summary refs log tree commit diff
diff options
context:
space:
mode:
authorRicardo Wurmus <rekado@elephly.net>2018-01-25 00:30:37 +0100
committerRicardo Wurmus <rekado@elephly.net>2018-01-25 00:36:57 +0100
commit7bf0170e9fbcb08f9edb875dc08e27584826a1c2 (patch)
tree4c934d719e29c3d8dac02190de7e1617a0f6dddd
parent6d5a65de7fba53ca1160844550d261f540f110e1 (diff)
downloadguix-7bf0170e9fbcb08f9edb875dc08e27584826a1c2.tar.gz
gnu: Update SELinux packages.
* gnu/packages/selinux.scm (libsepol): Update to 2.7, release 20170804.
[source]: Fetch from git.
(checkpolicy)[arguments]: Set LIBSEPOLA.
(libselinux)[arguments]: Likewise; remove build phase "patch-libsepol-path".
(python-sepolgen)[arguments]: Adjust directory name in "enter-dir".
(python-setools): Update to 4.1.1.
[source]: Fetch from git.
(policycoreutils)[source]: Remove patch.
[arguments]: Remove build phases "fix-glib-cflags",
"fix-linkage-with-libsepol", "fix-target-paths", and "wrap-python-tools".
[inputs]: Remove python-wrapper, python-sepolgen, python-setools, python-ipy,
libcap-ng, pcre, dbus, dbus-glib, and glib.
* gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch335
-rw-r--r--gnu/packages/selinux.scm126
3 files changed, 25 insertions, 437 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 86b8216ee7..0d18cec703 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -970,7 +970,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/plink-endian-detection.patch		\
   %D%/packages/patches/plotutils-libpng-jmpbuf.patch		\
   %D%/packages/patches/polkit-drop-test.patch			\
-  %D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch	\
   %D%/packages/patches/portaudio-audacity-compat.patch		\
   %D%/packages/patches/portmidi-modular-build.patch		\
   %D%/packages/patches/potrace-tests.patch			\
diff --git a/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch b/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch
deleted file mode 100644
index befe9fbb2a..0000000000
--- a/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch
+++ /dev/null
@@ -1,335 +0,0 @@
-Downloaded from https://anonscm.debian.org/cgit/selinux/policycoreutils.git/plain/debian/patches/policycoreutils-Make-sepolicy-work-with-python3.patch
-
-From 2d7ca0b862a35196d562f59bd098df011fd7f0e6 Mon Sep 17 00:00:00 2001
-From: Laurent Bigonville <bigon@bigon.be>
-Date: Mon, 7 Nov 2016 10:51:08 +0100
-Subject: [PATCH] policycoreutils: Make sepolicy work with python3
-
-Add python3 support for sepolicy
-
-Signed-off-by: Laurent Bigonville <bigon@bigon.be>
----
- policycoreutils/sepolicy/selinux_client.py       |  6 ++--
- policycoreutils/sepolicy/sepolicy.py             | 38 ++++++++++++------------
- policycoreutils/sepolicy/sepolicy/__init__.py    | 16 ++++++----
- policycoreutils/sepolicy/sepolicy/communicate.py |  4 +--
- policycoreutils/sepolicy/sepolicy/generate.py    | 30 +++++++++----------
- policycoreutils/sepolicy/sepolicy/interface.py   | 14 ++++++---
- policycoreutils/sepolicy/sepolicy/manpage.py     |  7 +++--
- 7 files changed, 65 insertions(+), 50 deletions(-)
-
-diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutils/sepolicy/selinux_client.py
-index 7f4a91c..dc29f28 100644
---- a/sepolicy/selinux_client.py
-+++ b/sepolicy/selinux_client.py
-@@ -39,6 +39,6 @@ if __name__ == "__main__":
-     try:
-         dbus_proxy = SELinuxDBus()
-         resp = dbus_proxy.customized()
--        print convert_customization(resp)
--    except dbus.DBusException, e:
--        print e
-+        print(convert_customization(resp))
-+    except dbus.DBusException as e:
-+        print(e)
-diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
-index 3e502a7..5bf9b52 100755
---- a/sepolicy/sepolicy.py
-+++ b/sepolicy/sepolicy.py
-@@ -262,7 +262,7 @@ def _print_net(src, protocol, perm):
-     if len(portdict) > 0:
-         bold_start = "\033[1m"
-         bold_end = "\033[0;0m"
--        print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end
-+        print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end)
-         port_strings = []
-         boolean_text = ""
-         for p in portdict:
-@@ -275,7 +275,7 @@ def _print_net(src, protocol, perm):
-                     port_strings.append("%s (%s)" % (", ".join(recs), t))
-         port_strings.sort(numcmp)
-         for p in port_strings:
--            print "\t" + p
-+            print("\t" + p)
- 
- 
- def network(args):
-@@ -286,7 +286,7 @@ def network(args):
-             if i[0] not in all_ports:
-                 all_ports.append(i[0])
-         all_ports.sort()
--        print "\n".join(all_ports)
-+        print("\n".join(all_ports))
- 
-     for port in args.port:
-         found = False
-@@ -297,18 +297,18 @@ def network(args):
-                 else:
-                     range = "%s-%s" % (i[0], i[1])
-                 found = True
--                print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range)
-+                print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range))
-         if not found:
-             if port < 500:
--                print "Undefined reserved port type"
-+                print("Undefined reserved port type")
-             else:
--                print "Undefined port type"
-+                print("Undefined port type")
- 
