--- libsepol-2.0.30.orig/.gitmodules +++ libsepol-2.0.30/.gitmodules @@ -0,0 +1,3 @@ +[submodule "debian"] + path = debian + url = git://git.debian.org/~srivasta/debian/debian-dir.git --- libsepol-2.0.30.orig/debian/local.mk +++ libsepol-2.0.30/debian/local.mk @@ -0,0 +1,202 @@ +############################ -*- Mode: Makefile -*- ########################### +## local.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 10:42:10 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Fri Oct 20 14:24:16 2006 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 22 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: b07b1015-30ba-4b46-915f-78c776a808f4 +## +############################################################################### + +testdir: + $(testdir) + + + +debian/stamp/BUILD/libsepol1: debian/stamp/build/libsepol1 +debian/stamp/INST/libsepol1: debian/stamp/install/libsepol1 +debian/stamp/BIN/libsepol1: debian/stamp/binary/libsepol1 + + +debian/stamp/INST/libsepol1-dev: debian/stamp/install/libsepol1-dev +debian/stamp/BIN/libsepol1-dev: debian/stamp/binary/libsepol1-dev + + +debian/stamp/INST/sepol-utils: debian/stamp/install/sepol-utils +debian/stamp/BIN/sepol-utils: debian/stamp/binary/sepol-utils + + +CLN-common:: + $(REASON) + -test ! -f Makefile || $(MAKE) clean + +CLEAN/libsepol1:: + -rm -rf $(TMPTOP) + +CLEAN/libsepol1-dev:: + -rm -rf $(TMPTOP) + +CLEAN/sepol-utils:: + -rm -rf $(TMPTOP) + + +debian/stamp/build/libsepol1: + $(checkdir) + $(REASON) + @test -d debian/stamp/build || mkdir debian/stamp/build + $(MAKE) CC="$(CC)" CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" + @echo done > $@ + + + +debian/stamp/install/libsepol1: + $(checkdir) + $(REASON) + $(TESTROOT) + rm -rf $(TMPTOP) + $(make_directory) $(TMPTOP) + $(make_directory) $(DOCDIR) + $(make_directory) $(LIBDIR) + $(make_directory) $(TMPTOP)/DEBIAN + $(install_file) debian/shlibs $(TMPTOP)/DEBIAN + $(MAKE) DESTDIR=$(TMPTOP) -C src install + rm -f $(LIBDIR)/libsepol.a + rm -f $(LIBDIR)/libsepol.so + test ! -e $(LIBDIR)/libsepol.pc || rm -f $(LIBDIR)/libsepol.pc + rm -rf $(TMPTOP)/usr/lib + chmod 0644 $(LIBDIR)/libsepol.so.1 + $(install_file) debian/changelog $(DOCDIR)/changelog.Debian + $(install_file) ChangeLog $(DOCDIR)/changelog + gzip -9fqr $(DOCDIR)/ +# Make sure the copyright file is not compressed + $(install_file) debian/copyright $(DOCDIR)/copyright +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + find $(TMPTOP) -type f | while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + strip --strip-unneeded --remove-section=.comment --remove-section=.note $$i; \ + fi; \ + done +endif + @test -d debian/stamp/install || mkdir debian/stamp/install + @echo done > $@ + +debian/stamp/install/libsepol1-dev: + $(checkdir) + $(REASON) + $(TESTROOT) + rm -rf $(TMPTOP) + $(make_directory) $(TMPTOP) + $(make_directory) $(DOCDIR) + $(make_directory) $(LIBDIR) + $(make_directory) $(TMPTOP)/usr/lib + $(make_directory) $(INCDIR) + $(make_directory) $(MAN3DIR) + $(make_directory) $(MAN8DIR) + $(MAKE) DESTDIR=$(TMPTOP) -C man install + rm -rf $(MAN8DIR) + $(MAKE) DESTDIR=$(TMPTOP) -C include install + $(MAKE) DESTDIR=$(TMPTOP) -C src install + rm -rf $(LIBDIR) + rm -f $(TMPTOP)/usr/lib/libsepol.so + ln -s /lib/libsepol.so.1 $(TMPTOP)/usr/lib/libsepol.so + $(install_file) debian/changelog $(DOCDIR)/changelog.Debian + $(install_file) ChangeLog $(DOCDIR)/changelog + gzip -9fqr $(DOCDIR)/ + gzip -9fqr $(MANDIR)/ +# Make sure the copyright file is not compressed + $(install_file) debian/copyright $(DOCDIR)/copyright +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + find $(TMPTOP) -type f | while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + strip --strip-unneeded --remove-section=.comment --remove-section=.note $$i; \ + fi; \ + done +endif + @test -d debian/stamp/install || mkdir debian/stamp/install + @echo done > $@ + +debian/stamp/install/sepol-utils: + $(checkdir) + $(REASON) + $(TESTROOT) + rm -rf $(TMPTOP) + $(make_directory) $(TMPTOP) + $(make_directory) $(DOCDIR) + $(make_directory) $(MAN3DIR) + $(make_directory) $(MAN8DIR) + $(MAKE) DESTDIR=$(TMPTOP) -C man install + rm -rf $(MAN3DIR) + $(MAKE) DESTDIR=$(TMPTOP) -C utils install + $(install_file) debian/changelog $(DOCDIR)/changelog.Debian + $(install_file) ChangeLog $(DOCDIR)/changelog + gzip -9fqr $(DOCDIR)/ + gzip -9fqr $(MANDIR)/ +# Make sure the copyright file is not compressed + $(install_file) debian/copyright $(DOCDIR)/copyright +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + find $(TMPTOP) -type f | while read i; do \ + if file -b $$i | egrep -q "^ELF.*executable"; then \ + strip --strip-all --remove-section=.comment --remove-section=.note $$i; \ + fi; \ + done +endif + @test -d debian/stamp/install || mkdir debian/stamp/install + @echo done > $@ + + +debian/stamp/binary/libsepol1: + $(checkdir) + $(REASON) + $(TESTROOT) + $(install_script) debian/postrm $(TMPTOP)/DEBIAN/postrm + $(install_script) debian/postinst $(TMPTOP)/DEBIAN/postinst + k=`find $(TMPTOP) -type f | ( while read i; do \ + if file -b $$i | egrep -q "^ELF.*shared object"; then \ + j="$$j $$i"; \ + fi; \ + done; echo $$j; )`; if [ -n "$$k" ]; then dpkg-shlibdeps $$k; fi + dpkg-gencontrol -p$(package) -isp -P$(TMPTOP) + $(create_md5sum) $(TMPTOP) + chown -R root:root $(TMPTOP) + chmod -R u+w,go=rX $(TMPTOP) + dpkg --build $(TMPTOP) .. + @test -d debian/stamp/binary || mkdir debian/stamp/binary + @echo done > $@ + +debian/stamp/binary/libsepol1-dev: + $(checkdir) + $(REASON) + $(TESTROOT) + $(make_directory) $(TMPTOP)/DEBIAN + dpkg-gencontrol -p$(package) -isp -P$(TMPTOP) + $(create_md5sum) $(TMPTOP) + chown -R root:root $(TMPTOP) + chmod -R u+w,go=rX $(TMPTOP) + dpkg --build $(TMPTOP) .. + @test -d debian/stamp/binary || mkdir debian/stamp/binary + @echo done > $@ + +debian/stamp/binary/sepol-utils: + $(checkdir) + $(REASON) + $(TESTROOT) + $(make_directory) $(TMPTOP)/DEBIAN + k=`find $(TMPTOP) -type f | ( while read i; do \ + if file -b $$i | egrep -q "^ELF.*executable"; then \ + j="$$j $$i"; \ + fi; \ + done; echo $$j; )`; dpkg-shlibdeps -Ldebian/shlibs -Tsubstvars.utils $$k + dpkg-gencontrol -Tsubstvars.utils -p$(package) -isp -P$(TMPTOP) + $(create_md5sum) $(TMPTOP) + chown -R root:root $(TMPTOP) + chmod -R u+w,go=rX $(TMPTOP) + dpkg --build $(TMPTOP) .. + @test -d debian/stamp/binary || mkdir debian/stamp/binary + @echo done > $@ --- libsepol-2.0.30.orig/debian/shlibs +++ libsepol-2.0.30/debian/shlibs @@ -0,0 +1,2 @@ +# arch-tag: f3c9b477-5e56-45de-9977-7918cad75bea +libsepol 1 libsepol1 (>= 2.0.25) --- libsepol-2.0.30.orig/debian/local-vars.mk +++ libsepol-2.0.30/debian/local-vars.mk @@ -0,0 +1,50 @@ +############################ -*- Mode: Makefile -*- ########################### +## local-vars.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 10:43:00 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Wed Oct 27 12:05:18 2004 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 15 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: 1a76a87e-7af5-424a-a30d-61660c8f243e +## +############################################################################### + +FILES_TO_CLEAN = debian/files debian/substvars substvars.utils +STAMPS_TO_CLEAN = +DIRS_TO_CLEAN = debian/stamp + +# Location of the source dir +SRCTOP := $(shell if [ "$$PWD" != "" ]; then echo $$PWD; else pwd; fi) +TMPTOP = $(SRCTOP)/debian/$(package) +LINTIANDIR = $(TMPTOP)/usr/share/lintian/overrides + +PREFIX = /usr +BINDIR = $(TMPTOP)$(PREFIX)/bin +LIBDIR = $(TMPTOP)/lib +INCLUDE = $(TMPTOP)$(PREFIX)/include +INCDIR = $(INCLUDE)/sepol + +MANDIR = $(TMPTOP)/usr/share/man/ +MAN1DIR = $(TMPTOP)/usr/share/man/man1 +MAN3DIR = $(TMPTOP)/usr/share/man/man3 +MAN5DIR = $(TMPTOP)/usr/share/man/man5 +MAN7DIR = $(TMPTOP)/usr/share/man/man7 +MAN8DIR = $(TMPTOP)/usr/share/man/man8 +INFODIR = $(TMPTOP)/usr/share/info +DOCTOP = $(TMPTOP)/usr/share/doc +DOCDIR = $(DOCTOP)/$(package) + +define checkdir + @test -f debian/rules -a -f src/policydb.c || \ + (echo Not in correct source directory; exit 1) +endef + +define checkroot + @test $$(id -u) = 0 || (echo need root priviledges; exit 1) +endef --- libsepol-2.0.30.orig/debian/rules +++ libsepol-2.0.30/debian/rules @@ -0,0 +1,63 @@ +#! /usr/bin/make -f +############################ -*- Mode: Makefile; coding: utf-8 -*- ########################### +## rules --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Fri Nov 14 12:33:34 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Tue Nov 18 17:46:22 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 70 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: 9a5063f4-1e20-4fff-b22a-de94c1e3d954 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +## +############################################################################### + +# Include dpkg-architecture generated variables +include debian/common/archvars.mk + +# Set variables with information extracted from control and changelog files +include debian/common/pkgvars.mk + +# variables useful for perl packages +include debian/common/perlvars.mk + +# Install commands +include debian/common/install_cmds.mk + +include debian/local-vars.mk + +include debian/common/copt.mk + +include debian/common/automake.mk + + + +all: + @echo nothing to be done + +include debian/common/targets.mk + +include debian/local.mk + + +#Local variables: +#mode: makefile +#End: --- libsepol-2.0.30.orig/debian/control +++ libsepol-2.0.30/debian/control @@ -0,0 +1,61 @@ +Source: libsepol +VCS-Git: git://git.debian.org/~srivasta/debian/libsepol.git +VCS-Browser: http://git.debian.org/git/users/srivasta/debian/libsepol.git +Priority: optional +Section: libs +Maintainer: Ubuntu Core Developers +XSBC-Original-Maintainer: Manoj Srivastava +Standards-Version: 3.7.3.0 +Build-Depends: file + +Package: sepol-utils +Section: admin +Architecture: any +Depends: ${shlibs:Depends} +Conflicts: checkpolicy (<= 1.20) +Description: Security Enhanced Linux policy utility programs + This package provides a utility for a Security-enhanced + Linux system to rewrite existing mandatory access control policy with + different boolean setting, generating a new policy. Security-enhanced + Linux is a patch of the Linux kernel and a number of utilities with + enhanced security functionality designed to add mandatory access + controls to Linux. This package provides utility programs to get and + set process and file security contexts and to obtain security policy + decisions. + + +Package: libsepol1 +Section: libs +Priority: required +Architecture: any +Depends: ${shlibs:Depends} +Description: Security Enhanced Linux policy library for changing policy binaries + Security-enhanced Linux is a patch of the Linux kernel and a number + of utilities with enhanced security functionality designed to add + mandatory access controls to Linux. The Security-enhanced Linux + kernel contains new architectural components originally developed to + improve the security of the Flask operating system. These + architectural components provide general support for the enforcement + of many kinds of mandatory access control policies, including those + based on the concepts of Type Enforcement®, Role-based Access + Control, and Multi-level Security. + . + libsepol provides an API for the manipulation of SELinux binary policies. + It is used by checkpolicy (the policy compiler) and similar tools, as well + as by programs like load_policy that need to perform specific transformations + on binary policies such as customizing policy boolean settings. + +Package: libsepol1-dev +Section: libdevel +Architecture: any +Provides: libsepol-dev +Conflicts: libsepol-dev +Depends: ${shlibs:Depends}, libsepol1 (= ${binary:Version}) +Description: Security Enhanced Linux policy library and development files + libsepol allows programs to easily modify SELinux policy binaries. This + means changing the default values for booleans, or reading the policy for + analysis. + . + This package contains the headers and archives used for linking it into your + programs. + --- libsepol-2.0.30.orig/debian/changelog +++ libsepol-2.0.30/debian/changelog @@ -0,0 +1,546 @@ +libsepol (2.0.30-2ubuntu1) jaunty; urgency=low + + * Boolean state was not being read correctly from modules resulting in an + invalid compiled policy (LP: #344959). + + -- Caleb Case Tue, 17 Mar 2009 16:50:58 -0400 + +libsepol (2.0.30-2) unstable; urgency=low + + * Added exec_prefix to libselinux.pc. + Closes: #489724 + + -- Russell Coker Sun, 13 Jul 2008 00:26:51 +1000 + +libsepol (2.0.30-1) unstable; urgency=low + + * Non-maintainer upload. + * New version needed for latest policy. + + -- Russell Coker Fri, 11 Jul 2008 23:55:10 +1000 + +libsepol (2.0.25-2) unstable; urgency=low + + * Record the new location of the repository for this package (moved to a + new git repository) + * Move to the new, make -j friendly targets in debian/rules. + + -- Manoj Srivastava Sat, 31 May 2008 00:42:03 -0500 + +libsepol (2.0.25-1) unstable; urgency=low + + * New upstream release + * Drop unused ->buffer field from struct policy_file. + * Add policy_file_init() initalizer for struct policy_file and use it, + from Todd C. Miller. + * Accept "Flask" as an alternate identifier string in kernel policies + from Stephen Smalley. + * Add support for open_perms policy capability from Eric Paris. + + + -- Manoj Srivastava Mon, 17 Mar 2008 13:29:44 -0500 + +libsepol (2.0.21-1) unstable; urgency=low + + * New upstream SVN HEAD. + * Fix invalid memory allocation in policydb_index_others() from Jason Tang. + * Port of Yuichi Nakamura's tune avtab to reduce memory usage patch + from the kernel avtab to libsepol from Stephen