policycoreutils: 2.3 -> 2.4

2 files changed, 34 insertions, 31 deletions

diff --git a/pkgs/os-specific/linux/policycoreutils/default.nix b/pkgs/os-specific/linux/policycoreutils/default.nix
index ef7e76824db..4eb8394a4d3 100644
--- a/pkgs/os-specific/linux/policycoreutils/default.nix
+++ b/pkgs/os-specific/linux/policycoreutils/default.nix
@@ -1,29 +1,38 @@
-{ stdenv, fetchurl, intltool, pcre, libcap_ng, libcgroup
-, libsepol, libselinux, libsemanage, setools
-, python, sepolgen }:
-stdenv.mkDerivation rec {
+{ stdenv, fetchurl, pythonPackages, gettext
+, setools, libsepol, libselinux, libcap_ng, libsemanage, sepolgen
+}:
 
+stdenv.mkDerivation rec {
   name = "policycoreutils-${version}";
-  version = "2.3";
+  version = "2.4";
   inherit (libsepol) se_release se_url;
 
   src = fetchurl {
     url = "${se_url}/${se_release}/policycoreutils-${version}.tar.gz";
-    sha256 = "1lpwxr5hw3dwhlp2p7y8jcr18mvfcrclwd8c2idz3lmmb3pglk46";
+    sha256 = "0y9l9k60iy21hj0lcvfdfxs1fxydg6d3pxp9rhy7hwr4y5vgh6dq";
   };
 
-  preConfigure = ''
+  postPatch = ''
+    # Fix references to libsepol.a
+    find . -name Makefile -exec sed -i 's,[^ ]*/libsepol.a,${libsepol}/lib/libsepol.a,g' {} \;
+
+    # Fix install references
     substituteInPlace po/Makefile --replace /usr/bin/install install
-    find . -type f -exec sed -i 's,/usr/bin/python,${python}/bin/python,' {} \;
+
+    # Fix references to /usr/share
+    grep -r '/usr/share' | awk -F: '{print $1}' | xargs sed -i "s,\(\$(DESTDIR)\)*/usr/share,$out/share,g"
+
+    # Fix sepolicy install
+    sed -i "s,\(setup.py install\).*,\1 --prefix=$out,g" sepolicy/Makefile
   '';
 
-  buildInputs = [ intltool pcre libcap_ng libcgroup
-    libsepol libselinux libsemanage setools
-    python sepolgen # ToDo? these are optional
-  ];
+  nativeBuildInputs = [ pythonPackages.python gettext ];
+  buildInputs = [ setools libsepol libselinux libcap_ng libsemanage ];
+  pythonPath = [ libselinux sepolgen ];
 
   preBuild = ''
-    mkdir -p "$out/lib" && cp -s "${libsepol}/lib/libsepol.a" "$out/lib"
+    makeFlagsArray+=("PREFIX=$out")
+    makeFlagsArray+=("DESTDIR=$out")
   '';
 
   # Creation of the system-config-selinux directory is broken
@@ -31,14 +40,19 @@ stdenv.mkDerivation rec {
     mkdir -p $out/share/system-config-selinux
   '';
 
-  NIX_CFLAGS_COMPILE = "-fstack-protector-all";
-  NIX_LDFLAGS = "-lsepol -lpcre";
-
-  makeFlags = "PREFIX=$(out) DESTDIR=$(out) LOCALEDIR=$(out)/share/locale";
-
-  patches = [ ./size_format.patch ];
+  # Fix the python scripts to include paths to libraries
+  # NOTE: We are not using wrapPythonPrograms or makeWrapper as these scripts
+  # purge the environment as a security measure
+  postInstall = ''
+    grep -r '#!.*python' $out/bin | awk -F: '{print $1}' | xargs sed -i "1a \
+    import sys; \
+    sys.path.append('$(toPythonPath "$out")'); \
+    ${stdenv.lib.flip stdenv.lib.concatMapStrings pythonPath (lib: ''
+      sys.path.append('$(toPythonPath "${lib}")'); \
+    '')}"
+  '';
 
-  patchFlags = [ "-p0" ];
+  NIX_CFLAGS_COMPILE = "-fstack-protector-all";
 
   meta = with stdenv.lib; {
     description = "SELinux policy core utilities";
diff --git a/pkgs/os-specific/linux/policycoreutils/size_format.patch b/pkgs/os-specific/linux/policycoreutils/size_format.patch
deleted file mode 100644
index 04432098547..00000000000
--- a/pkgs/os-specific/linux/policycoreutils/size_format.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- setfiles/restore.c.orig	2014-08-21 17:26:00.200788259 +0200
-+++ setfiles/restore.c	2014-08-21 17:26:04.728888118 +0200
-@@ -118,7 +118,7 @@
- 		r_opts->count++;
- 		if (r_opts->count % STAR_COUNT == 0) {
- 			if (r_opts->progress == 1) {
--				fprintf(stdout, "\r%luk", (size_t) r_opts->count / STAR_COUNT );
-+				fprintf(stdout, "\r%zuk", (size_t) r_opts->count / STAR_COUNT );
- 			} else {
- 				if (r_opts->nfile > 0) {
- 					progress = (r_opts->count < r_opts->nfile) ? (100.0 * r_opts->count / r_opts->nfile) : 100;