-     for t in args.type:
-         if (t, 'tcp') in portrecs.keys():
--            print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))
-+            print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])))
-         if (t, 'udp') in portrecs.keys():
--            print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))
-+            print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])))
- 
-     for a in args.applications:
-         d = sepolicy.get_init_transtype(a)
-@@ -357,7 +357,7 @@ def manpage(args):
- 
-     for domain in test_domains:
-         m = ManPage(domain, path, args.root, args.source_files, args.web)
--        print m.get_man_page_path()
-+        print(m.get_man_page_path())
- 
-     if args.web:
-         HTMLManPages(manpage_roles, manpage_domains, path, args.os)
-@@ -418,7 +418,7 @@ def communicate(args):
-     out = list(set(writable) & set(readable))
- 
-     for t in out:
--        print t
-+        print(t)
- 
- 
- def gen_communicate_args(parser):
-@@ -445,7 +445,7 @@ def booleans(args):
-     args.booleans.sort()
- 
-     for b in args.booleans:
--        print "%s=_(\"%s\")" % (b, boolean_desc(b))
-+        print("%s=_(\"%s\")" % (b, boolean_desc(b)))
- 
- 
- def gen_booleans_args(parser):
-@@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=""):
-     for i in interfaces:
-         if args.verbose:
-             try:
--                print get_interface_format_text(i + append)
-+                print(get_interface_format_text(i + append))
-             except KeyError:
--                print i
-+                print(i)
-         if args.compile:
-             try:
-                 interface_compile_test(i)
-             except KeyError:
--                print i
-+                print(i)
-         else:
--            print i
-+            print(i)
- 
- 
- def interface(args):
-@@ -565,7 +565,7 @@ def generate(args):
-     if args.policytype in APPLICATIONS:
-         mypolicy.gen_writeable()
-         mypolicy.gen_symbols()
--    print mypolicy.generate(args.path)
-+    print(mypolicy.generate(args.path))
- 
- 
- def gen_interface_args(parser):
-@@ -698,12 +698,12 @@ if __name__ == '__main__':
-         args = parser.parse_args(args=parser_args)
-         args.func(args)
-         sys.exit(0)
--    except ValueError, e:
-+    except ValueError as e:
-         sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
-         sys.exit(1)
--    except IOError, e:
-+    except IOError as e:
-         sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
-         sys.exit(1)
-     except KeyboardInterrupt:
--        print "Out"
-+        print("Out")
-         sys.exit(0)
-diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
-index 8fbd5b4..fee6438 100644
---- a/sepolicy/sepolicy/__init__.py
-+++ b/sepolicy/sepolicy/__init__.py
-@@ -695,7 +695,7 @@ def get_methods():
-     # List of per_role_template interfaces
-         ifs = interfaces.InterfaceSet()
-         ifs.from_file(fd)
--        methods = ifs.interfaces.keys()
-+        methods = list(ifs.interfaces.keys())
-         fd.close()
-     except:
-         sys.stderr.write("could not open interface info [%s]\n" % fn)
-@@ -752,7 +752,10 @@ def get_all_entrypoint_domains():
- 
- 
- def gen_interfaces():
--    import commands
-+    try:
-+        from commands import getstatusoutput
-+    except ImportError:
-+        from subprocess import getstatusoutput
-     ifile = defaults.interface_info()
-     headers = defaults.headers()
-     try:
-@@ -763,7 +766,7 @@ def gen_interfaces():
- 
-     if os.getuid() != 0:
-         raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen"))
--    print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
-+    print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
- 
- 
- def gen_port_dict():
-@@ -1085,8 +1088,11 @@ def get_os_version():
-     os_version = ""
-     pkg_name = "selinux-policy"
-     try:
--        import commands
--        rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
-+        try:
-+            from commands import getstatusoutput
-+        except ImportError:
-+            from subprocess import getstatusoutput
-+        rc, output = getstatusoutput("rpm -q '%s'" % pkg_name)
-         if rc == 0:
-             os_version = output.split(".")[-2]
-     except:
-diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policycoreutils/sepolicy/sepolicy/communicate.py
-index b96c4b9..299316e 100755
---- a/sepolicy/sepolicy/communicate.py
-+++ b/sepolicy/sepolicy/communicate.py
-@@ -34,8 +34,8 @@ def usage(parser, msg):
- 
- def expand_attribute(attribute):
-     try:
--        return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"]
--    except RuntimeError:
-+        return list(next(sepolicy.info(sepolicy.ATTRIBUTE, attribute))["types"])
-+    except StopIteration:
-         return [attribute]
- 
- 
-diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
-index 65b33b6..5696110 100644
---- a/sepolicy/sepolicy/generate.py
-+++ b/sepolicy/sepolicy/generate.py
-@@ -31,21 +31,21 @@ import time
- import types
- import platform
- 
--from templates import executable
--from templates import boolean
--from templates import etc_rw
--from templates import unit_file
--from templates import var_cache
