summary refs log tree commit diff
path: root/gnu/packages/selinux.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/selinux.scm')
-rw-r--r--gnu/packages/selinux.scm64
1 files changed, 63 insertions, 1 deletions
diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 4a706386d1..0d9d98361b 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -22,9 +22,14 @@
   #:use-module (guix download)
   #:use-module (guix utils)
   #:use-module (guix build-system gnu)
+  #:use-module (guix build-system python)
   #:use-module (gnu packages)
   #:use-module (gnu packages bison)
-  #:use-module (gnu packages flex))
+  #:use-module (gnu packages flex)
+  #:use-module (gnu packages pcre)
+  #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages swig))
 
 ;; Update the SELinux packages together!
 
@@ -104,3 +109,60 @@ Checkmodule is a program that checks and compiles a SELinux security policy
 module into a binary representation.")
     ;; GPLv2 only
     (license license:gpl2)))
+
+(define-public libselinux
+  (package (inherit libsepol)
+    (name "libselinux")
+    (arguments
+     (substitute-keyword-arguments (package-arguments libsepol)
+       ((#:make-flags flags)
+        `(cons* "PYTHON=python3"
+                (string-append "PYSITEDIR="
+                               (assoc-ref %outputs "out")
+                               "/lib/python"
+                               ,(version-major+minor (package-version python))
+                               "/site-packages/")
+                ,flags))
+       ((#:phases phases)
+        `(modify-phases ,phases
+           (replace 'enter-dir
+             (lambda _ (chdir ,name) #t))
+           ;; libsepol.a is not located in this package's LIBDIR.
+           (add-after 'enter-dir 'patch-libsepol-path
+             (lambda* (#:key inputs #:allow-other-keys)
+               (substitute* "src/Makefile"
+                 (("\\$\\(LIBDIR\\)/libsepol.a")
+                  (string-append (assoc-ref inputs "libsepol")
+                                 "/lib/libsepol.a")))
+               #t))
+           (add-after 'enter-dir 'remove-Werror
+             (lambda _
+               ;; GCC complains about the fact that the output does not (yet)
+               ;; have an "include" directory, even though it is referenced.
+               (substitute* '("src/Makefile"
+                              "utils/Makefile")
+                 (("-Werror ") ""))
+               #t))
+           (add-after 'build 'pywrap
+             (lambda* (#:key make-flags #:allow-other-keys)
+               (zero? (apply system* "make" "pywrap" make-flags))))
+           (add-after 'install 'install-pywrap
+             (lambda* (#:key make-flags #:allow-other-keys)
+               (zero? (apply system* "make" "install-pywrap" make-flags))))))))
+    (inputs
+     `(("libsepol" ,libsepol)
+       ("pcre" ,pcre)
+       ;; For pywrap phase
+       ("python" ,python-wrapper)))
+    ;; These inputs are only needed for the pywrap phase.
+    (native-inputs
+     `(("swig" ,swig)
+       ("pkg-config" ,pkg-config)))
+    (synopsis "SELinux core libraries and utilities")
+    (description
+     "The libselinux library provides an API for SELinux applications to get
+and set process and file security contexts, and to obtain security policy
+decisions.  It is required for any applications that use the SELinux API, and
+used by all applications that are SELinux-aware.  This package also includes
+the core SELinux management utilities.")
+    (license license:public-domain)))