157 lines
5.5 KiB
RPMSpec
157 lines
5.5 KiB
RPMSpec
#
|
|
# spec file for package libsemanage
|
|
#
|
|
# Copyright (c) 2023 SUSE LLC
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
%define soversion 2
|
|
%define libname libsemanage%{soversion}
|
|
|
|
Name: libsemanage
|
|
Version: 3.5
|
|
Release: 0
|
|
Summary: SELinux policy management library
|
|
License: LGPL-2.1-or-later
|
|
Group: Development/Libraries/C and C++
|
|
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
|
|
Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz
|
|
Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz.asc
|
|
Source2: libsemanage.keyring
|
|
Source3: baselibs.conf
|
|
Source4: semanage.conf
|
|
# PATCH-FIX-UPSTREAM bsc#1133102 LTO: Update map file to include new symbols and remove wildcards
|
|
# For now we need to disable this. This breaks e.g. shadow and also other packages in security:SELinux
|
|
#Patch0: libsemanage-update-map-file.patch
|
|
BuildRequires: audit-devel
|
|
BuildRequires: bison
|
|
BuildRequires: fdupes
|
|
BuildRequires: flex
|
|
BuildRequires: libbz2-devel
|
|
BuildRequires: libselinux-devel
|
|
BuildRequires: libsepol-devel
|
|
BuildRequires: pkgconfig
|
|
|
|
%description
|
|
libsemanage is the policy management library. Using libsepol and
|
|
libselinux to interact with the SELinux system, it also calls helper
|
|
programs for loading policy and for checking whether the
|
|
file_contexts configuration is valid.
|
|
|
|
%package -n %{libname}
|
|
Summary: SELinux policy management library
|
|
Group: System/Libraries
|
|
Suggests: %{name}-migrate-store
|
|
Requires: %{name}-conf >= %{version}
|
|
|
|
%description -n %{libname}
|
|
libsemanage is the policy management library. Using libsepol and
|
|
libselinux to interact with the SELinux system, it also calls helper
|
|
programs for loading policy and for checking whether the
|
|
file_contexts configuration is valid.
|
|
|
|
(Security-enhanced Linux is a feature of the kernel and some
|
|
utilities that implement mandatory access control policies, such as
|
|
Type Enforcement, Role-based Access Control and Multi-Level
|
|
Security.)
|
|
|
|
%package conf
|
|
Summary: Configuration for the SELinux policy management library
|
|
# before 3.1 the config file wasn't separated, so no parallel install is possible
|
|
Group: System/Libraries
|
|
Conflicts: %{name}1 <= 3.1
|
|
|
|
%description conf
|
|
Configuration file for libsemanage. Moved to a separate package to allow
|
|
parallel installation
|
|
|
|
%package devel
|
|
Summary: Header files and libraries for SELinux's policy management libary
|
|
Group: Development/Libraries/C and C++
|
|
Requires: %{libname} = %{version}
|
|
|
|
%description devel
|
|
The libsemanage-devel package contains the libraries and header files
|
|
needed for developing applications that manipulate SELinux policies.
|
|
|
|
%package devel-static
|
|
Summary: Static archives for SELinux's policy management library
|
|
Group: Development/Libraries/C and C++
|
|
Requires: libsemanage-devel
|
|
|
|
%description devel-static
|
|
The libsemanage-devel-static package contains the static libraries
|
|
needed for developing applications that manipulate binary policies.
|
|
|
|
%package migrate-store
|
|
Summary: SELinux Policy Store Migration
|
|
Group: Productivity/Security
|
|
|
|
%description migrate-store
|
|
In version 2.4 of libsemanage, libsepol, and policycoreutils, the policy
|
|
module store was moved from /etc/selinux/<store>/modules/ to
|
|
/var/lib/selinux/<store>/. Once the libraries are upgraded, all policy
|
|
stores must be migrated before any commands that modify or use the store
|
|
(e.g. semodule, semanage) can be executed.
|
|
|
|
%prep
|
|
%setup -q
|
|
# Replace /usr/libexec with whatever the distro defines as libexecdir - across all files
|
|
grep /usr/libexec . -rl | xargs sed -i "s|/usr/libexec|%{_libexecdir}|g"
|
|
|
|
%build
|
|
%define _lto_cflags %{nil}
|
|
%make_build clean
|
|
%make_build CFLAGS="%{optflags} -fno-semantic-interposition" CC="gcc"
|
|
%make_build CFLAGS="%{optflags} -fno-semantic-interposition" LIBDIR="%{_libdir}" LIBEXECDIR="%{_libexecdir}" SHLIBDIR="%{_lib}" CC="gcc" all
|
|
|
|
%install
|
|
mkdir -p %{buildroot}/%{_lib}
|
|
mkdir -p %{buildroot}%{_libdir}
|
|
mkdir -p %{buildroot}%{_includedir}
|
|
mkdir -p %{buildroot}%{_localstatedir}/lib/selinux
|
|
%make_install LIBDIR="%{_libdir}" LIBEXECDIR="%{_libexecdir}" SHLIBDIR="%{_libdir}"
|
|
ln -sf %{_libdir}/libsemanage.so.%{soversion} %{buildroot}/%{_libdir}/libsemanage.so
|
|
cp %{SOURCE4} %{buildroot}%{_sysconfdir}/selinux/semanage.conf
|
|
# Remove duplicate files
|
|
%fdupes -s %{buildroot}%{_mandir}
|
|
|
|
%post -n %{libname} -p /sbin/ldconfig
|
|
%postun -n %{libname} -p /sbin/ldconfig
|
|
|
|
%files -n %{libname}
|
|
%{_libdir}/libsemanage.so.*
|
|
%dir %{_localstatedir}/lib/selinux
|
|
|
|
%files conf
|
|
%dir %{_sysconfdir}/selinux
|
|
%config(noreplace) %{_sysconfdir}/selinux/semanage.conf
|
|
|
|
%files devel
|
|
%{_libdir}/libsemanage.so
|
|
%{_libdir}/pkgconfig/libsemanage.pc
|
|
%{_includedir}/semanage/
|
|
%{_mandir}/man3/*
|
|
%{_mandir}/man5/*
|
|
%{_mandir}/ru/man5/*
|
|
|
|
%files migrate-store
|
|
%dir %{_libexecdir}/selinux
|
|
%{_libexecdir}/selinux/
|
|
|
|
%files devel-static
|
|
%{_libdir}/libsemanage.a
|
|
|
|
%changelog
|