From unknown Fri Jun 20 07:17:55 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#26561 <26561@debbugs.gnu.org>
To: bug#26561 <26561@debbugs.gnu.org>
Subject: Status: [PATCH 0/9] SELinux
Reply-To: bug#26561 <26561@debbugs.gnu.org>
Date: Fri, 20 Jun 2025 14:17:55 +0000

retitle 26561 [PATCH 0/9] SELinux
reassign 26561 guix-patches
submitter 26561 Ricardo Wurmus <rekado@elephly.net>
severity 26561 normal
tag 26561 patch

thanks


From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 08:56:33 2017
Received: (at submit) by debbugs.gnu.org; 19 Apr 2017 12:56:33 +0000
Received: from localhost ([127.0.0.1]:55670 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0p9t-0005R7-Ae
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 08:56:33 -0400
Received: from eggs.gnu.org ([208.118.235.92]:35546)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0p9p-0005Qt-AT
 for submit@debbugs.gnu.org; Wed, 19 Apr 2017 08:56:31 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rekado@elephly.net>) id 1d0p9j-0002RG-21
 for submit@debbugs.gnu.org; Wed, 19 Apr 2017 08:56:23 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_05 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:58652)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <rekado@elephly.net>) id 1d0p9i-0002Qz-Uu
 for submit@debbugs.gnu.org; Wed, 19 Apr 2017 08:56:22 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:54741)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <rekado@elephly.net>) id 1d0p9h-00055O-R8
 for guix-patches@gnu.org; Wed, 19 Apr 2017 08:56:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rekado@elephly.net>) id 1d0p9c-0002Os-Rt
 for guix-patches@gnu.org; Wed, 19 Apr 2017 08:56:21 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21136)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <rekado@elephly.net>) id 1d0p9c-0002NN-Kz
 for guix-patches@gnu.org; Wed, 19 Apr 2017 08:56:16 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 149260657230954.35799879791932;
 Wed, 19 Apr 2017 05:56:12 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: guix-patches@gnu.org
Subject: [PATCH 0/9] SELinux
Date: Wed, 19 Apr 2017 14:56:08 +0200
Message-Id: <20170419125608.31664-1-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.0 (----)
X-Debbugs-Envelope-To: submit
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -4.0 (----)

This patch series adds SELinux libraries and tools.

Ricardo Wurmus (9):
  gnu: Add libsepol.
  gnu: Add checkpolicy.
  gnu: Add libselinux.
  gnu: Add libsemanage.
  gnu: Add secilc.
  gnu: Add python-sepolgen.
  gnu: Add python-ipy.
  gnu: Add python-setools.
  gnu: Add policycoreutils.

 gnu/local.mk                                       |   2 +
 gnu/packages/networking.scm                        |  20 +-
 ...policycoreutils-make-sepolicy-use-python3.patch | 335 +++++++++++++++
 gnu/packages/selinux.scm                           | 475 +++++++++++++++++++++
 4 files changed, 831 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch
 create mode 100644 gnu/packages/selinux.scm

-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:29 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:29 +0000
Received: from localhost ([127.0.0.1]:56960 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qbp-0001az-7P
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:29 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21055)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qbn-0001ap-TU
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:28 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612165147390.98348716699275;
 Wed, 19 Apr 2017 07:29:25 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 2/9] gnu: Add checkpolicy.
Date: Wed, 19 Apr 2017 16:29:10 +0200
Message-Id: <20170419142918.11688-2-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/selinux.scm (checkpolicy): New variable.
---
 gnu/packages/selinux.scm | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 75758dd6b..5f7e11928 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -23,6 +23,7 @@
   #:use-module (guix utils)
   #:use-module (guix build-system gnu)
   #:use-module (gnu packages)
+  #:use-module (gnu packages bison)
   #:use-module (gnu packages flex))
 
 ;; Update the SELinux packages together!
@@ -69,3 +70,37 @@ similar tools, and programs such as @code{load_policy}, which must perform
 specific transformations on binary policies (for example, customizing policy
 boolean settings).")
     (license license:lgpl2.1+)))
+
+(define-public checkpolicy
+  (package (inherit libsepol)
+    (name "checkpolicy")
+    (arguments
+     `(#:tests? #f ; there is no check target
+       #:make-flags
+       (let ((out (assoc-ref %outputs "out")))
+         (list (string-append "PREFIX=" out)
+               (string-append "LDLIBS="
+                              (assoc-ref %build-inputs "libsepol")
+                              "/lib/libsepol.a "
+                              (assoc-ref %build-inputs "flex")
+                              "/lib/libfl.a")
+               "CC=gcc"))
+       #:phases
+       (modify-phases %standard-phases
+         (delete 'configure)
+         (add-after 'unpack 'enter-dir
+           (lambda _ (chdir ,name) #t)))))
+    (inputs
+     `(("libsepol" ,libsepol)))
+    (native-inputs
+     `(("bison" ,bison)
+       ("flex" ,flex)))
+    (synopsis "Check SELinux security policy configurations and modules")
+    (description
+     "This package provides the tools \"checkpolicy\" and \"checkmodule\".
+Checkpolicy is a program that checks and compiles a SELinux security policy
+configuration into a binary representation that can be loaded into the kernel.
+Checkmodule is a program that checks and compiles a SELinux security policy
+module into a binary representation.")
+    ;; GPLv2 only
+    (license license:gpl2)))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:34 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:34 +0000
Received: from localhost ([127.0.0.1]:56962 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qbr-0001bD-Ev
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:34 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21098)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qbm-0001ak-Kt
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:30 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612161562967.3098725338211;
 Wed, 19 Apr 2017 07:29:21 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 1/9] gnu: Add libsepol.
Date: Wed, 19 Apr 2017 16:29:09 +0200
Message-Id: <20170419142918.11688-1-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/selinux.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
---
 gnu/local.mk             |  1 +
 gnu/packages/selinux.scm | 71 ++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+)
 create mode 100644 gnu/packages/selinux.scm

diff --git a/gnu/local.mk b/gnu/local.mk
index 5822add4c..77302573a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -342,6 +342,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/packages/sdl.scm				\
   %D%/packages/search.scm			\
   %D%/packages/security-token.scm		\
+  %D%/packages/selinux.scm			\
   %D%/packages/serialization.scm		\
   %D%/packages/serveez.scm			\
   %D%/packages/shells.scm			\
diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
new file mode 100644
index 000000000..75758dd6b
--- /dev/null
+++ b/gnu/packages/selinux.scm
@@ -0,0 +1,71 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages selinux)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix utils)
+  #:use-module (guix build-system gnu)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages flex))
+
+;; Update the SELinux packages together!
+
+(define-public libsepol
+  (package
+    (name "libsepol")
+    (version "2.6")
+    (source (let ((release "20161014"))
+              (origin
+                (method url-fetch)
+                (uri (string-append "https://github.com/SELinuxProject/selinux/"
+                                    "archive/" release ".tar.gz"))
+                (file-name (string-append "selinux-" release ".tar.gz"))
+                (sha256
+                 (base32
+                  "1dpwynfb6n31928343blac4159g4jbrwxdp61q5yffmxpy3c3czi")))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:tests? #f ; tests require checkpolicy, which requires libsepol
+       #:test-target "test"
+       #:make-flags
+       (let ((out (assoc-ref %outputs "out")))
+         (list (string-append "PREFIX=" out)
+               (string-append "DESTDIR=" out)
+               (string-append "MAN3DIR=" out "/share/man/man3")
+               (string-append "MAN5DIR=" out "/share/man/man5")
+               (string-append "MAN8DIR=" out "/share/man/man8")
+               (string-append "LDFLAGS=-Wl,-rpath=" out "/lib")
+               "CC=gcc"))
+       #:phases
+       (modify-phases %standard-phases
+         (delete 'configure)
+         (add-after 'unpack 'enter-dir
+           (lambda _ (chdir ,name) #t)))))
+    (native-inputs
+     `(("flex" ,flex)))
+    (home-page "http://selinuxproject.org/")
+    (synopsis "Library for manipulating SELinux policies")
+    (description
+     "The libsepol library provides an API for the manipulation of SELinux
+binary policies.  It is used by @code{checkpolicy} (the policy compiler) and
+similar tools, and programs such as @code{load_policy}, which must perform
+specific transformations on binary policies (for example, customizing policy
+boolean settings).")
+    (license license:lgpl2.1+)))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:35 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:35 +0000
Received: from localhost ([127.0.0.1]:56966 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qbu-0001bV-RJ
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:35 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21119)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qbr-0001bE-Ry
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:32 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 149261216822725.31236448955633;
 Wed, 19 Apr 2017 07:29:28 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 3/9] gnu: Add libselinux.
Date: Wed, 19 Apr 2017 16:29:11 +0200
Message-Id: <20170419142918.11688-3-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/selinux.scm (libselinux): New variable.
---
 gnu/packages/selinux.scm | 62 +++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 61 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 5f7e11928..bf5a62a87 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -22,9 +22,14 @@
   #:use-module (guix download)
   #:use-module (guix utils)
   #:use-module (guix build-system gnu)
+  #:use-module (guix build-system python)
   #:use-module (gnu packages)
   #:use-module (gnu packages bison)
-  #:use-module (gnu packages flex))
+  #:use-module (gnu packages flex)
+  #:use-module (gnu packages pcre)
+  #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages swig))
 
 ;; Update the SELinux packages together!
 
@@ -104,3 +109,58 @@ Checkmodule is a program that checks and compiles a SELinux security policy
 module into a binary representation.")
     ;; GPLv2 only
     (license license:gpl2)))
+
+(define-public libselinux
+  (package (inherit libsepol)
+    (name "libselinux")
+    (arguments
+     (substitute-keyword-arguments (package-arguments libsepol)
+       ((#:make-flags flags)
+        `(cons* "PYTHON=python3"
+                (string-append "PYSITEDIR="
+                               (assoc-ref %outputs "out")
+                               "/lib/python3.5/site-packages/")
+                ,flags))
+       ((#:phases phases)
+        `(modify-phases ,phases
+           (replace 'enter-dir
+             (lambda _ (chdir ,name) #t))
+           ;; libsepol.a is not located in this package's LIBDIR.
+           (add-after 'enter-dir 'patch-libsepol-path
+             (lambda* (#:key inputs #:allow-other-keys)
+               (substitute* "src/Makefile"
+                 (("\\$\\(LIBDIR\\)/libsepol.a")
+                  (string-append (assoc-ref inputs "libsepol")
+                                 "/lib/libsepol.a")))
+               #t))
+           (add-after 'enter-dir 'remove-Werror
+             (lambda _
+               ;; GCC complains about the fact that the output does not (yet)
+               ;; have an "include" directory, even though it is referenced.
+               (substitute* '("src/Makefile"
+                              "utils/Makefile")
+                 (("-Werror ") ""))
+               #t))
+           (add-after 'build 'pywrap
+             (lambda* (#:key make-flags #:allow-other-keys)
+               (zero? (apply system* "make" "pywrap" make-flags))))
+           (add-after 'install 'install-pywrap
+             (lambda* (#:key make-flags #:allow-other-keys)
+               (zero? (apply system* "make" "install-pywrap" make-flags))))))))
+    (inputs
+     `(("libsepol" ,libsepol)
+       ("pcre" ,pcre)
+       ;; For pywrap phase
+       ("python" ,python-wrapper)))
+    ;; These inputs are only needed for the pywrap phase.
+    (native-inputs
+     `(("swig" ,swig)
+       ("pkg-config" ,pkg-config)))
+    (synopsis "SELinux core libraries and utilities")
+    (description
+     "The libselinux library provides an API for SELinux applications to get
+and set process and file security contexts, and to obtain security policy
+decisions.  It is required for any applications that use the SELinux API, and
+used by all applications that are SELinux-aware.  This package also includes
+the core SELinux management utilities.")
+    (license license:public-domain)))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:36 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:36 +0000
Received: from localhost ([127.0.0.1]:56968 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qbw-0001bi-27
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:36 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21007)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qbs-0001bK-Mf
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:33 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612171126756.9501802126256;
 Wed, 19 Apr 2017 07:29:31 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 4/9] gnu: Add libsemanage.
Date: Wed, 19 Apr 2017 16:29:12 +0200
Message-Id: <20170419142918.11688-4-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/selinux.scm (libsemanage): New variable.
---
 gnu/packages/selinux.scm | 44 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 43 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index bf5a62a87..0ef8b9620 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -24,12 +24,14 @@
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system python)
   #:use-module (gnu packages)
+  #:use-module (gnu packages admin)
   #:use-module (gnu packages bison)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages pcre)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
-  #:use-module (gnu packages swig))
+  #:use-module (gnu packages swig)
+  #:use-module (gnu packages textutils))
 
 ;; Update the SELinux packages together!
 