Smalley. + * Add support for consuming avrule_blocks during expansion to reduce + peak memory usage from Joshua Brindle. + * Added support for policy capabilities from Todd Miller. + * Prevent generation of policy.18 with MLS enabled from Todd Miller. + * print module magic number in hex on mismatch, from Todd Miller. + * clarify and reduce neverallow error reporting from Stephen Smalley. + * Reject self aliasing at link time from Stephen Smalley. + * Allow handle_unknown in base to be overridden by semanage.conf from + Stephen Smalley. + * Fixed bug in require checking from Stephen Smalley. + * Added user hierarchy checking from Todd Miller. + + -- Manoj Srivastava Thu, 28 Feb 2008 08:30:19 -0600 + +libsepol (2.0.11-1) unstable; urgency=low + + * New upstream release. + * Pass CFLAGS to CC even on link command, per Dennis Gilmore. + * Merged support for the handle_unknown policydb flag from Eric Paris. + * Moved next_entry and put_entry out-of-line to reduce code size from + Ulrich Drepper. + * Fixed module_package_read_offsets bug introduced by the prior patch. + * Eliminate unaligned accesses from policy reading code from Stephen + Smalley. Closes: Bug#439539 + * Allow dontaudits to be turned off during policy expansion from + Joshua Brindle. + * Fix sepol_context_clone to handle a NULL context correctly. + This happens for e.g. semanage_fcontext_set_con(sh, fcontext, NULL) + to set the file context entry to "<>". + * Merged error handling patch from Eamon Walsh. + * The cross building support in Debian has been rewritten to stop + overriding the CC variable to $(MAKE) in order to correctly support + those packages that build internal tools with the native compiler + during the build. This means that other packages that assume that CC + will be overridden by the cross-compiling build scripts now fail to + build. The patch is simply to set CC to $(DEB_HOST_GNU_TYPE)-gcc only + if a cross-build is detected. The solution was proposed by Neil + Williams, but has been modified to be more generally applicable. + Closes: Bug#448014 + * The API was added to in this release, which means we need a shlibs + bump. The soname has not changed. + + -- Manoj Srivastava Wed, 06 Feb 2008 09:50:38 -0600 + +libsepol (2.0.3-1) unstable; urgency=low + + * New upstream bugfix SVN HEAD. + + Merged fix from Karl to remap booleans at expand time to avoid holes + in the symbol table. + + Merged add boolmap argument to expand_module_avrules() from Chris + PeBenito. + + -- Manoj Srivastava Sun, 6 May 2007 16:38:09 -0500 + +libsepol (2.0.1-1) unstable; urgency=low + + * New upstream release. This is the trunk, or development, version. + * Merged patch to add errcodes.h to libsepol by Karl MacMillan. + + -- Manoj Srivastava Thu, 19 Apr 2007 17:17:39 -0500 + +libsepol (1.16.1-1) unstable; urgency=low + + * New upstream release + * Merged libsepol segfault fix from Stephen Smalley for when + sensitivities are required but not present in the base. + * Updated version for stable branch. + * Merged patch to compile wit -fPIC instead of -fpic from + Manoj Srivastava to prevent hitting the global offest table + limit. Patch changed to include libselinux and libsemanage in + addition to libselinux. + * Merged fix from Karl MacMillan for a segfault when linking + non-MLS modules with users in them. + * Merged fix for version comparison that was preventing range + transition rules from being written for a version 5 base policy + from Darrel Goeddel. + * Added XS-VCS-Arch and XS-VCS-Browse to debian/control + + -- Manoj Srivastava Wed, 18 Apr 2007 19:34:35 -0500 + +libsepol (1.14-3) unstable; urgency=low + + * This fix is in reference to Bug#408278. In the postinst, we now use + telinit u, instead of plain old init u, if telinit is available. + Using init directly is bad form, according to sysvinit maintainer. + * Make the dev package depend on the exact ${binary:Version}, not the + ${Source-Version}, which should make this package friendlier to + binNMUs. + + -- Manoj Srivastava Mon, 26 Feb 2007 10:09:10 -0600 + +libsepol (1.14-2) unstable; urgency=high + + * Compile with -fPIC instead of -fpic. This fixes a FTBS for rpm on + sparc. + + -- Manoj Srivastava Wed, 15 Nov 2006 01:31:58 -0600 + +libsepol (1.14-1) unstable; urgency=low + + * New upstream release + * Build libsepol's static object files with -fpic + * Updated version for release. + + -- Manoj Srivastava Fri, 20 Oct 2006 11:50:47 -0500 + +libsepol (1.12.26-2) unstable; urgency=low + + * Bump the shlibs version. Mea culpa. I had missed the fact that the + included range_transition enhancements and user module format changes + may make packages, even if they compile fine, misbehave subtly. + + -- Manoj Srivastava Mon, 11 Sep 2006 15:31:46 -0500 + +libsepol (1.12.26-1) unstable; urgency=low + + * New upstream point release + * Merged conditionally expand neverallows patch from Jeremy Mowery. + * Merged refactor expander patch from Jeremy Mowery. + * Merged range transition enhancements and user format changes Darrel + Goeddel + * Provide md5sums + + -- Manoj Srivastava Wed, 6 Sep 2006 16:24:16 -0500 + +libsepol (1.12.24-1) unstable; urgency=low + + * New upstream point release + * Merged libsepol unit tests from Joshua Brindle. + * Merged symtab datum patch from Karl MacMillan. + * Merged netfilter contexts support from Chris PeBenito. + * Merged helpful hierarchy check errors patch from Joshua Brindle. + * Merged semodule_deps patch from Karl MacMillan. + This adds source module names to the avrule decls. + * Bug fix: "libsepol1: Should run "telinit u" in postinst + script", thanks to Piotr Kaczuba (Closes: #382020). + + -- Manoj Srivastava Wed, 9 Aug 2006 11:48:50 -0500 + +libsepol (1.12.19-1) unstable; urgency=low + + * New upstream point release + * Lindent. + * Merged optionals in base take 2 patch set from Joshua Brindle. + * Merged fixes for several memory leaks in the error paths during + policy read from Serge Hallyn. + * Fixed bool_ids overflow bug in cond_node_find and cond_copy_list, + based on bug report and suggested fix by Cedric Roux. + * Merged sens_copy_callback, check_role_hierarchy_callback, + and node_from_record fixes from Serge Hallyn. + * Added sepol_policydb_compat_net() interface for testing whether + a policy requires the compatibility support for network checks + to be enabled in the kernel. + * Merged patch to initialize sym_val_to_name arrays from Kevin Carr. + Reworked to use calloc in the first place, and converted some other + malloc/memset pairs to calloc calls. + * Merged patch to revert role/user decl upgrade from Karl MacMillan. + * Dropped tests from all Makefile target. + * Merged fix warnings patch from Karl MacMillan. + * Merged libsepol test framework patch from Karl MacMillan. + * Fixed cond_normalize to traverse the entire cond list at link time. + * Merged fix for leak of optional package sections from Ivan Gyurdiev. + * Generalize test for bitmap overflow in ebitmap_set_bit. + * Fixed attr_convert_callback and expand_convert_type_set + typemap bug. + * Fixed avrule_block_write num_decls endian bug. + * Fixed sepol_module_package_write buffer overflow bug. + + -- Manoj Srivastava Wed, 19 Jul 2006 16:35:56 -0500 + +libsepol (1.12-1) unstable; urgency=low + + * New upstream release + * Updated version for release. + * Merged cond_evaluate_expr fix from Serge Hallyn (IBM). + * Fixed bug in copy_avrule_list reported by Ivan Gyurdiev. + * Merged sepol_policydb_mls_enabled interface and error handling + changes from Ivan Gyurdiev. + * Merged node_expand_addr bugfix and node_compare* change from + Ivan Gyurdiev. + * Merged nodes, ports: always prepend patch from Ivan Gyurdiev. + * Merged bug fix patch from Ivan Gyurdiev. + * Added a defined flag to level_datum_t for use by checkpolicy. + * Merged nodecon support patch from Ivan Gyurdiev. + * Merged cleanups patch from Ivan Gyurdiev. + * Merged optionals in base patch from Joshua Brindle. + * Merged seuser/user_extra support patch from Joshua Brindle. + * Merged fix patch from Ivan Gyurdiev. + * Merged clone record on set_con patch from Ivan Gyurdiev. + * Merged assertion copying bugfix from Joshua Brindle. + * Merged sepol_av_to_string patch from Joshua Brindle. + * Merged cond_expr mapping and package section count bug fixes + from Joshua Brindle. + * Merged improve port/fcontext API patch from Ivan Gyurdiev. + * Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev. + * Merged size_t -> unsigned int patch from Ivan Gyurdiev. + * Merged 2nd const in APIs patch from Ivan Gyurdiev. + * Merged const in APIs patch from Ivan Gyurdiev. + * Merged compare2 function patch from Ivan Gyurdiev. + * Fixed hierarchy checker to only check allow rules. + * Merged further fixes from Russell Coker, specifically: + - av_to_string overflow checking + - sepol_context_to_string error handling + - hierarchy checking memory leak fixes and optimizations + - avrule_block_read variable initialization + * Marked deprecated code in genbools and genusers. + * Merged bugfix for sepol_port_modify from Russell Coker. + * Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev. + * Merged port ordering patch from Ivan Gyurdiev. + * Merged patch series from Ivan Gyurdiev. + This includes patches to: + - support ordering of records in compare function + - enable port interfaces + - add interfaces for context validity and range checks + - add include guards + * Fixed mls_range_cpy bug. + + + -- Manoj Srivastava Wed, 22 Mar 2006 16:13:34 -0600 + +libsepol (1.10-2) unstable; urgency=low + + * Bug fix: "libsepol: please include a pkg-config file", thanks to + Guillem Jover In Debian, dpkg compiles in libselinux statically -- in + order to prevent dependency loops. Now, as libselinux acquired a build + time dependency on libsepol, automated dpkg builds failed -- since + there was no way for packages to detect the transitive dependencies + when linking statically. This patch fixes that issue -- by generating + a .pc file to be used with pkg-config. (Closes: #348947). + + -- Manoj Srivastava Sat, 28 Jan 2006 20:23:36 -0600 + +libsepol (1.10-1) unstable; urgency=low + + * New upstream release + * Updated version for release. + * Dropped handle from user_del_role interface. + * Merged remove defrole from sepol patch from Ivan Gyurdiev. + * Merged module function and map file cleanup from Ivan Gyurdiev. + * Merged MLS and genusers cleanups from Ivan Gyurdiev. + Prepare for removal of booleans* and *.users files. + * Cleaned up sepol_genbools to not regenerate the image if + there were no changes in the boolean values, including the + degenerate case where there are no booleans or booleans.local + files. + * Cleaned up sepol_genusers to not warn on missing local.users. + * Removed sepol_port_* from libsepol.map, as the port interfaces + are not yet stable. + * Merged context destroy cleanup patch from Ivan Gyurdiev. + * Merged context_to_string interface change patch from Ivan Gyurdiev. + * Added src/dso.h and src/*_internal.h. + Added hidden_def for exported symbols used within libsepol. + Added hidden for symbols that should not be exported by + the wildcards in libsepol.map. + * Merged record interface, record bugfix, and set_roles patches + from Ivan Gyurdiev. + * Merged count specification change from Ivan Gyurdiev. + * Added further checking and error reporting to + sepol_module_package_read and _info. + * Merged sepol handle passing, DEBUG conversion, and memory leak + fix patches from Ivan Gyurdiev. + * Removed processing of system.users from sepol_genusers and + dropped delusers logic. + * Removed policydb_destroy from error path of policydb_read, + since create/init/destroy/free of policydb is handled by the + caller now. + * Fixed sepol_module_package_read to handle a failed policydb_read + properly. + * Merged query/exists and count patches from Ivan Gyurdiev. + * Merged fix for pruned types in expand code from Joshua Brindle. + * Merged new module package format code from Joshua Brindle. + * Merged context interface cleanup, record conversion code, + key passing, and bug fix patches from Ivan Gyurdiev. + * Merged users cleanup patch from Ivan Gyurdiev. + * Merged user record memory leak fix from Ivan Gyurdiev. + * Merged reorganize users patch from Ivan Gyurdiev. + * Added check flag to expand_module() to control assertion + and hierarchy checking on expansion. + * Reworked check_assertions() and hierarchy_check_constraints() + to take handles and use callback-based error reporting. + * Changed expand_module() to call check_assertions() and + hierarchy_check_constraints() prior to returning the expanded + policy. + * Changed sepol_module_package_set_file_contexts to copy the + file contexts data since it is internally managed. + * Added sepol_policy_file_set_handle interface to associate + a handle with a policy file. + * Added handle argument to policydb_from_image/to_image. + * Added sepol_module_package_set_file_contexts interface. + * Dropped sepol_module_package_create_file interface. + * Reworked policydb_read/write, policydb_from_image/to_image, + and sepol_module_package_read/write to use callback-based error + reporting system rather than DEBUG. + * Reworked link_packages, link_modules, and expand_module to use + callback-based error reporting system rather than error buffering. + * Merged conditional expression mapping fix in the module linking + code from Joshua Brindle. + * Hid sepol_module_package type definition, and added get interfaces. + * Merged new callback-based error reporting system from Ivan + Gyurdiev. + * Merged support for require blocks inside conditionals from + Joshua Brindle (Tresys). + * Fixed use of policydb_from_image/to_image to ensure proper + init of policydb. + * Isolated policydb internal headers under . + These headers should only be used by users of the static libsepol. + Created new with new public types and interfaces + for shared libsepol. + Created new with public types and interfaces moved + or wrapped from old module.h, link.h, and expand.h, adjusted for + new public types for policydb and policy_file. + Added public interfaces to libsepol.map. + Some implementation changes visible to users of the static libsepol: + 1) policydb_read no longer calls policydb_init. + Caller must do so first. + 2) policydb_init no longer takes policy_type argument. + Caller must set policy_type separately. + 3) expand_module automatically enables the global branch. + Caller no longer needs to do so. + 4) policydb_write uses the policy_type and policyvers from the + policydb itself, and sepol_set_policyvers() has been removed. + * Merged function renaming and static cleanup from Ivan Gyurdiev. + * Merged bug fix for check_assertions handling of no assertions + from Joshua Brindle (Tresys). + * Merged iterate patch from Ivan Gyurdiev. + * Merged MLS in modules patch from Joshua Brindle (Tresys). + * Merged pointer typedef elimination patch from Ivan Gyurdiev. + * Merged user list function, new mls functions, and bugfix patch + from Ivan Gyurdiev. + * Merged sepol_get_num_roles fix from Karl MacMillan (Tresys). + * Merged bug fix patches from Joshua Brindle (Tresys). + * Merged boolean record and memory leak fix patches from Ivan + Gyurdiev. + * Merged interface record patch from Ivan Gyurdiev. + * Merged fix for sepol_enable/disable_debug from Ivan + Gyurdiev. + * Merged stddef.h patch and debug conversion patch from + Ivan Gyurdiev. + * Fixed expand_avtab and expand_cond_av_list to keep separate + entries with identical keys but different enabled flags. + + -- Manoj Srivastava Sat, 10 Dec 2005 17:49:28 -0600 + +libsepol (1.8-1) unstable; urgency=low + + * New upstream release + * Updated version for release. + * Fixed symtab_insert return value for duplicate declarations. + * Merged fix for memory error in policy_module_destroy from + Jason Tang (Tresys). + * Merged fix for memory leak in sepol_context_to_sid from + Jason Tang (Tresys). + * Merged fixes for resource leaks on error paths and + change to scope_destroy from Joshua Brindle (Tresys). + * Merged more fixes for resource leaks on error paths + from Serge Hallyn (IBM). Bugs found by Coverity. + * Changed to treat all type conflicts as fatal errors. + * Merged several error handling fixes from + Serge Hallyn (IBM). Bugs found by Coverity. + * Fixed further memory leaks found by valgrind. + * Fixed several memory leaks found by valgrind. + * Fixed empty list test in cond_write_av_list. Bug found by + Coverity, reported by Serge Hallyn (IBM). + * Merged patch to policydb_write to check errors + when writing the type->attribute reverse map from + Serge Hallyn (IBM). Bug found by Coverity. + * Fixed policydb_destroy to properly handle NULL type_attr_map + or attr_type_map. + * Fixed use of uninitialized data by expand_avtab_node by + clearing type_val_to_struct in policydb_index_others. + * Improved memory use by SELinux by both reducing the avtab + node size and reducing the number of avtab nodes (by not + expanding attributes in TE rules when possible). Added + expand_avtab and expand_cond_av_list functions for use by + assertion checker, hierarchy checker, compatibility code, + and dispol. Added new inline ebitmap operators and converted + existing users of ebitmaps to the new operators for greater + efficiency. + Note: The binary policy format version has been incremented to + version 20 as a result of these changes. + * Fixed bug in constraint_node_clone handling of name sets. + * Fix range_trans_clone to map the type values properly. + * Merged patch to move module read/write code from libsemanage + to libsepol from Jason Tang (Tresys). + * Enabled further compiler warning flags and fixed them. + * Merged user, context, port records patch from Ivan Gyurdiev. + * Merged key extract function patch from Ivan Gyurdiev. + * Merged mls_context_to_sid bugfix from Ivan Gyurdiev. + * Merged context reorganization, memory leak fixes, + port and interface loading, replacements for genusers and + genbools, debug traceback, and bugfix patches from Ivan Gyurdiev. + * Merged uninitialized variable bugfix from Dan Walsh. + * Merged debug support, policydb conversion functions from Ivan + Gyurdiev (Red Hat). + * Removed genpolbools and genpolusers utilities. + * Merged hierarchy check fix from Joshua Brindle (Tresys). + * Merged header file cleanup and memory leak fix from Ivan Gyurdiev + (Red Hat). + * Merged genbools debugging message cleanup from Red Hat. + * Merged loadable module support from Tresys Technology. + * libsepol1: Priority should be required, thanks to Matt Kraai. + (Closes: 328041) + + -- Manoj Srivastava Wed, 14 Sep 2005 15:36:54 -0500 + +libsepol (1.6-2) unstable; urgency=low + + * Modify sections of generated binaries. sepol-utils belongs in admin, + really. + + -- Manoj Srivastava Wed, 10 Aug 2005 13:28:02 -0500 + +libsepol (1.6-1) unstable; urgency=low + + * New upstream release + * Updated version for release. + * License changed to LGPL v2.1, see COPYING. + * Added sepol_genbools_policydb and sepol_genusers_policydb for + audit2why. + * Added sepol_ prefix to Flask types to avoid + namespace collision with libselinux. + * Added sepol_compute_av_reason() for audit2why. + * Fixed bug in role hierarchy checker. + * Merged hierarchical type/role patch from Tresys Technology. + * Merged MLS fixes from Darrel Goeddel of TCS. + * Changed sepol_genusers to not delete users by default, + and added a sepol_set_delusers function to enable deletion. + Also, removed special case handling of system_u and user_u. + * Merged booleans.local patch from Dan Walsh. + * Added man page for sepol_check_context. + * Added man page for sepol_genusers function. + * Merged man pages for genpolusers and chkcon from Manoj Srivastava. + + + -- Manoj Srivastava Mon, 27 Jun 2005 13:40:28 -0500 + +libsepol (1.4-1) unstable; urgency=low + + * New upstream release. Added enhanced MLS support, and the + sepol_genusers function. Numerous small bug fixes as well. + + -- Manoj Srivastava Fri, 11 Mar 2005 10:45:32 -0600 + +libsepol (1.2-3) unstable; urgency=high + + * Bug fix: "libsepol: FTBFS (amd64/gcc-4.0): static declaration of + 'policydb_compat' follows non-static declaration", thanks to Andreas + Jochens (Closes: #287447). + * Bug fix: "libsepol: FTBFS (amd64/gcc-4.0): static declaration of + 'policydb_compat' follows non-static declaration", thanks to Andreas + Jochens (Closes: #287458). + + -- Manoj Srivastava Wed, 12 Jan 2005 23:36:08 -0600 + +libsepol (1.2-2) unstable; urgency=low + + * Update download location and copyright file, since the locations we + were pointing to are now forbidden (return a code 403). + + -- Manoj Srivastava Wed, 24 Nov 2004 14:02:32 -0600 + +libsepol (1.2-1) unstable; urgency=low + + * New upstream release. Changes: + * MLS build fixes. + * Added sepol_set_policydb_from_file and sepol_check_context for + setfiles. + * Even though the API has changed, the soname has not been bumped + upstream on the grounds that no one is using this yet. Since we have + not yet shipped libsepol, I guess I am OK with that. + + -- Manoj Srivastava Thu, 4 Nov 2004 01:06:08 -0600 + +libsepol (1.0-5) unstable; urgency=low + + * The section 3 man pages should be in the -dev package. + + -- Manoj Srivastava Wed, 27 Oct 2004 10:59:36 -0500 + +libsepol (1.0-3) unstable; urgency=low + + * New maintainer, and new build system. Try and address the concerns of + the ftp master on the last upload. + + -- Manoj Srivastava Wed, 27 Oct 2004 00:45:53 -0500 + +libsepol (1.0-2) unstable; urgency=low + + * Stuffed it up. New upload to fix dependency in -dev package. + + -- Russell Coker Fri, 20 Aug 2004 18:24:00 +1000 + +libsepol (1.0-1) unstable; urgency=low + + * Initial Release. + + -- Russell Coker Fri, 20 Aug 2004 18:14:00 +1000 + --- libsepol-2.0.30.orig/debian/copyright +++ libsepol-2.0.30/debian/copyright @@ -0,0 +1,49 @@ +This is the Debian packe for libsepol, and it is built from sources +obtained from http://www.nsa.gov/selinux/code/download5.cfm. + + + +This package was debianized by Russell Coker on +Fri, 20 Aug 2004 17:26:18 +1000. + +libsepol is + Copyright (C) 2003, 2004 Stephen Smalley + Copyright (C) 2003, 2004 Red Hat, Inc. + Copyright (C) 2004, 2005 Trusted Computer Solutions, Inc. + Copyright (C) 2003, 2004, 2005 Tresys Technology, LLC + + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +On Debian GNU/Linux systems, the complete text of the Lesser GNU General +Public License can be found in `/usr/share/common-licenses/LGPL'. + + This package is maintained by Manoj Srivastava . + + The Debian specific changes are © 2005, 2006, Manoj Srivastava + , and distributed under the terms of the GNU + General Public License, version 2. + + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + + A copy of the GNU General Public License is also available at + . You may also obtain + it by writing to the Free Software Foundation, Inc., 51 Franklin + St, Fifth Floor, Boston, MA 02110-1301 USA + +Manoj Srivastava +arch-tag: d4250e44-a0e0-4ee0-adb9-2bd74f6eeb27 --- libsepol-2.0.30.orig/debian/.gitmodules +++ libsepol-2.0.30/debian/.gitmodules @@ -0,0 +1,3 @@ +[submodule "common"] + path = common + url = git://git.debian.org/~srivasta/debian/debian-common.git --- libsepol-2.0.30.orig/debian/postinst +++ libsepol-2.0.30/debian/postinst @@ -0,0 +1,228 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# postinst --- +# Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +# Created On : Fri Nov 14 11:25:07 2003 +# Created On Node : glaurung.green-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Wed Oct 27 01:01:02 2004 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 13 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 5401e9ef-39cc-4aee-96a4-61dfb8f32cf7 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# + +# Abort if any command returns an error value +set -e + +package_name=libsepol1 + +if [ -z "$package_name" ]; then + print >&2 "Internal Error. Please report a bug." + exit 1; +fi + +# This script is called as the last step of the installation of the +# package. All the package's files are in place, dpkg has already done +# its automatic conffile handling, and all the packages we depend of +# are already fully installed and configured. +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +# The following idempotent stuff doesn't generally need protecting +# against being run in the abort-* cases. + +# Install info files into the dir file +##: install-info --quiet --section "section pattern" "Section Title" \ +##: --description="Name of the document" /usr/info/${package_name}.info + +# Create stub directories under /usr/local +##: if test ! -d /usr/local/lib/${package_name}; then +##: if test ! -d /usr/local/lib; then +##: if mkdir /usr/local/lib; then +##: chown root.staff /usr/local/lib || true +##: chmod 2775 /usr/local/lib || true +##: fi +##: fi +##: if mkdir /usr/local/lib/${package_name}; then +##: chown root.staff /usr/local/lib/${package_name} || true +##: chmod 2775 /usr/local/lib/${package_name} || true +##: fi +##: fi + +# Ensure the menu system is updated +##: [ ! -x /usr/bin/update-menus ] || /usr/bin/update-menus + +# Arrange for a daemon to be started at system boot time +##: update-rc.d ${package_name} default >/dev/null + +case "$1" in + configure) + # Configure this package. If the package must prompt the user for + # information, do it here. + # Install emacs lisp files + ##:if [ -x /usr/lib/emacsen-common/emacs-package-install ]; then + ##: /usr/lib/emacsen-common/emacs-package-install $package_name + ##:fi + + + # Activate menu-methods script + ##: chmod a+x /etc/menu-methods/${package_name} + + # Update ld.so cache + ldconfig + + # Make our version of a program available + ##: update-alternatives \ + ##: --install /usr/bin/program program /usr/bin/alternative 50 \ + ##: --slave /usr/man/man1/program.1.gz program.1.gz \ + ##: /usr/man/man1/alternative.1.gz + + # Tell ucf that the file in /usr/share/foo is the latest + # maintainer version, and let it handle how to manage the real + # confuguration file in /etc. This is how a static configuration + # file can be handled: + ##:if which ucf >/dev/null 2>&1; then + ##: ucf /usr/share/${package_name}/configuration /etc/${package_name}.conf + ##:fi + + ### We could also do this on the fly. The following is from Tore + ### Anderson: + + #. /usr/share/debconf/confmodule + + ### find out what the user answered. + # db_get foo/run_on_boot + # run_on_boot=$RET + # db_stop + + ### safely create a temporary file to generate our suggested + ### configuration file. + # tempfile=`tempfile` + # cat << _eof > $tempfile + ### Configuration file for Foo. + + ### this was answered by you, the user in a debconf dialogue + # RUNONBOOT=$run_on_boot + + ### this was not, as it has a sane default value. + # COLOUROFSKY=blue + + #_eof + + ### Note that some versions of debconf do not release stdin, so + ### the following invocation of ucf may not work, since the stdin + ### is never coneected to ucfr. + + ### now, invoke ucf, which will take care of the rest, and ask + ### the user if he wants to update his file, if it is modified. + #ucf $tempfile /etc/foo.conf + + ### done! now we'll just clear up our cruft. + #rm -f $tempfile + if [ -x /sbin/init ] && [ -x /bin/readlink ]; then + if [ "$(readlink /proc/1/exe 2>/dev/null)" = "/sbin/init" ]; then + # Use telinit if available, it is better form, according + # to the sysvinit maintainer. + if [ -x /sbin/telinit ]; then + (telinit u ; sleep 1) + else + (init u ; sleep 1) + fi + fi + fi + + + + # There are three sub-cases: + if test "${2+set}" != set; then + # We're being installed by an ancient dpkg which doesn't remember + # which version was most recently configured, or even whether + # there is a most recently configured version. + : + + elif test -z "$2" | test "$2" = ""; then + # The package has not ever been configured on this system, or was + # purged since it was last configured. + : + + else + # Version $2 is the most recently configured version of this + # package. + : + + fi ;; + abort-upgrade) + # Back out of an attempt to upgrade this package FROM THIS VERSION + # to version $2. Undo the effects of "prerm upgrade $2". + : + + ;; + abort-remove) + if test "$2" != in-favour; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to remove this package, which was due to + # a conflict with package $3 (version $4). Undo the effects of + # "prerm remove in-favour $3 $4". + : + + ;; + abort-deconfigure) + if test "$2" != in-favour | test "$5" != removing; then + echo "$0: undocumented call to \`postinst $*'" 1>&2 + exit 0 + fi + # Back out of an attempt to deconfigure this package, which was + # due to package $6 (version $7) which we depend on being removed + # to make way for package $3 (version $4). Undo the effects of + # "prerm deconfigure in-favour $3 $4 removing $6 $7". + : + + ;; + *) echo "$0: didn't understand being called with \`$1'" 1>&2 + exit 0;; +esac + +# Install doc base documentation +##:if which install-docs >/dev/null 2>&1; then +##: if [ -e /usr/share/doc-base/${package_name} ]; then +##: install-docs -i /usr/share/doc-base/${package_name} +##: fi +##:fi + +exit 0 --- libsepol-2.0.30.orig/debian/postrm +++ libsepol-2.0.30/debian/postrm @@ -0,0 +1,170 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# postrm --- +# Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +# Created On : Fri Nov 14 12:22:20 2003 +# Created On Node : glaurung.green-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Wed Oct 27 01:01:42 2004 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 9 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 56802d51-d980-4822-85c0-28fce19ed430 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + + +# Abort if any command returns an error value +set -e + +package_name=libsepol1 + +if [ -z "$package_name" ]; then + print >&2 "Internal Error. Please report a bug." + exit 1; +fi + +# This script is called twice during the removal of the package; once +# after the removal of the package's files from the system, and as +# the final step in the removal of this package, after the package's +# conffiles have been removed. +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +# Ensure the menu system is updated +##: [ ! -x /usr/bin/update-menus ] || /usr/bin/update-menus + +case "$1" in + remove) + # This package is being removed, but its configuration has not yet + # been purged. + : + + # Remove diversion + ##: dpkg-divert --package ${package_name} --remove --rename \ + ##: --divert /usr/bin/other.real /usr/bin/other + + ldconfig + + ;; + purge) + # This package has previously been removed and is now having + # its configuration purged from the system. + : + + # we mimic dpkg as closely as possible, so we remove configuration + # files with dpkg backup extensions too: + ### Some of the following is from Tore Anderson: + ##: for ext in '~' '%' .bak .dpkg-tmp .dpkg-new .dpkg-old .dpkg-dist; do + ##: rm -f /etc/${package_name}.conf$ext + ##: done + + # remove the configuration file itself + ##: rm -f /etc/${package_name}.conf + + # and finally clear it out from the ucf database + ##: ucf --purge /etc/${package_name}.conf + + # Remove symlinks from /etc/rc?.d + ##: update-rc.d ${package_name} remove >/dev/null + + ##: if [ -e /usr/share/debconf/confmodule ]; then + ##: # Purge this package's data from the debconf database. + ##: . /usr/share/debconf/confmodule + ##: db_purge + ##: fi + + # This package has previously been removed and is now having + # its configuration purged from the system. + ##: for flavour in emacs20 emacs21; do + ##: STARTDIR=/etc/$flavour/site-start.d; + ##: STARTFILE="${package_name}-init.el"; + ##: if [ -e "$STARTDIR/20$STARTFILE" ]; then + ##: rm -f "$STARTDIR/20$STARTFILE" + ##: fi + ##: done + + ;; + disappear) + if test "$2" != overwriter; then + echo "$0: undocumented call to \`postrm $*'" 1>&2 + exit 0 + fi + # This package has been completely overwritten by package $3 + # (version $4). All our files are already gone from the system. + # This is a special case: neither "prerm remove" nor "postrm remove" + # have been called, because dpkg didn't know that this package would + # disappear until this stage. + : + + ;; + upgrade) + # About to upgrade FROM THIS VERSION to version $2 of this package. + # "prerm upgrade" has been called for this version, and "preinst + # upgrade" has been called for the new version. Last chance to + # clean up. + : + + ;; + failed-upgrade) + # About to upgrade from version $2 of this package TO THIS VERSION. + # "prerm upgrade" has been called for the old version, and "preinst + # upgrade" has been called for this version. This is only used if + # the previous version's "postrm upgrade" couldn't handle it and + # returned non-zero. (Fix old postrm bugs here.) + : + + ;; + abort-install) + # Back out of an attempt to install this package. Undo the effects of + # "preinst install...". There are two sub-cases. + : + + if test "${2+set}" = set; then + # When the install was attempted, version $2's configuration + # files were still on the system. Undo the effects of "preinst + # install $2". + : + + else + # We were being installed from scratch. Undo the effects of + # "preinst install". + : + + fi ;; + abort-upgrade) + # Back out of an attempt to upgrade this package from version $2 + # TO THIS VERSION. Undo the effects of "preinst upgrade $2". + : + + ;; + *) echo "$0: didn't understand being called with \`$1'" 1>&2 + exit 0;; +esac + +exit 0 --- libsepol-2.0.30.orig/debian/watch +++ libsepol-2.0.30/debian/watch @@ -0,0 +1,6 @@ +# format version number, currently 2; this line is compulsory! +version=2 + + + +http://www.nsa.gov/selinux/code/download-trunk.cfm ../archives/libsepol-(.*)\.tgz --- libsepol-2.0.30.orig/debian/common/debconf.mk +++ libsepol-2.0.30/debian/common/debconf.mk @@ -0,0 +1,101 @@ +############################ -*- Mode: Makefile -*- ########################### +## debconf.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.internal.golden-gryphon.com ) +## Created On : Fri Mar 12 11:11:31 2004 +## Created On Node : glaurung.internal.golden-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Mon Apr 11 13:19:10 2005 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 20 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : helps with using debconf +## +## arch-tag: 32b933a9-05ad-4c03-97a8-8644745b832a +## +############################################################################### + +# The idea behind this scheme is that the maintainer (or whoever's +# building the package for upload to unstable) has to build on a +# machine with po-debconf installed, but nobody else does. + +# When building with po-debconf, a format 1 (no encoding specifications, +# woody-compatible) debian/templates file is generated in the clean target +# and shipped in the source package, but a format 2 (UTF8-encoded, +# woody-incompatible) debian/templates file is generated in binary-arch +# for the binary package only. + +# When building without po-debconf, the binary package simply reuses the +# woody-compatible debian/templates file that was produced by the clean +# target of the maintainer's build. + +# Also, make sure that debian/control has ${debconf-depends} in the +# appropriate Depends: line., and use the following in the binary +# target: +# dpkg-gencontrol -V'debconf-depends=debconf (>= $(MINDEBCONFVER))' +# + +# WARNING!! You need to create the templates.master file before this all works. + +ifeq (,$(wildcard /usr/bin/po2debconf)) + PO2DEBCONF := no + MINDEBCONFVER := 0.5 +else + PO2DEBCONF := yes + MINDEBCONFVER := 1.2.0 +endif + + +# Hack for woody compatibility. This makes sure that the +# debian/templates file shipped in the source package doesn't specify +# encodings, which woody's debconf can't handle. If building on a +# system with po-debconf installed the binary-arch target will +# generate a better version for sarge. Only do this if there is a +# templates.master, or else the debian/templates file can get +# damamged. +ifeq ($(PO2DEBCONF),yes) + ifeq (,$(wildcard debian/templates.master)) +define CREATE_COMPATIBLE_TEMPLATE + echo Not modifying templates +endef + else +define CREATE_COMPATIBLE_TEMPLATE + echo 1 > debian/po/output + po2debconf debian/templates.master > debian/templates + rm -f debian/po/output +endef + endif +else +define CREATE_COMPATIBLE_TEMPLATE + echo Not modifying templates +endef +endif + + +ifeq ($(PO2DEBCONF),yes) + ifeq (,$(wildcard debian/templates.master)) +define INSTALL_TEMPLATE + echo using old template +endef + else +define INSTALL_TEMPLATE + po2debconf debian/templates.master > debian/templates +endef + endif +else +define INSTALL_TEMPLATE + echo using old template +endef +endif + +# the tool podebconf-report-po is also a great friend to have in such +# circumstances +define CHECKPO + @for i in debian/po/*.po; do \ + if [ -f $$i ]; then \ + echo \"Checking: $$i\"; \ + msgmerge -U $$i debian/po/templates.pot; \ + msgfmt -o /dev/null -c --statistics $$i; \ + fi; \ + done +endef --- libsepol-2.0.30.orig/debian/common/perlvars.mk +++ libsepol-2.0.30/debian/common/perlvars.mk @@ -0,0 +1,27 @@ +############################ -*- Mode: Makefile -*- ########################### +## perlvars.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:55:47 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Dec 13 13:50:58 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 3 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: a97a01ba-d08d-404d-aa81-572717c03e6c +## +############################################################################### + +# Perl variables +PERL = /usr/bin/perl + +INSTALLPRIVLIB = $(TMPTOP)/$(shell \ + perl -e 'use Config; print "$$Config{'installprivlib'}\n";') +INSTALLARCHLIB = $(TMPTOP)/$(shell \ + perl -e 'use Config; print "$$Config{'installarchlib'}\n";') +INSTALLVENDORLIB =$(TMPTOP)/$(shell \ + perl -e 'use Config; print "$$Config{'vendorlibexp'}\n";') +CONFIG = INSTALLDIRS=vendor --- libsepol-2.0.30.orig/debian/common/archvars.mk +++ libsepol-2.0.30/debian/common/archvars.mk @@ -0,0 +1,118 @@ +############################ -*- Mode: Makefile -*- ########################### +## archvars.mk --- +## Author : Manoj Srivastava ( srivasta@golden-gryphon.com ) +## Created On : Sat Nov 15 02:40:56 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Tue Nov 16 23:36:15 2004 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 5 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : calls dpkg-architecture and sets up various arch +## related variables +## +## arch-tag: e16dd848-0fd6-4c0e-ae66-bef20d1f7c63 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +## +############################################################################### + + +DPKG_ARCH := dpkg-architecture + +ifeq ($(strip $(KPKG_ARCH)),um) + MAKING_VIRTUAL_IMAGE:=YES +endif +ifeq ($(strip $(KPKG_ARCH)),xen) + MAKING_VIRTUAL_IMAGE:=YES +endif + +ifneq ($(strip $(CONFIG_UM)),) + MAKING_VIRTUAL_IMAGE:=YES + KPKG_ARCH=um +endif + +ifneq ($(strip $(CONFIG_XEN)),) + MAKING_VIRTUAL_IMAGE:=YES + ifneq ($(strip $(CONFIG_X86_XEN)$(CONFIG_X86_64_XEN)),) + KPKG_SUBARCH=xen + else + KPKG_ARCH=xen + ifeq ($(strip $(CONFIG_XEN_PRIVILEGED_GUEST)),) + KPKG_SUBARCH=xenu + else + KPKG_SUBARCH=xen0 + endif + endif +endif + +ifdef KPKG_ARCH + ifeq ($(strip $(MAKING_VIRTUAL_IMAGE)),) + ifneq ($(CROSS_COMPILE),-) + ha:=-a$(KPKG_ARCH) + endif + endif +endif + +# set the dpkg-architecture vars +export DEB_BUILD_ARCH := $(shell $(DPKG_ARCH) -qDEB_BUILD_ARCH) +export DEB_BUILD_GNU_CPU := $(shell $(DPKG_ARCH) -qDEB_BUILD_GNU_CPU) +export DEB_BUILD_GNU_SYSTEM:= $(shell $(DPKG_ARCH) -qDEB_BUILD_GNU_SYSTEM) +export DEB_BUILD_GNU_TYPE := $(shell $(DPKG_ARCH) -qDEB_BUILD_GNU_TYPE) +export DEB_HOST_ARCH := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_ARCH) +export DEB_HOST_ARCH_OS := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_ARCH_OS \ + 2>/dev/null|| true) +export DEB_HOST_ARCH_CPU := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_ARCH_CPU \ + 2>/dev/null|| true) +export DEB_HOST_GNU_CPU := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_GNU_CPU) +export DEB_HOST_GNU_SYSTEM := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_GNU_SYSTEM) +export DEB_HOST_GNU_TYPE := $(shell $(DPKG_ARCH) $(ha) -qDEB_HOST_GNU_TYPE) + +# arrgh. future proofing +ifeq ($(DEB_HOST_GNU_SYSTEM), linux) + DEB_HOST_GNU_SYSTEM=linux-gnu +endif +ifeq ($(DEB_HOST_ARCH_OS),) + ifeq ($(DEB_HOST_GNU_SYSTEM), linux-gnu) + DEB_HOST_ARCH_OS := linux + endif + ifeq ($(DEB_HOST_GNU_SYSTEM), kfreebsd-gnu) + DEB_HOST_ARCH_OS := kfreebsd + endif +endif + +REASON = @if [ -f $@ ]; then \ + echo "====== making $(notdir $@) because of $(notdir $?) ======";\ + else \ + echo "====== making target $@ [new prereqs: $(notdir $?)]