT= selinuxswig_wrap.c +SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) +SWIGSO=_selinux.so + +define checkdir + @test -f debian/rules -a -f src/avc.c || \ + (echo Not in correct source directory; exit 1) +endef + +define checkroot + @test $$(id -u) = 0 || (echo need root priviledges; exit 1) +endef --- libselinux-2.0.65.orig/debian/local.mk +++ libselinux-2.0.65/debian/local.mk @@ -0,0 +1,262 @@ +############################ -*- Mode: Makefile -*- ########################### +## local.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 10:42:10 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Fri Oct 20 14:18:06 2006 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 74 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: b07b1015-30ba-4b46-915f-78c776a808f4 +## +############################################################################### + +testdir: + $(testdir) + +BUILD/libselinux1:: build/libselinux1 +INST/libselinux1:: install/libselinux1 +BIN/libselinux1:: binary/libselinux1 + + +INST/libselinux1-dev:: install/libselinux1-dev +BIN/libselinux1-dev:: binary/libselinux1-dev + +INST/python-selinux:: install/python-selinux +BIN/python-selinux:: binary/python-selinux + + +INST/selinux-utils:: install/selinux-utils +BIN/selinux-utils:: binary/selinux-utils + + +CLN-common:: + $(REASON) + -test ! -f Makefile || $(MAKE) clean + +CLEAN/libselinux1:: + test ! -d $(TMPTOP) || rm -rf $(TMPTOP) + +CLEAN/libselinux1-dev:: + test ! -d $(TMPTOP) || rm -rf $(TMPTOP) + + +CLEAN/python-selinux:: + test ! -d $(TMPTOP) || rm -rf $(TMPTOP) + +CLEAN/selinux-utils:: + test ! -d $(TMPTOP) || rm -rf $(TMPTOP) + + +build/libselinux1: + $(checkdir) + $(REASON) + $(MAKE) CC="$(CC)" CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" all + $(MAKE) -C src libselinux.pc + touch stamp-build-libselinux1 + +STAMPS_TO_CLEAN += stamp-build-libselinux1 + +install/libselinux1: testroot + $(checkdir) + $(REASON) + rm -rf $(TMPTOP) + $(make_directory) $(TMPTOP)/selinux + $(make_directory) $(DOCDIR) + $(make_directory) $(LINTIANDIR) + $(make_directory) $(LIBDIR) + $(make_directory) $(TMPTOP)/DEBIAN + $(install_file) debian/shlibs $(TMPTOP)/DEBIAN + $(MAKE) DESTDIR=$(TMPTOP) -C src install + rm -f $(LIBDIR)/libselinux.a + rm -f $(LIBDIR)/libselinux.so + rm -rf $(TMPTOP)/usr/lib/ + chmod 0644 $(LIBDIR)/libselinux.so.1 + $(install_file) debian/changelog $(DOCDIR)/changelog.Debian + $(install_file) ChangeLog $(DOCDIR)/changelog + gzip -9fqr $(DOCDIR)/ +# Make sure the copyright file is not compressed + $(install_file) debian/copyright $(DOCDIR)/copyright + $(install_file) debian/lintian.overrides $(LINTIANDIR)/$(package) +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + find $(TMPTOP) -type f | while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + strip --strip-unneeded --remove-section=.comment --remove-section=.note $$i; \ + fi; \ + done +endif + +install/libselinux1-dev: testroot + $(checkdir) + $(REASON) + rm -rf $(TMPTOP) + $(make_directory) $(TMPTOP) + $(make_directory) $(DOCDIR) + $(make_directory) $(LIBDIR) + $(make_directory) $(INCDIR) + $(make_directory) $(MAN3DIR) + $(make_directory) $(MAN5DIR) + $(make_directory) $(MAN8DIR) + $(MAKE) DESTDIR=$(TMPTOP) -C man install + rm -rf $(MAN5DIR) + rm -rf $(MAN8DIR) + $(MAKE) DESTDIR=$(TMPTOP) -C include install + $(MAKE) DESTDIR=$(TMPTOP) -C src install + rm -fr $(LIBDIR) + rm -f $(TMPTOP)/usr/lib/libselinux.so + ln -s /lib/libselinux.so.1 $(TMPTOP)/usr/lib/libselinux.so + rm -rf $(TMPTOP)/usr/lib/python2.4/ + $(install_file) debian/changelog $(DOCDIR)/changelog.Debian + $(install_file) ChangeLog $(DOCDIR)/changelog + gzip -9fqr $(DOCDIR)/ + gzip -9fqr $(MANDIR)/ +# Make sure the copyright file is not compressed + $(install_file) debian/copyright $(DOCDIR)/copyright +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + find $(TMPTOP) -type f | while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + strip --strip-unneeded --remove-section=.comment --remove-section=.note $$i; \ + fi; \ + done +endif + +install/python-selinux: testroot + $(checkdir) + $(REASON) + rm -rf $(TMPTOP) + $(make_directory) $(TMPTOP) + $(make_directory) $(DOCDIR) + $(make_directory) $(MODULES_DIR) + $(make_directory) $(EXTENSIONS_DIR) + for version in $(ALL_PY_VERSIONS); do \ + rm -f src/$(SWIGSO) src/$(SWIGLOBJ); \ + rm -f src/audit2why.lo src/audit2why.so; \ + $(MAKE) -C src DESTDIR=$(TMPTOP) PYLIBVER=python$$version \ + PYTHONLIBDIR=$(PYTHONLIBDIRTOP)/python$$version/ \ + pywrap install-pywrap; \ + chmod -x $(EXTENSIONS_DIR)/python$$version/site-packages/*; \ + mv -f $(EXTENSIONS_DIR)/python$$version/site-packages/*.py \ + $(MODULES_DIR)/; \ + mv -f $(EXTENSIONS_DIR)/python$$version/site-packages/* \ + $(EXTENSIONS_DIR)/python$$version/; \ + rmdir $(EXTENSIONS_DIR)/python$$version/site-packages; \ + if [ -z "$$versions" ]; then versions="$$version"; \ + else versions="$$versions,$$version"; \ + fi; \ + chmod 0755 $(EXTENSIONS_DIR)/python$$version/selinux; \ + done; echo "$$versions" > $(MODULES_DIR)/.version + $(install_file) debian/changelog $(DOCDIR)/changelog.Debian + $(install_file) ChangeLog $(DOCDIR)/changelog + gzip -9fqr $(DOCDIR)/ +# Make sure the copyright file is not compressed + $(install_file) debian/copyright $(DOCDIR)/copyright +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + find $(TMPTOP) -type f | while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + strip --strip-unneeded --remove-section=.comment --remove-section=.note $$i; \ + fi; \ + done +endif + + + +install/selinux-utils: testroot + $(checkdir) + $(REASON) + rm -rf $(TMPTOP) + $(make_directory) $(TMPTOP) + $(make_directory) $(DOCDIR) + $(make_directory) $(MAN1DIR) + $(make_directory) $(MAN3DIR) + $(make_directory) $(MAN8DIR) + $(MAKE) DESTDIR=$(TMPTOP) -C man install + rm -rf $(MAN3DIR) + mv $(MAN8DIR)/setenforce.8 $(MAN1DIR)/setenforce.1 + mv $(MAN8DIR)/getenforce.8 $(MAN1DIR)/getenforce.1 + mv $(MAN8DIR)/selinuxenabled.8 $(MAN1DIR)/selinuxenabled.1 + mv $(MAN8DIR)/togglesebool.8 $(MAN1DIR)/togglesebool.1 + $(MAKE) DESTDIR=$(TMPTOP) -C utils install + $(install_file) debian/changelog $(DOCDIR)/changelog.Debian + $(install_file) ChangeLog $(DOCDIR)/changelog + gzip -9fqr $(DOCDIR)/ + gzip -9fqr $(MANDIR)/ +# Make sure the copyright file is not compressed + $(install_file) debian/copyright $(DOCDIR)/copyright +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + find $(TMPTOP) -type f | while read i; do \ + if file -b $$i | egrep -q "^ELF.