@@ -164,3 +166,43 @@ decisions.  It is required for any applications that use the SELinux API, and
 used by all applications that are SELinux-aware.  This package also includes
 the core SELinux management utilities.")
     (license license:public-domain)))
+
+(define-public libsemanage
+  (package (inherit libsepol)
+    (name "libsemanage")
+    (arguments
+     (substitute-keyword-arguments (package-arguments libsepol)
+       ((#:make-flags flags)
+        `(cons* "PYTHON=python3"
+                (string-append "PYSITEDIR="
+                               (assoc-ref %outputs "out")
+                               "/lib/python3.5/site-packages/")
+                ,flags))
+       ((#:phases phases)
+        `(modify-phases ,phases
+           (replace 'enter-dir
+             (lambda _ (chdir ,name) #t))
+           (add-after 'build 'pywrap
+             (lambda* (#:key make-flags #:allow-other-keys)
+               (zero? (apply system* "make" "pywrap" make-flags))))
+           (add-after 'install 'install-pywrap
+             (lambda* (#:key make-flags #:allow-other-keys)
+               (zero? (apply system* "make" "install-pywrap" make-flags))))))))
+    (inputs
+     `(("libsepol" ,libsepol)
+       ("libselinux" ,libselinux)
+       ("audit" ,audit)
+       ("ustr" ,ustr)
+       ;; For pywrap phase
+       ("python" ,python-wrapper)))
+    (native-inputs
+     `(("bison" ,bison)
+       ("flex" ,flex)
+       ;; For pywrap phase
+       ("swig" ,swig)
+       ("pkg-config" ,pkg-config)))
+    (synopsis "SELinux policy management libraries")
+    (description
+     "The libsemanage library provides an API for the manipulation of SELinux
+binary policies.")
+    (license license:lgpl2.1+)))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:41 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:41 +0000
Received: from localhost ([127.0.0.1]:56972 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qc1-0001c0-9s
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:41 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21081)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qc0-0001bs-1E
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:40 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612177035510.10952652132426;
 Wed, 19 Apr 2017 07:29:37 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 6/9] gnu: Add python-sepolgen.
Date: Wed, 19 Apr 2017 16:29:14 +0200
Message-Id: <20170419142918.11688-6-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/selinux.scm (python-sepolgen): New variable.
---
 gnu/packages/selinux.scm | 52 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index e73bc0ec6..8f3750daf 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -234,3 +234,55 @@ binary policies.")
     (description "The SELinux CIL compiler is a compiler that converts the
 @dfn{common intermediate language} (CIL) into a kernel binary policy file.")
     (license license:bsd-2)))
+
+(define-public python-sepolgen
+  (package (inherit libsepol)
+    (name "python-sepolgen")
+    (arguments
+     `(#:modules ((srfi srfi-1)
+                  (guix build gnu-build-system)
+                  (guix build utils))
+       ,@(substitute-keyword-arguments (package-arguments libsepol)
+           ((#:phases phases)
+            `(modify-phases ,phases
+               (replace 'enter-dir
+                 (lambda _ (chdir "sepolgen") #t))
+               ;; By default all Python files would be installed to
+               ;; $out/gnu/store/...-python-.../, so we override the
+               ;; PACKAGEDIR to fix this.
+               (add-after 'enter-dir 'fix-target-path
+                 (lambda* (#:key inputs outputs #:allow-other-keys)
+                   (let ((get-python-version
+                          ;; FIXME: copied from python-build-system
+                          (lambda (python)
+                            (let* ((version     (last (string-split python #\-)))
+                                   (components  (string-split version #\.))
+                                   (major+minor (take components 2)))
+                              (string-join major+minor ".")))))
+                     (substitute* "src/sepolgen/Makefile"
+                       (("^PACKAGEDIR.*")
+                        (string-append "PACKAGEDIR="
+                                       (assoc-ref outputs "out")
+                                       "/lib/python"
+                                       (get-python-version
+                                        (assoc-ref inputs "python"))
+                                       "/site-packages/sepolgen")))
+                     (substitute* "src/share/Makefile"
+                       (("\\$\\(DESTDIR\\)") (assoc-ref outputs "out"))))
+                   #t)))))))
+    (inputs
+     `(("python" ,python-wrapper)))
+    (native-inputs '())
+    (synopsis "Python module for generating SELinux policies")
+    (description
+     "This package contains a Python module that forms the core of
+@code{audit2allow}, a part of the package @code{policycoreutils}.  The
+sepolgen library contains: Reference Policy Representation, which are Objects
+for representing policies and the reference policy interfaces.  It has objects
+and algorithms for representing access and sets of access in an abstract way
+and searching that access.  It also has a parser for reference policy
+\"headers\".  It contains infrastructure for parsing SELinux related messages
+as produced by the audit system.  It has facilities for generating policy
+based on required access.")
+    ;; GPLv2 only
+    (license license:gpl2)))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:44 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:44 +0000
Received: from localhost ([127.0.0.1]:56975 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qc4-0001cL-IP
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:44 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21020)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qc0-0001bz-Vf
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:41 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612174144355.06633869412224;
 Wed, 19 Apr 2017 07:29:34 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 5/9] gnu: Add secilc.
Date: Wed, 19 Apr 2017 16:29:13 +0200
Message-Id: <20170419142918.11688-5-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/selinux.scm (secilc): New variable.
---
 gnu/packages/selinux.scm | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 0ef8b9620..e73bc0ec6 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -26,12 +26,14 @@
   #:use-module (gnu packages)
   #:use-module (gnu packages admin)
   #:use-module (gnu packages bison)
+  #:use-module (gnu packages docbook)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages pcre)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
   #:use-module (gnu packages swig)
-  #:use-module (gnu packages textutils))
+  #:use-module (gnu packages textutils)
+  #:use-module (gnu packages xml))
 
 ;; Update the SELinux packages together!
 
@@ -206,3 +208,29 @@ the core SELinux management utilities.")
      "The libsemanage library provides an API for the manipulation of SELinux
 binary policies.")
     (license license:lgpl2.1+)))
+
+(define-public secilc
+  (package (inherit libsepol)
+    (name "secilc")
+    (arguments
+     (substitute-keyword-arguments (package-arguments libsepol)
+       ((#:make-flags flags)
+        `(let ((docbook (assoc-ref %build-inputs "docbook-xsl")))
+           (cons (string-append "XMLTO=xmlto --skip-validation -x "
+                                docbook "/xml/xsl/docbook-xsl-"
+                                ,(package-version docbook-xsl)
+                                "/manpages/docbook.xsl")
+                 ,flags)))
+       ((#:phases phases)
+        `(modify-phases ,phases
+           (replace 'enter-dir
+             (lambda _ (chdir ,name) #t))))))
+    (inputs
+     `(("libsepol" ,libsepol)))
+    (native-inputs
+     `(("xmlto" ,xmlto)
+       ("docbook-xsl" ,docbook-xsl)))
+    (synopsis "SELinux common intermediate language (CIL) compiler")
+    (description "The SELinux CIL compiler is a compiler that converts the
+@dfn{common intermediate language} (CIL) into a kernel binary policy file.")
+    (license license:bsd-2)))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:45 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:45 +0000
Received: from localhost ([127.0.0.1]:56977 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qc4-0001cO-Pv
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:45 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21091)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qc2-0001cD-0r
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:42 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612180061102.79299756198236;
 Wed, 19 Apr 2017 07:29:40 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 7/9] gnu: Add python-ipy.
Date: Wed, 19 Apr 2017 16:29:15 +0200
Message-Id: <20170419142918.11688-7-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/networking.scm (python-ipy): New variable.
---
 gnu/packages/networking.scm | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index cb9903791..efef2d5a7 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2014, 2017 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015, 2016 Stefan Reichör <stefan@xsteve.at>
 ;;; Copyright © 2016 Raimon Grau <raimonster@gmail.com>
@@ -1122,6 +1122,24 @@ IPFIX, RSPAN, CLI, LACP, 802.1ag).")
            license:bsd-2 license:bsd-3
            license:asl2.0))))           ; all other
 
+(define-public python-ipy
+  (package
+    (name "python-ipy")
+    (version "0.83")
+    (source (origin
+              (method url-fetch)
+              (uri (pypi-uri "IPy" version))
+              (sha256
+               (base32
+                "1f6sdrxclifky4gvkf4gvyv5hx3fjh8vzspnfrqki6qm5d9mmnk1"))))
+    (build-system python-build-system)
+    (home-page "https://github.com/autocracy/python-ipy/")
+    (synopsis "Python class and tools for handling IP addresses and networks")
+    (description "The @code{IP} class allows a comfortable parsing and
+handling for most notations in use for IPv4 and IPv6 addresses and
+networks.")
+    (license license:bsd-3)))
+
 (define-public speedtest-cli
   (package
     (name "speedtest-cli")
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:29:47 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:29:47 +0000
Received: from localhost ([127.0.0.1]:56980 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qc7-0001cj-3K
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:47 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21090)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qc6-0001cb-7U
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:46 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612182932408.23512350033457;
 Wed, 19 Apr 2017 07:29:42 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 8/9] gnu: Add python-setools.
Date: Wed, 19 Apr 2017 16:29:16 +0200
Message-Id: <20170419142918.11688-8-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)

* gnu/packages/selinux.scm (python-setools): New variable.
---
 gnu/packages/selinux.scm | 52 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 8f3750daf..05197b85c 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -286,3 +286,55 @@ as produced by the audit system.  It has facilities for generating policy
 based on required access.")
     ;; GPLv2 only
     (license license:gpl2)))
+
+;; The latest 4.1.x version does not work with the latest 2.6 release of
+;; policycoreutils, so we use the last 4.0.x release.
+(define-public python-setools
+  (package
+    (name "python-setools")
+    (version "4.0.1")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://github.com/TresysTechnology/"
+                                  "setools/archive/" version ".tar.gz"))
+              (file-name (string-append name "-" version ".tar.gz"))
+              (sha256
+               (base32
+                "1zndpl4ck5c23p7s4sci06db89q1w87jig3jbd4f8s1ggy3lj82c"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:tests? #f ; the test target causes a rebuild
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'set-SEPOL-variable
+           (lambda* (#:key inputs #:allow-other-keys)
+             (setenv "SEPOL"
+                     (string-append (assoc-ref inputs "libsepol")
+                                    "/lib/libsepol.a"))))
+         (add-after 'unpack 'remove-Werror
+           (lambda _
+             (substitute* "setup.py"
+               (("'-Werror',") ""))
+             #t))
+         (add-after 'unpack 'fix-target-paths
+           (lambda* (#:key outputs #:allow-other-keys)
+             (substitute* "setup.py"
+               (("join\\(sys.prefix")
+                (string-append "join(\"" (assoc-ref outputs "out") "/\"")))
+             #t)))))
+    (propagated-inputs
+     `(("python-networkx" ,python-networkx)))
+    (inputs
+     `(("libsepol" ,libsepol)
+       ("libselinux" ,libselinux)))
+    (native-inputs
+     `(("bison" ,bison)
+       ("flex" ,flex)
+       ("swig" ,swig)))
+    (home-page "https://github.com/TresysTechnology/setools")
+    (synopsis "Tools for SELinux policy analysis")
+    (description "SETools is a collection of graphical tools, command-line
+tools, and libraries designed to facilitate SELinux policy analysis.")
+    ;; Some programs are under GPL, all libraries under LGPL.
+    (license (list license:lgpl2.1+
+                   license:gpl2+))))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 10:30:02 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 14:30:02 +0000
Received: from localhost ([127.0.0.1]:56983 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0qcC-0001d2-Bp
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 10:30:01 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21148)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d0qc8-0001cq-DN
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 10:29:51 -0400
Received: from localhost (x4d0cc2aa.dyn.telefonica.de [77.12.194.170]) by
 mx.zohomail.com with SMTPS id 1492612186516320.9282241923928;
 Wed, 19 Apr 2017 07:29:46 -0700 (PDT)
From: Ricardo Wurmus <rekado@elephly.net>
To: 26561@debbugs.gnu.org
Subject: [PATCH 9/9] gnu: Add policycoreutils.
Date: Wed, 19 Apr 2017 16:29:17 +0200
Message-Id: <20170419142918.11688-9-rekado@elephly.net>
X-Mailer: git-send-email 2.12.2
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
X-ZohoMailClient: External
X-ZohoMail: Z_26063301 SPT_1 Z_26062608 SPT_0
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