======"; \ + fi + +OLDREASON = @if [ -f $@ ]; then \ + echo "====== making $(notdir $@) because of $(notdir $?) ======";\ + else \ + echo "====== making (creating) $(notdir $@) ======"; \ + fi + +LIBREASON = @echo "====== making $(notdir $@)($(notdir $%))because of $(notdir $?)======" + + +# macro outputing $(1) if DEBUG_DEBIAN_RULES is set, and resolving it +# in all cases usage $(call doit,some shell command) +doit = $(if $(DEBUG_DEBIAN_RULES),$(warning DEBUG: $(1)))$(shell $(1)) + +#Local variables: +#mode: makefile +#End: --- libsepol-2.0.30.orig/debian/common/README +++ libsepol-2.0.30/debian/common/README @@ -0,0 +1,78 @@ +# This file provides a quick overview of this build system. The idea is +# to convert ./debian/rules into a framework, which abstracts most of +# the work required to create a Debian package into this common set of +# make snippets. + +# The rules file would look like this: + +## Include dpkg-architecture generated variables +# This make snippet uses dpkg-architecture to set the various +# DEB_BUILD* and DEB_HOST* variables. It also adds a couple of DEBUG +# macros for use in the rules file. +include debian/common/archvars.mk + +## variables useful for perl packages +# This sets things like the installed location of the private lib, +# arch dependent lib, and vendor library directories. +include debian/common/perlvars.mk + +## Install commands +# This sets the convenience macros install_{file,script,program} and +# a make directory macro, all run as root, for the install and binary +# targets. It also includes a macro to create the md5sum for +# installed files. +include debian/common/install_cmds.mk + +## Per package variable settings. +# This file sets the Make variables on a per package basis. Things +# like include files, C, C++, and LD flags are set here, as well as +# installation paths or, really, anything else that would be needed +# during packaging operations +include debian/local-vars.mk + +## Setting C compiler flags. +# This file takes care of setting C compiler flags, setting the +# compiler if a cross compilation effort is detected, and either +# arranges for binaries to be stripped or not based on +# DEB_BUILD_OPTIONS. +include debian/common/copt.mk + +## Set automake configuration flags +# This file sets confflags variable with the proper --host and +# --build options if it detects a cross compilation effort underway. +include debian/common/automake.mk + +# Set up the default target. +all: + @echo nothing to be done + +## Include the common targets +# This file sets up the flow of control during a Debian package build +# process, taking into account policy requirements (mandatory +# targets, ordering targets). It sets up rules for each package found +# in ./debian/control file in the package, and arranges package build +# to follow the order of configuration, building, installation, and +# binary package creation (and of course, clean). + +# The details of the targets can be seen visually by running dot on +# the accompanying targets.dot file. In the figure, the legend is: +# Nodes attributes: +# filled == Work target (most work is done in dependencies added +# to these targets). These are the targets referred to +# in the local.mk file +# Octagon == Phony target +# Oval == Real target based on a time stamp +# Double lines denote a mandatory target +# +# Edge attributes: A Red line indicates the target is called using +# $(MAKE) -f ./debian/rules . So the targets connected by the +# red lines are run after all the dependencies have been updated, but +# before anything else is done. + +include debian/common/targets.mk + +## The bulk of packaging +# This file adds dependencies to the double-colon rules set up in +# targets.mk above, and perform the bulk of the packaging. +include debian/local.mk + --- libsepol-2.0.30.orig/debian/common/copt.mk +++ libsepol-2.0.30/debian/common/copt.mk @@ -0,0 +1,40 @@ +############################ -*- Mode: Makefile -*- ########################### +## copt.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:48:40 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Nov 15 02:49:07 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 1 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: a0045c20-f1b3-4852-9a4b-1a33ebd7c1b8 +## +############################################################################### + +# set CC to $(DEB_HOST_GNU_TYPE)-gcc only if a cross-build is detected +ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE)) + CC=$(DEB_HOST_GNU_TYPE)-gcc +else + CC = cc +endif + +CFLAGS = -O2 +PREFIX := /usr + +# Policy 10.1 says to make this the default +CFLAGS += -g + +## ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS))) +## endif + +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + STRIP += -s + LDFLAGS += -s + INT_INSTALL_TARGET = install +else + INT_INSTALL_TARGET = install +endif --- libsepol-2.0.30.orig/debian/common/automake.mk +++ libsepol-2.0.30/debian/common/automake.mk @@ -0,0 +1,37 @@ +############################ -*- Mode: Makefile -*- ########################### +## automake.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:47:23 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Nov 15 02:47:53 2003 +## Last Machine Used: glaurung.green-gryphon.com +## Update Count : 1 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: 1fabe69b-7cc8-4ecc-9411-bc5906b19857 +## +############################################################################### + +AUTOCONF_VERSION:=$(shell if [ -e configure ]; then \ + grep "Generated automatically using autoconf" \ + configure | sed -e 's/^.*autoconf version //g'; \ + fi) +HAVE_NEW_AUTOMAKE:=$(shell if [ "X$(AUTOCONF_VERSION)" != "X2.13" ]; then \ + echo 'YES' ; fi) + +ifneq ($(strip $(HAVE_NEW_AUTOMAKE)),) + ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + confflags += --build $(DEB_BUILD_GNU_TYPE) + else + confflags += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) + endif +else + ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + confflags += $(DEB_HOST_GNU_TYPE) + else + confflags += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) + endif +endif --- libsepol-2.0.30.orig/debian/common/targets.dot +++ libsepol-2.0.30/debian/common/targets.dot @@ -0,0 +1,293 @@ +strict digraph Targets { + //ranksep=0.750; + //nodesep=0.500; + + // Nodes attributes: filled == Double-colon targt (most work is done here) + // Oval == Target based on a time stamp + // Octagon == Phony target + // Double lines denote a mandatory target (periperies=2) + + // Edge attributes: Dotted line indicates the target is called using $(MAKE) + + "debian/stamp/dummy-config-common" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-config-common" [ style="filled", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-config-common" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-config-arch" [ style="filled", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-config-arch" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-config-indep" [ style="filled", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-config-indep" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/CONFIG/foo-arch" [ style="filled", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/CONFIG/bar-indep" [ style="filled", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-configure-arch" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-configure-indep" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-configure-arch" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-configure-indep" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10] + "configure-arch" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "configure-indep" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "configure" [ style="bold", color="#DEE3FF", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + + "debian/stamp/pre-build-common" [ style="filled", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-build-arch" [ style="filled", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-build-arch" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-build-indep" [ style="filled", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-build-indep" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/BUILD/foo-arch" [ style="filled", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/BUILD/bar-indep" [ style="filled", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-build-arch" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-build-indep" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-build-arch" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-build-indep" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "build-arch" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10, shape="octagon", peripheries=2] + "build-indep" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10, shape="octagon", peripheries=2] + "build" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10, shape="octagon", peripheries=2] + "debian/stamp/post-build-arch" [ style="filled", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/post-build-indep" [ style="filled", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-post-build-arch" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-post-build-indep" [ style="bold", color="#74A5ED", fontcolor="NavyBlue", fontsize=10] + + "debian/stamp/pre-inst-common" [ style="filled", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-inst-arch" [ style="filled", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-inst-arch" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-inst-indep" [ style="filled", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-inst-indep" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/INST/foo-arch" [ style="filled", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/INST/bar-indep" [ style="filled", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-install-arch" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-install-indep" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-install-arch" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-install-indep" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10] + "install-arch" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "install-indep" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "install" [ style="bold", color="#F8DFDB", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + + "debian/stamp/pre-bin-common" [ style="filled", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-bin-arch" [ style="filled", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-bin-arch" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/pre-bin-indep" [ style="filled", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-pre-bin-indep" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/BIN/foo-arch" [ style="filled", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/BIN/bar-indep" [ style="filled", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-binary-arch" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/dep-binary-indep" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-binary-arch" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "debian/stamp/do-binary-indep" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10] + "binary-arch" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10, shape="octagon", peripheries=2] + "binary-indep" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10, shape="octagon", peripheries=2] + "binary" [ style="bold", color="#CEFFC0", fontcolor="NavyBlue", fontsize=10, shape="octagon", peripheries=2] + + + "CLN-common" [ style="filled" , color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "CLN-arch" [ style="filled" , color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "CLN-indep" [ style="filled" , color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "CLEAN/foo-arch" [ style="filled" , color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "CLEAN/bar-indep" [ style="filled" , color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "clean-arch" [ style="bold", color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "clean-indep" [ style="bold", color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon"] + "clean" [ style="bold", color="#E2E8C3", fontcolor="NavyBlue", fontsize=10, shape="octagon", peripheries=2] + + + "CLN-common" -> "CLN-arch" [dir=back] + "CLN-common" -> "CLN-indep" [dir=back] + "CLN-arch" -> "CLEAN/foo-arch" [dir=back] + "CLN-indep" -> "CLEAN/bar-indep" [dir=back] + "CLN-arch" -> "clean-arch" [dir=back] + "CLEAN/foo-arch" -> "clean-arch" [dir=back] + "CLN-indep" -> "clean-indep" [dir=back] + "CLEAN/bar-indep" -> "clean-indep" [dir=back] + "clean-indep" -> "clean" [dir=back] + "clean-arch" -> "clean" [dir=back] + +// "debian/stamp/dummy-config-common" -> "debian/stamp/pre-config-common" [dir=back] + "debian/stamp/dummy-config-common" -> "debian/stamp/do-pre-config-common" [dir=back] + "debian/stamp/pre-config-common" -> "debian/stamp/do-pre-config-common" [dir=back color="Red"] +// "CUSTOM-1" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-1" -> "debian/stamp/pre-config-common" [dir=back] +// "debian/stamp/do-pre-config-common" -> "debian/stamp/pre-config-arch" [dir=back] + "debian/stamp/do-pre-config-common" -> "debian/stamp/do-pre-config-arch" [dir=back] + "debian/stamp/pre-config-arch" -> "debian/stamp/do-pre-config-arch" [dir=back color="Red"] +// "CUSTOM-2" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-2" -> "debian/stamp/pre-config-arch" [dir=back] +// "debian/stamp/do-pre-config-common" -> "debian/stamp/pre-config-indep" [dir=back] + "debian/stamp/do-pre-config-common" -> "debian/stamp/do-pre-config-indep" [dir=back] + "debian/stamp/pre-config-indep" -> "debian/stamp/do-pre-config-indep" [dir=back