# Copyright 1999-2025 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI="8" DISTUTILS_USE_PEP517=setuptools PYTHON_COMPAT=( python3_{11..13} ) PYTHON_REQ_USE="xml(+)" inherit distutils-r1 toolchain-funcs MY_PV="${PV//_/-}" MY_P="${PN}-${MY_PV}" DESCRIPTION="SELinux core utilities" HOMEPAGE="https://github.com/SELinuxProject/selinux/wiki" if [[ ${PV} == 9999 ]] ; then inherit git-r3 EGIT_REPO_URI="https://github.com/SELinuxProject/selinux.git" S="${WORKDIR}/${P}/${PN#selinux-}" else SRC_URI="https://github.com/SELinuxProject/selinux/releases/download/${MY_PV}/${MY_P}.tar.gz" KEYWORDS="amd64 arm arm64 ~x86" S="${WORKDIR}/${MY_P}" fi LICENSE="GPL-2" SLOT="0" IUSE="test" RESTRICT="!test? ( test )" RDEPEND=">=sys-libs/libselinux-${PV}:=[python] >=sys-libs/libsemanage-${PV}:=[python(+)] >=sys-libs/libsepol-${PV}:=[static-libs(+)] >=app-admin/setools-4.2.0[${PYTHON_USEDEP}] >=sys-process/audit-1.5.1[python,${PYTHON_USEDEP}]" DEPEND="${RDEPEND}" BDEPEND=" test? ( ${RDEPEND} sec-policy/selinux-base >=sys-apps/secilc-${PV} )" PATCHES=( "${FILESDIR}"/selinux-python-3.8.1-no-pip.patch ) src_prepare() { default sed -e 's/-Werror//g' -i "${S}"/*/Makefile || die "Failed to remove Werror" pushd sepolicy >/dev/null || die # To avoid default DISTUTILS_OPTIONAL=1 distutils-r1_src_prepare popd >/dev/null || die } python_compile() { distutils-r1_python_compile emake -C "${S}" \ CC="$(tc-getCC)" \ LIBDIR="\$(PREFIX)/$(get_libdir)" } src_compile() { pushd sepolicy >/dev/null || die distutils-r1_src_compile popd >/dev/null || die } python_test() { # The different subprojects have some interproject dependencies: # - audit2allow depens on sepolgen # - chcat depends on semanage # and maybe others. # Add all the modules of the individual subprojects to the # PYTHONPATH, so they get actually found and used. In # particular, already installed versions on the system are not # used. for dir in audit2allow chcat semanage sepolgen/src sepolicy ; do PYTHONPATH="${S}/${dir}:${PYTHONPATH}" done PYTHONPATH=${PYTHONPATH} emake -C "${S}" test } src_test() { pushd sepolicy >/dev/null || die distutils-r1_src_test popd >/dev/null || die } python_install() { distutils-r1_python_install emake -C "${S}" \ DESTDIR="${D}" \ LIBDIR="\$(PREFIX)/$(get_libdir)" \ install # Install over previously installed scripts to ensure proper python support python_doscript "${S}"/audit2allow/audit2allow python_doscript "${S}"/audit2allow/sepolgen-ifgen python_doscript "${S}"/chcat/chcat python_newscript "${S}"/sepolicy/sepolicy.py sepolicy python_scriptinto /usr/sbin python_doscript "${S}"/semanage/semanage python_optimize } python_install_all() { # Create sepolgen.conf with different devel location definition mkdir -p "${D}"/etc/selinux || die "Failed to create selinux directory"; if [[ -f /etc/selinux/config ]]; then local selinuxtype=$(awk -F'=' '/^SELINUXTYPE/ {print $2}' /etc/selinux/config); echo "SELINUX_DEVEL_PATH=/usr/share/selinux/${selinuxtype}/include:/usr/share/selinux/${selinuxtype}" \ > "${D}"/etc/selinux/sepolgen.conf || die "Failed to generate sepolgen" else local selinuxtype="${POLICY_TYPES%% *}"; if [[ -n "${selinuxtype}" ]]; then echo "SELINUX_DEVEL_PATH=/usr/share/selinux/${selinuxtype}/include:/usr/share/selinux/${selinuxtype}" \ > "${D}"/etc/selinux/sepolgen.conf || die "Failed to generate sepolgen" else echo "SELINUX_DEVEL_PATH=/usr/share/selinux/strict/include:/usr/share/selinux/strict" \ > "${D}"/etc/selinux/sepolgen.conf || die "Failed to generate sepolgen" fi fi } src_install() { pushd sepolicy >/dev/null || die distutils-r1_src_install popd >/dev/null || die }