* gnu/packages/selinux.scm (policycoreutils): New variable.
---
 gnu/local.mk                                       |   1 +
 ...policycoreutils-make-sepolicy-use-python3.patch | 335 +++++++++++++++++++++
 gnu/packages/selinux.scm                           | 135 +++++++++
 3 files changed, 471 insertions(+)
 create mode 100644 gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 77302573a..79ffbe2fe 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -856,6 +856,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/plink-endian-detection.patch		\
   %D%/packages/patches/plotutils-libpng-jmpbuf.patch		\
   %D%/packages/patches/polkit-drop-test.patch			\
+  %D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch	\
   %D%/packages/patches/portaudio-audacity-compat.patch		\
   %D%/packages/patches/portmidi-modular-build.patch		\
   %D%/packages/patches/procmail-ambiguous-getline-debian.patch  \
diff --git a/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch b/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch
new file mode 100644
index 000000000..befe9fbb2
--- /dev/null
+++ b/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch
@@ -0,0 +1,335 @@
+Downloaded from https://anonscm.debian.org/cgit/selinux/policycoreutils.git/plain/debian/patches/policycoreutils-Make-sepolicy-work-with-python3.patch
+
+From 2d7ca0b862a35196d562f59bd098df011fd7f0e6 Mon Sep 17 00:00:00 2001
+From: Laurent Bigonville <bigon@bigon.be>
+Date: Mon, 7 Nov 2016 10:51:08 +0100
+Subject: [PATCH] policycoreutils: Make sepolicy work with python3
+
+Add python3 support for sepolicy
+
+Signed-off-by: Laurent Bigonville <bigon@bigon.be>
+---
+ policycoreutils/sepolicy/selinux_client.py       |  6 ++--
+ policycoreutils/sepolicy/sepolicy.py             | 38 ++++++++++++------------
+ policycoreutils/sepolicy/sepolicy/__init__.py    | 16 ++++++----
+ policycoreutils/sepolicy/sepolicy/communicate.py |  4 +--
+ policycoreutils/sepolicy/sepolicy/generate.py    | 30 +++++++++----------
+ policycoreutils/sepolicy/sepolicy/interface.py   | 14 ++++++---
+ policycoreutils/sepolicy/sepolicy/manpage.py     |  7 +++--
+ 7 files changed, 65 insertions(+), 50 deletions(-)
+
+diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutils/sepolicy/selinux_client.py
+index 7f4a91c..dc29f28 100644
+--- a/sepolicy/selinux_client.py
++++ b/sepolicy/selinux_client.py
+@@ -39,6 +39,6 @@ if __name__ == "__main__":
+     try:
+         dbus_proxy = SELinuxDBus()
+         resp = dbus_proxy.customized()
+-        print convert_customization(resp)
+-    except dbus.DBusException, e:
+-        print e
++        print(convert_customization(resp))
++    except dbus.DBusException as e:
++        print(e)
+diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py
+index 3e502a7..5bf9b52 100755
+--- a/sepolicy/sepolicy.py
++++ b/sepolicy/sepolicy.py
+@@ -262,7 +262,7 @@ def _print_net(src, protocol, perm):
+     if len(portdict) > 0:
+         bold_start = "\033[1m"
+         bold_end = "\033[0;0m"
+-        print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end
++        print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end)
+         port_strings = []
+         boolean_text = ""
+         for p in portdict:
+@@ -275,7 +275,7 @@ def _print_net(src, protocol, perm):
+                     port_strings.append("%s (%s)" % (", ".join(recs), t))
+         port_strings.sort(numcmp)
+         for p in port_strings:
+-            print "\t" + p
++            print("\t" + p)
+ 
+ 
+ def network(args):
+@@ -286,7 +286,7 @@ def network(args):
+             if i[0] not in all_ports:
+                 all_ports.append(i[0])
+         all_ports.sort()
+-        print "\n".join(all_ports)
++        print("\n".join(all_ports))
+ 
+     for port in args.port:
+         found = False
+@@ -297,18 +297,18 @@ def network(args):
+                 else:
+                     range = "%s-%s" % (i[0], i[1])
+                 found = True
+-                print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range)
++                print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range))
+         if not found:
+             if port < 500:
+-                print "Undefined reserved port type"
++                print("Undefined reserved port type")
+             else:
+-                print "Undefined port type"
++                print("Undefined port type")
+ 
+     for t in args.type:
+         if (t, 'tcp') in portrecs.keys():
+-            print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))
++            print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])))
+         if (t, 'udp') in portrecs.keys():
+-            print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))
++            print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])))
+ 
+     for a in args.applications:
+         d = sepolicy.get_init_transtype(a)
+@@ -357,7 +357,7 @@ def manpage(args):
+ 
+     for domain in test_domains:
+         m = ManPage(domain, path, args.root, args.source_files, args.web)
+-        print m.get_man_page_path()
++        print(m.get_man_page_path())
+ 
+     if args.web:
+         HTMLManPages(manpage_roles, manpage_domains, path, args.os)
+@@ -418,7 +418,7 @@ def communicate(args):
+     out = list(set(writable) & set(readable))
+ 
+     for t in out:
+-        print t
++        print(t)
+ 
+ 
+ def gen_communicate_args(parser):
+@@ -445,7 +445,7 @@ def booleans(args):
+     args.booleans.sort()
+ 
+     for b in args.booleans:
+-        print "%s=_(\"%s\")" % (b, boolean_desc(b))
++        print("%s=_(\"%s\")" % (b, boolean_desc(b)))
+ 
+ 
+ def gen_booleans_args(parser):
+@@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=""):
+     for i in interfaces:
+         if args.verbose:
+             try:
+-                print get_interface_format_text(i + append)
++                print(get_interface_format_text(i + append))
+             except KeyError:
+-                print i
++                print(i)
+         if args.compile:
+             try:
+                 interface_compile_test(i)
+             except KeyError:
+-                print i
++                print(i)
+         else:
+-            print i
++            print(i)
+ 
+ 
+ def interface(args):
+@@ -565,7 +565,7 @@ def generate(args):
+     if args.policytype in APPLICATIONS:
+         mypolicy.gen_writeable()
+         mypolicy.gen_symbols()
+-    print mypolicy.generate(args.path)
++    print(mypolicy.generate(args.path))
+ 
+ 
+ def gen_interface_args(parser):
+@@ -698,12 +698,12 @@ if __name__ == '__main__':
+         args = parser.parse_args(args=parser_args)
+         args.func(args)
+         sys.exit(0)
+-    except ValueError, e:
++    except ValueError as e:
+         sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
+         sys.exit(1)
+-    except IOError, e:
++    except IOError as e:
+         sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
+         sys.exit(1)
+     except KeyboardInterrupt:
+-        print "Out"
++        print("Out")
+         sys.exit(0)
+diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
+index 8fbd5b4..fee6438 100644
+--- a/sepolicy/sepolicy/__init__.py
++++ b/sepolicy/sepolicy/__init__.py
+@@ -695,7 +695,7 @@ def get_methods():
+     # List of per_role_template interfaces
+         ifs = interfaces.InterfaceSet()
+         ifs.from_file(fd)
+-        methods = ifs.interfaces.keys()
++        methods = list(ifs.interfaces.keys())
+         fd.close()
+     except:
+         sys.stderr.write("could not open interface info [%s]\n" % fn)
+@@ -752,7 +752,10 @@ def get_all_entrypoint_domains():
+ 
+ 
+ def gen_interfaces():
+-    import commands
++    try:
++        from commands import getstatusoutput
++    except ImportError:
++        from subprocess import getstatusoutput
+     ifile = defaults.interface_info()
+     headers = defaults.headers()
+     try:
+@@ -763,7 +766,7 @@ def gen_interfaces():
+ 
+     if os.getuid() != 0:
+         raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen"))
+-    print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
++    print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
+ 
+ 
+ def gen_port_dict():
+@@ -1085,8 +1088,11 @@ def get_os_version():
+     os_version = ""
+     pkg_name = "selinux-policy"
+     try:
+-        import commands
+-        rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name)
++        try:
++            from commands import getstatusoutput
++        except ImportError:
++            from subprocess import getstatusoutput
++        rc, output = getstatusoutput("rpm -q '%s'" % pkg_name)
+         if rc == 0:
+             os_version = output.split(".")[-2]
+     except:
+diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policycoreutils/sepolicy/sepolicy/communicate.py
+index b96c4b9..299316e 100755
+--- a/sepolicy/sepolicy/communicate.py
++++ b/sepolicy/sepolicy/communicate.py
+@@ -34,8 +34,8 @@ def usage(parser, msg):
+ 
+ def expand_attribute(attribute):
+     try:
+-        return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"]
+-    except RuntimeError:
++        return list(next(sepolicy.info(sepolicy.ATTRIBUTE, attribute))["types"])
++    except StopIteration:
+         return [attribute]
+ 
+ 
+diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
+index 65b33b6..5696110 100644
+--- a/sepolicy/sepolicy/generate.py
++++ b/sepolicy/sepolicy/generate.py
+@@ -31,21 +31,21 @@ import time
+ import types
+ import platform
+ 
+-from templates import executable
+-from templates import boolean
+-from templates import etc_rw
+-from templates import unit_file
+-from templates import var_cache
+-from templates import var_spool
+-from templates import var_lib
+-from templates import var_log
+-from templates import var_run
+-from templates import tmp
+-from templates import rw
+-from templates import network
+-from templates import script
+-from templates import spec
+-from templates import user
++from .templates import executable
++from .templates import boolean
++from .templates import etc_rw
++from .templates import unit_file
++from .templates import var_cache
++from .templates import var_spool
++from .templates import var_lib
++from .templates import var_log
++from .templates import var_run
++from .templates import tmp
++from .templates import rw
++from .templates import network
++from .templates import script
++from .templates import spec
++from .templates import user
+ import sepolgen.interfaces as interfaces
+ import sepolgen.defaults as defaults
+ 
+diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py
+index c2cb971..8956f39 100644
+--- a/sepolicy/sepolicy/interface.py
++++ b/sepolicy/sepolicy/interface.py
+@@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name="compiletest"):
+ def get_xml_file(if_file):
+     """ Returns xml format of interfaces for given .if policy file"""
+     import os
+-    import commands
++    try:
++            from commands import getstatusoutput
++    except ImportError:
++            from subprocess import getstatusoutput
+     basedir = os.path.dirname(if_file) + "/"
+     filename = os.path.basename(if_file).split(".")[0]
+-    rc, output = commands.getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
++    rc, output = getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename)
+     if rc != 0:
+         sys.stderr.write("\n Could not proceed selected interface file.\n")
+         sys.stderr.write("\n%s" % output)
+@@ -208,7 +211,10 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
+     exclude_interfaces = ["userdom", "kernel", "corenet", "files", "dev"]
+     exclude_interface_type = ["template"]
+ 
+-    import commands
++    try:
++            from commands import getstatusoutput
++    except ImportError:
++            from subprocess import getstatusoutput
+     import os
+     policy_files = {'pp': "compiletest.pp", 'te': "compiletest.te", 'fc': "compiletest.fc", 'if': "compiletest.if"}
+     idict = get_interface_dict(path)
+@@ -219,7 +225,7 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml"
+             fd = open(policy_files['te'], "w")
+             fd.write(generate_compile_te(interface, idict))
+             fd.close()
+-            rc, output = commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
++            rc, output = getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp'])
+             if rc != 0:
+                 sys.stderr.write(output)
+                 sys.stderr.write(_("\nCompile test for %s failed.\n") % interface)
+diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
+index 7365f93..773a9ab 100755
+--- a/sepolicy/sepolicy/manpage.py
++++ b/sepolicy/sepolicy/manpage.py
+@@ -27,7 +27,6 @@ __all__ = ['ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_d
+ import string
+ import selinux
+ import sepolicy
+-import commands
+ import os
+ import time
+ 
+@@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list):
+ 
+ 
+ def convert_manpage_to_html(html_manpage, manpage):
+-    rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
++    try:
++            from commands import getstatusoutput
++    except ImportError:
++            from subprocess import getstatusoutput
++    rc, output = getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage)
+     if rc == 0:
+         print(html_manpage, "has been created")
+         fd = open(html_manpage, 'w')
+-- 
+2.10.2
+
diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
index 05197b85c..7acda89a6 100644
--- a/gnu/packages/selinux.scm
+++ b/gnu/packages/selinux.scm
@@ -28,6 +28,10 @@
   #:use-module (gnu packages bison)
   #:use-module (gnu packages docbook)
   #:use-module (gnu packages flex)
+  #:use-module (gnu packages gettext)
+  #:use-module (gnu packages glib)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages networking)
   #:use-module (gnu packages pcre)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
@@ -338,3 +342,134 @@ tools, and libraries designed to facilitate SELinux policy analysis.")
     ;; Some programs are under GPL, all libraries under LGPL.
     (license (list license:lgpl2.1+
                    license:gpl2+))))
+
+(define-public policycoreutils
+  (package (inherit libsepol)
+    (name "policycoreutils")
+    (source
+     (origin (inherit (package-source libsepol))
+             (patches (search-patches "policycoreutils-make-sepolicy-use-python3.patch"))
+             (patch-flags '("-p1" "-d" "policycoreutils"))))
+    (arguments
+     `(#:test-target "test"
+       #:make-flags
+       (let ((out (assoc-ref %outputs "out")))
+         (list "CC=gcc"
+               (string-append "PREFIX=" out)
+               (string-append "LOCALEDIR=" out "/share/locale")
+               (string-append "BASHCOMPLETIONDIR=" out
+                              "/share/bash-completion/completions")
+               "INSTALL=install -c -p"
+               "INSTALL_DIR=install -d"
+               ;; These ones are needed because some Makefiles define the
+               ;; directories relative to DESTDIR, not relative to PREFIX.
+               (string-append "SBINDIR=" out "/sbin")
+               (string-append "ETCDIR=" out "/etc")
+               (string-append "SYSCONFDIR=" out "/etc/sysconfig")
+               (string-append "MAN5DIR=" out "/share/man/man5")
+               (string-append "INSTALL_NLS_DIR=" out "/share/locale")
+               (string-append "AUTOSTARTDIR=" out "/etc/xdg/autostart")
+               (string-append "DBUSSERVICEDIR=" out "/share/dbus-1/services")
+               (string-append "SYSTEMDDIR=" out "/lib/systemd")
+               (string-append "INITDIR=" out "/etc/rc.d/init.d")
+               (string-append "SELINUXDIR=" out "/etc/selinux")))
+       #:phases
+       (modify-phases %standard-phases
+         (delete 'configure)
+         (add-after 'unpack 'enter-dir
+           (lambda _ (chdir ,name) #t))
+         (add-after 'enter-dir 'ignore-/usr-tests
+           (lambda* (#:key inputs #:allow-other-keys)
+             ;; The Makefile decides to build restorecond only if it finds the
+             ;; inotify header somewhere under /usr.
+             (substitute* "Makefile"
+               (("ifeq.*") "")
+               (("endif.*") ""))
+             ;; Rewrite lookup paths for header files.
+             (substitute* '("newrole/Makefile"
+                            "setfiles/Makefile"
+                            "run_init/Makefile")
+               (("/usr(/include/security/pam_appl.h)" _ file)
+                (string-append (assoc-ref inputs "pam") file))
+               (("/usr(/include/libaudit.h)" _ file)
+                (string-append (assoc-ref inputs "audit") file)))
+             #t))
+         (add-after 'enter-dir 'fix-glib-cflags
+           (lambda* (#:key inputs #:allow-other-keys)
+             (substitute* "restorecond/Makefile"
+               (("/usr(/include/glib-2.0|/lib/glib-2.0/include)" _ path)
+                (string-append (assoc-ref inputs "glib") path))
+               (("/usr(/include/dbus-1.0|/lib/dbus-1.0/include)" _ path)
+                (string-append (assoc-ref inputs "dbus") path
+                               " -I"
+                               (assoc-ref inputs "dbus-glib") path)))
+             #t))
+         (add-after 'enter-dir 'fix-linkage-with-libsepol
+           (lambda* (#:key inputs #:allow-other-keys)
+             (substitute* '("semodule_deps/Makefile"
+                            "sepolgen-ifgen/Makefile")
+               (("\\$\\(LIBDIR\\)")
+                (string-append (assoc-ref inputs "libsepol") "/lib/")))))
+         (add-after 'enter-dir 'fix-target-paths
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((out (assoc-ref outputs "out")))
+               (substitute* "audit2allow/sepolgen-ifgen"
+                 (("ATTR_HELPER = \"/usr/bin/sepolgen-ifgen-attr-helper\"")
+                  (string-append "ATTR_HELPER = \"" out
+                                 "/bin/sepolgen-ifgen-attr-helper\"")))
+               (substitute* "sepolicy/sepolicy/__init__.py"
+                 (("/usr/bin/sepolgen-ifgen")
+                  (string-append out "/bin/sepolgen-ifgen")))
+               (substitute* "sepolicy/Makefile"
+                 ;; By default all Python files would be installed to
+                 ;; $out/gnu/store/...-python-.../.
+                 (("setup.py install.*$")
+                  (string-append "setup.py install --prefix=" out "\n"))
+                 (("\\$\\(DESTDIR\\)/etc")
+                  (string-append out "/etc"))
+                 (("\\$\\(DESTDIR\\)/usr") out)))
+             #t))
+         (add-after 'install 'wrap-python-tools
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((out (assoc-ref outputs "out"))
+                    (var (string-append out "/lib/python3.5/site-packages:"
+                                        (getenv "PYTHONPATH"))))
+               ;; The scripts' shebangs tell Python to ignore the PYTHONPATH,
+               ;; so we need to patch them before wrapping.
+               (for-each (lambda (file)
+                           (let ((path (string-append out "/" file)))
+                             (substitute* path
+                               (("bin/python -Es") "bin/python -s"))
+                             (wrap-program path
+                               `("PYTHONPATH" ":" prefix (,var)))))
+                         '("bin/audit2allow"
+                           "bin/chcat"
+                           "bin/sandbox"
+                           "bin/sepolgen-ifgen"
+                           "bin/sepolicy"
+                           "sbin/semanage")))
+             #t)))))
+    (inputs
+     `(("python" ,python-wrapper)
+       ("audit" ,audit)
+       ("pam" ,linux-pam)
+       ("libsepol" ,libsepol)
+       ("libselinux" ,libselinux)
+       ("libsemanage" ,libsemanage)
+       ("python-sepolgen" ,python-sepolgen)
+       ("python-setools" ,python-setools)
+       ("python-ipy" ,python-ipy)
+       ("libcap-ng" ,libcap-ng)
+       ("pcre" ,pcre)
+       ("dbus" ,dbus)
+       ("dbus-glib" ,dbus-glib)
+       ("glib" ,glib)))
+    (native-inputs
+     `(("gettext" ,gettext-minimal)))
+    (synopsis "SELinux core utilities")
+    (description "The policycoreutils package contains the core utilities that
+are required for the basic operation of an SELinux-enabled GNU system and its
+policies.  These utilities include @code{load_policy} to load policies,
+@code{setfiles} to label file systems, @code{newrole} to switch roles, and
+@code{run_init} to run service scripts in their proper context.")
+    (license license:gpl2+)))
-- 
2.12.2