*executable"; then \ + strip --strip-all --remove-section=.comment --remove-section=.note $$i; \ + fi; \ + done +endif + + +binary/libselinux1: testroot + $(checkdir) + $(REASON) + $(install_script) debian/postrm $(TMPTOP)/DEBIAN/postrm + $(install_script) debian/postinst $(TMPTOP)/DEBIAN/postinst + k=`find $(TMPTOP) -type f | ( while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + j="$$j $$i"; \ + fi; \ + done; echo $$j; )`; if [ -n "$$k" ]; then dpkg-shlibdeps $$k; fi + dpkg-gencontrol -p$(package) -isp -P$(TMPTOP) + $(create_md5sum) $(TMPTOP) + chown -R root:root $(TMPTOP) + chmod -R u+w,go=rX $(TMPTOP) + dpkg --build $(TMPTOP) .. + +binary/libselinux1-dev: testroot + $(checkdir) + $(REASON) + $(make_directory) $(TMPTOP)/DEBIAN + dpkg-gencontrol -p$(package) -isp -P$(TMPTOP) + $(create_md5sum) $(TMPTOP) + chown -R root:root $(TMPTOP) + chmod -R u+w,go=rX $(TMPTOP) + dpkg --build $(TMPTOP) .. + +binary/python-selinux: testroot + $(checkdir) + $(REASON) + $(make_directory) $(TMPTOP)/DEBIAN + $(install_script) debian/python_prerm $(TMPTOP)/DEBIAN/prerm + $(install_script) debian/python_postinst $(TMPTOP)/DEBIAN/postinst + if dpkg --compare-versions $(MIN_PY_VERSIONS) le $(PYDEFAULT); then \ + echo 'python:Depends=python (>= $(MIN_PY_VERSIONS)), python (<< $(STOP_VERSION))' > debian/substvars; \ + else \ + echo 'python:Depends=python (>= $(MIN_PY_VERSIONS)) | python$(MIN_PY_VERSIONS), python (<< $(STOP_VERSION))'\ + > debian/substvars; \ + fi + echo 'python:Provides=$(PY_PROVIDES)' >> debian/substvars + k=`find $(TMPTOP) -type f | ( while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + j="$$j $$i"; \ + fi; \ + done; echo $$j; )`; if [ -n "$$k" ]; then dpkg-shlibdeps $$k; fi + dpkg-gencontrol -p$(package) -isp -P$(TMPTOP) + find $(TMPTOP) -type f -name \*.so -exec chmod 0644 {} \; + $(create_md5sum) $(TMPTOP) + chown -R root:root $(TMPTOP) + chmod -R u+w,go=rX $(TMPTOP) + dpkg --build $(TMPTOP) .. + +binary/selinux-utils: testroot + $(checkdir) + $(REASON) + $(make_directory) $(TMPTOP)/DEBIAN + k=`find $(TMPTOP) -type f | ( while read i; do \ + if file -b $$i | egrep -q "^ELF.*executable"; then \ + j="$$j $$i"; \ + fi; \ + done; echo $$j; )`; dpkg-shlibdeps -Ldebian/shlibs -Tsubstvars.utils $$k + dpkg-gencontrol -Tsubstvars.utils -p$(package) -isp -P$(TMPTOP) + $(create_md5sum) $(TMPTOP) + chown -R root:root $(TMPTOP) + chmod -R u+w,go=rX $(TMPTOP) + dpkg --build $(TMPTOP) .. --- libselinux-2.0.65.orig/debian/.gitmodules +++ libselinux-2.0.65/debian/.gitmodules @@ -0,0 +1,3 @@ +[submodule "common"] + path = common + url = git://git.debian.org/~srivasta/debian-common.git --- libselinux-2.0.65.orig/debian/copyright +++ libselinux-2.0.65/debian/copyright @@ -0,0 +1,63 @@ +This is the Debian packe for libselinux, and it is built from sources obtained from: +http://www.nsa.gov/selinux/code/download5.cfm. + +This package was debianized by Colin Walters on +Thu, 3 Jul 2003 17:10:57 -0400. + +This library (libselinux) is public domain software, i.e. not copyrighted. + +Warranty Exclusion +------------------ +You agree that this software is a +non-commercially developed program that may contain "bugs" (as that +term is used in the industry) and that it may not function as intended. +The software is licensed "as is". NSA makes no, and hereby expressly +disclaims all, warranties, express, implied, statutory, or otherwise +with respect to the software, including noninfringement and the implied +warranties of merchantability and fitness for a particular purpose. + +Limitation of Liability +----------------------- +In no event will NSA be liable for any damages, including loss of data, +lost profits, cost of cover, or other special, incidental, +consequential, direct or indirect damages arising from the software or +the use thereof, however caused and on any theory of liability. This +limitation will apply even if NSA has been advised of the possibility +of such damage. You acknowledge that this is a reasonable allocation of +risk. + +---------------------------------------------------------------------------- +In addition, The Debian specific package was modified to include an +excerpt from the GNU libc package in the file +utils/ia64-inline-syscall.h. The GNU C Library is distributed under +the terms of the GNU Lesser General Public License as published by the +Free Software Foundation; either version 2.1 of the License, or (at +your option) any later version. + +You should have received a copy of the GNU Lesser General Public +License along with the GNU C Library; if not, write to + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, + Boston, MA 02110-1301, USA. + + +On Debian systems, the complete text of the GNU Library +General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'. +------------------------------------------------------------------------------ + +This package is maintained by Manoj Srivastava . + +The Debian specific changes are © 2005, 2006, Manoj Srivastava +, and distributed under the terms of the GNU +General Public License, version 2. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + + A copy of the GNU General Public License is also available at + . You may also obtain + it by writing to the Free Software Foundation, Inc., 51 Franklin + St, Fifth Floor, Boston, MA 02110-1301, USA. + +Manoj Srivastava +arch-tag: d4250e44-a0e0-4ee0-adb9-2bd74f6eeb27 + --- libselinux-2.0.65.orig/debian/watch +++ libselinux-2.0.65/debian/watch @@ -0,0 +1,6 @@ +# format version number, currently 2; this line is compulsory! +version=2 + +http://www.nsa.gov/selinux/code/download-trunk.cfm ../archives/libselinux-(.*)\.tgz +#http://www.nsa.gov/selinux/archives/libselinux-(.*)\.tgz + --- libselinux-2.0.65.orig/debian/python_prerm +++ libselinux-2.0.65/debian/python_prerm @@ -0,0 +1,132 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# prerm --- +# Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +# Created On : Fri Nov 14 12:16:39 2003 +# Created On Node : glaurung.green-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Wed Aug 9 22:39:33 2006 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 13 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 8dc9b331-c463-4f24-9c39-e94168e83cda +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# + +# Abort if any command returns an error value +set -e + +package_name=python-selinux + +if [ -z "$package_name" ]; then + print >&2 "Internal Error. Please report a bug." + exit 1; +fi + + +# This script is called as the first step in removing the package from +# the system. This includes cases where the user explicitly asked for +# the package to be removed, upgrade, automatic removal due to conflicts, +# and deconfiguration due to temporary removal of a depended-on package. + +# Info files should be uninstalled from the dir file in any case. +#install-info --quiet --remove /usr/info/${package_name} + +case "$1" in + remove) + # This package about to be removed. + : + + # Remove package-specific directories from /usr/local. Don't try + # to remove standard directories such as /usr/local/lib. + ##: if test -d /usr/local/lib/${package_name}; then + ##: rmdir /usr/local/lib/${package_name} || true + ##: fi + + # Deactivate menu-methods script. + ##: chmod a-x /etc/menu-methods/${package_name} + + # Withdraw our version of a program. + ##: update-alternatives --remove program /usr/bin/alternative + + # Get rid of the installed docs + ##: if which install-docs >/dev/null 2>&1; then + ##: install-docs -r $package_name + ##: fi + + # Get rid of the byte compiled files + ##: if [ -x /usr/lib/emacsen-common/emacs-package-remove ]; then + ##: /usr/lib/emacsen-common/emacs-package-remove $package_name + ##: fi + + if [ -L /usr/doc/$package_name ]; then + rm -f /usr/doc/$package_name + fi + + if which update-python-modules >/dev/null 2>&1; then + update-python-modules -c -i /usr/share/python-support/${package_name} + fi + # There are two sub-cases: + if test "${2+set}" = set; then + if test "$2" != in-favour; then + echo "$0: undocumented call to \`prerm $*'" 1>&2 + exit 0 + fi + # We are being removed because of a conflict with package $3 + # (version $4), which is now being installed. + : + + else + # The package is being removed in its own right. + : + + fi ;; + deconfigure) + if test "$2" != in-favour || test "$5" != removing; then + echo "$0: undocumented call to \`prerm $*'" 1>&2 + exit 0 + fi + # Package $6 (version $7) which we depend on is being removed due + # to a conflict with package $3 (version $4), and this package is + # being deconfigured until $6 can be reinstalled. + : + + ;; + upgrade) + # Prepare to upgrade FROM THIS VERSION of this package to version $2. + : + + if [ -L /usr/doc/$package_name ]; then + rm -f /usr/doc/$package_name + fi + + ;; + failed-upgrade) + # Prepare to upgrade from version $2 of this package TO THIS VERSION. + # This is only used if the old version's prerm couldn't handle it, + # and returned non-zero. (Fix old prerm bugs here.) + : + + ;; + *) echo "$0: didn't understand being called with \`$1'" 1>&2 + exit 0;; +esac + +exit 0 --- libselinux-2.0.65.orig/debian/lintian.overrides +++ libselinux-2.0.65/debian/lintian.overrides @@ -0,0 +1,3 @@ +libselinux1: non-standard-toplevel-dir selinux/ +libselinux1: package-contains-empty-directory selinux/ +libselinux1: info-documents-not-removed --- libselinux-2.0.65.orig/debian/postinst +++ libselinux-2.0.65/debian/postinst @@ -0,0 +1,222 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# postinst --- +# Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +# Created On : Fri Nov 14 11:25:07 2003 +# Created On Node : glaurung.green-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Tue Oct 26 03:31:54 2004 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 13 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 5401e9ef-39cc-4aee-96a4-61dfb8f32cf7 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# + +# Abort if any command returns an error value +set -e + +package_name=libselinux1 + +if [ -z "$package_name" ]; then + print >&2 "Internal Error. Please report a bug." + exit 1; +fi + +# This script is called as the last step of the installation of the +# package. All the package's files are in place, dpkg has already done +# its automatic conffile handling, and all the packages we depend of +# are already fully installed and configured. +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +# The following idempotent stuff doesn't generally need protecting +# against being run in the abort-* cases. + +# Install info files into the dir file +##: install-info --quiet --section "section pattern" "Section Title" \ +##: --description="Name of the document" /usr/info/${package_name}.info + +# Create stub directories under /usr/local +##: if test ! -d /usr/local/lib/${package_name}; then +##: if test ! -d /usr/local/lib; then +##: if mkdir /usr/local/lib; then +##: chown root.staff /usr/local/lib || true +##: chmod 2775 /usr/local/lib || true +##: fi +##: fi +##: if mkdir /usr/local/lib/${package_name}; then +##: chown root.staff /usr/local/lib/${package_name} || true +##: chmod 2775 /usr/local/lib/${package_name} || true +##: fi +##: fi + +# Ensure the menu system is updated +##: [ ! -x /usr/bin/update-menus ] || /usr/bin/update-menus + +# Arrange for a daemon to be started at system boot time +##: update-rc.d ${package_name} default >/dev/null + +case "$1" in + configure) + # Configure this package. If the package must prompt the user for + # information, do it here. + # Install emacs lisp files + ##:if [ -x /usr/lib/emacsen-common/emacs-package-install ]; then + ##: /usr/lib/emacsen-common/emacs-package-install $package_name + ##:fi + + + # Activate menu-methods script + ##: chmod a+x /etc/menu-methods/${package_name} + + # Update ld.so cache + ldconfig + if [ -x /sbin/init ] && [ -x /bin/readlink ]; then + if [ "$(readlink /proc/1/exe 2>/dev/null)" = "/sbin/init" ]; then + (init u ; sleep 1) + fi + fi + + # Make our version of a program available + ##: update-alternatives \ + ##: --install /usr/bin/program program /usr/bin/alternative 50 \ + ##: --slave /usr/man/man1/program.1.gz program.1.gz \ + ##: /usr/man/man1/alternative.1.gz + + # Tell ucf that the file in /usr/share/foo is the latest + # maintainer version, and let it handle how to manage the real + # confuguration file in /etc. This is how a static configuration + # file can be handled: + ##:if which ucf >/dev/null 2>&1; then + ##: ucf /usr/share/${package_name}/configuration /etc/${package_name}.conf + ##:fi + + ### We could also do this on the fly. The following is from Tore + ### Anderson: + + #. /usr/share/debconf/confmodule + + ### find out what the user answered. + # db_get foo/run_on_boot + # run_on_boot=$RET + # db_stop + + ### safely create a temporary file to generate our suggested + ### configuration file. + # tempfile=`tempfile` + # cat << _eof > $tempfile + ### Configuration file for Foo. + + ### this was answered by you, the user in a debconf dialogue + # RUNONBOOT=$run_on_boot + + ### this was not, as it has a sane default value. + # COLOUROFSKY=blue + + #_eof + + ### Note that some versions of debconf do not release stdin, so + ### the following invocation of ucf may not work, since the stdin + ### is never coneected to ucfr. + + ### now, invoke ucf, which will take care of the rest, and ask + ### the user if he wants to update his file, if it is modified. + #ucf $tempfile /etc/foo.conf + + ### done! now we'll just clear up our cruft. + #rm -f $tempfile + + + + # There are three sub-cases: + if test "${2+set}" != set; then + # We're being installed by an ancient dpkg which doesn't remember + # which version was most recently configured, or even whether + # there is a most recently configured version. + : + + elif test -z "$2" || test "$2" = ""; then + # The package has not ever been configured on this system, or was + # purged since it was last configured. + : + + else + # Version $2 is the most recently configured version of this + # package. + : + + fi ;; + abort-upgrade) + # Back out of an attempt to upgrade this package FROM THIS VERSION + # to version $2. Undo the effects of "prerm upgrade $2". + : + + ;; + abort-remove) + if test "$2" != in-favour; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to remove this package, which was due to + # a conflict with package $3 (version $4). Undo the effects of + # "prerm remove in-favour $3 $4". + : + + ;; + abort-deconfigure) + if test "$2" != in-favour || test "$5" != removing; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to deconfigure this package, which was + # due to package $6 (version $7) which we depend on being removed + # to make way for package $3 (version $4). Undo the