rpms/ipa/F-8 ipa.spec,1.3,1.4 sources,1.3,1.4
Robert Crittenden (rcritten)
fedora-extras-commits at redhat.com
Fri Feb 22 20:43:19 UTC 2008
Author: rcritten
Update of /cvs/extras/rpms/ipa/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10395
Modified Files:
ipa.spec sources
Log Message:
Pull upstream changelog 678
Add new subpackage, ipa-server-selinux
Add Requires: authconfig to ipa-python (bz #433747)
Package i18n files
Index: ipa.spec
===================================================================
RCS file: /cvs/extras/rpms/ipa/F-8/ipa.spec,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ipa.spec 18 Feb 2008 15:16:57 -0000 1.3
+++ ipa.spec 22 Feb 2008 20:42:35 -0000 1.4
@@ -2,10 +2,11 @@
%define plugin_dir %{_libdir}/dirsrv/plugins
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
+%define POLICYCOREUTILSVER 1.33.12-1
Name: ipa
Version: 0.99
-Release: 9%{?dist}
+Release: 10%{?dist}
Summary: The Identity, Policy and Audit system
Group: System Environment/Base
@@ -14,7 +15,8 @@
Source0: freeipa-%{version}.tar.gz
# Tree is not tagged or branched at 1.0 yet (soon). The tar.gz was created
# with:
-# hg clone -r 641 http://hg.fedorahosted.org/hg/freeipa freeipa-0.99
+# hg clone -r 678 http://hg.fedorahosted.org/hg/freeipa freeipa-0.99
+# rm -rf freeipa-0.99/.hg freeipa-0.99/.hgtags
# tar czf freeipa-0.99.tar.gz freeipa-0.99
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -34,6 +36,10 @@
%else
BuildRequires: popt-devel
%endif
+BuildRequires: selinux-policy-devel
+BuildRequires: m4
+BuildRequires: policycoreutils >= %{POLICYCOREUTILSVER}
+BuildRequires: TurboGears
%description
IPA is an integrated solution to provide centrally managed Identity (machine,
@@ -47,6 +53,7 @@
Requires: %{name}-python = %{version}-%{release}
Requires: %{name}-client = %{version}-%{release}
Requires: %{name}-admintools = %{version}-%{release}
+Requires: %{name}-server-selinux = %{version}-%{release}
Requires: fedora-ds-base >= 1.1
Requires: openldap-clients
Requires: nss
@@ -78,6 +85,20 @@
this package).
+%package server-selinux
+Summary: SELinux rules for ipa-server daemons
+Group: System Environment/Base
+Requires: %{name}-server = %{version}-%{release}
+Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER} libsemanage
+
+%description server-selinux
+IPA is an integrated solution to provide centrally managed Identity (machine,
+user, virtual machines, groups, authentication credentials), Policy
+(configuration settings, access control information) and Audit (events,
+logs, analysis thereof). This package provides SELinux rules for the
+daemons included in ipa-server
+
+
%package client
Summary: IPA authentication for use on clients
Group: System Environment/Base
@@ -111,6 +132,7 @@
Summary: Python libraries used by IPA
Group: System Environment/Libraries
Requires: python-kerberos
+Requires: authconfig
%description python
IPA is an integrated solution to provide centrally managed Identity (machine,
@@ -154,10 +176,15 @@
cd ipa-client; ./autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} --localstatedir=%{_localstatedir} --libdir=%{_libdir}; cd ..