From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 15:57:24 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 19:57:24 +0000
Received: from localhost ([127.0.0.1]:57397 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0vj6-0003Gf-81
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 15:57:24 -0400
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:39521)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mbakke@fastmail.com>) id 1d0vj1-0003GV-PR
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 15:57:19 -0400
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
 by mailout.nyi.internal (Postfix) with ESMTP id 9A01120B17;
 Wed, 19 Apr 2017 15:57:15 -0400 (EDT)
Received: from frontend2 ([10.202.2.161])
 by compute5.internal (MEProxy); Wed, 19 Apr 2017 15:57:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h=
 cc:content-type:date:from:in-reply-to:message-id:mime-version
 :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
 :x-sasl-enc; s=fm1; bh=GWl4fjXpn1SH4/eHKotGyJVmSgVnnauN/Q1xrAtTV
 To=; b=LKTmMonBeXAq+dTxPGm2TjZ5KQz8aFthiFiJaG+03NWcK7IRLs9snd8fo
 LYlECEQTaKBf0cZ53+teWO7IS+TO/tRk6+u1fqMyDhoVc11ljMeah1Y+FfsA7Chq
 jxxEbY2kU6P+S7GlsMmZpuzAcy44WGm3TzRsviCJeXXwXFfwxeZVnZxb5dgAFnLm
 jGe/bFfx/X85wJ1pY3kgE7bfc126Iz5A+PkYAyR6D57wSBR9F1pREpukRKXzhYcY
 fj41BipVuPw2/UEdWh7UZR1RU7SAjiUyhRv1ANQ8l0E82bvlmcukMxNeBTLv9yGo
 fO5ao10BI8IAaqq60C/1h2QrIZhzg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-sender
 :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=GWl4fjXpn1SH4/eHKo
 tGyJVmSgVnnauN/Q1xrAtTVTo=; b=Ga18hH1zVwD4QUDNvsF9EdJTscluM9dNLU
 QX4AlaNxNVtS1nXv8wdF1bBR8x/JM3Vg2GJT3j5ML4+/rekC+GQzcvfPU2DLb2LX
 f6RDnWYFP0eyPfrk/XFzEshUa5cWRZZLUOq+BktN61xE8JUvpLS644ISeMRniRtO
 PZTV5olXwzrBWwAg2fuvFQrDX6HdN6Zem2oN6Z4FfbmJBuuuuJnOYgm5a7eH+fjB
 s4/9YEp4BL9YLsDjCk7cugqThGQZf3Bd+aK0fN3svZurV7MzllO6hH9l/mM3ygC9
 Rjo2ic9PH/l3ECZG9j9pT64GAQfwtAhzB0A4PUBgsr67t99ZyKEw==
X-ME-Sender: <xms:G8H3WCtbpdqwZERkosZrHI3hdy5ZehIwsqSzISRDLi2Gfo6T8XTNjg>
X-Sasl-enc: Ef8Od4zAAvQ1omhd19w+Pdz2ijub3Kfswa9pZ7LL6xAK 1492631835
Received: from localhost (unknown [188.113.81.93])
 by mail.messagingengine.com (Postfix) with ESMTPA id 23116240A5;
 Wed, 19 Apr 2017 15:57:15 -0400 (EDT)
From: Marius Bakke <mbakke@fastmail.com>
To: Ricardo Wurmus <rekado@elephly.net>, 26561@debbugs.gnu.org
Subject: Re: bug#26561: [PATCH 1/9] gnu: Add libsepol.
In-Reply-To: <20170419142918.11688-1-rekado@elephly.net>
References: <20170419125608.31664-1-rekado@elephly.net>
 <20170419142918.11688-1-rekado@elephly.net>
User-Agent: Notmuch/0.24.1 (https://notmuchmail.org) Emacs/25.1.1
 (x86_64-unknown-linux-gnu)
Date: Wed, 19 Apr 2017 21:57:13 +0200
Message-ID: <87wpagtbl2.fsf@fastmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Ricardo Wurmus <rekado@elephly.net> writes:

> * gnu/packages/selinux.scm: New file.
> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
> ---
>  gnu/local.mk             |  1 +
>  gnu/packages/selinux.scm | 71 ++++++++++++++++++++++++++++++++++++++++++=
++++++
>  2 files changed, 72 insertions(+)
>  create mode 100644 gnu/packages/selinux.scm
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 5822add4c..77302573a 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -342,6 +342,7 @@ GNU_SYSTEM_MODULES =3D				\
>    %D%/packages/sdl.scm				\
>    %D%/packages/search.scm			\
>    %D%/packages/security-token.scm		\
> +  %D%/packages/selinux.scm			\
>    %D%/packages/serialization.scm		\
>    %D%/packages/serveez.scm			\
>    %D%/packages/shells.scm			\
> diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
> new file mode 100644
> index 000000000..75758dd6b
> --- /dev/null
> +++ b/gnu/packages/selinux.scm
> @@ -0,0 +1,71 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright =C2=A9 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
> +;;;
> +;;; This file is part of GNU Guix.
> +;;;
> +;;; GNU Guix is free software; you can redistribute it and/or modify it
> +;;; under the terms of the GNU General Public License as published by
> +;;; the Free Software Foundation; either version 3 of the License, or (at
> +;;; your option) any later version.
> +;;;
> +;;; GNU Guix is distributed in the hope that it will be useful, but
> +;;; WITHOUT ANY WARRANTY; without even the implied warranty of
> +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> +;;; GNU General Public License for more details.
> +;;;
> +;;; You should have received a copy of the GNU General Public License
> +;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
> +
> +(define-module (gnu packages selinux)
> +  #:use-module ((guix licenses) #:prefix license:)
> +  #:use-module (guix packages)
> +  #:use-module (guix download)
> +  #:use-module (guix utils)
> +  #:use-module (guix build-system gnu)
> +  #:use-module (gnu packages)
> +  #:use-module (gnu packages flex))
> +
> +;; Update the SELinux packages together!
> +
> +(define-public libsepol
> +  (package
> +    (name "libsepol")
> +    (version "2.6")
> +    (source (let ((release "20161014"))
> +              (origin
> +                (method url-fetch)
> +                (uri (string-append "https://github.com/SELinuxProject/s=
elinux/"
> +                                    "archive/" release ".tar.gz"))
> +                (file-name (string-append "selinux-" release ".tar.gz"))
> +                (sha256
> +                 (base32
> +                  "1dpwynfb6n31928343blac4159g4jbrwxdp61q5yffmxpy3c3czi"=
)))))
> +    (build-system gnu-build-system)
> +    (arguments
> +     `(#:tests? #f ; tests require checkpolicy, which requires libsepol

I guess we could work around this as with other circular dependencies,
but that can be done later.

