diff options
author | Ricardo Wurmus <rekado@elephly.net> | 2017-04-14 11:45:15 +0200 |
---|---|---|
committer | Ricardo Wurmus <rekado@elephly.net> | 2017-04-22 00:36:42 +0200 |
commit | 66af08fb5a7fb3856cdb8e8955985a9d17ac5b2b (patch) | |
tree | 0700216ed2051f17d417427c68db0251260d71bb /gnu | |
parent | f269ad2536366880c3d1fe6f9f4b5aad0e84414f (diff) |
gnu: Add checkpolicy.
* gnu/packages/selinux.scm (checkpolicy): New variable.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/packages/selinux.scm | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm index f03c6d3e25..4a706386d1 100644 --- a/gnu/packages/selinux.scm +++ b/gnu/packages/selinux.scm @@ -23,6 +23,7 @@ #:use-module (guix utils) #:use-module (guix build-system gnu) #:use-module (gnu packages) + #:use-module (gnu packages bison) #:use-module (gnu packages flex)) ;; Update the SELinux packages together! @@ -69,3 +70,37 @@ similar tools, and programs such as @code{load_policy}, which must perform specific transformations on binary policies (for example, customizing policy boolean settings).") (license license:lgpl2.1+))) + +(define-public checkpolicy + (package (inherit libsepol) + (name "checkpolicy") + (arguments + `(#:tests? #f ; there is no check target + #:make-flags + (let ((out (assoc-ref %outputs "out"))) + (list (string-append "PREFIX=" out) + (string-append "LDLIBS=" + (assoc-ref %build-inputs "libsepol") + "/lib/libsepol.a " + (assoc-ref %build-inputs "flex") + "/lib/libfl.a") + "CC=gcc")) + #:phases + (modify-phases %standard-phases + (delete 'configure) + (add-after 'unpack 'enter-dir + (lambda _ (chdir ,name) #t))))) + (inputs + `(("libsepol" ,libsepol))) + (native-inputs + `(("bison" ,bison) + ("flex" ,flex))) + (synopsis "Check SELinux security policy configurations and modules") + (description + "This package provides the tools \"checkpolicy\" and \"checkmodule\". +Checkpolicy is a program that checks and compiles a SELinux security policy +configuration into a binary representation that can be loaded into the kernel. +Checkmodule is a program that checks and compiles a SELinux security policy +module into a binary representation.") + ;; GPLv2 only + (license license:gpl2))) |