effects of + # "prerm deconfigure in-favour $3 $4 removing $6 $7". + : + + ;; + *) echo "$0: didn't understand being called with \`$1'" 1>&2 + exit 0;; +esac + +# Install doc base documentation +##:if which install-docs >/dev/null 2>&1; then +##: if [ -e /usr/share/doc-base/${package_name} ]; then +##: install-docs -i /usr/share/doc-base/${package_name} +##: fi +##:fi + +exit 0 --- libselinux-2.0.65.orig/debian/control +++ libselinux-2.0.65/debian/control @@ -0,0 +1,80 @@ +Source: libselinux +VCS-Arch: http://arch.debian.org/arch/private/srivasta/grab/libselinux +VCS-Browser: http://arch.debian.org/cgi-bin/archzoom.cgi/srivasta@debian.org--lenny/libselinux?expand +Priority: optional +Section: libs +Maintainer: Manoj Srivastava +Standards-Version: 3.8.0.0 +Build-Depends: file, libsepol1-dev (>= 2.0.25), python-all-dev (>= 2.3.5-11), swig +XS-Python-Version: >= 2.4 + +Package: selinux-utils +Architecture: any +Section: admin +Depends: ${shlibs:Depends} +Description: SELinux utility programs + This package provides various utility programs for a Security-enhanced + Linux system. Security-enhanced Linux is a patch of the Linux kernel + and a number of utilities with enhanced security functionality + designed to add mandatory access controls to Linux. This package + provides utility programs to get and set process and file security + contexts and to obtain security policy decisions. + +Package: libselinux1 +Architecture: any +Section: libs +Priority: required +Depends: ${shlibs:Depends} +Description: SELinux shared libraries + This package provides the shared libraries for Security-enhanced + Linux. Security-enhanced Linux is a patch of the Linux kernel and a + number of utilities with enhanced security functionality designed to + add mandatory access controls to Linux. The Security-enhanced Linux + kernel contains new architectural components originally developed to + improve the security of the Flask operating system. These + architectural components provide general support for the enforcement + of many kinds of mandatory access control policies, including those + based on the concepts of Type Enforcement, Role-based Access + Control, and Multi-level Security. + . + libselinux1 provides an API for SELinux applications to get and set + process and file security contexts and to obtain security policy + decisions. Required for any applications that use the SELinux API. + + +Package: libselinux1-dev +Architecture: any +Depends: ${shlibs:Depends}, libselinux1 (= ${binary:Version}), libsepol1-dev (>= 1.12) +Section: libdevel +Provides: libselinux-dev +Conflicts: libselinux-dev +Description: SELinux development headers + This package provides the static libraries and header files + needed for developing SELinux applications. Security-enhanced Linux + is a patch of the Linux kernel and a number of utilities with + enhanced security functionality designed to add mandatory access + controls to Linux. The Security-enhanced Linux kernel contains new + architectural components originally developed to improve the security + of the Flask operating system. These architectural components provide + general support for the enforcement of many kinds of mandatory access + control policies, including those based on the concepts of Type + Enforcement, Role-based Access Control, and Multi-level Security. + +Package: python-selinux +Architecture: any +Depends: ${shlibs:Depends}, ${python:Depends}, python-support (>= 0.7.1) +Section: python +Conflicts: python2.4-selinux (<= 1.30-1), libselinux-dev (<= 1.28-1) +Replaces: python2.4-selinux, libselinux-dev +Provides: ${python:Provides} +Description: Python bindings to SELinux shared libraries + This package provides the Python bindings needed for developing Python + SELinux applications. Security-enhanced Linux is a patch of the + Linux kernel and a number of utilities with enhanced security + functionality designed to add mandatory access controls to Linux. + The Security-enhanced Linux kernel contains new architectural + components originally developed to improve the security of the Flask + operating system. These architectural components provide general + support for the enforcement of many kinds of mandatory access control + policies, including those based on the concepts of Type Enforcement, + Role-based Access Control, and Multi-level Security. --- libselinux-2.0.65.orig/debian/common/debconf.mk +++ libselinux-2.0.65/debian/common/debconf.mk @@ -0,0 +1,101 @@ +############################ -*- Mode: Makefile -*- ########################### +## debconf.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.internal.golden-gryphon.com ) +## Created On : Fri Mar 12 11:11:31 2004 +## Created On Node : glaurung.internal.golden-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Mon Apr 11 13:19:10 2005 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 20 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : helps with using debconf +## +## arch-tag: 32b933a9-05ad-4c03-97a8-8644745b832a +## +############################################################################### + +# The idea behind this scheme is that the maintainer (or whoever's +# building the package for upload to unstable) has to build on a +# machine with po-debconf installed, but nobody else does. + +# When building with po-debconf, a format 1 (no encoding specifications, +# woody-compatible) debian/templates file is generated in the clean target +# and shipped in the source package, but a format 2 (UTF8-encoded, +# woody-incompatible) debian/templates file is generated in binary-arch +# for the binary package only. + +# When building without po-debconf, the binary package simply reuses the +# woody-compatible debian/templates file that was produced by the clean +# target of the maintainer's build. + +# Also, make sure that debian/control has ${debconf-depends} in the +# appropriate Depends: line., and use the following in the binary +# target: +# dpkg-gencontrol -V'debconf-depends=debconf (>= $(MINDEBCONFVER))' +# + +# WARNING!! You need to create the templates.master file before this all works. + +ifeq (,$(wildcard /usr/bin/po2debconf)) + PO2DEBCONF := no + MINDEBCONFVER := 0.5 +else + PO2DEBCONF := yes + MINDEBCONFVER := 1.2.0 +endif + + +# Hack for woody compatibility. This makes sure that the +# debian/templates file shipped in the source package doesn't specify +# encodings, which woody's debconf can't handle. If building on a +# system with po-debconf installed the binary-arch target will +# generate a better version for sarge. Only do this if there is a +# templates.master, or else the debian/templates file can get +# damamged. +ifeq ($(PO2DEBCONF),yes) + ifeq (,$(wildcard debian/templates.master)) +define CREATE_COMPATIBLE_TEMPLATE + echo Not modifying templates +endef + else +define CREATE_COMPATIBLE_TEMPLATE + echo 1 > debian/po/output + po2debconf debian/templates.master > debian/templates + rm -f debian/po/output +endef + endif +else +define CREATE_COMPATIBLE_TEMPLATE + echo Not modifying templates +endef +endif + + +ifeq ($(PO2DEBCONF),yes) + ifeq (,$(wildcard debian/templates.master)) +define INSTALL_TEMPLATE + echo using old template +endef + else +define INSTALL_TEMPLATE + po2debconf debian/templates.master > debian/templates +endef + endif +else +define INSTALL_TEMPLATE + echo using old template +endef +endif + +# the tool podebconf-report-po is also a great friend to have in such +# circumstances +define CHECKPO + @for i in debian/po/*.po; do \ + if [ -f $$i ]; then \ + echo \"Checking: $$i\"; \ + msgmerge -U $$i debian/po/templates.pot; \ + msgfmt -o /dev/null -c --statistics $$i; \ + fi; \ + done +endef --- libselinux-2.0.65.orig/debian/common/targets.mk +++ libselinux-2.0.65/debian/common/targets.mk @@ -0,0 +1,432 @@ +############################ -*- Mode: Makefile -*- ########################### +## targets.