> +       #:test-target "test"
> +       #:make-flags
> +       (let ((out (assoc-ref %outputs "out")))
> +         (list (string-append "PREFIX=3D" out)
> +               (string-append "DESTDIR=3D" out)
> +               (string-append "MAN3DIR=3D" out "/share/man/man3")
> +               (string-append "MAN5DIR=3D" out "/share/man/man5")
> +               (string-append "MAN8DIR=3D" out "/share/man/man8")
> +               (string-append "LDFLAGS=3D-Wl,-rpath=3D" out "/lib")
> +               "CC=3Dgcc"))
> +       #:phases
> +       (modify-phases %standard-phases
> +         (delete 'configure)
> +         (add-after 'unpack 'enter-dir
> +           (lambda _ (chdir ,name) #t)))))
> +    (native-inputs
> +     `(("flex" ,flex)))
> +    (home-page "http://selinuxproject.org/")
                     ^^^
https*

> +    (synopsis "Library for manipulating SELinux policies")
> +    (description
> +     "The libsepol library provides an API for the manipulation of SELin=
ux
> +binary policies.  It is used by @code{checkpolicy} (the policy compiler)=
 and
> +similar tools, and programs such as @code{load_policy}, which must perfo=
rm
> +specific transformations on binary policies (for example, customizing po=
licy
> +boolean settings).")
> +    (license license:lgpl2.1+)))
> --=20
> 2.12.2

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlj3wRkACgkQoqBt8qM6
VPq7VAgAh2ETG41UC+VhHj7wpNdtlxzvH4DZrF7yNQs4cJBndPYnfCtMgfVOn1oW
YDnTpzVMCnGteIlrBKnWYDEYSvCO+XyLRylJ6+4af/aj5tb07J1tYFCljNLexiz2
6t0n+F6Z2JPnBoaH7l+ue7aJ374V8/Iqq/HY301wx6+J+qruqeFVxq5aVB1xVmW0
w7AoEmpHImfzDt3scBAKkYdL4vNl1qCNHKq8DhhGuvf6nhg8lUcDk2WSG0Q/RsjO
UYHk6mwkHBQxSa8krB3EGgZEHaPhFSP3SFI59htFz+OnzWXypmVbaF0nuVcPlY0w
4b12bPg0hus0YkpV7CcEJlM036gYHw==
=pCxA
-----END PGP SIGNATURE-----
--=-=-=--




From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 15:59:44 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 19:59:44 +0000
Received: from localhost ([127.0.0.1]:57404 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0vlL-0003K3-8m
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 15:59:44 -0400
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:58221)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mbakke@fastmail.com>) id 1d0vlE-0003Jr-3K
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 15:59:37 -0400
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
 by mailout.nyi.internal (Postfix) with ESMTP id E6D2220B48;
 Wed, 19 Apr 2017 15:59:31 -0400 (EDT)
Received: from frontend2 ([10.202.2.161])
 by compute5.internal (MEProxy); Wed, 19 Apr 2017 15:59:31 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h=
 cc:content-type:date:from:in-reply-to:message-id:mime-version
 :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
 :x-sasl-enc; s=fm1; bh=jzwUPgvku7hip4xZf65STZ2BPRq/rEx3ReiTd7efp
 H0=; b=nJ7dUgmPSraqQe8G1vSiff8X3aBjVygNl6G2IqxDxEI6G5q78bF/+NW3U
 FnBtnppVta9r8MLoplxWagdRoEI6BNtpTzHeRdTJFs/KKdQHOSxQKRDaXzmJGHbC
 Nxmn1VRAKdNJJoh2OksUX5oYSIUUw3F6NUJ5YWuO6r+BuRKZu+FfiER++Nc7HGms
 JzUi+vbdRgpmiKD/V0VYmejET4a35WgvbJ6VPKH5v5NMwV0ThnjdLxR9NfF+9nWd
 GBZwBnQ/qsChzctG5+Dz3pQdE66W79W9t8/9UAYXrZcJg4qnk4IsFLt/QGzdtuhx
 0YvG6ZpDZRf/Q3q0X8UZEIu/TUYkQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-sender
 :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=jzwUPgvku7hip4xZf6
 5STZ2BPRq/rEx3ReiTd7efpH0=; b=RxZ2VRiiCTZ419ffF+w7SE5+sCtzyTZex8
 c/ky5Yi4g3DTUXg45gGA/va4gIVau/9b1+CvIlRweNF6OmEacF6TQ7JqeUCsIBrP
 ozs5mLkpWxN8d9UMi5+C6MM6SySsYEmvnrTIvOKEYswuuUReEKYGOo0jqo2R/YFH
 2lrZ25uTeXSKaqKaUbJJZDDGIZU7a62+UQ7vn533yHxOQlAM16sMh0aU1jQbfOyp
 dgA+pIf1wzxUy/S4U7nI0iqnaxbOx+KXlp3imdIqS9baimwKk+E/OylV4w4/JzkJ
 KtkpCdDgbyVJoO06hWqIeqCYle20Z6wUl8Dh9pvAp4FIPJ5HJ4IQ==
X-ME-Sender: <xms:o8H3WLnM8rbYYxILintDS7P2JPzL3cKEUREKHbo2PPo-bLtudtYI0g>
X-Sasl-enc: rIOyrjPb2K/M4TiuU0Y+RJOyj1Gxdf2iEQRX3Yy4fFrW 1492631971
Received: from localhost (unknown [188.113.81.93])
 by mail.messagingengine.com (Postfix) with ESMTPA id 4C82124812;
 Wed, 19 Apr 2017 15:59:31 -0400 (EDT)
From: Marius Bakke <mbakke@fastmail.com>
To: Ricardo Wurmus <rekado@elephly.net>, 26561@debbugs.gnu.org
Subject: Re: bug#26561: [PATCH 9/9] gnu: Add policycoreutils.
In-Reply-To: <20170419142918.11688-9-rekado@elephly.net>
References: <20170419142918.11688-1-rekado@elephly.net>
 <20170419142918.11688-9-rekado@elephly.net>
User-Agent: Notmuch/0.24.1 (https://notmuchmail.org) Emacs/25.1.1
 (x86_64-unknown-linux-gnu)
Date: Wed, 19 Apr 2017 21:59:29 +0200
Message-ID: <87tw5ktbha.fsf@fastmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Ricardo Wurmus <rekado@elephly.net> writes:

