files context for merged-usr profile on gentoo

[plsph]

As per https://wiki.gentoo.org/wiki/Merge-usr new gentoo profiles use merged-usr by default.
That also means: "/sbin and /usr/sbin are both actually merged to /usr/bin"
Hence these updates on files context.

[pebenito]

Has build issues.

cc: @perfinion @0xC0ncord for comment

[0xC0ncord]

The offending duplicate lines need to be removed to fix the build issues, but otherwise this looks good.

I'm sure there may be more of these needed changes lurking and waiting to be discovered.

[plsph]

Actually I'm on it. Please take a look: gentoo/hardened-refpolicy#2

[plsph]

@0xC0ncord Any progress with that? How can I help?

[0xC0ncord]

I am currently preoccupied with work travel, but I will pick this up as soon as I return. :) Apr 15, 2024 08:46:31 plsph ***@***.***>:

…

@0xC0ncord[https://github.com/0xC0ncord] Any progress with that? How can I help? — Reply to this email directly, view it on GitHub[#768 (comment)], or unsubscribe[https://github.com/notifications/unsubscribe-auth/AB5DZ6KMYBKR3LMSVIGFXJTY5QN73AVCNFSM6AAAAABFVC5OS6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANJXGU4DAOJVG4]. You are receiving this because you were mentioned. [Tracking image][https://github.com/notifications/beacon/AB5DZ6OB6AUFTW5ST7D2FQ3Y5QN73A5CNFSM6AAAAABFVC5OS6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTT2UQYZ2.gif]

[PPN-SD]

@0xC0ncord, what is best if there are other additions ? Make a PR on the contrib gentoo repo or this repo ?
(https://bpa.st/DJOQ , contaminated by formatting for now, sorry)

[plsph]

Is there a chance that someone else could pickup this?

[0xC0ncord]

@0xC0ncord, what is best if there are other additions ? Make a PR on the contrib gentoo repo or this repo ? (bpa.st/DJOQ , contaminated by formatting for now, sorry)

Sorry, when I made the comment above I was implying there may be more of these merged-usr related changes in other paths, but we will find them when we find them -- we don't need to track them all down now.

Please fix the build issues on this PR and let's get it merged here. I will have it merged into Gentoo's policy soon after.

[plsph]

Who should "fix the build issues on this PR"?
Regarding: "The offending duplicate lines need to be removed to fix the build issues"
I don't see output of checks.

[0xC0ncord]

The build errors are coming from here:

/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/traceroute.*.
/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/fping.
/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/arping.
/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/hping2.
/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/smartd.
/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/tcpdump.
/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/iptstate.
/tmp/selinux/sbin/setfiles: file_contexts: Multiple same specifications for /usr/bin/send_arp.

Remove the lines causing these errors from your PR here and it will fix them.

[plsph]

My bad, fixed.

[0xC0ncord]

Looks good! Please squash your commits and I think it will be ready to merge.

[0xC0ncord]

@plsph Thanks for your work!

@pebenito I think this is ready. :)

[pebenito]

Please move to line 56, above the /usr/lib lines.

[pebenito]

Please move to line 76 (after all the /usr/bin entires), with empty lines before and after.

[pebenito]

Did you add the changes when you amended your commit? GitHub's compare for the most recent force push says no changes.

[plsph]

Sorry, my bad.