--from templates import var_spool
--from templates import var_lib
--from templates import var_log
--from templates import var_run
--from templates import tmp
--from templates import rw
--from templates import network
--from templates import script
--from templates import spec
--from templates import user
-+from .templates import executable
-+from .templates import boolean
-+from .templates import etc_rw
-+from .templates import unit_file
-+from .templates import var_cache
-+from .templates import var_spool
-+from .templates import var_lib
-+from .templates import var_log
-+from .templates import var_run
-+from .templates import tmp
-+from .templates import rw
-+from .templates import network
-+from .templates import script
-+from .templates import spec
-+from .templates import user
- import sepolgen.interfaces as interfaces
- import sepolgen.defaults as defaults
- 
-diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py
-index c2cb971..8956f39 100644
---- a/sepolicy/sepolicy/interface.py
-+++ b/sepolicy/sepolicy/interface.py
-@@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name="compiletest"):
- def get_xml_file(if_file):
-     """ Returns xml format of interfaces for given .if policy file"""
-     import os
--    import commands
-+    try:
-+            from commands import getstatusoutput
-+    except ImportError:
-+            from subprocess import getstatusoutput
-     basedir = os.path.dirname(if_file) + "/"
-     filename = os.path.basename(if_file).split(".")[0]
--    rc, output = commands.getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
-+    rc, output = getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
-     if rc != 0:
-         sys.stderr.write("\n Could not proceed selected interface file.\n")
-         sys.stderr.write("\n%s" % output)
-@@ -208,7 +211,10 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
-     exclude_interfaces = ["userdom", "kernel", "corenet", "files", "dev"]
-     exclude_interface_type = ["template"]
- 
--    import commands
-+    try:
-+            from commands import getstatusoutput
-+    except ImportError:
-+            from subprocess import getstatusoutput
-     import os
-     policy_files = {'pp': "compiletest.pp", 'te': "compiletest.te", 'fc': "compiletest.fc", 'if': "compiletest.if"}
-     idict = get_interface_dict(path)
-@@ -219,7 +225,7 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
-             fd = open(policy_files['te'], "w")
-             fd.write(generate_compile_te(interface, idict))
-             fd.close()
--            rc, output = commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
-+            rc, output = getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
-             if rc != 0:
-                 sys.stderr.write(output)
-                 sys.stderr.write(_("\nCompile test for %s failed.\n") % interface)
-diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
-index 7365f93..773a9ab 100755
---- a/sepolicy/sepolicy/manpage.py
-+++ b/sepolicy/sepolicy/manpage.py
-@@ -27,7 +27,6 @@ __all__ = ['ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_d
- import string
- import selinux
- import sepolicy
--import commands
- import os
- import time
- 
-@@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list):
- 
- 
- def convert_manpage_to_html(html_manpage, manpage):
--    rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
-+    try:
-+            from commands import getstatusoutput
-+    except ImportError:
-+            from subprocess import getstatusoutput
-+    rc, output = getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
-     if rc == 0:
-         print(html_manpage, "has been created")
-         fd = open(html_manpage, 'w')
--- 
-2.10.2
-
diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 729ae646b2..99f9e76e29 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2016, 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -20,6 +20,7 @@
   #:use-module ((guix licenses) #:prefix license:)
   #:use-module (guix packages)
   #:use-module (guix download)
+  #:use-module (guix git-download)
   #:use-module (guix utils)
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system python)
@@ -44,16 +45,17 @@
 (define-public libsepol
   (package
     (name "libsepol")
-    (version "2.6")
-    (source (let ((release "20161014"))
+    (version "2.7")
+    (source (let ((release "20170804"))
               (origin
-                (method url-fetch)
-                (uri (string-append "https://github.com/SELinuxProject/selinux/"
-                                    "archive/" release ".tar.gz"))
-                (file-name (string-append "selinux-" release ".tar.gz"))
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://github.com/SELinuxProject/selinux.git")
+                      (commit release)))
+                (file-name (string-append "selinux-" release "-checkout"))
                 (sha256
                  (base32
-                  "1dpwynfb6n31928343blac4159g4jbrwxdp61q5yffmxpy3c3czi")))))
+                  "1l1nn8bx08v4cxkw5kb0wgr61rfqj5ra9dh1dy5jslillj93vivq")))))
     (build-system gnu-build-system)
     (arguments
      `(#:tests? #f ; tests require checkpolicy, which requires libsepol
@@ -92,11 +94,9 @@ boolean settings).")
        #:make-flags
        (let ((out (assoc-ref %outputs "out")))
          (list (string-append "PREFIX=" out)
-               (string-append "LDLIBS="
+               (string-append "LIBSEPOLA="
                               (assoc-ref %build-inputs "libsepol")
-                              "/lib/libsepol.a "
-                              (assoc-ref %build-inputs "flex")
-                              "/lib/libfl.a")
+                              "/lib/libsepol.a")
                "CC=gcc"))
        #:phases
        (modify-phases %standard-phases
@@ -125,6 +125,9 @@ module into a binary representation.")
      (substitute-keyword-arguments (package-arguments libsepol)
        ((#:make-flags flags)
         `(cons* "PYTHON=python3"
+                (string-append "LIBSEPOLA="
+                              (assoc-ref %build-inputs "libsepol")
+                              "/lib/libsepol.a")
                 (string-append "PYSITEDIR="
                                (assoc-ref %outputs "out")
                                "/lib/python"
@@ -135,14 +138,6 @@ module into a binary representation.")
         `(modify-phases ,phases
            (replace 'enter-dir
              (lambda _ (chdir ,name) #t))
-           ;; libsepol.a is not located in this package's LIBDIR.
-           (add-after 'enter-dir 'patch-libsepol-path
-             (lambda* (#:key inputs #:allow-other-keys)
-               (substitute* "src/Makefile"
-                 (("\\$\\(LIBDIR\\)/libsepol.a")
-                  (string-append (assoc-ref inputs "libsepol")
-                                 "/lib/libsepol.a")))
-               #t))
            (add-after 'enter-dir 'remove-Werror
              (lambda _
                ;; GCC complains about the fact that the output does not (yet)
@@ -256,7 +251,7 @@ binary policies.")
            ((#:phases phases)
             `(modify-phases ,phases
                (replace 'enter-dir
-                 (lambda _ (chdir "sepolgen") #t))
+                 (lambda _ (chdir "python/sepolgen") #t))
                ;; By default all Python files would be installed to
                ;; $out/gnu/store/...-python-.../, so we override the
                ;; PACKAGEDIR to fix this.
@@ -297,20 +292,19 @@ based on required access.")
     ;; GPLv2 only
     (license license:gpl2)))
 
-;; The latest 4.1.x version does not work with the latest 2.6 release of
-;; policycoreutils, so we use the last 4.0.x release.
 (define-public python-setools
   (package
     (name "python-setools")
-    (version "4.0.1")
+    (version "4.1.1")
     (source (origin
-              (method url-fetch)
-              (uri (string-append "https://github.com/TresysTechnology/"
-                                  "setools/archive/" version ".tar.gz"))
-              (file-name (string-append name "-" version ".tar.gz"))
+              (method git-fetch)
+              (uri (git-reference
+                    (url "https://github.com/TresysTechnology/setools.git")
+                    (commit version)))
+              (file-name (string-append name "-" version "-checkout"))
               (sha256
                (base32
-                "1zndpl4ck5c23p7s4sci06db89q1w87jig3jbd4f8s1ggy3lj82c"))))
+                "0459xxly6zzqc5azcwk3rbbcxvj60dq08f8z6xr05y7dsbb16cg6"))))
     (build-system python-build-system)
     (arguments
      `(#:tests? #f ; the test target causes a rebuild
@@ -352,10 +346,6 @@ tools, and libraries designed to facilitate SELinux policy analysis.")