> * gnu/packages/selinux.scm (policycoreutils): New variable.
> ---
>  gnu/local.mk                                       |   1 +
>  ...policycoreutils-make-sepolicy-use-python3.patch | 335 +++++++++++++++=
++++++
>  gnu/packages/selinux.scm                           | 135 +++++++++
>  3 files changed, 471 insertions(+)
>  create mode 100644 gnu/packages/patches/policycoreutils-make-sepolicy-us=
e-python3.patch
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 77302573a..79ffbe2fe 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -856,6 +856,7 @@ dist_patch_DATA =3D						\
>    %D%/packages/patches/plink-endian-detection.patch		\
>    %D%/packages/patches/plotutils-libpng-jmpbuf.patch		\
>    %D%/packages/patches/polkit-drop-test.patch			\
> +  %D%/packages/patches/policycoreutils-make-sepolicy-use-python3.patch	\
>    %D%/packages/patches/portaudio-audacity-compat.patch		\
>    %D%/packages/patches/portmidi-modular-build.patch		\
>    %D%/packages/patches/procmail-ambiguous-getline-debian.patch  \
> diff --git a/gnu/packages/patches/policycoreutils-make-sepolicy-use-pytho=
n3.patch b/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.p=
atch
> new file mode 100644
> index 000000000..befe9fbb2
> --- /dev/null
> +++ b/gnu/packages/patches/policycoreutils-make-sepolicy-use-python3.patch
> @@ -0,0 +1,335 @@
> +Downloaded from https://anonscm.debian.org/cgit/selinux/policycoreutils.=
git/plain/debian/patches/policycoreutils-Make-sepolicy-work-with-python3.pa=
tch
> +
> +From 2d7ca0b862a35196d562f59bd098df011fd7f0e6 Mon Sep 17 00:00:00 2001
> +From: Laurent Bigonville <bigon@bigon.be>
> +Date: Mon, 7 Nov 2016 10:51:08 +0100
> +Subject: [PATCH] policycoreutils: Make sepolicy work with python3
> +
> +Add python3 support for sepolicy
> +
> +Signed-off-by: Laurent Bigonville <bigon@bigon.be>
> +---
> + policycoreutils/sepolicy/selinux_client.py       |  6 ++--
> + policycoreutils/sepolicy/sepolicy.py             | 38 ++++++++++++-----=
-------
> + policycoreutils/sepolicy/sepolicy/__init__.py    | 16 ++++++----
> + policycoreutils/sepolicy/sepolicy/communicate.py |  4 +--
> + policycoreutils/sepolicy/sepolicy/generate.py    | 30 +++++++++--------=
--
> + policycoreutils/sepolicy/sepolicy/interface.py   | 14 ++++++---
> + policycoreutils/sepolicy/sepolicy/manpage.py     |  7 +++--
> + 7 files changed, 65 insertions(+), 50 deletions(-)
> +
> +diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutil=
s/sepolicy/selinux_client.py
> +index 7f4a91c..dc29f28 100644
> +--- a/sepolicy/selinux_client.py
> ++++ b/sepolicy/selinux_client.py
> +@@ -39,6 +39,6 @@ if __name__ =3D=3D "__main__":
> +     try:
> +         dbus_proxy =3D SELinuxDBus()
> +         resp =3D dbus_proxy.customized()
> +-        print convert_customization(resp)
> +-    except dbus.DBusException, e:
> +-        print e
> ++        print(convert_customization(resp))
> ++    except dbus.DBusException as e:
> ++        print(e)
> +diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepo=
licy/sepolicy.py
> +index 3e502a7..5bf9b52 100755
> +--- a/sepolicy/sepolicy.py
> ++++ b/sepolicy/sepolicy.py
> +@@ -262,7 +262,7 @@ def _print_net(src, protocol, perm):
> +     if len(portdict) > 0:
> +         bold_start =3D "\033[1m"
> +         bold_end =3D "\033[0;0m"
> +-        print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) +=
 bold_end
> ++        print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) +=
 bold_end)
> +         port_strings =3D []
> +         boolean_text =3D ""
> +         for p in portdict:
> +@@ -275,7 +275,7 @@ def _print_net(src, protocol, perm):
> +                     port_strings.append("%s (%s)" % (", ".join(recs), t=
))
> +         port_strings.sort(numcmp)
> +         for p in port_strings:
> +-            print "\t" + p
> ++            print("\t" + p)
> +=20
> +=20
> + def network(args):
> +@@ -286,7 +286,7 @@ def network(args):
> +             if i[0] not in all_ports:
> +                 all_ports.append(i[0])
> +         all_ports.sort()
> +-        print "\n".join(all_ports)
> ++        print("\n".join(all_ports))
> +=20
> +     for port in args.port:
> +         found =3D False
> +@@ -297,18 +297,18 @@ def network(args):
> +                 else:
> +                     range =3D "%s-%s" % (i[0], i[1])
> +                 found =3D True
> +-                print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0]=
, range)
> ++                print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0]=
, range))
> +         if not found:
> +             if port < 500:
> +-                print "Undefined reserved port type"
> ++                print("Undefined reserved port type")
> +             else:
> +-                print "Undefined port type"
> ++                print("Undefined port type")
> +=20
> +     for t in args.type:
> +         if (t, 'tcp') in portrecs.keys():
> +-            print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))
> ++            print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])))
> +         if (t, 'udp') in portrecs.keys():
> +-            print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))
> ++            print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])))
> +=20
> +     for a in args.applications:
> +         d =3D sepolicy.get_init_transtype(a)
> +@@ -357,7 +357,7 @@ def manpage(args):
> +=20
> +     for domain in test_domains:
> +         m =3D ManPage(domain, path, args.root, args.source_files, args.=
web)
> +-        print m.get_man_page_path()
> ++        print(m.get_man_page_path())
> +=20
> +     if args.web:
> +         HTMLManPages(manpage_roles, manpage_domains, path, args.os)
> +@@ -418,7 +418,7 @@ def communicate(args):
> +     out =3D list(set(writable) & set(readable))
> +=20
> +     for t in out:
> +-        print t
> ++        print(t)
> +=20
> +=20
> + def gen_communicate_args(parser):
> +@@ -445,7 +445,7 @@ def booleans(args):
> +     args.booleans.sort()
> +=20
> +     for b in args.booleans:
> +-        print "%s=3D_(\"%s\")" % (b, boolean_desc(b))
> ++        print("%s=3D_(\"%s\")" % (b, boolean_desc(b)))
> +=20
> +=20
> + def gen_booleans_args(parser):
> +@@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=3D""=
):
> +     for i in interfaces:
> +         if args.verbose:
> +             try:
> +-                print get_interface_format_text(i + append)
> ++                print(get_interface_format_text(i + append))
> +             except KeyError:
> +-                print i
> ++                print(i)
> +         if args.compile:
> +             try:
> +                 interface_compile_test(i)
> +             except KeyError:
> +-                print i
> ++                print(i)
> +         else:
> +-            print i
> ++            print(i)
> +=20
> +=20
> + def interface(args):
> +@@ -565,7 +565,7 @@ def generate(args):
> +     if args.policytype in APPLICATIONS:
> +         mypolicy.gen_writeable()
> +         mypolicy.gen_symbols()
> +-    print mypolicy.generate(args.path)
> ++    print(mypolicy.generate(args.path))
> +=20
> +=20
> + def gen_interface_args(parser):
> +@@ -698,12 +698,12 @@ if __name__ =3D=3D '__main__':
> +         args =3D parser.parse_args(args=3Dparser_args)
> +         args.func(args)
> +         sys.exit(0)
> +-    except ValueError, e:
> ++    except ValueError as e:
> +         sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
> +         sys.exit(1)
> +-    except IOError, e:
> ++    except IOError as e:
> +         sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e)))
> +         sys.exit(1)
> +     except KeyboardInterrupt:
> +-        print "Out"
> ++        print("Out")
> +         sys.exit(0)
> +diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreu=
tils/sepolicy/sepolicy/__init__.py
> +index 8fbd5b4..fee6438 100644
> +--- a/sepolicy/sepolicy/__init__.py
> ++++ b/sepolicy/sepolicy/__init__.py
> +@@ -695,7 +695,7 @@ def get_methods():
> +     # List of per_role_template interfaces
> +         ifs =3D interfaces.InterfaceSet()
> +         ifs.from_file(fd)
> +-        methods =3D ifs.interfaces.keys()
> ++        methods =3D list(ifs.interfaces.keys())
> +         fd.close()
> +     except:
> +         sys.stderr.write("could not open interface info [%s]\n" % fn)
> +@@ -752,7 +752,10 @@ def get_all_entrypoint_domains():
> +=20
> +=20
> + def gen_interfaces():
> +-    import commands
> ++    try:
> ++        from commands import getstatusoutput
> ++    except ImportError:
> ++        from subprocess import getstatusoutput
> +     ifile =3D defaults.interface_info()
> +     headers =3D defaults.headers()
> +     try:
> +@@ -763,7 +766,7 @@ def gen_interfaces():
> +=20
> +     if os.getuid() !=3D 0:
> +         raise ValueError(_("You must regenerate interface info by runni=
ng /usr/bin/sepolgen-ifgen"))
> +-    print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
> ++    print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1])
> +=20
> +=20
> + def gen_port_dict():
> +@@ -1085,8 +1088,11 @@ def get_os_version():
> +     os_version =3D ""
> +     pkg_name =3D "selinux-policy"
> +     try:
> +-        import commands
> +-        rc, output =3D commands.getstatusoutput("rpm -q '%s'" % pkg_nam=
e)
> ++        try:
> ++            from commands import getstatusoutput
> ++        except ImportError:
> ++            from subprocess import getstatusoutput
> ++        rc, output =3D getstatusoutput("rpm -q '%s'" % pkg_name)
> +         if rc =3D=3D 0:
> +             os_version =3D output.split(".")[-2]
> +     except:
> +diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policyco=
reutils/sepolicy/sepolicy/communicate.py
> +index b96c4b9..299316e 100755
> +--- a/sepolicy/sepolicy/communicate.py
> ++++ b/sepolicy/sepolicy/communicate.py
> +@@ -34,8 +34,8 @@ def usage(parser, msg):
> +=20
> + def expand_attribute(attribute):
> +     try:
> +-        return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"]
> +-    except RuntimeError:
> ++        return list(next(sepolicy.info(sepolicy.ATTRIBUTE, attribute))[=
"types"])
> ++    except StopIteration:
> +         return [attribute]
> +=20
> +=20
> +diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreu=
tils/sepolicy/sepolicy/generate.py
> +index 65b33b6..5696110 100644
> +--- a/sepolicy/sepolicy/generate.py
> ++++ b/sepolicy/sepolicy/generate.py
> +@@ -31,21 +31,21 @@ import time
> + import types
> + import platform
> +=20
> +-from templates import executable
> +-from templates import boolean
> +-from templates import etc_rw
> +-from templates import unit_file
> +-from templates import var_cache
> +-from templates import var_spool
> +-from templates import var_lib
> +-from templates import var_log
> +-from templates import var_run
> +-from templates import tmp
> +-from templates import rw
> +-from templates import network
> +-from templates import script
> +-from templates import spec
> +-from templates import user
> ++from .templates import executable
> ++from .templates import boolean
> ++from .templates import etc_rw
> ++from .templates import unit_file
> ++from .templates import var_cache
> ++from .templates import var_spool
> ++from .templates import var_lib
> ++from .templates import var_log
> ++from .templates import var_run
> ++from .templates import tmp
> ++from .templates import rw
> ++from .templates import network
> ++from .templates import script
> ++from .templates import spec
> ++from .templates import user
> + import sepolgen.interfaces as interfaces
> + import sepolgen.defaults as defaults
> +=20
> +diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycore=
utils/sepolicy/sepolicy/interface.py
> +index c2cb971..8956f39 100644
> +--- a/sepolicy/sepolicy/interface.py
> ++++ b/sepolicy/sepolicy/interface.py
> +@@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name=3D"=
compiletest"):
> + def get_xml_file(if_file):
> +     """ Returns xml format of interfaces for given .if policy file"""
> +     import os
> +-    import commands
> ++    try:
> ++            from commands import getstatusoutput
> ++    except ImportError:
> ++            from subprocess import getstatusoutput
> +     basedir =3D os.path.dirname(if_file) + "/"
> +     filename =3D os.path.basename(if_file).split(".")[0]
> +-    rc, output =3D commands.getstatusoutput("python /usr/share/selinux/=
devel/include/support/segenxml.py -w -m %s" % basedir + filename)
> ++    rc, output =3D getstatusoutput("python /usr/share/selinux/devel/inc=
lude/support/segenxml.py -w -m %s" % basedir + filename)
> +     if rc !=3D 0:
> +         sys.stderr.write("\n Could not proceed selected interface file.=
\n")
> +         sys.stderr.write("\n%s" % output)
> +@@ -208,7 +211,10 @@ def interface_compile_test(interface, path=3D"/usr/=
share/selinux/devel/policy.xml"
> +     exclude_interfaces =3D ["userdom", "kernel", "corenet", "files", "d=
ev"]
> +     exclude_interface_type =3D ["template"]
> +=20
> +-    import commands
> ++    try:
> ++            from commands import getstatusoutput
> ++    except ImportError:
> ++            from subprocess import getstatusoutput
> +     import os
> +     policy_files =3D {'pp': "compiletest.pp", 'te': "compiletest.te", '=
fc': "compiletest.fc", 'if': "compiletest.if"}
> +     idict =3D get_interface_dict(path)
> +@@ -219,7 +225,7 @@ def interface_compile_test(interface, path=3D"/usr/s=
hare/selinux/devel/policy.xml"
> +             fd =3D open(policy_files['te'], "w")
> +             fd.write(generate_compile_te(interface, idict))
> +             fd.close()
> +-            rc, output =3D commands.getstatusoutput("make -f /usr/share=
/selinux/devel/Makefile %s" % policy_files['pp'])
> ++            rc, output =3D getstatusoutput("make -f /usr/share/selinux/=
devel/Makefile %s" % policy_files['pp'])
> +             if rc !=3D 0:
> +                 sys.stderr.write(output)
> +                 sys.stderr.write(_("\nCompile test for %s failed.\n") %=
 interface)
> +diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreut=
ils/sepolicy/sepolicy/manpage.py
> +index 7365f93..773a9ab 100755
> +--- a/sepolicy/sepolicy/manpage.py
> ++++ b/sepolicy/sepolicy/manpage.py
> +@@ -27,7 +27,6 @@ __all__ =3D ['ManPage', 'HTMLManPages', 'manpage_domai=
ns', 'manpage_roles', 'gen_d
> + import string
> + import selinux
> + import sepolicy
> +-import commands
> + import os
> + import time
> +=20
> +@@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list):
> +=20
> +=20
> + def convert_manpage_to_html(html_manpage, manpage):
> +-    rc, output =3D commands.getstatusoutput("/usr/bin/groff -man -Thtml=
 %s 2>/dev/null" % manpage)
> ++    try:
> ++            from commands import getstatusoutput
> ++    except ImportError:
> ++            from subprocess import getstatusoutput
> ++    rc, output =3D getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/de=
v/null" % manpage)
> +     if rc =3D=3D 0:
> +         print(html_manpage, "has been created")
> +         fd =3D open(html_manpage, 'w')
> +--=20
> +2.10.2
> +
> diff --git a/gnu/packages/selinux.scm b/gnu/packages/selinux.scm
> index 05197b85c..7acda89a6 100644
> --- a/gnu/packages/selinux.scm
> +++ b/gnu/packages/selinux.scm
> @@ -28,6 +28,10 @@
>    #:use-module (gnu packages bison)
>    #:use-module (gnu packages docbook)
>    #:use-module (gnu packages flex)
> +  #:use-module (gnu packages gettext)
> +  #:use-module (gnu packages glib)
> +  #:use-module (gnu packages linux)
> +  #:use-module (gnu packages networking)
>    #:use-module (gnu packages pcre)
>    #:use-module (gnu packages pkg-config)
>    #:use-module (gnu packages python)
> @@ -338,3 +342,134 @@ tools, and libraries designed to facilitate SELinux=
 policy analysis.")
>      ;; Some programs are under GPL, all libraries under LGPL.
>      (license (list license:lgpl2.1+
>                     license:gpl2+))))
> +
> +(define-public policycoreutils
> +  (package (inherit libsepol)
> +    (name "policycoreutils")
> +    (source
> +     (origin (inherit (package-source libsepol))
> +             (patches (search-patches "policycoreutils-make-sepolicy-use=
-python3.patch"))
> +             (patch-flags '("-p1" "-d" "policycoreutils"))))
> +    (arguments
> +     `(#:test-target "test"
> +       #:make-flags
> +       (let ((out (assoc-ref %outputs "out")))
> +         (list "CC=3Dgcc"
> +               (string-append "PREFIX=3D" out)
> +               (string-append "LOCALEDIR=3D" out "/share/locale")
> +               (string-append "BASHCOMPLETIONDIR=3D" out
> +                              "/share/bash-completion/completions")
> +               "INSTALL=3Dinstall -c -p"
> +               "INSTALL_DIR=3Dinstall -d"
> +               ;; These ones are needed because some Makefiles define the
> +               ;; directories relative to DESTDIR, not relative to PREFI=
X.
> +               (string-append "SBINDIR=3D" out "/sbin")
> +               (string-append "ETCDIR=3D" out "/etc")
> +               (string-append "SYSCONFDIR=3D" out "/etc/sysconfig")
> +               (string-append "MAN5DIR=3D" out "/share/man/man5")
> +               (string-append "INSTALL_NLS_DIR=3D" out "/share/locale")
> +               (string-append "AUTOSTARTDIR=3D" out "/etc/xdg/autostart")
> +               (string-append "DBUSSERVICEDIR=3D" out "/share/dbus-1/ser=
vices")
> +               (string-append "SYSTEMDDIR=3D" out "/lib/systemd")
> +               (string-append "INITDIR=3D" out "/etc/rc.d/init.d")
> +               (string-append "SELINUXDIR=3D" out "/etc/selinux")))
> +       #:phases
> +       (modify-phases %standard-phases
> +         (delete 'configure)
> +         (add-after 'unpack 'enter-dir
> +           (lambda _ (chdir ,name) #t))
> +         (add-after 'enter-dir 'ignore-/usr-tests
> +           (lambda* (#:key inputs #:allow-other-keys)
> +             ;; The Makefile decides to build restorecond only if it fin=
ds the
> +             ;; inotify header somewhere under /usr.
> +             (substitute* "Makefile"
> +               (("ifeq.*") "")
> +               (("endif.*") ""))
> +             ;; Rewrite lookup paths for header files.
> +             (substitute* '("newrole/Makefile"
> +                            "setfiles/Makefile"
> +                            "run_init/Makefile")
> +               (("/usr(/include/security/pam_appl.h)" _ file)
> +                (string-append (assoc-ref inputs "pam") file))
> +               (("/usr(/include/libaudit.h)" _ file)
> +                (string-append (assoc-ref inputs "audit") file)))
> +             #t))
> +         (add-after 'enter-dir 'fix-glib-cflags
> +           (lambda* (#:key inputs #:allow-other-keys)
> +             (substitute* "restorecond/Makefile"
> +               (("/usr(/include/glib-2.0|/lib/glib-2.0/include)" _ path)
> +                (string-append (assoc-ref inputs "glib") path))
> +               (("/usr(/include/dbus-1.0|/lib/dbus-1.0/include)" _ path)
> +                (string-append (assoc-ref inputs "dbus") path
> +                               " -I"
> +                               (assoc-ref inputs "dbus-glib") path)))
> +             #t))
> +         (add-after 'enter-dir 'fix-linkage-with-libsepol
> +           (lambda* (#:key inputs #:allow-other-keys)
> +             (substitute* '("semodule_deps/Makefile"
> +                            "sepolgen-ifgen/Makefile")
> +               (("\\$\\(LIBDIR\\)")
> +                (string-append (assoc-ref inputs "libsepol") "/lib/")))))
> +         (add-after 'enter-dir 'fix-target-paths
> +           (lambda* (#:key outputs #:allow-other-keys)
> +             (let ((out (assoc-ref outputs "out")))
> +               (substitute* "audit2allow/sepolgen-ifgen"
> +                 (("ATTR_HELPER =3D \"/usr/bin/sepolgen-ifgen-attr-helpe=
r\"")
> +                  (string-append "ATTR_HELPER =3D \"" out
> +                                 "/bin/sepolgen-ifgen-attr-helper\"")))
> +               (substitute* "sepolicy/sepolicy/__init__.py"
> +                 (("/usr/bin/sepolgen-ifgen")
> +                  (string-append out "/bin/sepolgen-ifgen")))
> +               (substitute* "sepolicy/Makefile"
> +                 ;; By default all Python files would be installed to
> +                 ;; $out/gnu/store/...-python-.../.
> +                 (("setup.py install.*$")
> +                  (string-append "setup.py install --prefix=3D" out "\n"=
))
> +                 (("\\$\\(DESTDIR\\)/etc")
> +                  (string-append out "/etc"))
> +                 (("\\$\\(DESTDIR\\)/usr") out)))
> +             #t))
> +         (add-after 'install 'wrap-python-tools
> +           (lambda* (#:key outputs #:allow-other-keys)
> +             (let* ((out (assoc-ref outputs "out"))
> +                    (var (string-append out "/lib/python3.5/site-package=
s:"
                                                           ^^^
Can we use (version-major+minor (package-version python)) here? I plan
to start a 3.6 branch soonish, unless someone beats me to it :)

