|
List Info
Thread: Policy for Munin, ebuild + patch
|
|
| Policy for Munin, ebuild + patch |
 
Poland |
2007-06-24 13:03:33 |
Hello
The reference policy for Munin has wrong paths for munin
files, e.g.:
"/usr/bin/lrrd-*" instead of
"/usr/bin/munin-".
I have made a simple patch and ebuild:
http://www.kozik.net.pl/projekty
/gentoo/selinux-munin-20070329-path-patches.diff
http://www.kozik.net.pl/projekty/gentoo/sel
inux-munin-20070329.ebuild
It works - I have tested it but I am not sure if
"src_unpack()" was properly
written (I modified src_unpack() from selinux-2 eclass).
Can somebody look at it or test it before I will submit an
ebuild to
bugs.gentoo.org?
--
Krzysztof Kozłowski
http://www.kozik.net.pl
--
gentoo-hardened gentoo.org mailing list
|
|
| Re: Policy for Munin, ebuild + patch |
 
United States |
2007-06-26 11:53:56 |
On Sun, 2007-06-24 at 20:03 +0200, Krzysztof Kozłowski
wrote:
> Hello
>
> The reference policy for Munin has wrong paths for
munin files, e.g.:
> "/usr/bin/lrrd-*" instead of
"/usr/bin/munin-".
>
> I have made a simple patch and ebuild:
> http://www.kozik.net.pl/projekty
/gentoo/selinux-munin-20070329-path-patches.diff
> http://www.kozik.net.pl/projekty/gentoo/sel
inux-munin-20070329.ebuild
>
> It works - I have tested it but I am not sure if
"src_unpack()" was properly
> written (I modified src_unpack() from selinux-2
eclass).
>
> Can somebody look at it or test it before I will submit
an ebuild to
> bugs.gentoo.org?
That looks fine. Though in the long run we should probably
modify the
eclass to conditionally apply a patch of a variable is set,
e.g.,
POLICY_PATCH.
For your reference, this was fixed upstream on April 23.
--
Chris PeBenito
<pebenitogentoo.org>
Developer,
Hardened Gentoo Linux
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&s
earch=0xE6AF9243
Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D
E6AF 9243
|
|
| Re: Policy for Munin, ebuild + patch |
Poland |
2007-06-26 18:34:44 |
Chris PeBenito wrote:
> On Sun, 2007-06-24 at 20:03 +0200, Krzysztof Kozłowski
wrote:
>> http://www.kozik.net.pl/projekty/gentoo/sel
inux-munin-20070329.ebuild
> That looks fine.
Wouldn't it be better to do something like this :
src_unpack() {
selinux-policy-2_src_unpack
cd "$/refpolicy"
epatch $/$-path-patches.diff
}
and change patch to something like this :
--- strict/munin.fc.old 2007-06-24 19:07:12.000000000 +0200
+++ strict/munin.fc 2007-06-24 19:09:30.000000000 +0200
<contents of patch>
--- targeted/munin.fc.old 2007-06-24 19:07:12.000000000
+0200
+++ targeted/munin.fc 2007-06-24 19:09:30.000000000 +0200
<contents of patch>
Regards,
Marek Wróbel
--
gentoo-hardenedgentoo.org mailing list
|
|
| Re: Policy for Munin, ebuild + patch |
Poland |
2007-06-27 05:24:15 |
I've made a mistake. Corrected src_unpack:
src_unpack() {
selinux-policy-2_src_unpack
cd "$"
epatch $/$-path-patches.diff
}
Regards,
Marek Wróbel
--
gentoo-hardenedgentoo.org mailing list
|
|
| Re: Policy for Munin, ebuild + patch |
United States |
2007-06-27 07:19:21 |
On Wed, 2007-06-27 at 12:24 +0200, Marek Wróbel wrote:
> I've made a mistake. Corrected src_unpack:
>
> src_unpack() {
> selinux-policy-2_src_unpack
>
> cd "$"
> epatch $/$-path-patches.diff
> }
Yes, that is better, but the eclass change is the better
long-term
solution.
--
Chris PeBenito
<pebenitogentoo.org>
Developer,
Hardened Gentoo Linux
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&s
earch=0xE6AF9243
Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D
E6AF 9243
|
|
| Re: Policy for Munin, ebuild + patch |
Poland |
2007-06-27 09:53:18 |
Thanks for replies. I will modify the ebuild and submit to
bugs.gentoo.org.
Chris PeBenito wrote:
> Yes, that is better, but the eclass change is the
better long-term
> solution.
--
Krzysztof Kozłowski
http://www.kozik.net.pl
--
gentoo-hardenedgentoo.org mailing list
|
|
[1-6]
|
|
|
about | contact Other archives ( Real Estate discussion Medical topics )
|