summary refs log tree commit diff
path: root/gnu/packages/selinux.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/selinux.scm')
-rw-r--r--gnu/packages/selinux.scm60
1 files changed, 34 insertions, 26 deletions
diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 1c45cb8c7e..1502d167c4 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2016, 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2019, 2020 Marius Bakke <mbakke@fastmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -39,7 +40,6 @@
   #:use-module (gnu packages python)
   #:use-module (gnu packages python-xyz)
   #:use-module (gnu packages swig)
-  #:use-module (gnu packages textutils)
   #:use-module (gnu packages xml))
 
 ;; Update the SELinux packages together!
@@ -47,8 +47,8 @@
 (define-public libsepol
   (package
     (name "libsepol")
-    (version "2.7")
-    (source (let ((release "20170804"))
+    (version "3.0")
+    (source (let ((release "20191204"))
               (origin
                 (method git-fetch)
                 (uri (git-reference
@@ -57,20 +57,25 @@
                 (file-name (string-append "selinux-" release "-checkout"))
                 (sha256
                  (base32
-                  "1l1nn8bx08v4cxkw5kb0wgr61rfqj5ra9dh1dy5jslillj93vivq")))))
+                  "05rpzm72cgprd0ccr6lvx9hm8j8b5nkqi4avshlsyg7s3sdlcxjs")))))
     (build-system gnu-build-system)
     (arguments
      `(#:tests? #f ; tests require checkpolicy, which requires libsepol
        #:test-target "test"
        #:make-flags
-       (let ((out (assoc-ref %outputs "out")))
+       (let ((out (assoc-ref %outputs "out"))
+             (target ,(%current-target-system)))
          (list (string-append "PREFIX=" out)
-               (string-append "DESTDIR=" out)
+               (string-append "SHLIBDIR=" out "/lib")
                (string-append "MAN3DIR=" out "/share/man/man3")
                (string-append "MAN5DIR=" out "/share/man/man5")
                (string-append "MAN8DIR=" out "/share/man/man8")
                (string-append "LDFLAGS=-Wl,-rpath=" out "/lib")
-               "CC=gcc"))
+               (string-append "CC="
+                              (if target
+                                  (string-append (assoc-ref %build-inputs "cross-gcc")
+                                                 "/bin/" target "-gcc")
+                                  "gcc"))))
        #:phases
        (modify-phases %standard-phases
          (delete 'configure)
@@ -101,12 +106,17 @@ boolean settings).")
     (arguments
      `(#:tests? #f ; there is no check target
        #:make-flags
-       (let ((out (assoc-ref %outputs "out")))
+       (let ((out (assoc-ref %outputs "out"))
+             (target ,(%current-target-system)))
          (list (string-append "PREFIX=" out)
                (string-append "LIBSEPOLA="
                               (assoc-ref %build-inputs "libsepol")
                               "/lib/libsepol.a")
-               "CC=gcc"))
+               (string-append "CC="
+                              (if target
+                                  (string-append (assoc-ref %build-inputs "cross-gcc")
+                                                 "/bin/" target "-gcc")
+                                  "gcc"))))
        #:phases
        (modify-phases %standard-phases
          (delete 'configure)
@@ -139,7 +149,7 @@ module into a binary representation.")
                 (string-append "LIBSEPOLA="
                               (assoc-ref %build-inputs "libsepol")
                               "/lib/libsepol.a")
-                (string-append "PYSITEDIR="
+                (string-append "PYTHONLIBDIR="
                                (assoc-ref %outputs "python")
                                "/lib/python"
                                ,(version-major+minor (package-version python))
@@ -150,19 +160,17 @@ module into a binary representation.")
            (delete 'portability)
            (replace 'enter-dir
              (lambda _ (chdir ,name) #t))
-           (add-after 'enter-dir 'remove-Werror
-             (lambda _
-               ;; GCC complains about the fact that the output does not (yet)
-               ;; have an "include" directory, even though it is referenced.
-               (substitute* '("src/Makefile"
-                              "utils/Makefile")
-                 (("-Werror ") ""))
-               #t))
            (add-after 'build 'pywrap
              (lambda* (#:key make-flags #:allow-other-keys)
                (apply invoke "make" "pywrap" make-flags)))
            (add-after 'install 'install-pywrap
-             (lambda* (#:key make-flags #:allow-other-keys)
+             (lambda* (#:key make-flags outputs #:allow-other-keys)
+               ;; The build system uses "python setup.py install" to install
+               ;; Python bindings.  Instruct it to use the correct output.
+               (substitute* "src/Makefile"
+                 (("--prefix=\\$\\(PREFIX\\)")
+                  (string-append "--prefix=" (assoc-ref outputs "python"))))
+
                (apply invoke "make" "install-pywrap" make-flags)))))))
     ;; These libraries are in "Requires.private" in libselinux.pc.
     (propagated-inputs
@@ -191,7 +199,7 @@ the core SELinux management utilities.")
      (substitute-keyword-arguments (package-arguments libsepol)
        ((#:make-flags flags)
         `(cons* "PYTHON=python3"
-                (string-append "PYSITEDIR="
+                (string-append "PYTHONLIBDIR="
                                (assoc-ref %outputs "out")
                                "/lib/python"
                                ,(version-major+minor (package-version python))
@@ -202,6 +210,12 @@ the core SELinux management utilities.")
            (delete 'portability)
            (replace 'enter-dir
              (lambda _ (chdir ,name) #t))
+           (add-before 'install 'adjust-semanage-conf-location
+             (lambda _
+               (substitute* "src/Makefile"
+                 (("DEFAULT_SEMANAGE_CONF_LOCATION=/etc")
+                  "DEFAULT_SEMANAGE_CONF_LOCATION=$(PREFIX)/etc"))
+               #t))
            (add-after 'build 'pywrap
              (lambda* (#:key make-flags #:allow-other-keys)
                (apply invoke "make" "pywrap" make-flags)))
@@ -212,7 +226,6 @@ the core SELinux management utilities.")
      `(("libsepol" ,libsepol)
        ("libselinux" ,libselinux)
        ("audit" ,audit)
-       ("ustr" ,ustr)
        ;; For pywrap phase
        ("python" ,python-wrapper)))
     (native-inputs
@@ -393,11 +406,6 @@ tools, and libraries designed to facilitate SELinux policy analysis.")
            (lambda _ (chdir ,name) #t))
          (add-after 'enter-dir 'ignore-/usr-tests
            (lambda* (#:key inputs #:allow-other-keys)
-             ;; The Makefile decides to build restorecond only if it finds the
-             ;; inotify header somewhere under /usr.
-             (substitute* "Makefile"
-               (("ifeq.*") "")
-               (("endif.*") ""))
              ;; Rewrite lookup paths for header files.
              (substitute* '("newrole/Makefile"
                             "setfiles/Makefile"