color="Red"] +// "CUSTOM-3" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-3" -> "debian/stamp/pre-config-indep" [dir=back] +// "debian/stamp/do-pre-config-arch" -> "debian/stamp/CONFIG/foo-arch" [dir=back] +// "debian/stamp/do-pre-config-indep" -> "debian/stamp/CONFIG/bar-indep" [dir=back] +// "debian/stamp/do-pre-config-arch" -> "debian/stamp/dep-configure-arch" [dir=back] + "debian/stamp/CONFIG/foo-arch" -> "debian/stamp/dep-configure-arch" [dir=back] +// "debian/stamp/do-pre-config-indep" -> "debian/stamp/dep-configure-indep" [dir=back] + "debian/stamp/CONFIG/bar-indep" -> "debian/stamp/dep-configure-indep" [dir=back] + + "debian/stamp/do-pre-config-arch" -> "debian/stamp/do-configure-arch" [dir=back] + "debian/stamp/dep-configure-arch" -> "debian/stamp/do-configure-arch" [dir=back color="Red"] +// "CUSTOM-4" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-4" -> "debian/stamp/CONFIG/foo-arch" [dir=back] + "debian/stamp/do-pre-config-indep" -> "debian/stamp/do-configure-indep" [dir=back] + "debian/stamp/dep-configure-indep" -> "debian/stamp/do-configure-indep" [dir=back color="Red"] +// "CUSTOM-5" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-5" -> "debian/stamp/CONFIG/bar-indep" [dir=back] + "debian/stamp/do-configure-arch" -> "configure-arch" [dir=back] + "debian/stamp/do-configure-indep" -> "configure-indep" [dir=back] + "debian/stamp/do-configure-arch" -> "configure" [dir=back] + "debian/stamp/do-configure-indep" -> "configure" [dir=back] + +// "debian/stamp/do-configure-arch" -> "debian/stamp/pre-build-arch" [dir=back] + "debian/stamp/do-configure-arch" -> "debian/stamp/do-pre-build-arch" [dir=back] + "debian/stamp/pre-build-common" -> "debian/stamp/do-pre-build-arch" [dir=back color="Red"] +// "CUSTOM-6" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-6" -> "debian/stamp/pre-build-common" [dir=back] + "debian/stamp/pre-build-arch" -> "debian/stamp/do-pre-build-arch" [dir=back color="Red"] +// "CUSTOM-7" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-7" -> "debian/stamp/pre-build-arch" [dir=back] + "debian/stamp/pre-build-common" -> "debian/stamp/do-pre-build-indep" [dir=back color="Red"] + "debian/stamp/do-configure-indep" -> "debian/stamp/do-pre-build-indep" [dir=back] +// "debian/stamp/do-configure-indep" -> "debian/stamp/pre-build-indep" [dir=back] + "debian/stamp/pre-build-indep" -> "debian/stamp/do-pre-build-indep" [dir=back color="Red"] +// "CUSTOM-8" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-8" -> "debian/stamp/pre-build-indep" [dir=back] +// "debian/stamp/do-pre-build-arch" -> "debian/stamp/BUILD/foo-arch" [dir=back] +// "debian/stamp/do-pre-build-indep" -> "debian/stamp/BUILD/bar-indep" [dir=back] +// "debian/stamp/do-pre-build-arch" -> "debian/stamp/dep-build-arch" [dir=back] + "debian/stamp/BUILD/foo-arch" -> "debian/stamp/dep-build-arch" [dir=back] +// "debian/stamp/do-pre-build-indep" -> "debian/stamp/dep-build-indep" [dir=back] + "debian/stamp/BUILD/bar-indep" -> "debian/stamp/dep-build-indep" [dir=back] + "debian/stamp/do-pre-build-arch" -> "debian/stamp/do-build-arch" [dir=back] + "debian/stamp/dep-build-arch" -> "debian/stamp/do-build-arch" [dir=back color="Red"] +// "CUSTOM-9" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-9" -> "debian/stamp/BUILD/foo-arch" [dir=back] + "debian/stamp/do-pre-build-indep" -> "debian/stamp/do-build-indep" [dir=back] + "debian/stamp/dep-build-indep" -> "debian/stamp/do-build-indep" [dir=back color="Red"] +// "CUSTOM-10" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-10" -> "debian/stamp/BUILD/bar-indep" [dir=back] + "debian/stamp/do-build-arch" -> "build-arch" [dir=back] + "debian/stamp/do-build-indep" -> "build-indep" [dir=back] + "debian/stamp/do-build-arch" -> "build" [dir=back] + "debian/stamp/do-build-indep" -> "build" [dir=back] +// "debian/stamp/do-build-arch" -> "debian/stamp/post-build-arch" [dir=back] + "debian/stamp/do-build-arch" -> "debian/stamp/do-post-build-arch" [dir=back] + "debian/stamp/do-build-indep" -> "debian/stamp/do-post-build-indep" [dir=back] + "debian/stamp/post-build-arch" -> "debian/stamp/do-post-build-arch" [dir=back color="Red"] +// "CUSTOM-11" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-11" -> "debian/stamp/post-build-arch" [dir=back] + "debian/stamp/post-build-indep" -> "debian/stamp/do-post-build-indep" [dir=back color="Red"] +// "CUSTOM-12" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-12" -> "debian/stamp/post-build-indep" [dir=back] +// "debian/stamp/do-post-build-arch" -> "debian/stamp/pre-inst-arch" [dir=back] + "debian/stamp/pre-inst-common" -> "debian/stamp/do-pre-inst-arch" [dir=back color="Red"] +// "CUSTOM-13" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-13" -> "debian/stamp/pre-inst-common" [dir=back] + "debian/stamp/do-post-build-arch" -> "debian/stamp/do-pre-inst-arch" [dir=back] + "debian/stamp/pre-inst-arch" -> "debian/stamp/do-pre-inst-arch" [dir=back color="Red"] +// "CUSTOM-14" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-14" -> "debian/stamp/pre-inst-arch" [dir=back] +// "debian/stamp/do-post-build-indep" -> "debian/stamp/pre-inst-indep" [dir=back] + "debian/stamp/pre-inst-common" -> "debian/stamp/do-pre-inst-indep" [dir=back color="Red"] + "debian/stamp/do-post-build-indep" -> "debian/stamp/do-pre-inst-indep" [dir=back] + "debian/stamp/pre-inst-indep" -> "debian/stamp/do-pre-inst-indep" [dir=back color="Red"] +// "CUSTOM-15" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-15" -> "debian/stamp/pre-inst-indep" [dir=back] +// "debian/stamp/do-pre-inst-arch" -> "debian/stamp/INST/foo-arch" [dir=back] +// "debian/stamp/do-pre-inst-indep" -> "debian/stamp/INST/bar-indep" [dir=back] +// "debian/stamp/do-pre-inst-arch" -> "debian/stamp/dep-install-arch" [dir=back] + "debian/stamp/INST/foo-arch" -> "debian/stamp/dep-install-arch" [dir=back] +// "debian/stamp/do-pre-inst-indep" -> "debian/stamp/dep-install-indep" [dir=back] + "debian/stamp/INST/bar-indep" -> "debian/stamp/dep-install-indep" [dir=back] + "debian/stamp/do-pre-inst-arch" -> "debian/stamp/do-install-arch" [dir=back] + "debian/stamp/dep-install-arch" -> "debian/stamp/do-install-arch" [dir=back color="Red"] +// "CUSTOM-16" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-16" -> "debian/stamp/INST/foo-arch" [dir=back] + "debian/stamp/do-pre-inst-indep" -> "debian/stamp/do-install-indep" [dir=back] + "debian/stamp/dep-install-indep" -> "debian/stamp/do-install-indep" [dir=back color="Red"] +// "CUSTOM-17" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-17" -> "debian/stamp/INST/bar-indep" [dir=back] + "debian/stamp/do-install-arch" -> "install-arch" [dir=back] + "debian/stamp/do-install-indep" -> "install-indep" [dir=back] + "debian/stamp/do-install-arch" -> "install" [dir=back] + "debian/stamp/do-install-indep" -> "install" [dir=back] +// "debian/stamp/do-install-arch" -> "debian/stamp/pre-bin-arch" [dir=back] + "debian/stamp/do-install-arch" -> "debian/stamp/do-pre-bin-arch" [dir=back] + "debian/stamp/pre-bin-common" -> "debian/stamp/do-pre-bin-arch" [dir=back color="Red"] +// "CUSTOM-18" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-18" -> "debian/stamp/pre-bin-common" [dir=back] + "debian/stamp/pre-bin-arch" -> "debian/stamp/do-pre-bin-arch" [dir=back color="Red"] +// "CUSTOM-19" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-19" -> "debian/stamp/pre-bin-arch" [dir=back] +// "debian/stamp/do-install-indep" -> "debian/stamp/pre-bin-indep" [dir=back] + "debian/stamp/pre-bin-common" -> "debian/stamp/do-pre-bin-indep" [dir=back color="Red"] + "debian/stamp/do-install-indep" -> "debian/stamp/do-pre-bin-indep" [dir=back] + "debian/stamp/pre-bin-indep" -> "debian/stamp/do-pre-bin-indep" [dir=back color="Red"] +// "CUSTOM-20" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-20" -> "debian/stamp/pre-bin-indep" [dir=back] +// "debian/stamp/do-pre-bin-arch" -> "debian/stamp/BIN/foo-arch" [dir=back] +// "debian/stamp/do-pre-bin-indep" -> "debian/stamp/BIN/bar-indep" [dir=back] +// "debian/stamp/pre-bin-arch" -> "debian/stamp/dep-binary-arch" [dir=back] + "debian/stamp/BIN/foo-arch" -> "debian/stamp/dep-binary-arch" [dir=back] +// "debian/stamp/do-pre-bin-indep" -> "debian/stamp/dep-binary-indep" [dir=back] + "debian/stamp/BIN/bar-indep" -> "debian/stamp/dep-binary-indep" [dir=back] + "debian/stamp/do-pre-bin-arch" -> "debian/stamp/do-binary-arch" [dir=back] + "debian/stamp/dep-binary-arch" -> "debian/stamp/do-binary-arch" [dir=back color="Red"] +// "CUSTOM-21" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-21" -> "debian/stamp/BIN/foo-arch" [dir=back] + "debian/stamp/do-pre-bin-indep" -> "debian/stamp/do-binary-indep" [dir=back] + "debian/stamp/dep-binary-indep" -> "debian/stamp/do-binary-indep" [dir=back color="Red"] +// "CUSTOM-22" [ style="filled", color="#FFE4B5", fontcolor="NavyBlue", fontsize=10, shape="diamond"] +// "CUSTOM-22" -> "debian/stamp/BIN/bar-indep" [dir=back] + "debian/stamp/do-binary-arch" -> "binary-arch" [dir=back] + "debian/stamp/do-binary-indep" -> "binary-indep" [dir=back] + "debian/stamp/do-binary-arch" -> "binary" [dir=back] + "debian/stamp/do-binary-indep" -> "binary" [dir=back] + + + "debian/stamp/dummy-config-common" -> "debian/stamp/pre-config-common" [style="invis"] + "debian/stamp/do-pre-config-common" -> "debian/stamp/pre-config-arch" [style="invis"] + "debian/stamp/do-pre-config-common" -> "debian/stamp/pre-config-indep" [style="invis"] + "debian/stamp/do-pre-config-arch" -> "debian/stamp/CONFIG/foo-arch" [style="invis"] + "debian/stamp/do-pre-config-indep" -> "debian/stamp/CONFIG/bar-indep" [style="invis"] + + "debian/stamp/dep-configure-arch" -> "configure" [style="invis"] + "debian/stamp/dep-configure-indep" -> "configure" [style="invis"] + "debian/stamp/dep-configure-arch" -> "configure-arch" [style="invis"] + "debian/stamp/dep-configure-indep" -> "configure-arch" [style="invis"] + "debian/stamp/dep-configure-arch" -> "configure-indep" [style="invis"] + "debian/stamp/dep-configure-indep" -> "configure-indep" [style="invis"] + "configure-arch" -> "configure" [style="invis"] + "configure-indep" -> "configure" [style="invis"] + "configure" -> "debian/stamp/pre-build-common" [style="invis"] + + + "debian/stamp/pre-build-common" -> "debian/stamp/pre-build-indep" [style="invis"] + "debian/stamp/pre-build-common" -> "debian/stamp/pre-build-arch" [style="invis"] + + "debian/stamp/do-pre-build-arch" -> "debian/stamp/BUILD/foo-arch" [style="invis"] + "debian/stamp/do-pre-build-indep" -> "debian/stamp/BUILD/bar-indep" [style="invis"] + "debian/stamp/do-build-arch" -> "debian/stamp/post-build-arch" [style="invis"] + "debian/stamp/do-build-indep" -> "debian/stamp/post-build-indep" [style="invis"] + "debian/stamp/do-post-build-arch" -> "build-arch" [style="invis"] + "debian/stamp/do-post-build-arch" -> "build" [style="invis"] + "debian/stamp/do-post-build-indep" -> "build-indep" [style="invis"] + "debian/stamp/do-post-build-indep" -> "build" [style="invis"] + "build-arch" -> "build" [style="invis"] + "build-indep" -> "build" [style="invis"] + + "build" -> "debian/stamp/pre-inst-common" [style="invis"] + + "debian/stamp/pre-inst-common" -> "debian/stamp/pre-inst-indep" [style="invis"] + "debian/stamp/pre-inst-common" -> "debian/stamp/pre-inst-arch" [style="invis"] + "debian/stamp/do-pre-inst-arch" -> "debian/stamp/INST/foo-arch" [style="invis"] + "debian/stamp/do-pre-inst-indep" -> "debian/stamp/INST/bar-indep" [style="invis"] + + "install-arch" -> "install" [style="invis"] + "install-indep" -> "install" [style="invis"] + + "debian/stamp/pre-bin-common" -> "debian/stamp/pre-bin-indep" [style="invis"] + "debian/stamp/pre-bin-common" -> "debian/stamp/pre-bin-arch" [style="invis"] + + "install" -> "debian/stamp/pre-bin-common" [style="invis"] + "debian/stamp/do-pre-bin-arch" -> "debian/stamp/BIN/foo-arch" [style="invis"] + "debian/stamp/do-pre-bin-indep" -> "debian/stamp/BIN/bar-indep" [style="invis"] + + "binary-arch" -> "binary" [style="invis"] + "binary-indep" -> "binary" [style="invis"] + +} --- libsepol-2.0.30.orig/debian/common/ChangeLog +++ libsepol-2.0.30/debian/common/ChangeLog @@ -0,0 +1,59 @@ +2008-02-06 Manoj Srivastava + + * copt.mk: + srivasta@debian.org--lenny/skeleton-make-rules--main--0.1--patch-4 + The cross building support in Debian has been rewritten + to stop overriding the CC variable to $(MAKE) in order + to correctly support those packages that build internal + tools with the native compiler during the build. This + means that other packages that assume that CC will be + overridden by the cross-compiling build scripts now fail + to build. The patch is simply to set CC to + $(DEB_HOST_GNU_TYPE)-gcc only if a cross-build is + detected. + +2007-10-09 Manoj Srivastava + + * targets.mk: + srivasta@debian.org--lenny/skeleton-make-rules--main--0.1--patch-1 + fix dependency tree for targets, allow parralel + compilatoin. Many changes, thanks to dot. + +2007-09-20 Manoj Srivastava + + * targets.mk (stamp-clean): + srivasta@debian.org--lenny/skeleton-make-rules--main--0.1--base-0 + make clean not remove zero sized files. removed the part + that cleaned out zero sized files; since there are uses + for zero sized files (like, to nuke out files in + upstream sources and not inflate the diff. Any zero + sized files can still be nuked in the local.mk file. + +2006-10-02 Manoj Srivastava + + * checklibs: + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-15 + New file, to detect if there are unneeded library + dependencies + +2006-10-01 Manoj Srivastava + + * archvars.mk (doit): + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-14 + Add a macro to execute $(shell ...) macos verbosely to + help debugging. + +2006-09-15 Manoj Srivastava + + * targets.mk (stamp-clean): + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-13 + Exclude version control directories from the generic + clean command. + + +2006-08-23 Manoj Srivastava + + * pkgvars.mk (DEB_DISTRIBUTION): + srivasta@debian.org--etch/skeleton-make-rules--main--0.1--patch-6 + Add variable that contains the distribution information + --- libsepol-2.0.30.orig/debian/common/targets.mk +++ libsepol-2.0.30/debian/common/targets.mk @@ -0,0 +1,525 @@ +############################ -*- Mode: Makefile -*- ########################### +## targets.