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 01:10:05 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Tue Oct 9 01:50:58 2007 +## Last Machine Used: anzu.internal.golden-gryphon.com +## Update Count : 95 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : The top level targets mandated by policy, as well as +## their dependencies. +## +## arch-tag: a81086a7-00f7-4355-ac56-8f38396935f4 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +## +############################################################################### + +####################################################################### +####################################################################### +############### Miscellaneous ############### +####################################################################### +####################################################################### +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +testroot: + @test $$(id -u) = 0 || (echo need root priviledges; exit 1) + +checkpo: + $(CHECKPO) + +# arch-buildpackage likes to call this +prebuild: + +# OK. We have two sets of rules here, one for arch dependent packages, +# and one for arch independent packages. We have already calculated a +# list of each of these packages. + +# In each set, we may need to do things in five steps: configure, +# build, install, package, and clean. Now, there can be a common +# actions to be taken for all the packages, all arch dependent +# packages, all all independent packages, and each package +# individually at each stage. + +########################################################################### +# The current code does a number of things: It ensures that the highest # +# dependency at any stage (usually the -Common target) depends on the # +# stamp-STAGE of the previous stage; so no work on a succeeding stage can # +# start before the previous stage is all done. # +########################################################################### + +########################################################################### +# Next, all targets that have work performed in them do not have stamp # +# files on their own, and thus are not depended on directly by other # +# targets. Instead, they depend on and are depended up by intermediate # +# targets in which no work is done except to create stamp files. Other # +# targets just depend on the stamp files; so the build system does not do # +# work twice -- targets, which are up to date, are not executed again. # +########################################################################### + + +####################################################################### +####################################################################### +############### Configuration ############### +####################################################################### +####################################################################### + +# Work here +CONFIG-common:: testdir + $(REASON) + $(checkdir) + +stamp-arch-conf: CONFIG-common + $(REASON) + $(checkdir) + @echo done > $@ +stamp-indep-conf: CONFIG-common + $(REASON) + $(checkdir) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-arch-conf stamp-indep-conf + +# Work here +CONFIG-arch:: stamp-arch-conf + $(REASON) + $(checkdir) +CONFIG-indep:: stamp-indep-conf + $(REASON) + $(checkdir) + +stamp-configure-arch: CONFIG-arch + $(REASON) + @echo done > $@ +stamp-configure-indep: CONFIG-indep + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-configure-arch stamp-configure-indep + +# Work here +$(patsubst %,CONFIG/%,$(DEB_ARCH_PACKAGES)) :: CONFIG/% : stamp-configure-arch + $(REASON) + $(checkdir) +$(patsubst %,CONFIG/%,$(DEB_INDEP_PACKAGES)) :: CONFIG/% : stamp-configure-indep + $(REASON) + $(checkdir) + +configure-arch-stamp: stamp-configure-arch $(patsubst %,CONFIG/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + @echo done > $@ +configure-indep-stamp: stamp-configure-indep $(patsubst %,CONFIG/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += configure-arch-stamp configure-indep-stamp + +# required +configure-arch: configure-arch-stamp + $(REASON) +configure-indep: configure-indep-stamp + $(REASON) + +stamp-configure: configure-arch configure-indep + $(REASON) + @echo done > $@ + +# required +configure: stamp-configure + $(REASON) + +STAMPS_TO_CLEAN += stamp-configure +####################################################################### +####################################################################### +############### Build ############### +####################################################################### +####################################################################### +# Work here +BUILD-common:: testdir stamp-configure + $(REASON) + $(checkdir) + +stamp-arch-build: BUILD-common + $(REASON) + $(checkdir) + @echo done > $@ +stamp-indep-build: BUILD-common + $(REASON) + $(checkdir) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-arch-build stamp-indep-build + +# sync. Work here +BUILD-arch:: stamp-arch-build + $(REASON) + $(checkdir) +BUILD-indep:: stamp-indep-build + $(REASON) + $(checkdir) + +stamp-build-arch: BUILD-arch + $(REASON) + @echo done > $@ +stamp-build-indep: BUILD-indep + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-build-arch stamp-build-indep + +# Work here +$(patsubst %,BUILD/%,$(DEB_ARCH_PACKAGES)) :: BUILD/% : stamp-build-arch + $(REASON) + $(checkdir) +$(patsubst %,BUILD/%,$(DEB_INDEP_PACKAGES)) :: BUILD/% : stamp-build-indep + $(REASON) + $(checkdir) + +build-arch-stamp: stamp-build-arch $(patsubst %,BUILD/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + @echo done > $@ +build-indep-stamp: stamp-build-indep $(patsubst %,BUILD/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += build-arch-stamp build-indep-stamp + +# required +build-arch: build-arch-stamp + $(REASON) +build-indep: build-indep-stamp + $(REASON) + +stamp-build: build-arch build-indep + $(REASON) + @echo done > $@ + +# required +build: stamp-build + $(REASON) + +STAMPS_TO_CLEAN += stamp-build + +# Work here +POST-BUILD-arch-stamp:: build-arch-stamp + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += POST-BUILD-arch-stamp + +POST-BUILD-indep-stamp:: build-indep-stamp + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += POST-BUILD-indep-stamp +####################################################################### +####################################################################### +############### Install ############### +####################################################################### +####################################################################### +# Work here +INST-common:: testdir stamp-build POST-BUILD-arch-stamp POST-BUILD-indep-stamp + $(checkdir) + $(REASON) + +stamp-arch-inst: INST-common + $(REASON) + $(checkdir) + @echo done > $@ +stamp-indep-inst: INST-common + $(REASON) + $(checkdir) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-arch-inst stamp-indep-inst + +# sync. Work here +INST-arch:: stamp-arch-inst + $(REASON) + $(checkdir) +INST-indep:: stamp-indep-inst + $(REASON) + $(checkdir) + +stamp-install-arch: INST-arch + $(REASON) + @echo done > $@ +stamp-install-indep: INST-indep + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-install-arch stamp-install-indep + +# Work here +$(patsubst %,INST/%,$(DEB_ARCH_PACKAGES)) :: INST/% : testroot stamp-install-arch + $(REASON) + $(checkdir) +$(patsubst %,INST/%,$(DEB_INDEP_PACKAGES)) :: INST/% : testroot stamp-install-indep + $(REASON) + $(checkdir) + +install-arch-stamp: stamp-install-arch $(patsubst %,INST/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + $(checkdir) + @echo done > $@ +install-indep-stamp: stamp-install-indep $(patsubst %,INST/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + $(checkdir) + @echo done > $@ +STAMPS_TO_CLEAN += install-arch-stamp install-indep-stamp + +#required +install-arch: install-arch-stamp + $(REASON) +install-indep: install-indep-stamp + $(REASON) + +stamp-install: install-indep install-arch + $(REASON) + @echo done > $@ + +#required +install: stamp-install + $(REASON) + +STAMPS_TO_CLEAN += stamp-install +####################################################################### +####################################################################### +############### Package ############### +####################################################################### +####################################################################### +# Work here +BIN-common:: testdir testroot stamp-install + $(REASON) + $(checkdir) + +stamp-arch-bin: testdir testroot BIN-common + $(REASON) + $(checkdir) + @echo done > $@ +stamp-indep-bin: testdir testroot BIN-common + $(REASON) + $(checkdir) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-arch-bin stamp-indep-bin + +# sync Work here +BIN-arch:: testroot stamp-arch-bin + $(REASON) + $(checkdir) +BIN-indep:: testroot stamp-indep-bin + $(REASON) + $(checkdir) + +stamp-binary-arch: BIN-arch + $(REASON) + @echo done > $@ +stamp-binary-indep: BIN-indep + $(REASON) + @echo done > $@ +STAMPS_TO_CLEAN += stamp-binary-arch stamp-binary-indep + +# Work here +$(patsubst %,BIN/%,$(DEB_ARCH_PACKAGES)) :: BIN/% : testroot stamp-binary-arch + $(REASON) + $(checkdir) +$(patsubst %,BIN/%,$(DEB_INDEP_PACKAGES)) :: BIN/% : testroot stamp-binary-indep + $(REASON) + $(checkdir) + +binary-arch-stamp: stamp-binary-arch $(patsubst %,BIN/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + $(checkdir) + @echo done > $@ +binary-indep-stamp: stamp-binary-indep $(patsubst %,BIN/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + $(checkdir) + @echo done > $@ +STAMPS_TO_CLEAN += binary-arch-stamp binary-indep-stamp + +# required +binary-arch: binary-arch-stamp + $(REASON) +binary-indep: binary-indep-stamp + $(REASON) + +stamp-binary: binary-indep binary-arch + $(REASON) + @echo done > $@ + +# required +binary: stamp-binary + $(REASON) + @echo arch package = $(DEB_ARCH_PACKAGES) + @echo indep packages = $(DEB_INDEP_PACKAGES) + +STAMPS_TO_CLEAN += stamp-binary +####################################################################### +####################################################################### +############### Clean ############### +####################################################################### +####################################################################### +# Work here +CLN-common:: testdir + $(REASON) + $(checkdir) + +# sync Work here +CLN-arch:: CLN-common + $(REASON) + $(checkdir) +CLN-indep:: CLN-common + $(REASON) + $(checkdir) +# Work here +$(patsubst %,CLEAN/%,$(DEB_ARCH_PACKAGES)) :: CLEAN/% : CLN-arch + $(REASON) + $(checkdir) +$(patsubst %,CLEAN/%,$(DEB_INDEP_PACKAGES)) :: CLEAN/% : CLN-indep + $(REASON) + $(checkdir) + +clean-arch: CLN-arch $(patsubst %,CLEAN/%,$(DEB_ARCH_PACKAGES)) + $(REASON) +clean-indep: CLN-indep $(patsubst %,CLEAN/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + +stamp-clean: clean-indep clean-arch + $(REASON) + $(checkdir) + -test -f Makefile && $(MAKE) distclean + -rm -f $(FILES_TO_CLEAN) $(STAMPS_TO_CLEAN) + -rm -rf $(DIRS_TO_CLEAN) + -rm -f core TAGS \ + `find . ! -regex '.*/\.git/.*' ! -regex '.*/\{arch\}/.*' \ + ! -regex '.*/CVS/.*' ! -regex '.*/\.arch-ids/.*' \ + ! -regex '.*/\.svn/.*' \ + \( -name '*.orig' -o -name '*.rej' -o -name '*~' -o \ + -name '*.bak' -o -name '#*#' -o -name '.*.orig' -o \ + -name '.*.rej' -o -name '.SUMS' \) \ + -print` + +clean: stamp-clean + $(REASON) + + +####################################################################### +####################################################################### +############### ############### +####################################################################### +####################################################################### + +.PHONY: CONFIG-common CONFIG-indep CONFIG-arch configure-arch configure-indep configure \ + BUILD-common BUILD-indep BUILD-arch build-arch build-indep build \ + INST-common INST-indep INST-arch install-arch install-indep install \ + BIN-common BIN-indep BIN-arch binary-arch binary-indep binary \ + CLN-common CLN-indep CLN-arch clean-arch clean-indep clean \ + $(patsubst %,CONFIG/%,$(DEB_INDEP_PACKAGES)) $(patsubst %,CONFIG/%,$(DEB_ARCH_PACKAGES)) \ + $(patsubst %,BUILD/%, $(DEB_INDEP_PACKAGES)) $(patsubst %,BUILD/%, $(DEB_ARCH_PACKAGES)) \ + $(patsubst %,INST/%, $(DEB_INDEP_PACKAGES)) $(patsubst %,INST/%, $(DEB_ARCH_PACKAGES)) \ + $(patsubst %,BIN/%, $(DEB_INDEP_PACKAGES)) $(patsubst %,BIN/%, $(DEB_ARCH_PACKAGES)) \ + $(patsubst %,CLEAN/%, $(DEB_INDEP_PACKAGES)) $(patsubst %,CLEAN/%, $(DEB_ARCH_PACKAGES)) \ + implode explode prebuild checkpo + +#Local variables: +#mode: makefile +#End: --- libselinux-2.0.65.orig/debian/common/ChangeLog +++ libselinux-2.0.65/debian/common/ChangeLog @@ -0,0 +1,59 @@ +2008-02-06 Manoj Srivastava + + * copt.mk: + srivasta@debian.org--lenny/skeleton-make-rules--main--0.1--patch-4 + The cross building support in Debian has been rewritten + to stop overriding the CC variable to $(MAKE) in order + to correctly support those packages that build internal + tools with the native compiler during the build. This + means that other packages that assume that CC will be + overridden by the cross-compiling build scripts now fail + to build. The patch is simply to set CC to + $(DEB_HOST_GNU_TYPE)-gcc