> +                                        (getenv "PYTHONPATH"))))
> +               ;; The scripts' shebangs tell Python to ignore the PYTHON=
PATH,
> +               ;; so we need to patch them before wrapping.
> +               (for-each (lambda (file)
> +                           (let ((path (string-append out "/" file)))
> +                             (substitute* path
> +                               (("bin/python -Es") "bin/python -s"))
> +                             (wrap-program path
> +                               `("PYTHONPATH" ":" prefix (,var)))))
> +                         '("bin/audit2allow"
> +                           "bin/chcat"
> +                           "bin/sandbox"
> +                           "bin/sepolgen-ifgen"
> +                           "bin/sepolicy"
> +                           "sbin/semanage")))
> +             #t)))))
> +    (inputs
> +     `(("python" ,python-wrapper)
> +       ("audit" ,audit)
> +       ("pam" ,linux-pam)
> +       ("libsepol" ,libsepol)
> +       ("libselinux" ,libselinux)
> +       ("libsemanage" ,libsemanage)
> +       ("python-sepolgen" ,python-sepolgen)
> +       ("python-setools" ,python-setools)
> +       ("python-ipy" ,python-ipy)
> +       ("libcap-ng" ,libcap-ng)
> +       ("pcre" ,pcre)
> +       ("dbus" ,dbus)
> +       ("dbus-glib" ,dbus-glib)
> +       ("glib" ,glib)))
> +    (native-inputs
> +     `(("gettext" ,gettext-minimal)))
> +    (synopsis "SELinux core utilities")
> +    (description "The policycoreutils package contains the core utilitie=
s that
> +are required for the basic operation of an SELinux-enabled GNU system an=
d its
> +policies.  These utilities include @code{load_policy} to load policies,
> +@code{setfiles} to label file systems, @code{newrole} to switch roles, a=
nd
> +@code{run_init} to run service scripts in their proper context.")
> +    (license license:gpl2+)))
> --=20
> 2.12.2

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlj3waEACgkQoqBt8qM6
VPoB6Af+JgrS7WT/eSivtmEieW1tEQY92bLNibSOPHuX+D6kH0oFnZBeJc2iaejH
69x1DJVBQXuPCBiDHED0G/Y2wBt3tBrbMDePL+WYJuF8xHuR+JinINoOvl/+roZ1
gltMFWHiVJEVjyCnsCUDTEhO4hbPNYf0+X6MNTvXsFQwu7f+WhC2NjDrJV+q46vn
XLvtZYpKyiqNlepVrKKf2iRyAXdpi2P9QO96E6E7PmNOTgshqWe5vy28rHrtKDKU
V7+rd0IIJ6WjtiTCgoYmK4kOdWV9fxoH951798KwiNulyZ6hP9b7X9CNbvUfifX0
2bIuMJ/rlLPi5kOOQXZIoIp4q8vpbg==
=HFNl
-----END PGP SIGNATURE-----
--=-=-=--




From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 19 16:01:29 2017
Received: (at 26561) by debbugs.gnu.org; 19 Apr 2017 20:01:29 +0000
Received: from localhost ([127.0.0.1]:57414 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d0vn7-0004Wg-J8
	for submit@debbugs.gnu.org; Wed, 19 Apr 2017 16:01:29 -0400
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:33275)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mbakke@fastmail.com>) id 1d0vn5-0004Up-Fb
 for 26561@debbugs.gnu.org; Wed, 19 Apr 2017 16:01:27 -0400
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
 by mailout.nyi.internal (Postfix) with ESMTP id 4D69D20AD3;
 Wed, 19 Apr 2017 16:01:27 -0400 (EDT)
Received: from frontend2 ([10.202.2.161])
 by compute5.internal (MEProxy); Wed, 19 Apr 2017 16:01:27 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h=
 cc:content-type:date:from:in-reply-to:message-id:mime-version
 :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
 :x-sasl-enc; s=fm1; bh=pOAQBZwYg3ZzeFLNE22laGmZ9kHcQF6OVig6OVyh+
 HQ=; b=ReiqRG99y1Cy0iFxFRgagn5bQbwwQQxXn7VMuR6tH93hyH6dFPMdItbtM
 hgkwFnAy0dsZSIdBUOR3OLfPV2H8yn3i/DSoLnLn77XjJgw6WuellrIgib0wLuvT
 QVsEK5ZxEnlWjFRez7xUnKgPJf+0CLMq3fadHCO8555kStsmDVQkGnRhAodp9jwE
 ZS+LXoCej9R6baQRG+ndiOav3S3cStvHrmRKs3GtkzAgBxH6JvBw4pf/fJIOELuP
 59D2F1xMiV4W4IT/xleznxIZNbWjwUujIb9YXStxO/qmkFbl43GK0PaLCaG5d/qi
 522EvYH8EobKNYnzmivcjf4uMs4OA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-sender
 :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=pOAQBZwYg3ZzeFLNE2
 2laGmZ9kHcQF6OVig6OVyh+HQ=; b=CyTB4ld7YFTlNW9n7ngZZax1tE6463/1WD
 ZAmS1ku/6Ni6W39YThNmC57P6KrVjPAMkEJ5Ftq3vNdgvKjtVRElAdZh7/Mz8w+l
 CridpL9zoIrLvbjpdwS98RSY4AinwQH/INfr8GUlPaBJIM+bK0wCmwFpdc27HnSN
 2xvCaYvTmgPDgorl2VTWHJO/uuf7hmI/asOQrYqvPFH0oX6NY4J1aWGtjSjqrBaB
 n2brJXFoRO71DICOKtrwG+32OpQg/os7M0MxhFtw5dhk7ozU1JbHvSAqjjcq9P9i
 JVDTncrpyiPjIcdaSF0J+Y0L7hNrZMyW2BRb7/BT8KKR50Qz1cwg==
X-ME-Sender: <xms:F8L3WGHZQiNt-R5_fd40VnEb1qdfF_YxRaaXpqlC4vIJmYbb7FnCNQ>
X-Sasl-enc: oLstU0SwjMw2gywWrOAwW4Aq9qhkUqW5C9qVfpaSCAXz 1492632086
Received: from localhost (unknown [188.113.81.93])
 by mail.messagingengine.com (Postfix) with ESMTPA id D495724519;
 Wed, 19 Apr 2017 16:01:26 -0400 (EDT)
From: Marius Bakke <mbakke@fastmail.com>
To: Ricardo Wurmus <rekado@elephly.net>, 26561@debbugs.gnu.org
Subject: Re: bug#26561: [PATCH 0/9] SELinux
In-Reply-To: <20170419125608.31664-1-rekado@elephly.net>
References: <20170419125608.31664-1-rekado@elephly.net>
User-Agent: Notmuch/0.24.1 (https://notmuchmail.org) Emacs/25.1.1
 (x86_64-unknown-linux-gnu)
Date: Wed, 19 Apr 2017 22:01:24 +0200
Message-ID: <87r30otbe3.fsf@fastmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 26561
Cc: Ricardo Wurmus <rekado@elephly.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Ricardo Wurmus <rekado@elephly.net> writes:

> This patch series adds SELinux libraries and tools.
>
> Ricardo Wurmus (9):
>   gnu: Add libsepol.
>   gnu: Add checkpolicy.
>   gnu: Add libselinux.
>   gnu: Add libsemanage.
>   gnu: Add secilc.
>   gnu: Add python-sepolgen.
>   gnu: Add python-ipy.
>   gnu: Add python-setools.
>   gnu: Add policycoreutils.

Wow, amazing work! I've read through the patches and they LGTM apart
from the minor nitpicks sent separately. Thanks a lot for this!