 (define-public policycoreutils
   (package (inherit libsepol)
     (name "policycoreutils")
-    (source
-     (origin (inherit (package-source libsepol))
-             (patches (search-patches "policycoreutils-make-sepolicy-use-python3.patch"))
-             (patch-flags '("-p1" "-d" "policycoreutils"))))
     (arguments
      `(#:test-target "test"
        #:make-flags
@@ -399,79 +389,13 @@ tools, and libraries designed to facilitate SELinux policy analysis.")
                 (string-append (assoc-ref inputs "pam") file))
                (("/usr(/include/libaudit.h)" _ file)
                 (string-append (assoc-ref inputs "audit") file)))
-             #t))
-         (add-after 'enter-dir 'fix-glib-cflags
-           (lambda* (#:key inputs #:allow-other-keys)
-             (substitute* "restorecond/Makefile"
-               (("/usr(/include/glib-2.0|/lib/glib-2.0/include)" _ path)
-                (string-append (assoc-ref inputs "glib") path))
-               (("/usr(/include/dbus-1.0|/lib/dbus-1.0/include)" _ path)
-                (string-append (assoc-ref inputs "dbus") path
-                               " -I"
-                               (assoc-ref inputs "dbus-glib") path)))
-             #t))
-         (add-after 'enter-dir 'fix-linkage-with-libsepol
-           (lambda* (#:key inputs #:allow-other-keys)
-             (substitute* '("semodule_deps/Makefile"
-                            "sepolgen-ifgen/Makefile")
-               (("\\$\\(LIBDIR\\)")
-                (string-append (assoc-ref inputs "libsepol") "/lib/")))))
-         (add-after 'enter-dir 'fix-target-paths
-           (lambda* (#:key outputs #:allow-other-keys)
-             (let ((out (assoc-ref outputs "out")))
-               (substitute* "audit2allow/sepolgen-ifgen"
-                 (("ATTR_HELPER = \"/usr/bin/sepolgen-ifgen-attr-helper\"")
-                  (string-append "ATTR_HELPER = \"" out
-                                 "/bin/sepolgen-ifgen-attr-helper\"")))
-               (substitute* "sepolicy/sepolicy/__init__.py"
-                 (("/usr/bin/sepolgen-ifgen")
-                  (string-append out "/bin/sepolgen-ifgen")))
-               (substitute* "sepolicy/Makefile"
-                 ;; By default all Python files would be installed to
-                 ;; $out/gnu/store/...-python-.../.
-                 (("setup.py install.*$")
-                  (string-append "setup.py install --prefix=" out "\n"))
-                 (("\\$\\(DESTDIR\\)/etc")
-                  (string-append out "/etc"))
-                 (("\\$\\(DESTDIR\\)/usr") out)))
-             #t))
-         (add-after 'install 'wrap-python-tools
-           (lambda* (#:key outputs #:allow-other-keys)
-             (let* ((out (assoc-ref outputs "out"))
-                    (var (string-append out "/lib/python"
-                                        ,(version-major+minor (package-version python))
-                                        "/site-packages:"
-                                        (getenv "PYTHONPATH"))))
-               ;; The scripts' shebangs tell Python to ignore the PYTHONPATH,
-               ;; so we need to patch them before wrapping.
-               (for-each (lambda (file)
-                           (let ((path (string-append out "/" file)))
-                             (substitute* path
-                               (("bin/python -Es") "bin/python -s"))
-                             (wrap-program path
-                               `("PYTHONPATH" ":" prefix (,var)))))
-                         '("bin/audit2allow"
-                           "bin/chcat"
-                           "bin/sandbox"
-                           "bin/sepolgen-ifgen"
-                           "bin/sepolicy"
-                           "sbin/semanage")))
              #t)))))
     (inputs
-     `(("python" ,python-wrapper)
-       ("audit" ,audit)
+     `(("audit" ,audit)
        ("pam" ,linux-pam)
        ("libsepol" ,libsepol)
        ("libselinux" ,libselinux)
-       ("libsemanage" ,libsemanage)
-       ("python-sepolgen" ,python-sepolgen)
-       ("python-setools" ,python-setools)
-       ("python-ipy" ,python-ipy)
-       ("libcap-ng" ,libcap-ng)
-       ("pcre" ,pcre)
-       ("dbus" ,dbus)
-       ("dbus-glib" ,dbus-glib)
-       ("glib" ,glib)))
+       ("libsemanage" ,libsemanage)))
     (native-inputs
      `(("gettext" ,gettext-minimal)))
     (synopsis "SELinux core utilities")