rpms/xguest/F-8 xguest.spec,1.2,1.3

Daniel J Walsh (dwalsh) fedora-extras-commits at redhat.com
Wed Feb 27 19:21:22 UTC 2008 

Author: dwalsh

Update of /cvs/extras/rpms/xguest/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11609

Modified Files:
	xguest.spec 
Log Message:
* Wed Feb 27 2008 Dan Walsh <dwalsh at redhat.com> - 1.0.6-5
- Leave xguest_u assignment on preun and always set the user to xguest_u on install



Index: xguest.spec
===================================================================
RCS file: /cvs/extras/rpms/xguest/F-8/xguest.spec,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- xguest.spec	19 Feb 2008 15:14:33 -0000	1.2
+++ xguest.spec	27 Feb 2008 19:20:47 -0000	1.3
@@ -1,7 +1,7 @@
 Summary: Creates xguest user as a locked down user 
 Name: xguest
 Version: 1.0.6
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 BuildArch: noarch
@@ -9,8 +9,8 @@
 URL: http://people.fedoraproject.org/~dwalsh/xguest/
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Requires(post): pam >= 0.99.8.1-17 selinux-policy > 3.0.8-60.fc8
-Requires(post): policycoreutils
+Requires(pre): pam >= 0.99.8.1-17 selinux-policy > 3.0.8-60.fc8 selinux-policy-base
+Requires(pre): policycoreutils
 Requires(post): sabayon-apply
 Requires: gdm >= 1:2.20.0-15.fc8
 
@@ -36,8 +36,10 @@
 install -m0644 xguest.zip %{buildroot}/%{_sysconfdir}/desktop-profiles/
 install -m0755 xguest.init %{buildroot}/%{_sysconfdir}/rc.d/init.d/xguest
 
-%post
-if [ $1 = 1 ]; then
+%pre
+if [ $1 -eq 1 ]; then
+semanage user -a -P xguest -R xguest_r xguest_u  2> /dev/null
+(useradd -c "X Guest User" -Z xguest_u xguest || semanage login -a -s xguest_u xguest || semanage login -m -s xguest_u xguest) 2>/dev/null || exit 1
 
 echo -n \
 '
@@ -51,20 +53,24 @@
 
 echo "xguest:exclusive" >> /etc/security/sepermit.conf
 
-semanage user -a -P xguest -R xguest_r xguest_u  2> /dev/null
-useradd -c "X Guest User" -Z xguest_u xguest 2> /dev/null
+setsebool -P allow_polyinstantiation=1 browser_confine_xguest=1 browser_write_xguest_data=1 xguest_connect_network=1 xguest_mount_media=1 xguest_use_bluetooth=1
 
+fi
+
+%post
+if [ $1 -eq 1 ]; then
 /sbin/chkconfig xguest --add
 
+# Add two directories to /etc/skell so pam_namespace will label properly
+mkdir /etc/skel/.mozilla 2> /dev/null
+mkdir /etc/skel/.gnome2 2> /dev/null
+
 /usr/bin/python << __eof
 from sabayon import userdb
 db = userdb.get_database()
 db.set_profile("xguest", "xguest.zip")
 __eof
-setsebool -P allow_polyinstantiation=1 browser_confine_xguest=1 browser_write_xguest_data=1 xguest_connect_network=1 xguest_mount_media=1 xguest_use_bluetooth=1
-# Add two directories to /etc/skell so pam_namespace will label properly
-mkdir /etc/skel/.mozilla 2> /dev/null
-mkdir /etc/skel/.gnome2 2> /dev/null
+
 fi
 
 %files
@@ -74,9 +80,8 @@
 %doc README LICENSE
 
 %preun
-if [ $1 = 0 ]; then
-sed -i '/^xguest$/d' /etc/security/sepermit.conf
-semanage login -d xguest 2> /dev/null
+if [ $1 -eq 0 ]; then
+sed -i '/^xguest/d' /etc/security/sepermit.conf
 sed -i '/^# xguest begin/,/^# xguest end/d' /etc/security/namespace.conf 
 
 /usr/bin/python << __eof
@@ -89,6 +94,9 @@
 fi
 
 %changelog
+* Wed Feb 27 2008 Dan Walsh <dwalsh at redhat.com> - 1.0.6-5
+- Leave xguest_u assignment on preun and always set the user to xguest_u on install
+
 * Mon Feb 11 2008 Florian La Roche <laroche at redhat.com> - 1.0.6-4
 - fix post requires on pam

More information about the fedora-extras-commits mailing list