rpms/netlabel_tools/devel netlabel, NONE, 1.1 netlabel.rules, NONE, 1.1 netlabel_tools.spec, 1.3, 1.4

James Antill (james) fedora-extras-commits at redhat.com
Mon Oct 16 20:38:02 UTC 2006 

Author: james

Update of /cvs/extras/rpms/netlabel_tools/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28543

Modified Files:
	netlabel_tools.spec 
Added Files:
	netlabel netlabel.rules 
Log Message:
* Mon Oct 16 2006 James Antill <james at and.org> - 0.17-3
- Add upstream patch.



--- NEW FILE netlabel ---
#!/bin/sh
#
# netlabel	Start CIPSO labeled networking
#
# chkconfig: - 09 91
# description:	Starts and stops CIPSO labeled networking
#
# config: /etc/netlabel.rules
#
# Return values according to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running

PATH=/sbin:/bin:/usr/bin:/usr/sbin
VAR_SUBSYS_NETLABEL=/var/lock/subsys/netlabel
RULES=/etc/netlabel.rules

# Source function library.
. /etc/init.d/functions

# Check that we are root ... so non-root users stop here
test `id -u` = 0  || exit 4
test -x /sbin/netlabelctl || exit 5
test -f $RULES || exit 6

start() {
    ret_val="0"

    # Loop through rules
    while read LINE
    do
	# Skip comments and blank lines
	if echo $LINE | egrep '^#|^$' >/dev/null ; then
		continue
	fi
	/sbin/netlabelctl $LINE >/dev/null 2>&1
	ret="$?"
	if [ "$ret" != "0" ] ; then
		ret_val="$ret"
	fi
    done < $RULES
    touch $VAR_SUBSYS_NETLABEL
    return $ret_val
}

stop() {
    rm -f $VAR_SUBSYS_NETLABEL

    # Delete rules
    list=`/sbin/netlabelctl cipsov4 list 2>/dev/null`
    ret="$?"
    if [ x"$list" != "x" ] ; then
	for line in "$list"
	do
		/sbin/netlabelctl cipsov4 del "doi:$line" 2>/dev/null
    		ret="$?"
	done
    fi
    return $ret
}

status() {
    # Do not print status if lockfile is missing 
    if [ ! -f "$VAR_SUBSYS_NETLABEL" ]; then
	echo $"Netlabel is stopped."
	return 7
    fi

    # List rules
    /sbin/netlabelctl -p cipsov4 list 2>/dev/null
    ret1="$?"
    /sbin/netlabelctl -p mgmt list 2>/dev/null
    ret2="$?"

    if [ "$ret1" != "0" -o "$ret2" != "0" ] ; then
	return 1
    fi
    return 0
}

restart() {
    stop
    start
}

case "$1" in
    start)
	stop
	start
	RETVAL="$?"
	;;
    stop)
	stop
	RETVAL="$?"
	;;
    restart)
	restart
	RETVAL="$?"
	;;
    condrestart)
	[ -e "$VAR_SUBSYS_NETLABEL" ] && restart
	;;
    status)
	status
	RETVAL="$?"
	;;
    *)
	echo $"Usage: $0 {start|stop|restart|condrestart|status}"
	exit 3
	;;
esac

exit $RETVAL


--- NEW FILE netlabel.rules ---
# This file contains the rules for the Netlabel subsystem
# Each line contains just the arguments to the netlabel command

# creates a CIPSO/IPv4 definition using a DOI value of 1
cipsov4 add std doi:1 tags:1 levels:0=0,1=1,2=2 categories:0=0,1=1,2=2

# tell the NetLabel system to use this CIPSO/IPv4 defintion by default
mgmt add default protocol:cipsov4,1



Index: netlabel_tools.spec
===================================================================
RCS file: /cvs/extras/rpms/netlabel_tools/devel/netlabel_tools.spec,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- netlabel_tools.spec	2 Oct 2006 00:28:43 -0000	1.3
+++ netlabel_tools.spec	16 Oct 2006 20:37:32 -0000	1.4
@@ -4,14 +4,18 @@
 Summary: Tools to manage the Linux NetLabel subsystem
 Name: netlabel_tools
 Version: 0.17
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPL
 Group: System Environment/Daemons
 URL: %{home_base_url}
 Source0: %{home_base_url}/%{name}-%{version}.tar.gz
-Patch: netlabel_tools-0.17-new-hdrs.patch
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: kernel-headers, libnl-devel
+Source1: netlabel
+Source2: netlabel.rules
+Patch1: netlabel_tools-0.17-new-hdrs.patch
+Patch2: netlabel_tools-27_28.patch
+BuildRoot: %{_tmppath}/%{name}-%{version}
+BuildRequires: kernel-headers >= 2.6.18
+BuildRequires: libnl-devel
 
 %description
 NetLabel is a kernel subsystem which implements explicit packet labeling
@@ -23,7 +27,10 @@
 %prep 
 %setup -q -n %{name}-%{version}
 
-%patch -p1
+# Build fixes.
+%patch1 -p1
+# Upstream patch.
+%patch2 -p1
 
 %build
 # Don't use _smp_mflags, it's small and a hand crafted Makefile
@@ -34,6 +41,9 @@
 make INSTALL_PREFIX=${RPM_BUILD_ROOT} \
      INSTALL_MAN_DIR=${RPM_BUILD_ROOT}/usr/share/man \
      install
+mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d/
+install -m 0755 %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/
+install -m 0640 %{SOURCE2} $RPM_BUILD_ROOT/etc/
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -42,9 +52,17 @@
 %defattr(-,root,root)
 %doc docs/*.txt
 %attr(0755,root,root) /sbin/*
+%attr(0755,root,root) /etc/rc.d/init.d/netlabel
+%config(noreplace) %attr(640,root,root) /etc/netlabel.rules
 %attr(0644,root,root) %{_mandir}/man8/*
 
 %changelog
+* Mon Oct 16 2006 James Antill <james at and.org> - 0.17-3
+- Add upstream patch.
+
+* Sat Oct 14 2006 Steve Grubb <sgrubb at redhat.com> - 0.17-3
+- Add init scripts and default rules
+
 * Sun Oct  1 2006 James Antill <james at and.org> - 0.17-2
 - Upgrade to latest upstream.

More information about the fedora-extras-commits mailing list