make %{?_smp_mflags} all
+cd ipa-server/selinux
+# This isn't multi-process make capable yet
+make all
%install
-rm -rf $RPM_BUILD_ROOT
-make install DESTDIR=$RPM_BUILD_ROOT
+rm -rf %{buildroot}
+make install DESTDIR=%{buildroot}
+cd ipa-server/selinux
+make install DESTDIR=%{buildroot}
# Remove .la files from libtool - we don't want to package
# these files
@@ -176,7 +203,7 @@
%{buildroot}%{_usr}/share/ipa/html/unauthorized.html
%clean
-rm -rf $RPM_BUILD_ROOT
+rm -rf %{buildroot}
%post server
if [ $1 = 1 ]; then
@@ -198,6 +225,48 @@
/sbin/service ipa_webgui condrestart >/dev/null 2>&1 || :
fi
+%pre server-selinux
+if [ -s /etc/selinux/config ]; then
+ . %{_sysconfdir}/selinux/config
+ FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
+ if [ "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT} ]; then \
+ cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.%{name}
+ fi
+fi
+
+%post server-selinux
+semodule -s targeted -i /usr/share/selinux/targeted/ipa_webgui.pp /usr/share/selinux/targeted/ipa_kpasswd.pp
+. %{_sysconfdir}/selinux/config
+FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
+selinuxenabled
+if [ $? == 0 -a "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT}.%{name} ]; then
+ fixfiles -C ${FILE_CONTEXT}.%{name} restore
+ rm -f ${FILE_CONTEXT}.%name
+fi
+
+%preun server-selinux
+if [ $1 = 0 ]; then
+if [ -s /etc/selinux/config ]; then
+ . %{_sysconfdir}/selinux/config
+ FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
+ if [ "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT} ]; then \
+ cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.%{name}
+ fi
+fi
+fi
+
+%postun server-selinux
+if [ $1 = 0 ]; then
+semodule -s targeted -r ipa_webgui ipa_kpasswd
+. %{_sysconfdir}/selinux/config
+FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
+selinuxenabled
+if [ $? == 0 -a "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT}.%{name} ]; then
+ fixfiles -C ${FILE_CONTEXT}.%{name} restore
+ rm -f ${FILE_CONTEXT}.%name
+fi
+fi
+
%files server
%doc LICENSE README
@@ -223,12 +292,15 @@
%config(noreplace) %{_sysconfdir}/ipa/html/unauthorized.html
%{_usr}/share/ipa/ipa_webgui.cfg
%{_usr}/share/ipa/ipa.conf
+%{_usr}/share/ipa/ipa-rewrite.conf
%dir %{_usr}/share/ipa/ipagui
%{_usr}/share/ipa/ipagui/*
%dir %{_usr}/share/ipa/ipa_gui.egg-info
%{_usr}/share/ipa/ipa_gui.egg-info/*
%dir %{_usr}/share/ipa/ipaserver
-%dir %{_usr}/share/ipa/ipaserver/*
+%{_usr}/share/ipa/ipaserver/*
+%dir %{_usr}/share/ipa/locales/
+%{_usr}/share/ipa/locales/*
%attr(755,root,root) %{plugin_dir}/libipa_pwd_extop.so
%attr(755,root,root) %{plugin_dir}/libipa-memberof-plugin.so
%attr(755,root,root) %{plugin_dir}/libipa-dna-plugin.so
@@ -238,6 +310,10 @@
%dir %{python_sitelib}/ipaserver
%{python_sitelib}/ipaserver/*.py*
+%files server-selinux
+%{_usr}/share/selinux/targeted/ipa_webgui.pp
+%{_usr}/share/selinux/targeted/ipa_kpasswd.pp
+
%files client
%doc LICENSE README
%{_sbindir}/ipa-client-install
@@ -317,6 +393,12 @@
%{_sbindir}/ipa-modradiusprofile
%changelog
+* Thu Feb 21 2008 Rob Crittenden <rcritten at redhat.com> 0.99-10
+- Pull upstream changelog 678
+- Add new subpackage, ipa-server-selinux
+- Add Requires: authconfig to ipa-python (bz #433747)
+- Package i18n files
+
* Mon Feb 18 2008 Rob Crittenden <rcritten at redhat.com> 0.99-9
- Pull upstream changelog 641
- Require minimum version of krb5-server on F-7 and F-8
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/ipa/F-8/sources,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- sources 18 Feb 2008 15:16:57 -0000 1.3
+++ sources 22 Feb 2008 20:42:35 -0000 1.4
@@ -1 +1 @@
-63df634639113ae48fc8684ce6c6aa7d freeipa-0.99.tar.gz
+c7a34e9f06f2685681fc2f1a47cc7ad9 freeipa-0.99.tar.gz
More information about the fedora-extras-commits
mailing list