gnu: SELinux: Update to 3.0.

* gnu/packages/selinux.scm (libsepol): Update to 3.0.
[arguments]: Don't set DESTDIR.  Change PYSITEDIR to PYTHONLIBDIR.  Drop phase
'remove-Werror'.
(libselinux)[arguments]: Add substitution to use the correct Python directory.
(libsemanage)[arguments]: Change PYSITEDIR to PYTHONLIBDIR.  Add phase
'adjust-semanage-conf-location'.
[inputs]: Remove USTR.
(policycoreutils)[arguments]: Remove obsolete substitution.

gnu/packages/selinux.scm

@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2016, 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2019 Marius Bakke <mbakke@fastmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -39,7 +40,6 @@
   #:use-module (gnu packages python)
   #:use-module (gnu packages python-xyz)
   #:use-module (gnu packages swig)
-  #:use-module (gnu packages textutils)
   #:use-module (gnu packages xml))
 
 ;; Update the SELinux packages together!
@@ -47,8 +47,8 @@
 (define-public libsepol
   (package
     (name "libsepol")
-    (version "2.7")
+    (version "3.0")
-    (source (let ((release "20170804"))
+    (source (let ((release "20191204"))
               (origin
                 (method git-fetch)
                 (uri (git-reference
@@ -57,7 +57,7 @@
                 (file-name (string-append "selinux-" release "-checkout"))
                 (sha256
                  (base32
-                  "1l1nn8bx08v4cxkw5kb0wgr61rfqj5ra9dh1dy5jslillj93vivq")))))
+                  "05rpzm72cgprd0ccr6lvx9hm8j8b5nkqi4avshlsyg7s3sdlcxjs")))))
     (build-system gnu-build-system)
     (arguments
      `(#:tests? #f ; tests require checkpolicy, which requires libsepol
@@ -65,7 +65,7 @@
        #:make-flags
        (let ((out (assoc-ref %outputs "out")))
          (list (string-append "PREFIX=" out)
-               (string-append "DESTDIR=" out)
+               (string-append "SHLIBDIR=" out "/lib")
                (string-append "MAN3DIR=" out "/share/man/man3")
                (string-append "MAN5DIR=" out "/share/man/man5")
                (string-append "MAN8DIR=" out "/share/man/man8")
@@ -139,7 +139,7 @@ module into a binary representation.")
                 (string-append "LIBSEPOLA="
                               (assoc-ref %build-inputs "libsepol")
                               "/lib/libsepol.a")
-                (string-append "PYSITEDIR="
+                (string-append "PYTHONLIBDIR="
                                (assoc-ref %outputs "python")
                                "/lib/python"
                                ,(version-major+minor (package-version python))
@@ -150,19 +150,17 @@ module into a binary representation.")
            (delete 'portability)
            (replace 'enter-dir
              (lambda _ (chdir ,name) #t))
-           (add-after 'enter-dir 'remove-Werror
-             (lambda _
-               ;; GCC complains about the fact that the output does not (yet)
-               ;; have an "include" directory, even though it is referenced.
-               (substitute* '("src/Makefile"
-                              "utils/Makefile")
-                 (("-Werror ") ""))
-               #t))
            (add-after 'build 'pywrap
              (lambda* (#:key make-flags #:allow-other-keys)
                (apply invoke "make" "pywrap" make-flags)))
            (add-after 'install 'install-pywrap
-             (lambda* (#:key make-flags #:allow-other-keys)
+             (lambda* (#:key make-flags outputs #:allow-other-keys)
+               ;; The build system uses "python setup.py install" to install
+               ;; Python bindings.  Instruct it to use the correct output.
+               (substitute* "src/Makefile"
+                 (("--prefix=\\$\\(PREFIX\\)")
+                  (string-append "--prefix=" (assoc-ref outputs "python"))))
+
                (apply invoke "make" "install-pywrap" make-flags)))))))
     ;; These libraries are in "Requires.private" in libselinux.pc.
     (propagated-inputs
@@ -191,7 +189,7 @@ the core SELinux management utilities.")
      (substitute-keyword-arguments (package-arguments libsepol)
        ((#:make-flags flags)
         `(cons* "PYTHON=python3"
-                (string-append "PYSITEDIR="
+                (string-append "PYTHONLIBDIR="
                                (assoc-ref %outputs "out")
                                "/lib/python"
                                ,(version-major+minor (package-version python))
@@ -202,6 +200,12 @@ the core SELinux management utilities.")
            (delete 'portability)
            (replace 'enter-dir
              (lambda _ (chdir ,name) #t))
+           (add-before 'install 'adjust-semanage-conf-location
+             (lambda _
+               (substitute* "src/Makefile"
+                 (("DEFAULT_SEMANAGE_CONF_LOCATION=/etc")
+                  "DEFAULT_SEMANAGE_CONF_LOCATION=$(PREFIX)/etc"))
+               #t))
            (add-after 'build 'pywrap
              (lambda* (#:key make-flags #:allow-other-keys)
                (apply invoke "make" "pywrap" make-flags)))
@@ -212,7 +216,6 @@ the core SELinux management utilities.")
      `(("libsepol" ,libsepol)
        ("libselinux" ,libselinux)
        ("audit" ,audit)
-       ("ustr" ,ustr)
        ;; For pywrap phase
        ("python" ,python-wrapper)))
     (native-inputs
@@ -393,11 +396,6 @@ tools, and libraries designed to facilitate SELinux policy analysis.")
            (lambda _ (chdir ,name) #t))
          (add-after 'enter-dir 'ignore-/usr-tests
            (lambda* (#:key inputs #:allow-other-keys)
-             ;; The Makefile decides to build restorecond only if it finds the
-             ;; inotify header somewhere under /usr.
-             (substitute* "Makefile"
-               (("ifeq.*") "")
-               (("endif.*") ""))
              ;; Rewrite lookup paths for header files.
              (substitute* '("newrole/Makefile"
                             "setfiles/Makefile"