pcr: add policycoreutils (selinux policy core utilities)

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>

3 files changed, 108 insertions, 0 deletions

diff --git a/pcr/libsemanage/PKGBUILD b/pcr/libsemanage/PKGBUILD
new file mode 100644
index 000000000..1626732bf
--- /dev/null
+++ b/pcr/libsemanage/PKGBUILD
@@ -0,0 +1,58 @@
+# Maintainer (AUR): Nicolas Iooss (nicolas <dot> iooss <at> m4x <dot> org)
+# Contributor (AUR): Timothée Ravier <tim@siosm.fr>
+# Contributor (AUR): Nicky726 (Nicky726 <at> gmail <dot> com)
+# Contributor (AUR): Sergej Pupykin (pupykin <dot> s+arch <at> gmail <dot> com)
+
+# parabola changes and rationale:
+# - Added armv7h
+
+pkgname=libsemanage
+pkgver=3.2
+pkgrel=1
+pkgdesc="SELinux binary policy manipulation library"
+arch=('i686' 'x86_64')
+arch+=('armv7h')
+url='https://github.com/SELinuxProject/selinux'
+license=('LGPL2.1')
+groups=('selinux')
+makedepends=('flex' 'pkgconf' 'python' 'ruby' 'swig')
+depends=('libselinux>=3.2' 'audit')
+optdepends=('python: python bindings'
+            'ruby: ruby bindings')
+options=(!emptydirs) # For /var/lib/selinux
+install=libsemanage.install
+conflicts=("selinux-usr-${pkgname}")
+provides=("selinux-usr-${pkgname}=${pkgver}-${pkgrel}")
+source=("https://github.com/SELinuxProject/selinux/releases/download/${pkgver}/${pkgname}-${pkgver}.tar.gz"
+        "semanage.conf")
+sha256sums=('d722a55ca4fe2d4e2b30527720db657e6238b28079e69e2e4affeb8e733ee511'
+            '5b0e6929428e095b561701ccdfa9c8b0c3d70dad3fc46e667eb46a85b246a4a0')
+
+build() {
+  cd "${pkgname}-${pkgver}"
+
+  export CFLAGS="${CFLAGS} -fno-semantic-interposition"
+  make swigify
+  make all
+  make PYTHON=/usr/bin/python3 pywrap
+  make RUBY=/usr/bin/ruby rubywrap
+
+  # Build a libsemanage.so.1 to ease the transition from libsemanage 3.1 to 3.2
+  make -C src LIBVERSION=1 libsemanage.so.1
+  rm src/libsemanage.so
+}
+
+package() {
+  cd "${pkgname}-${pkgver}"
+  make DESTDIR="${pkgdir}" LIBEXECDIR=/usr/lib SHLIBDIR=/usr/lib install
+  make DESTDIR="${pkgdir}" PYTHON=/usr/bin/python3 LIBEXECDIR=/usr/lib SHLIBDIR=/usr/lib install-pywrap
+  make DESTDIR="${pkgdir}" RUBY=/usr/bin/ruby LIBEXECDIR=/usr/lib SHLIBDIR=/usr/lib install-rubywrap
+  /usr/bin/python3 -m compileall "${pkgdir}/$(/usr/bin/python3 -c 'from distutils.sysconfig import *; print(get_python_lib(plat_specific=1))')"
+
+  install -D -m0644 "${srcdir}/semanage.conf" "${pkgdir}/etc/selinux/semanage.conf"
+
+  install -Dm755 src/libsemanage.so.1 "${pkgdir}/usr/lib"
+
+  # Create /var/lib/selinux for the policy store
+  mkdir -p "${pkgdir}/var/lib/selinux"
+}
diff --git a/pcr/libsemanage/libsemanage.install b/pcr/libsemanage/libsemanage.install
new file mode 100644
index 000000000..bf21bb203
--- /dev/null
+++ b/pcr/libsemanage/libsemanage.install
@@ -0,0 +1,6 @@
+post_upgrade() {
+  if [ "$(vercmp 2.4 "$2")" -eq 1 ]; then
+    echo "The policy storage location changed in SELinux Userspace Project 2.4 from /etc/selinux to /var/lib/selinux."
+    echo "Run /usr/lib/selinux/semanage_migrate_store to migrate your policy files to the new location."
+  fi
+}
diff --git a/pcr/libsemanage/semanage.conf b/pcr/libsemanage/semanage.conf
new file mode 100644
index 000000000..3a7b36933
--- /dev/null
+++ b/pcr/libsemanage/semanage.conf
@@ -0,0 +1,44 @@
+# Authors: Jason Tang <jtang@tresys.com>
+#
+# Copyright (C) 2004-2005 Tresys Technology, LLC
+#
+#  This library is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 2.1 of the License, or (at your option) any later version.
+#
+#  This library is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public
+#  License along with this library; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+# Specify how libsemanage will interact with a SELinux policy manager.
+# The four options are:
+#
+#  "source"     - libsemanage manipulates a source SELinux policy
+#  "direct"     - libsemanage will write directly to a module store.
+#  /foo/bar     - Write by way of a policy management server, whose
+#                 named socket is at /foo/bar.  The path must begin
+#                 with a '/'.
+#  foo.com:4242 - Establish a TCP connection to a remote policy
+#                 management server at foo.com.  If there is a colon
+#                 then the remainder is interpreted as a port number;
+#                 otherwise default to port 4242.
+module-store = direct
+
+# When generating the final linked and expanded policy, by default
+# semanage will set the policy version to POLICYDB_VERSION_MAX, as
+# given in <sepol/policydb.h>.  Change this setting if a different
+# version is necessary.
+#policy-version = 19
+
+# By default, semanage will generate policies for the SELinux target.
+# To build policies for Xen, uncomment the following line.
+#target-platform = xen
+
+# Arch Linux path to policy compilers
+compiler-directory = /usr/lib/selinux/hll