only if a cross-build is + detected. + +2007-10-09 Manoj Srivastava + + * targets.mk: + srivasta@debian.org--lenny/skeleton-make-rules--main--0.1--patch-1 + fix dependency tree for targets, allow parralel + compilatoin. Many changes, thanks to dot. + +2007-09-20 Manoj Srivastava + + * targets.mk (stamp-clean): + srivasta@debian.org--lenny/skeleton-make-rules--main--0.1--base-0 + make clean not remove zero sized files. removed the part + that cleaned out zero sized files; since there are uses + for zero sized files (like, to nuke out files in + upstream sources and not inflate the diff. Any zero + sized files can still be nuked in the local.mk file. + +2006-10-02 Manoj Srivastava + + * checklibs: + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-15 + New file, to detect if there are unneeded library + dependencies + +2006-10-01 Manoj Srivastava + + * archvars.mk (doit): + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-14 + Add a macro to execute $(shell ...) macos verbosely to + help debugging. + +2006-09-15 Manoj Srivastava + + * targets.mk (stamp-clean): + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-13 + Exclude version control directories from the generic + clean command. + + +2006-08-23 Manoj Srivastava + + * pkgvars.mk (DEB_DISTRIBUTION): + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-6 + Add variable that contains the distribution information + --- libselinux-2.0.65.orig/debian/common/perlvars.mk +++ libselinux-2.0.65/debian/common/perlvars.mk @@ -0,0 +1,27 @@ +############################ -*- Mode: Makefile -*- ########################### +## perlvars.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:55:47 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Dec 13 13:50:58 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 3 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: a97a01ba-d08d-404d-aa81-572717c03e6c +## +############################################################################### + +# Perl variables +PERL = /usr/bin/perl + +INSTALLPRIVLIB = $(TMPTOP)/$(shell \ + perl -e 'use Config; print "$$Config{'installprivlib'}\n";') +INSTALLARCHLIB = $(TMPTOP)/$(shell \ + perl -e 'use Config; print "$$Config{'installarchlib'}\n";') +INSTALLVENDORLIB =$(TMPTOP)/$(shell \ + perl -e 'use Config; print "$$Config{'vendorlibexp'}\n";') +CONFIG = INSTALLDIRS=vendor --- libselinux-2.0.65.orig/debian/common/copt.mk +++ libselinux-2.0.65/debian/common/copt.mk @@ -0,0 +1,40 @@ +############################ -*- Mode: Makefile -*- ########################### +## copt.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:48:40 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Nov 15 02:49:07 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 1 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: a0045c20-f1b3-4852-9a4b-1a33ebd7c1b8 +## +############################################################################### + +# set CC to $(DEB_HOST_GNU_TYPE)-gcc only if a cross-build is detected +ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE)) + CC=$(DEB_HOST_GNU_TYPE)-gcc +else + CC = cc +endif + +CFLAGS = -O2 +PREFIX := /usr + +# Policy 10.1 says to make this the default +CFLAGS += -g + +## ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS))) +## endif + +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + STRIP += -s + LDFLAGS += -s + INT_INSTALL_TARGET = install +else + INT_INSTALL_TARGET = install +endif --- libselinux-2.0.65.orig/debian/common/pkgvars.mk +++ libselinux-2.0.65/debian/common/pkgvars.mk @@ -0,0 +1,94 @@ +############################ -*- Mode: Makefile -*- ########################### +## pkgvars.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:56:30 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Thu Jun 15 12:05:46 2006 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 11 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : This is what allows us toseparate out the top level +## targets, by determining which packages needto be built. +## +## arch-tag: 75fcc720-7389-4eaa-a7ac-c556d3eac331 +## +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +## +############################################################################### + +# The maintainer information. +maintainer := $(shell LC_ALL=C dpkg-parsechangelog | grep ^Maintainer: | \ + sed 's/^Maintainer: *//') +email := srivasta@debian.org + +# Priority of this version (or urgency, as dchanges would call it) +urgency := $(shell LC_ALL=C dpkg-parsechangelog | grep ^Urgency: | \ + sed 's/^Urgency: *//') + +# Common useful variables +DEB_SOURCE_PACKAGE := $(strip $(shell egrep '^Source: ' debian/control | \ + cut -f 2 -d ':')) +DEB_VERSION := $(strip $(shell LC_ALL=C dpkg-parsechangelog | \ + egrep '^Version:' | cut -f 2 -d ' ')) +DEB_ISNATIVE := $(strip $(shell LC_ALL=C dpkg-parsechangelog | \ + perl -ne 'print if (m/^Version:/g && ! m/^Version:.*\-/);')) +DEB_DISTRIBUTION := $(strip $(shell LC_ALL=C dpkg-parsechangelog | \ + egrep '^Distribution:' | cut -f 2 -d ' ')) + +DEB_PACKAGES := $(shell perl -e ' \ + $$/=""; \ + while(<>){ \ + $$p=$$1 if m/^Package:\s*(\S+)/; \ + die "duplicate package $$p" if $$seen{$$p}; \ + $$seen{$$p}++; print "$$p " if $$p; \ + }' debian/control ) + +DEB_INDEP_PACKAGES := $(shell perl -e ' \ + $$/=""; \ + while(<>){ \ + $$p=$$1 if m/^Package:\s*(\S+)/; \ + die "duplicate package $$p" if $$seen{$$p}; \ + $$seen{$$p}++; \ + $$a=$$1 if m/^Architecture:\s*(\S+)/m; \ + next unless ($$a eq "all"); \ + print "$$p " if $$p; \ + }' debian/control ) + +DEB_ARCH_PACKAGES := $(shell perl -e ' \ + $$/=""; \ + while(<>){ \ + $$p=$$1 if m/^Package:\s*(\S+)/; \ + die "duplicate package $$p" if $$seen{$$p}; \ + $$seen{$$p}++; \ + $$c=""; \ + if (/^Architecture:\s*(.*?)\s*$$/sm) { \ + @a = split /\s+/, $$1 }; \ + for my $$b (@a) { \ + next unless ($$b eq "$(DEB_HOST_ARCH)" || \ + $$b eq "any"); \ + $$c="$$p"; \ + } \ + print "$$c " if $$c; \ + }' debian/control ) + +# This package is what we get after removing the psuedo dirs we use in rules +package = $(notdir $@) + +#Local variables: +#mode: makefile +#End: --- libselinux-2.0.65.orig/debian/common/checklibs +++ libselinux-2.0.65/debian/common/checklibs @@ -0,0 +1,74 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# checklibs.sh --- +# Author : Manoj Srivastava ( srivasta@glaurung.internal.golden-gryphon.com ) +# Created On : Fri Sep 29 15:36:22 2006 +# Created On Node : glaurung.internal.golden-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Fri Sep 29 22:53:27 2006 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 43 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 8ba11489-77fa-45a0-92c4-9c5b162ee119 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +# Make sure we abort on error +set -e +progname="$(basename \"$0\")" + +trap 'rm -f search_patterns.txt;' ALRM HUP INT PIPE TERM ABRT FPE BUS QUIT SEGV ILL EXIT + +# Find all undefined symbols in all ELF objects in this tree +readelf -s -D -W $(find . -type f -print0 | xargs -0r file | grep " ELF" | \ + awk '{print $1}' | sed -e 's/:$//') | grep UND | grep -v LOCAL | + perl -ple 's/.