rpms/selinux-policy-targeted/devel selinux-policy.spec, NONE, 1.1 Makefile, 1.1, 1.2 sources, 1.125, 1.126
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Nov 9 21:45:09 UTC 2005
Author: dwalsh
Update of /cvs/dist/rpms/selinux-policy-targeted/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv31618
Modified Files:
Makefile sources
Added Files:
selinux-policy.spec
Log Message:
* Wed Nov 9 2003 Dan Walsh <dwalsh at redhat.com> 2.0.0-3
- Initial version
--- NEW FILE selinux-policy.spec ---
%define distro redhat
%define direct_initrc y
%define monolithic n
%define polname1 targeted
%define type1 targeted-mcs
%define polname2 strict
%define type2 strict-mcs
%define POLICYDIR1 /etc/selinux/%{polname1}
%define POLICYDIR2 /etc/selinux/%{polname2}
%define FILE_CONTEXT1 %{POLICYDIR1}/contexts/files/file_contexts
%define FILE_CONTEXT2 %{POLICYDIR2}/contexts/files/file_contexts
Summary: SELinux policy configuration
%define POLICYCOREUTILSVER 1.27.26-1
%define CHECKPOLICYVER 1.27.17-5
Name: selinux-policy
Version: 2.0.0
Release: 0.3
License: GPL
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
Source1: seusers
Source2: setrans.conf
Url: http://serefpolicy.sourceforge.net
BuildRoot: %{_tmppath}/serefpolicy-buildroot
BuildArch: noarch
# FIXME Need to ensure these have correct versions
BuildRequires: checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils >= %{POLICYCOREUTILSVER}
Requires: policycoreutils >= %{POLICYCOREUTILSVER}
Obsoletes: policy
%description
SELinux Reference Policy - modular.
%prep
%setup -q -n serefpolicy-%{version}
make conf
%build
%install
%{__rm} -fR $RPM_BUILD_ROOT
make NAME=%{polname1} TYPE=%{type1} DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=%{monolithic} base.pp
make NAME=%{polname1} TYPE=%{type1} DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=%{monolithic} modules
%{__mkdir} -p $RPM_BUILD_ROOT/%{_usr}/share/selinux/%{polname1}/
%{__cp} *.pp $RPM_BUILD_ROOT/%{_usr}/share/selinux/%{polname1}/
%{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%{polname1}/policy
%{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%{polname1}/modules/active
%{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%{polname1}/contexts/files
make NAME=%{polname1} TYPE=%{type1} DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=y DESTDIR=$RPM_BUILD_ROOT install-appconfig
install -m0644 %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/selinux/%{polname1}/modules/active/seusers
install -m0644 %{SOURCE2} ${RPM_BUILD_ROOT}%{_sysconfdir}/selinux/%{polname1}/setrans.conf
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%{polname1}/booleans
# Commented out because only targeted ref policy currently builds
# Uncomment to make strict base policy and strict packages for each module
#make NAME=%{polname2} TYPE=%{type2} DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=%{monolithic} base.pp
#make NAME=%{polname2} TYPE=%{type2} DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=%{monolithic} modules
#%{__mkdir} -p $RPM_BUILD_ROOT/%{_usr}/share/selinux/%{polname2}/
#%{__cp} *.pp $RPM_BUILD_ROOT/%{_usr}/share/selinux/%{polname2}/
#%{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%{polname2}/policy
#%{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%{polname2}/contexts/files
#make NAME=%{polname2} TYPE=%{type2} DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=y DESTDIR=$RPM_BUILD_ROOT install-appconfig
#rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%{polname2}/booleans
%clean
%{__rm} -fR $RPM_BUILD_ROOT
%package %{polname1}
Summary: SELinux %{polname1} base policy
Group: System Environment/Base
Provides: selinux-policy-base
Obsoletes: selinux-policy-%{polname1}-sources
%description %{polname1}
SELinux Reference policy targeted base module.
%files %{polname1}
%defattr(-,root,root)
%dir %{_usr}/share/selinux
%dir %{_usr}/share/selinux/%{polname1}
%dir %{_usr}/share/selinux/%{polname1}
%config %{_usr}/share/selinux/%{polname1}/base.pp
%dir %{_sysconfdir}/selinux
#%ghost %config(noreplace) %{_sysconfdir}/selinux/config
%dir %{_sysconfdir}/selinux/%{polname1}
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/setrans.conf
%dir %{_sysconfdir}/selinux/%{polname1}/policy
%dir %{_sysconfdir}/selinux/%{polname1}/modules
%dir %{_sysconfdir}/selinux/%{polname1}/modules/active
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/modules/active/seusers
%ghost %{_sysconfdir}/selinux/%{polname1}/policy/
%dir %{_sysconfdir}/selinux/%{polname1}/contexts
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/customizable_types
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/dbus_contexts
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/default_contexts
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/default_type
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/failsafe_context
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/initrc_context
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/removable_context
%config(noreplace) %{_sysconfdir}/selinux/%{polname1}/contexts/userhelper_context
%dir %{_sysconfdir}/selinux/%{polname1}/contexts/files
#%ghost %config %{_sysconfdir}/selinux/%{polname1}/contexts/files/file_contexts
#%ghost %config %{_sysconfdir}/selinux/%{polname1}/contexts/files/homedir_template
#%ghost %config %{_sysconfdir}/selinux/%{polname1}/contexts/files/file_contexts.homedirs
%config %{_sysconfdir}/selinux/%{polname1}/contexts/files/media
#%ghost %dir %{_sysconfdir}/selinux/%{polname1}/modules
%pre %{polname1}
. %{_sysconfdir}/selinux/config
if [ "${SELINUXTYPE}" == "%{polname1}" -a -f %{FILE_CONTEXT1} ]; then
cp -f %{FILE_CONTEXT1} %{FILE_CONTEXT1}.pre
fi
%post %{polname1}
if [ ! -s /etc/selinux/config ]; then
#
# New install so we will default to targeted policy
#
echo "
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
" > /etc/selinux/config
ln -sf /etc/selinux/config /etc/sysconfig/selinux
restorecon /etc/selinux/config 2> /dev/null
else
# if first time update booleans.local needs to be copied to sandbox
if [ -f /etc/selinux/%{polname1}/booleans.local ]; then
mv /etc/selinux/%{polname1}/booleans.local /etc/selinux/%{polname1}/modules/active/
[ -f /etc/selinux/%{polname1}/seusers ] && cp -f /etc/selinux/%{polname1}/seusers /etc/selinux/%{polname1}/modules/active/seusers
fi
grep -q "^SETLOCALDEFS" /etc/selinux/config || echo -n "
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
">> /etc/selinux/config
fi
semodule -b /usr/share/selinux/%{polname1}/base.pp -s %{polname1}
for file in $(ls /usr/share/selinux/%{polname1} | grep -v base.pp)
do
semodule -i /usr/share/selinux/%{polname1}/$file -s %{polname1}
done
. %{_sysconfdir}/selinux/config
if [ "${SELINUXTYPE}" == "%{polname1}" -a -f %{FILE_CONTEXT1}.pre ]; then
fixfiles -C %{FILE_CONTEXT1}.pre restore
fi
#%package strict
#Summary: SELinux %{polname2} base policy
#Group: System Environment/Base
#Provides: selinux-policy-base
#Obsoletes: selinux-policy-%{polname1}-sources
#
#%description strict
#SELinux Reference policy strict base module.
#
#%files strict
#%defattr(-,root,root)
#%dir %{_usr}/share/selinux
#%dir %{_usr}/share/selinux/%{polname2}
#%dir %{_usr}/share/selinux/%{polname2}
#%config %{_usr}/share/selinux/%{polname2}/base.pp
#%dir %{_sysconfdir}/selinux
##%ghost %config(noreplace) %{_sysconfdir}/selinux/config
#%dir %{_sysconfdir}/selinux/%{polname2}
#%dir %{_sysconfdir}/selinux/%{polname2}/policy
##%ghost %config %{_sysconfdir}/selinux/%{polname2}/policy/policy.*
#%dir %{_sysconfdir}/selinux/%{polname2}/contexts
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/customizable_types
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/dbus_contexts
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/default_contexts
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/default_type
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/failsafe_context
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/initrc_context
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/removable_context
#%config(noreplace) %{_sysconfdir}/selinux/%{polname2}/contexts/userhelper_context
#%dir %{_sysconfdir}/selinux/%{polname2}/contexts/files
##%ghost %config %{_sysconfdir}/selinux/%{polname2}/contexts/files/file_contexts
##%ghost %config %{_sysconfdir}/selinux/%{polname2}/contexts/files/homedir_template
##%ghost %config %{_sysconfdir}/selinux/%{polname2}/contexts/files/file_contexts.homedirs
#%config %{_sysconfdir}/selinux/%{polname2}/contexts/files/media
##%ghost %dir %{_sysconfdir}/selinux/%{polname2}/modules
#
#%pre strict
#. %{_sysconfdir}/selinux/config
#if [ "${SELINUXTYPE}" == "%{polname2}" -a -f %{FILE_CONTEXT2} ]; then
# cp -f %{FILE_CONTEXT2} %{FILE_CONTEXT2}.pre
#fi
#
#%post strict
#semodule -b /usr/share/selinux/%{polname2}/base.pp -s %{polname2}
#for file in $(ls /usr/share/selinux/%{polname2} | grep -v base.pp)
#do semodule -i /usr/share/selinux/%{polname2}/$file -s %{polname2}
#done
#. %{_sysconfdir}/selinux/config
#if [ "${SELINUXTYPE}" == "%{polname2}" -a -f %{FILE_CONTEXT2}.pre ]; then
# fixfiles -C %{FILE_CONTEXT2}.pre restore
#fi
%changelog
* Wed Nov 9 2003 Dan Walsh <dwalsh at redhat.com> 2.0.0-3
- Initial version
Index: Makefile
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/Makefile,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Makefile 9 Sep 2004 12:11:05 -0000 1.1
+++ Makefile 9 Nov 2005 21:45:07 -0000 1.2
@@ -1,6 +1,6 @@
# Makefile for source rpm: selinux-policy-targeted
# $Id$
-NAME := selinux-policy-targeted
+NAME := selinux-policy
SPECFILE = $(firstword $(wildcard *.spec))
include ../common/Makefile.common
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/selinux-policy-targeted/devel/sources,v
retrieving revision 1.125
retrieving revision 1.126
diff -u -r1.125 -r1.126
--- sources 21 Oct 2005 18:20:58 -0000 1.125
+++ sources 9 Nov 2005 21:45:07 -0000 1.126
@@ -1 +1 @@
-7a3f5b1224a4d1475fb146b2fb6950bc policy-1.27.2.tgz
+
More information about the fedora-cvs-commits
mailing list