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 01:10:05 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Sat Apr 26 22:33:09 2008 +## Last Machine Used: anzu.internal.golden-gryphon.com +## Update Count : 131 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : The top level targets mandated by policy, as well as +## their dependencies. +## +## arch-tag: a81086a7-00f7-4355-ac56-8f38396935f4 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +## +############################################################################### + +####################################################################### +####################################################################### +############### Miscellaneous ############### +####################################################################### +####################################################################### +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +define TESTROOT + @test $$(id -u) = 0 || (echo need root priviledges; exit 1) +endef + +testroot: + $(TESTROOT) + +checkpo: + $(CHECKPO) + +# arch-buildpackage likes to call this +prebuild: + +# OK. We have two sets of rules here, one for arch dependent packages, +# and one for arch independent packages. We have already calculated a +# list of each of these packages. + +# In each set, we may need to do things in five steps: configure, +# build, install, package, and clean. Now, there can be a common +# actions to be taken for all the packages, all arch dependent +# packages, all all independent packages, and each package +# individually at each stage. + +########################################################################### +# The current code does a number of things: It ensures that the highest # +# dependency at any stage (usually the -Common target) depends on the # +# stamp-STAGE of the previous stage; so no work on a succeeding stage can # +# start before the previous stage is all done. # +########################################################################### + +################################################################################# +# In the following, the do_* targets make sure all the real non-generic work is # +# done, but are not in the direct line of dependencies. This makes sure # +# that previous step in the order is all up to date before any of the per # +# package target dependencies are run. # +################################################################################# + + +####################################################################### +####################################################################### +############### Configuration ############### +####################################################################### +####################################################################### +# Just a dummy target to make sure that the stamp directory exists +debian/stamp/dummy-config-common: + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +# Configuration tasks common to arch and arch indep packages go here +debian/stamp/pre-config-common: debian/stamp/dummy-config-common + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +# Do not add dependencies to this rule +debian/stamp/do-pre-config-common: debian/stamp/dummy-config-common + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/pre-config-common + @echo done > $@ + +# Arch specific and arch independent tasks go here +debian/stamp/pre-config-arch: debian/stamp/do-pre-config-common + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +# Do not add dependencies to this rule +debian/stamp/do-pre-config-arch: debian/stamp/do-pre-config-common + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/pre-config-arch + @echo done > $@ + + +debian/stamp/pre-config-indep: debian/stamp/do-pre-config-common + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +# Do not add dependencies to this rule +debian/stamp/do-pre-config-indep: debian/stamp/do-pre-config-common + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/pre-config-indep + @echo done > $@ + +# Per package work happens as an added dependency of this rule. +$(patsubst %,debian/stamp/CONFIG/%,$(DEB_ARCH_PACKAGES)) : debian/stamp/CONFIG/% : debian/stamp/do-pre-config-arch + $(REASON) + $(checkdir) + @test -d debian/stamp/CONFIG || mkdir -p debian/stamp/CONFIG + @echo done > $@ +$(patsubst %,debian/stamp/CONFIG/%,$(DEB_INDEP_PACKAGES)) : debian/stamp/CONFIG/% : debian/stamp/do-pre-config-indep + $(REASON) + $(checkdir) + @test -d debian/stamp/CONFIG || mkdir debian/stamp/CONFIG + @echo done > $@ + +# Do not add dependencies to this rule +debian/stamp/dep-configure-arch: debian/stamp/do-pre-config-arch $(patsubst %,debian/stamp/CONFIG/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +# Do not add dependencies to this rule +debian/stamp/dep-configure-indep: debian/stamp/do-pre-config-indep $(patsubst %,debian/stamp/CONFIG/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +debian/stamp/do-configure-arch: debian/stamp/do-pre-config-arch + $(REASON) + @test -d debian/stamp/CONFIG || mkdir debian/stamp/CONFIG + $(MAKE) -f debian/rules debian/stamp/dep-configure-arch + @echo done > $@ +debian/stamp/do-configure-indep: debian/stamp/do-pre-config-indep + $(REASON) + @test -d debian/stamp/CONFIG || mkdir debian/stamp/CONFIG + $(MAKE) -f debian/rules debian/stamp/dep-configure-indep + @echo done > $@ + +# These three targets are required by policy +configure-arch: debian/stamp/do-configure-arch + $(REASON) +configure-indep: debian/stamp/do-configure-indep + $(REASON) +configure: debian/stamp/do-configure-arch debian/stamp/do-configure-indep + $(REASON) + +####################################################################### +####################################################################### +############### Build ############### +####################################################################### +####################################################################### +# tasks common to arch and arch indep packages go here +debian/stamp/pre-build-common: + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +# Arch specific and arch independent tasks go here +debian/stamp/pre-build-arch: debian/stamp/do-configure-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-pre-build-arch: debian/stamp/do-configure-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @test -e debian/stamp/pre-build-common || $(MAKE) -f debian/rules debian/stamp/pre-build-common + $(MAKE) -f debian/rules debian/stamp/pre-build-arch + @echo done > $@ + +debian/stamp/pre-build-indep: debian/stamp/do-configure-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-pre-build-indep: debian/stamp/do-configure-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @test -e debian/stamp/pre-build-common || $(MAKE) -f debian/rules debian/stamp/pre-build-common + $(MAKE) -f debian/rules debian/stamp/pre-build-indep + @echo done > $@ + +# Per package work happens as an added dependency of this rule. +$(patsubst %,debian/stamp/BUILD/%,$(DEB_ARCH_PACKAGES)) : debian/stamp/BUILD/% : debian/stamp/do-pre-build-arch + $(REASON) + $(checkdir) + @test -d debian/stamp/BUILD || mkdir -p debian/stamp/BUILD + @echo done > $@ + +$(patsubst %,debian/stamp/BUILD/%,$(DEB_INDEP_PACKAGES)) : debian/stamp/BUILD/% : debian/stamp/do-pre-build-indep + $(REASON) + $(checkdir) + @test -d debian/stamp/BUILD || mkdir -p debian/stamp/BUILD + @echo done > $@ + +# These do targeta make sure all the per package configuration is +# done, but is not in the direct line of dependencies. This makes sure +# that pre-config targets are all up to date before any of the per +# package target dependencies are run. +debian/stamp/dep-build-arch: debian/stamp/do-pre-build-arch $(patsubst %,debian/stamp/BUILD/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +debian/stamp/dep-build-indep: debian/stamp/do-pre-build-indep $(patsubst %,debian/stamp/BUILD/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +debian/stamp/do-build-arch: debian/stamp/do-pre-build-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir -p debian/stamp + $(MAKE) -f debian/rules debian/stamp/dep-build-arch + @echo done > $@ +debian/stamp/do-build-indep: debian/stamp/do-pre-build-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir -p debian/stamp + $(MAKE) -f debian/rules debian/stamp/dep-build-indep + @echo done > $@ + +# required +build-arch: debian/stamp/do-build-arch + $(REASON) +build-indep: debian/stamp/do-build-indep + $(REASON) +build: debian/stamp/do-build-arch debian/stamp/do-build-indep + $(REASON) + +# Work here +debian/stamp/post-build-arch: debian/stamp/do-build-arch + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-post-build-arch: debian/stamp/do-build-arch + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/post-build-arch + @echo done > $@ + +debian/stamp/post-build-indep: debian/stamp/do-build-indep + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-post-build-indep: debian/stamp/do-build-indep + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/post-build-indep + @echo done > $@ + +####################################################################### +####################################################################### +############### Install ############### +####################################################################### +####################################################################### +# tasks common to arch and arch indep packages go here +debian/stamp/pre-inst-common: + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +# Arch specific and arch independent tasks go here +debian/stamp/pre-inst-arch: debian/stamp/do-post-build-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-pre-inst-arch: debian/stamp/do-post-build-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @test -e debian/stamp/INST-common || $(MAKE) -f debian/rules debian/stamp/pre-inst-common + $(MAKE) -f debian/rules debian/stamp/pre-inst-arch + @echo done > $@ + +debian/stamp/pre-inst-indep: debian/stamp/do-post-build-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-pre-inst-indep: debian/stamp/do-post-build-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @test -e debian/stamp/INST-common || $(MAKE) -f debian/rules debian/stamp/pre-inst-common + $(MAKE) -f debian/rules debian/stamp/pre-inst-indep + @echo done > $@ + + +# Per package work happens as an added dependency of this rule +$(patsubst %,debian/stamp/INST/%,$(DEB_ARCH_PACKAGES)) : debian/stamp/INST/% : debian/stamp/do-pre-inst-arch + $(REASON) + $(checkdir) + @test -d debian/stamp/INST || mkdir debian/stamp/INST + @echo done > $@ +$(patsubst %,debian/stamp/INST/%,$(DEB_INDEP_PACKAGES)) : debian/stamp/INST/% : debian/stamp/do-pre-inst-indep + $(REASON) + $(checkdir) + @test -d debian/stamp/INST || mkdir debian/stamp/INST + @echo done > $@ + +# These do targeta make sure all the per package configuration is +# done, but is not in the direct line of dependencies. This makes sure +# that pre-config targets are all up to date before any of the per +# package target dependencies are run. +debian/stamp/dep-install-arch: debian/stamp/do-pre-inst-arch $(patsubst %,debian/stamp/INST/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +debian/stamp/dep-install-indep: debian/stamp/do-pre-inst-indep $(patsubst %,debian/stamp/INST/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + + +debian/stamp/do-install-arch: debian/stamp/do-pre-inst-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/dep-install-arch + @echo done > $@ +debian/stamp/do-install-indep: debian/stamp/do-pre-inst-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/dep-install-indep + @echo done > $@ + +#required +install-arch: debian/stamp/do-install-arch + $(REASON) + $(TESTROOT) +install-indep: debian/stamp/do-install-indep + $(REASON) + $(TESTROOT) +install: debian/stamp/do-install-arch debian/stamp/do-install-indep + $(REASON) + $(TESTROOT) + +####################################################################### +####################################################################### +############### Package ############### +####################################################################### +####################################################################### +# tasks common to arch and arch indep packages go here +debian/stamp/pre-bin-common: + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +# Arch specific and arch independent tasks go here +debian/stamp/pre-bin-arch: debian/stamp/do-install-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-pre-bin-arch: debian/stamp/do-install-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @test -e debian/stamp/BIN-common || $(MAKE) -f debian/rules debian/stamp/pre-bin-common + $(MAKE) -f debian/rules debian/stamp/pre-bin-arch + @echo done > $@ + +debian/stamp/pre-bin-indep: debian/stamp/do-install-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ +debian/stamp/do-pre-bin-indep: debian/stamp/do-install-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + @test -e debian/stamp/BIN-common || $(MAKE) -f debian/rules debian/stamp/pre-bin-common + $(MAKE) -f debian/rules debian/stamp/pre-bin-indep + @echo done > $@ + +# Per package work happens as an added dependency of this rule +$(patsubst %,debian/stamp/BIN/%,$(DEB_ARCH_PACKAGES)) : debian/stamp/BIN/% : debian/stamp/do-pre-bin-arch + $(REASON) + $(checkdir) + @test -d debian/stamp/BIN || mkdir debian/stamp/BIN + @echo done > $@ + +$(patsubst %,debian/stamp/BIN/%,$(DEB_INDEP_PACKAGES)) : debian/stamp/BIN/% : debian/stamp/do-pre-bin-indep + $(REASON) + $(checkdir) + @test -d debian/stamp/BIN || mkdir debian/stamp/BIN + @echo done > $@ + +# These do targeta make sure all the per package work is done, but is +# not in the direct line of dependencies. This makes sure that +# pre-config targets are all up to date before any of the per package +# target dependencies are run. +debian/stamp/dep-binary-arch: debian/stamp/pre-bin-arch $(patsubst %,debian/stamp/BIN/%,$(DEB_ARCH_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +debian/stamp/dep-binary-indep: debian/stamp/pre-bin-indep $(patsubst %,debian/stamp/BIN/%,$(DEB_INDEP_PACKAGES)) + $(REASON) + @test -d debian/stamp || mkdir debian/stamp + @echo done > $@ + +debian/stamp/do-binary-arch: debian/stamp/do-pre-bin-arch + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/dep-binary-arch + @echo done > $@ +debian/stamp/do-binary-indep: debian/stamp/do-pre-bin-indep + $(REASON) + $(checkdir) + @test -d debian/stamp || mkdir debian/stamp + $(MAKE) -f debian/rules debian/stamp/dep-binary-indep + @echo done > $@ +# required +binary-arch: debian/stamp/do-binary-arch + $(REASON) + $(TESTROOT) +binary-indep: debian/stamp/do-binary-indep + $(REASON) + $(TESTROOT) +binary: debian/stamp/do-binary-arch debian/stamp/do-binary-indep + $(REASON) + $(TESTROOT) + @echo arch package = $(DEB_ARCH_PACKAGES) + @echo indep packages = $(DEB_INDEP_PACKAGES) + +####################################################################### +####################################################################### +############### Clean ############### +####################################################################### +####################################################################### +# Work here +CLN-common:: + $(REASON) + $(checkdir) + +# sync Work here +CLN-arch:: CLN-common + $(REASON) + $(checkdir) +CLN-indep:: CLN-common + $(REASON) + $(checkdir) +# Work here +$(patsubst %,CLEAN/%,$(DEB_ARCH_PACKAGES)) :: CLEAN/% : CLN-arch + $(REASON) + $(checkdir) +$(patsubst %,CLEAN/%,$(DEB_INDEP_PACKAGES)) :: CLEAN/% : CLN-indep + $(REASON) + $(checkdir) + +clean-arch: CLN-arch $(patsubst %,CLEAN/%,$(DEB_ARCH_PACKAGES)) + $(REASON) +clean-indep: CLN-indep $(patsubst %,CLEAN/%,$(DEB_INDEP_PACKAGES)) + $(REASON) +clean: clean-indep clean-arch + $(REASON) + -test -f Makefile && $(MAKE) distclean + -rm -f $(FILES_TO_CLEAN) $(STAMPS_TO_CLEAN) + -rm -rf $(DIRS_TO_CLEAN) debian/stamp + -rm -f core TAGS \ + `find . ! -regex '.*/\.git/.*' ! -regex '.*/\{arch\}/.*' \ + ! -regex '.*/CVS/.*' ! -regex '.*/\.arch-ids/.*' \ + ! -regex '.*/\.svn/.*' \ + \( -name '*.orig' -o -name '*.rej' -o -name '*~' -o \ + -name '*.bak' -o -name '#*#' -o -name '.*.orig' -o \ + -name '.*.rej' -o -name '.SUMS' \) \ + -print` + + +####################################################################### +####################################################################### +############### ############### +####################################################################### +####################################################################### +.PHONY: configure-arch configure-indep configure \ + build-arch build-indep build \ + install-arch install-indep install \ + binary-arch binary-indep binary \ + CLN-common CLN-indep CLN-arch clean-arch clean-indep clean \ + $(patsubst %,CLEAN/%, $(DEB_INDEP_PACKAGES)) $(patsubst %,CLEAN/%, $(DEB_ARCH_PACKAGES)) \ + implode explode prebuild checkpo + + +#Local variables: +#mode: makefile +#End: --- libsepol-2.0.30.orig/debian/common/pkgvars.mk +++ libsepol-2.0.30/debian/common/pkgvars.mk @@ -0,0 +1,94 @@ +############################ -*- Mode: Makefile -*- ########################### +## pkgvars.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.green-gryphon.com ) +## Created On : Sat Nov 15 02:56:30 2003 +## Created On Node : glaurung.green-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Thu Jun 15 12:05:46 2006 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 11 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : This is what allows us toseparate out the top level +## targets, by determining which packages needto be built. +## +## arch-tag: 75fcc720-7389-4eaa-a7ac-c556d3eac331 +## +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +## +############################################################################### + +# The maintainer information. +maintainer := $(shell LC_ALL=C dpkg-parsechangelog | grep ^Maintainer: | \ + sed 's/^Maintainer: *//') +email := srivasta@debian.org + +# Priority of this version (or urgency, as dchanges would call it) +urgency := $(shell LC_ALL=C dpkg-parsechangelog | grep ^Urgency: | \ + sed 's/^Urgency: *//') + +# Common useful variables +DEB_SOURCE_PACKAGE := $(strip $(shell egrep '^Source: ' debian/control | \ + cut -f 2 -d ':')) +DEB_VERSION := $(strip $(shell LC_ALL=C dpkg-parsechangelog | \ + egrep '^Version:' | cut -f 2 -d ' ')) +DEB_ISNATIVE := $(strip $(shell LC_ALL=C dpkg-parsechangelog | \ + perl -ne 'print if (m/^Version:/g && ! m/^Version:.*\-/);')) +DEB_DISTRIBUTION := $(strip $(shell LC_ALL=C dpkg-parsechangelog | \ + egrep '^Distribution:' | cut -f 2 -d ' ')) + +DEB_PACKAGES := $(shell perl -e ' \ + $$/=""; \ + while(<>){ \ + $$p=$$1 if m/^Package:\s*(\S+)/; \ + die "duplicate package $$p" if $$seen{$$p}; \ + $$seen{$$p}++; print "$$p " if $$p; \ + }' debian/control ) + +DEB_INDEP_PACKAGES := $(shell perl -e ' \ + $$/=""; \ + while(<>){ \ + $$p=$$1 if m/^Package:\s*(\S+)/; \ + die "duplicate package $$p" if $$seen{$$p}; \ + $$seen{$$p}++; \ + $$a=$$1 if m/^Architecture:\s*(\S+)/m; \ + next unless ($$a eq "all"); \ + print "$$p " if $$p; \ + }' debian/control ) + +DEB_ARCH_PACKAGES := $(shell perl -e ' \ + $$/=""; \ + while(<>){ \ + $$p=$$1 if m/^Package:\s*(\S+)/; \ + die "duplicate package $$p" if $$seen{$$p}; \ + $$seen{$$p}++; \ + $$c=""; \ + if (/^Architecture:\s*(.*?)\s*$$/sm) { \ + @a = split /\s+/, $$1 }; \ + for my $$b (@a) { \ + next unless ($$b eq "$(DEB_HOST_ARCH)" || \ + $$b eq "any"); \ + $$c="$$p"; \ + } \ + print "$$c " if $$c; \ + }' debian/control ) + +# This package is what we get after removing the psuedo dirs we use in rules +package = $(notdir $@) + +#Local variables: +#mode: makefile +#End: --- libsepol-2.0.30.orig/debian/common/checklibs +++ libsepol-2.0.30/debian/common/checklibs @@ -0,0 +1,74 @@ +#! /bin/sh +# -*- Mode: Sh -*- +# checklibs.sh --- +# Author : Manoj Srivastava ( srivasta@glaurung.internal.golden-gryphon.com ) +# Created On : Fri Sep 29 15:36:22 2006 +# Created On Node : glaurung.internal.golden-gryphon.com +# Last Modified By : Manoj Srivastava +# Last Modified On : Fri Sep 29 22:53:27 2006 +# Last Machine Used: glaurung.internal.golden-gryphon.com +# Update Count : 43 +# Status : Unknown, Use with caution! +# HISTORY : +# Description : +# +# arch-tag: 8ba11489-77fa-45a0-92c4-9c5b162ee119 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +# Make sure we abort on error +set -e +progname="$(basename \"$0\")" + +trap 'rm -f search_patterns.txt;' ALRM HUP INT PIPE TERM ABRT FPE BUS QUIT SEGV ILL EXIT + +# Find all undefined symbols in all ELF objects in this tree +readelf -s -D -W $(find . -type f -print0 | xargs -0r file | grep " ELF" | \ + awk '{print $1}' | sed -e 's/:$//') | grep UND | grep -v LOCAL | + perl -ple 's/.*\s(\S+)\s*$/\^$1\$/g' | sort -u > search_patterns.txt; + +# Find all the libraries needed in this tree +objdump -T --private-headers $(find . -type f -print0 | xargs -0r file | grep " ELF" | \ + awk '{print $1}' | sed -e 's/:$//') | grep NEEDED | sort -u | awk '{print $2}' | + while read lib; do + # For each library, see where it lives o the file system + LIB= + for library_dir in "/lib" "/usr/lib" $EXTRA_LIBRARY_PATHS; do + if [ -e "$library_dir/$lib" ]; then + LIB="$library_dir/$lib"; + break + fi + done + if [ -z "$LIB" ]; then + echo >&2 "Can't find $lib" + continue + fi + # If we fond the library, find what symbols it defines, and if these symbols + # are some that we need + if readelf -s -D -W $LIB | grep -v UND | perl -ple 's/.*\s(\S+)\s*$/$1/g' | \ + sort -u | grep -q -f search_patterns.txt ; then + # Library provides at least some symbols we need + if [ -n "$DEBUG" ]; then echo "Found $LIB"; fi + else + # Library does not provide any symbols we need + echo "$LIB" ; + fi +done + +# Get rid of the intermediate file +rm -f search_patterns.txt; +exit 0 + --- libsepol-2.0.30.orig/debian/common/install_cmds.mk +++ libsepol-2.0.30/debian/common/install_cmds.mk @@ -0,0 +1,54 @@ +######################### -*- Mode: Makefile-Gmake -*- ######################## +## install_cmds.mk --- +## Author : Manoj Srivastava ( srivasta@glaurung.internal.golden-gryphon.com ) +## Created On : Fri Jun 16 14:40:20 2006 +## Created On Node : glaurung.internal.golden-gryphon.com +## Last Modified By : Manoj Srivastava +## Last Modified On : Wed Sep 6 11:43:05 2006 +## Last Machine Used: glaurung.internal.golden-gryphon.com +## Update Count : 9 +## Status : Unknown, Use with caution! +## HISTORY : +## Description : +## +## arch-tag: a38b6a93-2539-4034-9060-ae94d5c8a071 +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; either version 2 of the License, or +## (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +## +############################################################################### + +# install commands +install_file = install -p -o root -g root -m 644 +install_script = install -p -o root -g root -m 755 +install_program= install -p -o root -g root -m 755 +make_directory = install -p -d -o root -g root -m 755 + +define create_md5sum + create_md5sums_fn () { \ + cd $$1 ; \ + find . -type f \ + ! -regex './DEBIAN/.*' \ + ! -regex './etc/.*' $(EXTRA_MD5SUM_EXCLUDE) \ + -printf '%P\0' | xargs -r0 md5sum > DEBIAN/md5sums ; \ + if [ -z "DEBIAN/md5sums" ] ; then \ + rm -f "DEBIAN/md5sums" ; \ + fi ; \ + } ; \ + create_md5sums_fn +endef + +#Local variables: +#mode: makefile +#End: --- libsepol-2.0.30.orig/src/link.c +++ libsepol-2.0.30/src/link.c @@ -540,6 +540,7 @@ char *id = key, *new_id = NULL; cond_bool_datum_t *booldatum, *base_bool, *new_bool = NULL; link_state_t *state = (link_state_t *) data; + scope_datum_t *scope; booldatum = (cond_bool_datum_t *) datum; @@ -556,7 +557,6 @@ (cond_bool_datum_t *) malloc(sizeof(*new_bool))) == NULL) { goto cleanup; } - new_bool->state = booldatum->state; new_bool->s.value = state->base->p_bools.nprim + 1; ret = hashtab_insert(state->base->p_bools.table, @@ -570,6 +570,14 @@ } + /* Get the scope info for this boolean to see if this is the declaration, + * if so set the state */ + scope = hashtab_search(state->cur->policy->p_bools_scope.table, id); + if (!scope) + return SEPOL_ERR; + if (scope->scope == SCOPE_DECL) + base_bool->state = booldatum->state; + state->cur->map[SYM_BOOLS][booldatum->s.value - 1] = base_bool->s.value; return 0; --- libsepol-2.0.30.orig/src/Makefile +++ libsepol-2.0.30/src/Makefile @@ -1,19 +1,22 @@ # Installation directories. -PREFIX ?= $(DESTDIR)/usr +PREFIX ?= /usr +INCDIR ?= $(PREFIX)/include LIBDIR ?= $(PREFIX)/lib SHLIBDIR ?= $(DESTDIR)/lib +VERSION = $(shell cat ../VERSION) LIBVERSION = 1 LIBA=libsepol.a TARGET=libsepol.so +LIBPC=libsepol.pc LIBSO=$(TARGET).$(LIBVERSION) OBJS= $(patsubst %.c,%.o,$(wildcard *.c)) LOBJS= $(patsubst %.c,%.lo,$(wildcard *.c)) CFLAGS ?= -Werror -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute override CFLAGS += -I. -I../include -D_GNU_SOURCE -all: $(LIBA) $(LIBSO) +all: $(LIBA) $(LIBSO) $(LIBPC) $(LIBA): $(OBJS) $(AR) rcs $@ $^ @@ -23,6 +26,9 @@ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -Wl,-soname,$(LIBSO),--version-script=libsepol.map,-z,defs ln -sf $@ $(TARGET) +$(LIBPC): $(LIBPC).in + sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCDIR):' < $< > $@ + %.o: %.c $(CC) $(CFLAGS) -fPIC -c -o $@ $< @@ -30,17 +36,19 @@ $(CC) $(CFLAGS) -fPIC -DSHARED -c -o $@ $< install: all - test -d $(LIBDIR) || install -m 755 -d $(LIBDIR) - install -m 644 $(LIBA) $(LIBDIR) + test -d $(DESTDIR)$(LIBDIR) || install -m 755 -d $(DESTDIR)$(LIBDIR) + install -m 644 $(LIBA) $(DESTDIR)$(LIBDIR) + test -d $(DESTDIR)$(LIBDIR)/pkgconfig || install -m 755 -d $(DESTDIR)$(LIBDIR)/pkgconfig + install -m 644 $(LIBPC) $(DESTDIR)$(LIBDIR)/pkgconfig test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR) install -m 755 $(LIBSO) $(SHLIBDIR) - cd $(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET) + cd $(DESTDIR)$(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET) relabel: /sbin/restorecon $(SHLIBDIR)/$(LIBSO) clean: - -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(TARGET) + -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(TARGET) $(LIBPC) indent: ../../scripts/Lindent $(wildcard *.[ch]) --- libsepol-2.0.30.orig/src/libsepol.pc.in +++ libsepol-2.0.30/src/libsepol.pc.in @@ -0,0 +1,12 @@ +prefix=@prefix@ +exec_prefix=${prefix} +libdir=${exec_prefix}/lib +includedir=@includedir@ + +Name: libsepol +Description: Security Enhanced Linux policy library +Version: @VERSION@ +URL: http://www.nsa.gov/selinux/ +Libs: -L${libdir} -lsepol +Cflags: -I${includedir} +