*\s(\S+)\s*$/\^$1\$/g' | sort -u > search_patterns.txt; + +# Find all the libraries needed in this tree +objdump -T --private-headers $(find . -type f -print0 | xargs -0r file | grep " ELF" | \ + awk '{print $1}' | sed -e 's/:$//') | grep NEEDED | sort -u | awk '{print $2}' | + while read lib; do + # For each library, see where it lives o the file system + LIB= + for library_dir in "/lib" "/usr/lib" $EXTRA_LIBRARY_PATHS; do + if [ -e "$library_dir/$lib" ]; then + LIB="$library_dir/$lib"; + break + fi + done + if [ -z "$LIB" ]; then + echo >&2 "Can't find $lib" + continue + fi + # If we fond the library, find what symbols it defines, and if these symbols + # are some that we need + if readelf -s -D -W $LIB | grep -v UND | perl -ple 's/.*\s(\S+)\s*$/$1/g' | \ + sort -u | grep -q -f search_patterns.txt ; then + # Library provides at least some symbols we need + if [ -n "$DEBUG" ]; then echo "Found $LIB"; fi + else + # Library does not provide any symbols we need + echo "$LIB" ; + fi +done + +# Get rid of the intermediate file +rm -f search_patterns.txt; +exit 0 + --- libselinux-2.0.65.orig/debian/common/automake.mk +++ libselinux-2.0.65/debian/common/automake.mk @@ -0,0 +1,37 @@ +############################ -*- Mode: Makefile -*- ########################### +## automake.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:47:23 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Nov 15 02:47:53 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 1 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: 1fabe69b-7cc8-4ecc-9411-bc5906b19857 +## +############################################################################### + +AUTOCONF_VERSION:=$(shell if [ -e configure ]; then \ + grep "Generated automatically using autoconf" \ + configure | sed -e 's/^.*autoconf version //g'; \ + fi) +HAVE_NEW_AUTOMAKE:=$(shell if [ "X$(AUTOCONF_VERSION)" != "X2.13" ]; then \ + echo 'YES' ; fi) + +ifneq ($(strip $(HAVE_NEW_AUTOMAKE)),) + ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + confflags += --build $(DEB_BUILD_GNU_TYPE) + else + confflags += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) + endif +else + ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + confflags += $(DEB_HOST_GNU_TYPE) + else + confflags += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) + endif +endif --- libselinux-2.0.65.orig/debian/common/install_cmds.mk +++ libselinux-2.0.65/debian/common/install_cmds.mk @@ -0,0 +1,54 @@ +######################### -*- Mode: Makefile-Gmake -*- ######################## +## install_cmds.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.internal.golden-gryphon.com ) +## Created On : Fri Jun 16 14:40:20 2006 +## Created On Node : glaurung.internal.golden-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Wed Sep 6 11:43:05 2006 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 9 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: a38b6a93-2539-4034-9060-ae94d5c8a071 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +## +############################################################################### + +# install commands +install_file = install -p -o root -g root -m 644 +install_script = install -p -o root -g root -m 755 +install_program= install -p -o root -g root -m 755 +make_directory = install -p -d -o root -g root -m 755 + +define create_md5sum + create_md5sums_fn () { \ + cd $$1 ; \ + find . -type f \ + ! -regex './DEBIAN/.*' \ + ! -regex './etc/.*' $(EXTRA_MD5SUM_EXCLUDE) \ + -printf '%P\0' | xargs -r0 md5sum > DEBIAN/md5sums ; \ + if [ -z "DEBIAN/md5sums" ] ; then \ + rm -f "DEBIAN/md5sums" ; \ + fi ; \ + } ; \ + create_md5sums_fn +endef + +#Local variables: +#mode: makefile +#End: --- libselinux-2.0.65.orig/debian/common/archvars.mk +++ libselinux-2.0.65/debian/common/archvars.mk @@ -0,0 +1,118 @@ +############################ -*- Mode: Makefile -*- ########################### +## archvars.mk --- +## Author : Manoj Srivastava ( srivasta@golden-gryphon.com ) +## Created On : Sat Nov 15 02:40:56 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Tue Nov 16 23:36:15 2004 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 5 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : calls dpkg-architecture and sets up various arch +## related variables +## +## arch-tag: e16dd848-0fd6-4c0e-ae66-bef20d1f7c63 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +## +############################################################################### + + +DPKG_ARCH := dpkg-architecture + +ifeq ($(strip $(KPKG_ARCH)),um) + MAKING_VIRTUAL_IMAGE:=YES +endif +ifeq ($(strip $(KPKG_ARCH)),xen) + MAKING_VIRTUAL_IMAGE:=YES +endif + +ifneq ($(strip $(CONFIG_UM)),) + MAKING_VIRTUAL_IMAGE:=YES + KPKG_ARCH=um +endif + +ifneq ($(strip $(CONFIG_XEN)),) + MAKING_VIRTUAL_IMAGE:=YES + ifneq ($(strip $(CONFIG_X86_XEN)$(CONFIG_X86_64_XEN)),) + KPKG_SUBARCH=xen + else + KPKG_ARCH=xen + ifeq ($(strip $(CONFIG_XEN_PRIVILEGED_GUEST)),) + KPKG_SUBARCH=xenu + else + KPKG_SUBARCH=xen0 + endif + endif +endif + +ifdef KPKG_ARCH + ifeq ($(strip $(MAKING_VIRTUAL_IMAGE)),) + ifneq ($(CROSS_COMPILE),-) + ha:=-a$(KPKG_ARCH) + endif + endif +endif + +# set the dpkg-architecture vars +export DEB_BUILD_ARCH := $(shell $(DPKG_ARCH) -qDEB_BUILD_ARCH) +export DEB_BUILD_GNU_CPU := $(shell $(DPKG_ARCH) -qDEB_BUILD_GNU_CPU) +export DEB_BUILD_GNU_SYSTEM:= $(shell $(DPKG_ARCH) -qDEB_BUILD_GNU_SYSTEM) +export DEB_BUILD_GNU_TYPE := $(shell $(DPKG_ARCH) -qDEB_BUILD_GNU_TYPE) +export DEB_HOST_ARCH := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_ARCH) +export DEB_HOST_ARCH_OS := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_ARCH_OS \ + 2>/dev/null|| true) +export DEB_HOST_ARCH_CPU := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_ARCH_CPU \ + 2>/dev/null|| true) +export DEB_HOST_GNU_CPU := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_GNU_CPU) +export DEB_HOST_GNU_SYSTEM := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_GNU_SYSTEM) +export DEB_HOST_GNU_TYPE := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_GNU_TYPE) + +# arrgh. future proofing +ifeq ($(DEB_HOST_GNU_SYSTEM), linux) + DEB_HOST_GNU_SYSTEM=linux-gnu +endif +ifeq ($(DEB_HOST_ARCH_OS),) + ifeq ($(DEB_HOST_GNU_SYSTEM), linux-gnu) + DEB_HOST_ARCH_OS := linux + endif + ifeq ($(DEB_HOST_GNU_SYSTEM), kfreebsd-gnu) + DEB_HOST_ARCH_OS := kfreebsd + endif +endif + +REASON = @if [ -f $@ ]; then \ + echo "====== making $(notdir $@) because of $(notdir $?) ======";\ + else \ + echo "====== making target $@ [new prereqs: $(notdir $?)]======"; \ + fi + +OLDREASON = @if [ -f $@ ]; then \ + echo "====== making $(notdir $@) because of $(notdir $?) ======";\ + else \ + echo "====== making (creating) $(notdir $@) ======"; \ + fi + +LIBREASON = @echo "====== making $(notdir $@)($(notdir $%))because of $(notdir $?)======" + + +# macro outputing $(1) if DEBUG_DEBIAN_RULES is set, and resolving it +# in all cases usage $(call doit,some shell command) +doit = $(if $(DEBUG_DEBIAN_RULES),$(warning DEBUG: $(1)))$(shell $(1)) + +#Local variables: +#mode: makefile +#End: