From 28625f78619e77e48dde0c453f9ed5944f30b3d7 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Fri, 12 Nov 2021 09:20:45 +0000 Subject: [PATCH] selinux: 2.9, 3.0 -> 3.3 These are all released together, so I'm updating them all in a single commit. --- .../os-specific/linux/checkpolicy/default.nix | 8 +++---- pkgs/os-specific/linux/libselinux/default.nix | 8 +++---- .../os-specific/linux/libsemanage/default.nix | 8 +++---- pkgs/os-specific/linux/libsepol/default.nix | 23 ++++-------------- .../linux/policycoreutils/default.nix | 10 ++++---- .../linux/selinux-python/default.nix | 9 ++++--- .../linux/selinux-sandbox/default.nix | 8 +++---- .../linux/semodule-utils/default.nix | 8 +++---- pkgs/os-specific/linux/sepolgen/default.nix | 24 ------------------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 2 -- 11 files changed, 34 insertions(+), 75 deletions(-) delete mode 100644 pkgs/os-specific/linux/sepolgen/default.nix diff --git a/pkgs/os-specific/linux/checkpolicy/default.nix b/pkgs/os-specific/linux/checkpolicy/default.nix index c3d8928c7ba4..52cf0a3ec037 100644 --- a/pkgs/os-specific/linux/checkpolicy/default.nix +++ b/pkgs/os-specific/linux/checkpolicy/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "checkpolicy"; - version = "2.9"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/checkpolicy-${version}.tar.gz"; - sha256 = "13jz6f8zdrijvn5w1j102b36fs41z0q8ii74axw48cj550mw6im9"; + url = "${se_url}/${version}/checkpolicy-${version}.tar.gz"; + sha256 = "118l8c2vvnnckbd269saslr7adv6rdavr5rv0z5vh2m1lgglxj15"; }; nativeBuildInputs = [ bison flex ]; diff --git a/pkgs/os-specific/linux/libselinux/default.nix b/pkgs/os-specific/linux/libselinux/default.nix index fcea787ed79c..1e0a29451629 100644 --- a/pkgs/os-specific/linux/libselinux/default.nix +++ b/pkgs/os-specific/linux/libselinux/default.nix @@ -9,14 +9,14 @@ with lib; stdenv.mkDerivation rec { pname = "libselinux"; - version = "3.0"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; outputs = [ "bin" "out" "dev" "man" ] ++ optional enablePython "py"; src = fetchurl { - url = "${se_url}/${se_release}/libselinux-${version}.tar.gz"; - sha256 = "0cr4p0qkr4qd5z1x677vwhz6mlz55kxyijwi2dmrvbhxcw7v78if"; + url = "${se_url}/${version}/libselinux-${version}.tar.gz"; + sha256 = "0mvh793g7fg6wb6zqhkdyrv80x6k84ypqwi8ii89c91xcckyxzdc"; }; nativeBuildInputs = [ pkg-config ] ++ optionals enablePython [ swig python3 ]; diff --git a/pkgs/os-specific/linux/libsemanage/default.nix b/pkgs/os-specific/linux/libsemanage/default.nix index 0f9f26c8c5b0..d828c38be1d9 100644 --- a/pkgs/os-specific/linux/libsemanage/default.nix +++ b/pkgs/os-specific/linux/libsemanage/default.nix @@ -6,12 +6,12 @@ with lib; stdenv.mkDerivation rec { pname = "libsemanage"; - version = "2.9"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/libsemanage-${version}.tar.gz"; - sha256 = "075w6y3l9hiy5hicgwrmijyxmhfyd1r7cnc08qxyg4j46jfk8xi5"; + url = "${se_url}/${version}/libsemanage-${version}.tar.gz"; + sha256 = "1s3wb66l47blc15s6lkqs11j9l8pycdqqbb03x3vpfrlz9dfrl44"; }; outputs = [ "out" "dev" "man" ] ++ optional enablePython "py"; diff --git a/pkgs/os-specific/linux/libsepol/default.nix b/pkgs/os-specific/linux/libsepol/default.nix index e90c08942096..c1df217944c7 100644 --- a/pkgs/os-specific/linux/libsepol/default.nix +++ b/pkgs/os-specific/linux/libsepol/default.nix @@ -2,31 +2,16 @@ stdenv.mkDerivation rec { pname = "libsepol"; - version = "3.0"; - se_release = "20191204"; + version = "3.3"; se_url = "https://github.com/SELinuxProject/selinux/releases/download"; outputs = [ "bin" "out" "dev" "man" ]; src = fetchurl { - url = "${se_url}/${se_release}/libsepol-${version}.tar.gz"; - sha256 = "0ygb6dh5lng91xs6xiqf5v0nxa68qmjc787p0s5h9w89364f2yjv"; + url = "${se_url}/${version}/libsepol-${version}.tar.gz"; + sha256 = "12r39ygn7aa1kz52wibfr4520m0cp75hlrn3i6rnjqa6p0zdz5rd"; }; - patches = [ - # upstream build fix against -fno-common compilers like >=gcc-10 - (fetchpatch { - url = "https://github.com/SELinuxProject/selinux/commit/a96e8c59ecac84096d870b42701a504791a8cc8c.patch"; - sha256 = "0aybv4kzbhx8xq6s82dsh4ib76k59qzh2bgxmk44iq5cjnqn5rd6"; - stripLen = 1; - }) - (fetchpatch { - url = "https://github.com/SELinuxProject/selinux/commit/3d32fc24d6aff360a538c63dad08ca5c957551b0.patch"; - sha256 = "1mphwdlj4d6mwmsp5xkpf6ci4rxhgbi3fm79d08h4jbzxaf4wny4"; - stripLen = 1; - }) - ]; - postPatch = lib.optionalString stdenv.hostPlatform.isStatic '' substituteInPlace src/Makefile --replace 'all: $(LIBA) $(LIBSO)' 'all: $(LIBA)' sed -i $'/^\t.*LIBSO/d' src/Makefile @@ -46,7 +31,7 @@ stdenv.mkDerivation rec { NIX_CFLAGS_COMPILE = "-Wno-error"; - passthru = { inherit se_release se_url; }; + passthru = { inherit se_url; }; meta = with lib; { description = "SELinux binary policy manipulation library"; diff --git a/pkgs/os-specific/linux/policycoreutils/default.nix b/pkgs/os-specific/linux/policycoreutils/default.nix index 7e2ff29325a8..c066dd4c4c5c 100644 --- a/pkgs/os-specific/linux/policycoreutils/default.nix +++ b/pkgs/os-specific/linux/policycoreutils/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "policycoreutils"; - version = "2.9"; - inherit (libsepol) se_release se_url; + version = "3.3"; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/policycoreutils-${version}.tar.gz"; - sha256 = "0yqg5ws5gbl1cbn8msxdk1c3ilmmx58qg5dx883kqyq0517k8g65"; + url = "${se_url}/${version}/policycoreutils-${version}.tar.gz"; + sha256 = "0y0hl32b2ks7r0fhbx3k2j1gqqms5aplyasjs3fz50caxl6096a1"; }; postPatch = '' @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { makeFlags = [ "PREFIX=$(out)" - "SBINDIR=$(out)/sbin" + "SBINDIR=$(out)/bin" "ETCDIR=$(out)/etc" "BASHCOMPLETIONDIR=$out/share/bash-completion/completions" "LOCALEDIR=$(out)/share/locale" diff --git a/pkgs/os-specific/linux/selinux-python/default.nix b/pkgs/os-specific/linux/selinux-python/default.nix index b6394b3e1f6c..c50f4ffccd0b 100644 --- a/pkgs/os-specific/linux/selinux-python/default.nix +++ b/pkgs/os-specific/linux/selinux-python/default.nix @@ -7,13 +7,13 @@ with lib; stdenv.mkDerivation rec { pname = "selinux-python"; - version = "2.9"; + version = "3.3"; - inherit (libsepol) se_release se_url; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/selinux-python-${version}.tar.gz"; - sha256 = "1pjzsyay5535cxcjag7y7k193ajry0s0xc3dqv5905qd7cwval1n"; + url = "${se_url}/${version}/selinux-python-${version}.tar.gz"; + sha256 = "1v244hpb45my303793xa4kcn7qnxjgxn4ja7rdn9k1q361hi1nca"; }; strictDeps = true; @@ -49,4 +49,3 @@ stdenv.mkDerivation rec { platforms = platforms.linux; }; } - diff --git a/pkgs/os-specific/linux/selinux-sandbox/default.nix b/pkgs/os-specific/linux/selinux-sandbox/default.nix index a10588bacf11..0d2843d216a4 100644 --- a/pkgs/os-specific/linux/selinux-sandbox/default.nix +++ b/pkgs/os-specific/linux/selinux-sandbox/default.nix @@ -9,12 +9,12 @@ with python3.pkgs; stdenv.mkDerivation rec { pname = "selinux-sandbox"; - version = "2.9"; - inherit (policycoreutils) se_release se_url; + version = "3.3"; + inherit (policycoreutils) se_url; src = fetchurl { - url = "${se_url}/${se_release}/selinux-sandbox-${version}.tar.gz"; - sha256 = "0qj20jyi8v1653xdqj5yak3wwbvg5bw8f2jmx8fpahl6y1bmz481"; + url = "${se_url}/${version}/selinux-sandbox-${version}.tar.gz"; + sha256 = "0rw8pxfqhl6ww4w31fbf4hi3zilh1n3b1rfjm7ra76mm78wfyylj"; }; nativeBuildInputs = [ wrapPython ]; diff --git a/pkgs/os-specific/linux/semodule-utils/default.nix b/pkgs/os-specific/linux/semodule-utils/default.nix index b76e715dbc26..5c8d83c3f82a 100644 --- a/pkgs/os-specific/linux/semodule-utils/default.nix +++ b/pkgs/os-specific/linux/semodule-utils/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "semodule-utils"; - version = "2.9"; + version = "3.3"; - inherit (libsepol) se_release se_url; + inherit (libsepol) se_url; src = fetchurl { - url = "${se_url}/${se_release}/${pname}-${version}.tar.gz"; - sha256 = "01yrwnd3calmw6r8kdh8ld7i7fb250n2yqqqk9p0ymrlwsg6g0w0"; + url = "${se_url}/${version}/${pname}-${version}.tar.gz"; + sha256 = "0qvhl40a6jlm8p719nnlw2ghlxbh8lxbcsd59azxp884bxgfr61h"; }; buildInputs = [ libsepol ]; diff --git a/pkgs/os-specific/linux/sepolgen/default.nix b/pkgs/os-specific/linux/sepolgen/default.nix deleted file mode 100644 index f7ef1cb9c3a7..000000000000 --- a/pkgs/os-specific/linux/sepolgen/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ lib, stdenv, fetchurl, libsepol, python }: - -stdenv.mkDerivation rec { - pname = "sepolgen"; - version = "1.2.2"; - inherit (libsepol) se_release se_url; - - src = fetchurl { - url = "${se_url}/${se_release}/sepolgen-${version}.tar.gz"; - sha256 = "09139kspr41zgksayi4dh982p8080lrfl96p4dld51nknbpaigdy"; - }; - - preBuild = '' - makeFlagsArray+=("PREFIX=$out") - makeFlagsArray+=("DESTDIR=$out") - makeFlagsArray+=("PYTHONLIBDIR=lib/${python.libPrefix}/site-packages") - ''; - - meta = with lib; { - inherit (libsepol.meta) homepage platforms maintainers; - description = "SELinux policy generation library"; - license = licenses.gpl2; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index e0939aafba8c..68f1e3a31254 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -833,6 +833,7 @@ mapAliases ({ sdlmame = mame; # added 2019-10-30 seeks = throw "seeks has been removed from nixpkgs, as it was unmaintained"; # added 2020-06-21 seg3d = throw "seg3d has been removed from nixpkgs (2019-11-10)"; + sepolgen = throw "sepolgen was merged into selinux-python"; # added 2021-11-11 shared_mime_info = shared-mime-info; # added 2018-02-25 skrooge2 = skrooge; # added 2017-02-18 sky = throw "sky has been removed from nixpkgs (2020-09-16)"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 52d01737783a..cba557e3d968 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22606,8 +22606,6 @@ with pkgs; sdrangel = libsForQt5.callPackage ../applications/radio/sdrangel { }; - sepolgen = callPackage ../os-specific/linux/sepolgen { }; - setools = callPackage ../os-specific/linux/setools { }; seturgent = callPackage ../os-specific/linux/seturgent { };