policycoreutils: split packages and bump to 2.7

Policycoreutils was broken up into several packages, as such several
changes needed to happen for this patch to work:

- Remove patches 3, 4, and 5 as they no longer apply.
- Refresh patches 1 and 2 to work with version 2.7
- Remove semodule_${deps,expand,link,package} and sestatus from the makedirs
  in the mk file.
- Remove restorecond from the make and config file. (Seperate package)
- Remove Audit2allow from the make and config file. (In a different package)
- Remove the package sepolgen
- Add the package selinux-python
- Add the package restorecond
- Add the package semodule-utils
- Add the relevant Config.in.legacy options into the menu.

Because these are utilities that work on top of python, the older versions of
these utilites still work, and as such this should be a single patch.

Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

3 files changed, 115 insertions, 0 deletions

diff --git a/package/selinux-python/Config.in b/package/selinux-python/Config.in
new file mode 100644
index 0000000000..e453450264
--- /dev/null
+++ b/package/selinux-python/Config.in
@@ -0,0 +1,63 @@
+menuconfig BR2_PACKAGE_SELINUX_PYTHON
+	bool "selinux-python"
+	select BR2_PACKAGE_PYTHON3 if !BR2_PACKAGE_PYTHON
+	depends on BR2_USE_MMU
+	depends on BR2_USE_WCHAR
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	depends on !BR2_STATIC_LIBS
+	help
+	  A set of SELinux tools written in python that help with
+	  managing a system with SELinux enabled. If no packages are
+	  selected nothing will actually be built.
+	  https://github.com/SELinuxProject/selinux/wiki
+
+if BR2_PACKAGE_SELINUX_PYTHON
+
+config BR2_PACKAGE_SELINUX_PYTHON_AUDIT2ALLOW
+	bool "audit2allow"
+	depends on BR2_USE_WCHAR # sepolgen
+	depends on BR2_USE_MMU # sepolgen
+	depends on BR2_TOOLCHAIN_HAS_THREADS # sepolgen, checkpolicy
+	depends on !BR2_STATIC_LIBS # sepolgen
+	depends on BR2_TOOLCHAIN_USES_GLIBC # checkpolicy
+	depends on !BR2_arc # checkpolicy
+	select BR2_PACKAGE_CHECKPOLICY
+	select BR2_PACKAGE_SELINUX_PYTHON_SEPOLGEN
+	select BR2_PACKAGE_SEMODULE_UTILS
+	help
+	  This module installs two programs:
+
+	  audit2allow - Generate SELinux policy allow/dontaudit rules
+	  from logs of denied operations.
+
+	  audit2why - translates SELinux audit messages into a
+	  description of why the access was denied (audit2allow -w)
+
+comment "audit2allow needs a glibc toolchain w/ wchar, threads, dynamic library"
+	depends on BR2_USE_MMU
+	depends on !BR2_arc
+	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
+		BR2_STATIC_LIBS
+
+config BR2_PACKAGE_SELINUX_PYTHON_SEPOLGEN
+	bool "sepolgen"
+	depends on BR2_USE_WCHAR
+	depends on BR2_USE_MMU
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	depends on !BR2_STATIC_LIBS
+	select BR2_PACKAGE_SEMODULE_UTILS
+	help
+	  This package contains a Python module that allows you to
+	  generate an initial SELinux policy module template.
+
+comment "sepolgen needs a toolchain w/ wchar, threads, dynamic library"
+	depends on BR2_USE_MMU
+	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
+		BR2_STATIC_LIBS
+
+endif
+
+comment "selinux-python packages needs a toolchain w/ wchar, threads, dynamic library"
+	depends on BR2_USE_MMU
+	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
+		BR2_STATIC_LIBS
diff --git a/package/selinux-python/selinux-python.hash b/package/selinux-python/selinux-python.hash
new file mode 100644
index 0000000000..42fe575e7b
--- /dev/null
+++ b/package/selinux-python/selinux-python.hash
@@ -0,0 +1,2 @@
+# https://github.com/SELinuxProject/selinux/wiki/Releases
+sha256 4217cb965ecda96c91e15ffcc2e7ddd13ecc2bf5631100f3cd072a7616f140ed selinux-python-2.7.tar.gz
diff --git a/package/selinux-python/selinux-python.mk b/package/selinux-python/selinux-python.mk
new file mode 100644
index 0000000000..9a4622da44
--- /dev/null
+++ b/package/selinux-python/selinux-python.mk
@@ -0,0 +1,50 @@
+################################################################################
+#
+# selinux-python
+#
+################################################################################
+
+SELINUX_PYTHON_VERSION = 2.7
+SELINUX_PYTHON_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804
+SELINUX_PYTHON_LICENSE = GPL-2.0
+SELINUX_PYTHON_LICENSE_FILES = COPYING
+
+SELINUX_PYTHON_MAKE_OPTS += \
+	$(TARGET_CONFIGURE_OPTS) \
+	ARCH="$(BR2_ARCH)" \
+	LIBDIR="$(STAGING_DIR)/usr/lib"
+
+ifeq ($(BR2_PACKAGE_PYTHON3),y)
+SELINUX_PYTHON_DEPENDENCIES += python3
+SELINUX_PYTHON_MAKE_OPTS += \
+	PYTHONLIBDIR="usr/lib/python$(PYTHON3_VERSION_MAJOR)"
+else
+SELINUX_PYTHON_DEPENDENCIES += python
+SELINUX_PYTHON_MAKE_OPTS += \
+	PYTHONLIBDIR="usr/lib/python$(PYTHON_VERSION_MAJOR)"
+endif
+
+ifeq ($(BR2_PACKAGE_SELINUX_PYTHON_AUDIT2ALLOW),y)
+SELINUX_PYTHON_DEPENDENCIES += checkpolicy
+SELINUX_PYTHON_MAKE_DIRS += audit2allow
+endif
+
+ifeq ($(BR2_PACKAGE_SELINUX_PYTHON_SEPOLGEN),y)
+SELINUX_PYTHON_MAKE_DIRS += sepolgen/src/sepolgen
+endif
+
+define SELINUX_PYTHON_BUILD_CMDS
+	$(foreach d,$(SELINUX_PYTHON_MAKE_DIRS),
+		$(MAKE) -C $(@D)/$(d) $(SELINUX_PYTHON_MAKE_OPTS) \
+			DESTDIR=$(STAGING_DIR) all
+	)
+endef
+
+define SELINUX_PYTHON_INSTALL_TARGET_CMDS
+	$(foreach d,$(SELINUX_PYTHON_MAKE_DIRS),
+		$(MAKE) -C $(@D)/$(d) $(SELINUX_PYTHON_MAKE_OPTS) \
+			DESTDIR=$(TARGET_DIR) install
+	)
+endef
+
+$(eval $(generic-package))