--- /dev/null
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=selinux-python
+PKG_VERSION:=3.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/20200710
+PKG_HASH:=f4d0a1a030bc291a6af498b26e0676b745075dd289a8ba16cdec86c3ea8f2f02
+
+PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=COPYING
+PYTHON3_PKG_BUILD:=0
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include ../../lang/python/python3-package.mk
+
+#
+# common definitions
+#
+
+define Package/selinux-python/Default
+ SECTION:=utils
+ DEPENDS:=+python3 +python3-libselinux
+ CATEGORY:=Utilities
+ URL:=http://selinuxproject.org/page/Main_Page
+endef
+
+define Package/selinux-python/Default/description
+ A set of SELinux tools written in python that help with
+ managing a system with SELinux enabled.
+endef
+
+MAKE_VARS = \
+ PYTHON=$(HOST_PYTHON3_BIN) \
+ PYTHONLIBDIR=$(PYTHON3_PKG_DIR) \
+ $(PYTHON3_VARS)
+
+define Build/Compile
+ $(call Build/Compile/Default,all)
+endef
+
+#
+# selinux-audit2allow
+#
+
+define Package/selinux-audit2allow
+$(call Package/selinux-python/Default)
+ TITLE:=selinux-audit2allow
+ DEPENDS+=+python3-sepolgen +libselinux +libsepol
+endef
+
+define Package/selinux-audit2allow/description
+$(call Package/selinux-python/Default/description)
+ This package contains the audit2allow and audit2why tools.
+endef
+
+define Package/selinux-audit2allow/install
+ $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/audit2allow DESTDIR=$(1) install
+ rm -rf $(1)/usr/share/man
+endef
+
+#
+# selinux-chchat
+#
+
+define Package/selinux-chcat
+$(call Package/selinux-python/Default)
+ TITLE:=selinux-chcat
+endef
+
+define Package/selinux-chcat/description
+$(call Package/selinux-python/Default/description)
+ This package contains the chcat tool.
+endef
+
+define Package/selinux-chcat/install
+ $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/chcat DESTDIR=$(1) install
+ rm -rf $(1)/usr/share
+endef
+
+#
+# selinux-semanage
+#
+
+define Package/selinux-semanage
+$(call Package/selinux-python/Default)
+ TITLE:=selinux-semanage
+ DEPENDS+=+python3-sepolicy +python3-libsemanage +setools
+endef
+
+define Package/selinux-semanage/description
+$(call Package/selinux-python/Default/description)
+ This package contains the semanage tool.
+endef
+
+define Package/selinux-semanage/install
+ $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/semanage DESTDIR=$(1) install
+ rm -rf $(1)/usr/share
+endef
+
+#
+# python3-sepolgen
+#
+
+define Package/python3-sepolgen
+$(call Package/selinux-python/Default)
+ SUBMENU:=Python
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=python3-sepolgen
+endef
+
+define Package/python3-sepolgen/description
+$(call Package/selinux-python/Default/description)
+ This package contains the sepolgen Python library.
+endef
+
+define Package/python3-sepolgen/install
+ $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/sepolgen DESTDIR=$(1) install
+ $(INSTALL_DIR) $(1)/usr/share/sepolgen/
+ $(INSTALL_DATA) $(1)/var/lib/sepolgen/perm_map $(1)/usr/share/sepolgen/perm_map
+ $(RM) -rf $(1)/var
+endef
+
+#
+# python3-sepolicy
+#
+
+define Package/python3-sepolicy
+$(call Package/selinux-python/Default)
+ SUBMENU:=Python
+ SECTION:=lang
+ CATEGORY:=Languages
+ TITLE:=python3-sepolicy
+endef
+
+define Package/python3-sepolicy/description
+$(call Package/selinux-python/Default/description)
+ This package contains the sepolicy Python library.
+endef
+
+define Package/python3-sepolicy/install
+ $(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR)/sepolicy DESTDIR=$(1) install
+ rm -rf $(1)/usr/share
+endef
+
+$(eval $(call BuildPackage,selinux-audit2allow))
+$(eval $(call BuildPackage,selinux-chcat))
+$(eval $(call BuildPackage,selinux-semanage))
+$(eval $(call BuildPackage,python3-sepolgen))
+$(eval $(call BuildPackage,python3-sepolicy))
--- /dev/null
+From 4dfa91b1377b6dc57e66443ea1a08c6d79a3a6e2 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Date: Wed, 2 Oct 2019 12:04:24 +0200
+Subject: [PATCH] sepolgen: adjust data_dir()
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ sepolgen/src/sepolgen/defaults.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sepolgen/src/sepolgen/defaults.py b/sepolgen/src/sepolgen/defaults.py
+index 6e800695..a61d1efd 100644
+--- a/sepolgen/src/sepolgen/defaults.py
++++ b/sepolgen/src/sepolgen/defaults.py
+@@ -57,7 +57,7 @@ Various default settings, including file and directory locations.
+ """
+
+ def data_dir():
+- return "/var/lib/sepolgen"
++ return "/usr/share/sepolgen"
+
+ def perm_map():
+ return data_dir() + "/perm_map"
+--
+2.21.0
+
--- /dev/null
+From a8a7f8fb5cfe95f28cd5f7ff4b4679ca122fe410 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Date: Wed, 2 Oct 2019 13:38:18 +0200
+Subject: [PATCH] sepolgen: don't hardcode search for ausearch in /sbin
+
+ausearch may be installed in another location, just rely on PATH to
+find ausearch.
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ sepolgen/src/sepolgen/audit.py | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
+index 4adb851f..5eafa587 100644
+--- a/sepolgen/src/sepolgen/audit.py
++++ b/sepolgen/src/sepolgen/audit.py
+@@ -41,7 +41,7 @@ def get_audit_boot_msgs():
+ s = time.localtime(time.time() - off)
+ bootdate = time.strftime("%x", s)
+ boottime = time.strftime("%X", s)
+- output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
++ output = subprocess.Popen(["ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
+ stdout=subprocess.PIPE).communicate()[0]
+ if util.PY3:
+ output = util.decode_input(output)
+@@ -56,7 +56,7 @@ def get_audit_msgs():
+ string contain all of the audit messages returned by ausearch.
+ """
+ import subprocess
+- output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"],
++ output = subprocess.Popen(["ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR"],
+ stdout=subprocess.PIPE).communicate()[0]
+ if util.PY3:
+ output = util.decode_input(output)
+--
+2.21.0
+