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlj3whUACgkQoqBt8qM6
VPoc9ggAxO4bmBxiM2m3ZTP5MmKLAtTNmM/iioBy38pzRQJrOYOANpK5ZPFkCiuS
7djGpJXIZyaq5xv2YBexuoFLF0tdF9kJbLYqluySatHHP8MBbQuWMDsUYpwVEV5T
/kOL0EUWjNl9RtkJBqMlqhsLCEmbChcOJeI1FaNvlqdtA+r2IfwEjXXcNkeJVcnW
yGxVbti1vardaBUOTa6yW+DAMvNtLgc4Hv6xpOKOr3hAPgpCGxbaSFr81R3aD+BO
Yno77fzpSIsqTMIm/U6YoUG7I3Za0p6JpMOsDJ195V2lX+FrsSFbQEM8XGMo+qNd
+/hANDqutKhilgo7JrWNf7x1ciLG3Q==
=i4CS
-----END PGP SIGNATURE-----
--=-=-=--




From debbugs-submit-bounces@debbugs.gnu.org Thu Apr 20 04:30:14 2017
Received: (at 26561) by debbugs.gnu.org; 20 Apr 2017 08:30:14 +0000
Received: from localhost ([127.0.0.1]:57874 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d17Ti-0008R7-A9
	for submit@debbugs.gnu.org; Thu, 20 Apr 2017 04:30:14 -0400
Received: from dau94-h03-89-91-205-84.dsl.sta.abo.bbox.fr
 ([89.91.205.84]:49599 helo=skaro.lepiller.eu)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <julien@lepiller.eu>) id 1d17Tf-0008If-Os
 for 26561@debbugs.gnu.org; Thu, 20 Apr 2017 04:30:12 -0400
Received: from localhost (localhost [127.0.0.1])
 by skaro.lepiller.eu (Postfix) with ESMTP id C602380BB7
 for <26561@debbugs.gnu.org>; Thu, 20 Apr 2017 10:30:04 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lepiller.eu;
 s=default; t=1492677004;
 bh=JZe8PHgTmWLw3gQJROAJ8BXidTmTtar4LEj56Fwz7hM=;
 h=Date:From:To:Subject:In-Reply-To:References:From;
 b=m8yFosk1Btlr+9a7bwUej24a1kPHQtZvq2yL+0P4O0H1lo82N8iV5orhhIga/IbrS
 6AaIYgOUu253egQHzUnZ8PtrsLzMkzSxLpYZeV9XaWD6jhkb93MqIigpD5pMJTQmDQ
 toGE/uElw0Cfzkb00Ec4Xxwj9T16CqmZ5JqAJM0InScUzJHK9vVe7Hfx1DNZn9vvz7
 oDRwzyvDR1kVKldGhqFQ//dqzPe/mvZFGSXuhVyQX1PQuMo59j5KzmZkpuVyeGhznA
 8bQ+MqjofmT3R+YeukzKgG3COfiBQa145Ul7kXL59QxgET4K1LWQ/Z/+E5229lLosM
 65BYk5Q7zPqCTMLQH41PhllvnRQXmfirOAJm70QOqyQWfqJWu7RoJ/QaRihLPSPWAx
 hDuH3smHhsZp/9uCG+gZx4MTnsjN0eeBn51oeseObUBUC8v38J1tw+Jf64y9FKk99X
 Tr4HewBE/3FMYmoIw2TBvguCaBtVIugSORXqrF7Ci5xHoGCxWE4Mr9fF2BdZfIYjKE
 okspyO2VsFqlLVspYor+vmQIHYu+TdTTMT3YJn7N9xr/S5FHBfW+4IEJ5NjaglUtWX
 Bo1VKcCHSDrBHpUaNDwNiaVCSLvkp5mi6ANqfC1aavfKOqsxqyV5YXgQ7P14JLzWbZ
 odS+4Ex8XnFbqCTR1RLJMwiU=
X-Virus-Scanned: Debian amavisd-new at lepiller.eu
Received: from skaro.lepiller.eu ([127.0.0.1])
 by localhost (lepiller.eu [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id baxygEywq6az for <26561@debbugs.gnu.org>;
 Thu, 20 Apr 2017 10:30:01 +0200 (CEST)
Received: from webmail.lepiller.eu (localhost [127.0.0.1])
 by skaro.lepiller.eu (Postfix) with ESMTPA id D18BE80B1E
 for <26561@debbugs.gnu.org>; Thu, 20 Apr 2017 10:30:00 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lepiller.eu;
 s=default; t=1492677000;
 bh=JZe8PHgTmWLw3gQJROAJ8BXidTmTtar4LEj56Fwz7hM=;
 h=Date:From:To:Subject:In-Reply-To:References:From;
 b=mQ+b5AYBDylX2WZCUNtexjqFqU5ZFvqo7SotuikyVbJS/ONLsboMyXfn6VQqXlITn
 NDJoGkfE9fHmEdRJXZdWOrreekk7XczxYF1D8KCaMfRp7VQ4xC+vPYJNvDKDshzk9r
 oIgq4aUM7dDPbmhApWmVBG1FEBUMr9DdB9xvZ+dwlxOGlJwf0ip2+es/zYZVjYaQGD
 mmuFvNqrvCiT+r62IzmwXu6A8ioqsjHcsgulvYFI9aF19D3A2Q7sxlgW/6xPnWIcQR
 Za9tQAcGjU945xz09KaKl2Rh7mNzhGjkJjGeULp7v+57jYUOI8Y4nSjrRNYNJF49LQ
 mJo60pM7NV1TMorAFA+lVz2Igm1D/5/BaJbihrZcvYQIShY2Py2idnSZAqs5w1HvT8
 zrwtyoQZtrdXlSxqHl/bsYnpxXe13qmwLdu/0otPoSvyQqTNdW0lTcjLdzVYpvgWgm
 oS7RJXjz0WC/Bp7amN91DhOQ+0oXQw+ywqFQ/G6MAx7tt5vL0DaAZb0shJrTzFoQIx
 nkv/hdEISR+483DIC6/BAR3Jd7EegnYA7b++4w8Bdas6I3S+fz75KIDnFvCsECkMVH
 zdrqFAcDrTUbB5WxvuVZklMm7BnZChQ9XTzmkGol3kcER5asIcQ2kxAnZlqvoOO3qp
 WOY1nUHZdaC9PpNuBdnee3yM=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
Date: Thu, 20 Apr 2017 10:30:00 +0200
From: julien lepiller <julien@lepiller.eu>
To: 26561@debbugs.gnu.org
Subject: Re: bug#26561: [PATCH 0/9] SELinux
In-Reply-To: <87r30otbe3.fsf@fastmail.com>
References: <20170419125608.31664-1-rekado@elephly.net>
 <87r30otbe3.fsf@fastmail.com>
Message-ID: <e846b49f5c4dbd643d2772473c1ea7cc@lepiller.eu>
X-Sender: julien@lepiller.eu
User-Agent: Roundcube Webmail/1.2.4
X-Spam-Score: 0.4 (/)
X-Debbugs-Envelope-To: 26561
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.4 (/)

Le 2017-04-19 22:01, Marius Bakke a écrit :
> Ricardo Wurmus <rekado@elephly.net> writes:
> 
>> This patch series adds SELinux libraries and tools.
>> 
>> Ricardo Wurmus (9):
>>   gnu: Add libsepol.
>>   gnu: Add checkpolicy.
>>   gnu: Add libselinux.
>>   gnu: Add libsemanage.
>>   gnu: Add secilc.
>>   gnu: Add python-sepolgen.
>>   gnu: Add python-ipy.
>>   gnu: Add python-setools.
>>   gnu: Add policycoreutils.
> 
> Wow, amazing work! I've read through the patches and they LGTM apart
> from the minor nitpicks sent separately. Thanks a lot for this!

How exciting!

I once tried to install all that on my LFS system, but I couldn't find 
how to enable SELinux (setenforce 1 wouldn't work). Could you explain 
what steps need to be taken so I can activate SELinux on GuixSD? Or what 
is still laking? Could we imagine configuring the policy from the 
operating-system declaration?




From debbugs-submit-bounces@debbugs.gnu.org Fri Apr 21 18:22:00 2017
Received: (at 26561) by debbugs.gnu.org; 21 Apr 2017 22:22:00 +0000
Received: from localhost ([127.0.0.1]:33041 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d1gwC-0002s1-Az
	for submit@debbugs.gnu.org; Fri, 21 Apr 2017 18:22:00 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21093)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d1gwA-0002rs-8E
 for 26561@debbugs.gnu.org; Fri, 21 Apr 2017 18:21:58 -0400
Received: from localhost (xd9ba654b.dyn.telefonica.de [217.186.101.75]) by
 mx.zohomail.com with SMTPS id 1492813315368524.2180721551084;
 Fri, 21 Apr 2017 15:21:55 -0700 (PDT)
References: <20170419125608.31664-1-rekado@elephly.net>
 <20170419142918.11688-1-rekado@elephly.net> <87wpagtbl2.fsf@fastmail.com>
User-agent: mu4e 0.9.18; emacs 25.1.1
From: Ricardo Wurmus <rekado@elephly.net>
To: Marius Bakke <mbakke@fastmail.com>
Subject: Re: bug#26561: [PATCH 1/9] gnu: Add libsepol.
In-reply-to: <87wpagtbl2.fsf@fastmail.com>
X-URL: https://elephly.net
X-PGP-Key: https://elephly.net/rekado.pubkey
X-PGP-Fingerprint: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
Date: Sat, 22 Apr 2017 00:21:52 +0200
Message-ID: <87bmrptn9b.fsf@elephly.net>
MIME-Version: 1.0
Content-Type: text/plain
X-ZohoMailClient: External
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561
Cc: 26561@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)


Marius Bakke <mbakke@fastmail.com> writes:

>> +    (native-inputs
>> +     `(("flex" ,flex)))
>> +    (home-page "http://selinuxproject.org/")
>                      ^^^
> https*

Ha, good catch!  Thanks!

-- 
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net





From debbugs-submit-bounces@debbugs.gnu.org Fri Apr 21 18:41:01 2017
Received: (at 26561-done) by debbugs.gnu.org; 21 Apr 2017 22:41:01 +0000
Received: from localhost ([127.0.0.1]:33046 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d1hEa-0003Il-W7
	for submit@debbugs.gnu.org; Fri, 21 Apr 2017 18:41:01 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21054)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@elephly.net>) id 1d1hEY-0003Id-O1
 for 26561-done@debbugs.gnu.org; Fri, 21 Apr 2017 18:40:59 -0400
Received: from localhost (xd9ba654b.dyn.telefonica.de [217.186.101.75]) by
 mx.zohomail.com with SMTPS id 149281445385774.00050568136817;
 Fri, 21 Apr 2017 15:40:53 -0700 (PDT)
References: <20170419125608.31664-1-rekado@elephly.net>
 <87r30otbe3.fsf@fastmail.com>
User-agent: mu4e 0.9.18; emacs 25.1.1
From: Ricardo Wurmus <rekado@elephly.net>
To: Marius Bakke <mbakke@fastmail.com>
Subject: Re: bug#26561: [PATCH 0/9] SELinux
In-reply-to: <87r30otbe3.fsf@fastmail.com>
X-URL: https://elephly.net
X-PGP-Key: https://elephly.net/rekado.pubkey
X-PGP-Fingerprint: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
Date: Sat, 22 Apr 2017 00:40:51 +0200
Message-ID: <87a879tmdo.fsf@elephly.net>
MIME-Version: 1.0
Content-Type: text/plain
X-ZohoMailClient: External
X-Spam-Score: -1.8 (-)
X-Debbugs-Envelope-To: 26561-done
Cc: 26561-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.8 (-)


Marius Bakke <mbakke@fastmail.com> writes:

> Ricardo Wurmus <rekado@elephly.net> writes:
>
>> This patch series adds SELinux libraries and tools.
>>
>> Ricardo Wurmus (9):
>>   gnu: Add libsepol.
>>   gnu: Add checkpolicy.
>>   gnu: Add libselinux.
>>   gnu: Add libsemanage.
>>   gnu: Add secilc.
>>   gnu: Add python-sepolgen.
>>   gnu: Add python-ipy.
>>   gnu: Add python-setools.
>>   gnu: Add policycoreutils.
>
> Wow, amazing work! I've read through the patches and they LGTM apart
> from the minor nitpicks sent separately. Thanks a lot for this!

Thanks for the review.  I made the suggested changes and pushed to
master with commit 6ef94ecba.

-- 
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net





From unknown Fri Jun 20 07:17:55 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Sat, 20 May 2017 11:24:04 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator