diff --git a/_multibuild b/_multibuild
new file mode 100644
index 0000000..81625e2
--- /dev/null
+++ b/_multibuild
@@ -0,0 +1,4 @@
+
+ libselinux-bindings
+
+
diff --git a/libselinux-bindings.changes b/libselinux-bindings.changes
new file mode 100644
index 0000000..d695b58
--- /dev/null
+++ b/libselinux-bindings.changes
@@ -0,0 +1,489 @@
+-------------------------------------------------------------------
+Fri Aug 4 13:14:19 UTC 2023 - Matej Cepl
+
+- (bsc#1212618) Divide libselinux and libselinux-bindings again.
+ libselinux itself is in Ring0 so it has to have absolutely
+ minimal dependencies, so it is better to separate
+ libselinux-bindings into a separate pacakge.
+
+-------------------------------------------------------------------
+Tue Jun 20 13:34:39 UTC 2023 - Johannes Segitz
+
+- Add explicit BuildRequires for python3-pip and python3-wheel on
+ 15.5, currently the macros don't do the right thing
+
+-------------------------------------------------------------------
+Thu Jun 1 11:50:33 UTC 2023 - Johannes Kastl
+
+- allow building this with different python versions, to make this
+ usable for the new sle15 macro (using python3.11)
+
+-------------------------------------------------------------------
+Fri May 5 12:35:31 UTC 2023 - Daniel Garcia
+
+- Add python-wheel build dependency to build correctly with latest
+ python-pip version.
+
+-------------------------------------------------------------------
+Thu May 4 14:04:04 UTC 2023 - Frederic Crozat
+
+- Add _multibuild to define additional spec files as additional
+ flavors.
+ Eliminates the need for source package links in OBS.
+
+
+-------------------------------------------------------------------
+Thu Mar 23 15:39:15 UTC 2023 - Martin Liška
+
+- Enable LTO as it works fine now.
+
+-------------------------------------------------------------------
+Fri Feb 24 07:42:25 UTC 2023 - Johannes Segitz
+
+- Update to version 3.5:
+ * check for truncations
+ * avoid newline in avc message
+ * bail out on path truncations
+ * add getpidprevcon to gather the previous context before the last
+ exec of a given process
+ * Workaround for heap overhead of pcre
+ * fix memory leaks on the audit2why module init
+ * ignore invalid class name lookup
+- Drop restorecon_pin_file.patch, is upstream
+- Refreshed python3.8-compat.patch
+- Added additional developer key (Jason Zaman)
+
+-------------------------------------------------------------------
+Mon May 9 10:23:32 UTC 2022 - Johannes Segitz
+
+- Update to version 3.4:
+ * Use PCRE2 by default
+ * Make selinux_log() and is_context_customizable() thread-safe
+ * Prevent leakeing file descriptors
+ * Correctly hash specfiles larger than 4G
+- Refreshed skip_cycles.patch
+
+-------------------------------------------------------------------
+Thu Nov 11 13:25:30 UTC 2021 - Johannes Segitz
+
+- Update to version 3.3:
+ * Lots of smaller issues fixed found by fuzzing
+
+-------------------------------------------------------------------
+Wed Mar 17 15:17:27 UTC 2021 - Dominique Leuenberger
+
+- Switch to pcre2:
+ + Replace pcre-devel BuildRequires with pkgconfig(libpcre2-8)
+ + Pass USE_PCRE2=y to make.
+
+-------------------------------------------------------------------
+Tue Mar 9 09:01:15 UTC 2021 - Johannes Segitz
+
+- Update to version 3.2:
+ * Use mmap()'ed kernel status page instead of netlink by default.
+ See "KERNEL STATUS PAGE" section in avc_init(3) for more details.
+ * New log callback levels for enforcing and policy load notices -
+ SELINUX_POLICYLOAD, SELINUX_SETENFORCE
+ * Changed userspace AVC setenforce and policy load messages to audit
+ format.
+
+-------------------------------------------------------------------
+Tue Jul 14 08:24:20 UTC 2020 - Johannes Segitz
+
+- Update to version 3.1:
+ * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were
+ removed. All userspace object managers should have been updated to use the
+ dynamic class/perm mapping support.
+
+ Use string_to_security_class(3) and string_to_av_perm(3) to map the class
+ and permission names to their policy values, or selinux_set_mapping(3) to
+ create a mapping from class and permission index values used by the
+ application to the policy values.
+ * Removed restrictions in libsepol and checkpolicy that required all declared
+ initial SIDs to be assigned a context.
+ * Support for new policy capability genfs_seclabel_symlinks
+ * selinuxfs is mounted with noexec and nosuid
+ * `security_compute_user()` was deprecated
+ * Refreshed python3.8-compat.patch
+
+-------------------------------------------------------------------
+Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz
+
+- Update to version 3.0
+ * Ignore the stem when looking up all matches in file context
+ * Save digest of all partial matches for directory
+ * Use Python distutils to install SELinux python bindings
+ * ensure that digest_len is not zero
+ * fix string conversion of unknown perms
+ * mark all exported function "extern"
+
+-------------------------------------------------------------------
+Mon Dec 16 16:04:41 UTC 2019 - Johannes Segitz
+
+- Added swig4_moduleimport.patch to prevent import errors due to
+ SWIG 4
+
+-------------------------------------------------------------------
+Wed Oct 30 17:21:00 CET 2019 - Matej Cepl
+
+- Add python3.8-compat.patch which makes build possible even with
+ Python 3.8, which doesn’t automatically adds -lpython
+
+-------------------------------------------------------------------
+Tue May 28 08:28:03 UTC 2019 - Martin Liška
+
+- Disable LTO (boo#1133244).
+
+-------------------------------------------------------------------
+Fri May 24 11:22:19 UTC 2019 -
+
+- Set License: to correct value (bsc#1135710)
+
+-------------------------------------------------------------------
+Wed Mar 20 15:05:35 UTC 2019 - jsegitz@suse.com
+
+- Update to version 2.9
+ * Add security_reject_unknown(3) man page
+ * Change matchpathcon usage to match with matchpathcon manpage
+ * Do not define gettid() if glibc >= 2.30 is used
+ * Fix RESOURCE_LEAK defects reported by coverity scan
+ * Fix line wrapping in selabel_file.5
+ * Do not dereference symlink with statfs in selinux_restorecon
+ * Fix overly strict validation of file_contexts.bin
+ * Fix selinux_restorecon() on non-SELinux hosts
+ * Fix the whatis line for the selinux_boolean_sub.3 manpage
+ * Fix printf format string specifier for uint64_t
+ * Fix handling of unknown classes/perms
+ * Set an appropriate errno in booleans.c
+- Dropped python3.patch, is now upstream
+
+-------------------------------------------------------------------
+Wed Oct 17 11:48:30 UTC 2018 - jsegitz@suse.com
+
+- Update to version 2.8 (bsc#1111732).
+ For changes please see
+ https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt
+- ran spec-cleaner on spec files
+
+-------------------------------------------------------------------
+Mon May 14 22:50:42 UTC 2018 - mcepl@cepl.eu
+
+- Update to version 2.7.
+ * %files needed to be heavily modified
+ * Based expressly on python3, not just python
+ For changes please see
+ https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt
+
+-------------------------------------------------------------------
+Fri Mar 16 15:25:10 UTC 2018 - jsegitz@suse.com
+
+- Updated spec file to use python3. Added python3.patch to fix
+ build
+
+-------------------------------------------------------------------
+Fri Nov 24 09:09:02 UTC 2017 - jsegitz@suse.com
+
+- Update to version 2.6. Notable changes:
+ * selinux_restorecon: fix realpath logic
+ * sefcontext_compile: invert semantics of "-r" flag
+ * sefcontext_compile: Add "-i" flag
+ * Introduce configurable backends
+ * Add function to find security.restorecon_last entries
+ * Add openrc_contexts functions
+ * Add support for pcre2
+ * Handle NULL pcre study data
+ * Add setfiles support to selinux_restorecon(3)
+ * Evaluate inodes in selinux_restorecon(3)
+ * Change the location of _selinux.so
+ * Explain how to free policy type from selinux_getpolicytype()
+ * Compare absolute pathname in matchpathcon -V
+ * Add selinux_snapperd_contexts_path()
+ * Modify audit2why analyze function to use loaded policy
+ * Avoid mounting /proc outside of selinux_init_load_policy()
+ * Fix location of selinuxfs mount point
+ * Only mount /proc if necessary
+ * procattr: return einval for <= 0 pid args
+ * procattr: return error on invalid pid_t input
+- Dropped
+ * libselinux-2.2-ruby.patch
+ * libselinux-proc-mount-only-if-needed.patch
+ * python-selinux-swig-3.10.patch
+
+-------------------------------------------------------------------
+Wed Jul 5 10:30:57 UTC 2017 - schwab@suse.de
+
+- readv-proto.patch: include for readv prototype
+
+-------------------------------------------------------------------
+Sun Jul 17 15:30:05 UTC 2016 - jengelh@inai.de
+
+- Update RPM groups, trim description and combine filelist entries.
+
+-------------------------------------------------------------------
+Thu Jul 14 07:59:04 UTC 2016 - jsegitz@novell.com
+
+- Adjusted source link
+
+-------------------------------------------------------------------
+Tue Jul 5 16:44:44 UTC 2016 - i@marguerite.su
+
+- add patch: python-selinux-swig-3.10.patch, fixed boo#985368
+ * swig-3.10 in Factory use importlib instead of imp to find
+ _selinux.so. imp searched the same directory as __init__.py
+ is while importlib searchs only standard paths. so we have
+ to move _selinux.so. fixed by upstream
+- update version 2.5
+ * Add selinux_restorecon function
+ * read_spec_entry: fail on non-ascii
+ * Add man information about thread specific functions
+ * Don't wrap rpm_execcon with DISABLE_RPM with SWIG
+ * Correct line count for property and service context files
+ * label_file: fix memory leaks and uninitialized jump
+ * Replace selabel_digest hash function
+ * Fix selabel_open(3) services if no digest requested
+ * Add selabel_digest function
+ * Flush the class/perm string mapping cache on policy reload
+ * Fix restorecon when path has no context
+ * Free memory when processing media and x specfiles
+ * Fix mmap memory release for file labeling
+ * Add policy context validation to sefcontext_compile
+ * Do not treat an empty file_contexts(.local) as an error
+ * Fail hard on invalid property_contexts entries
+ * Fail hard on invalid file_contexts entries
+ * Support context validation on file_contexts.bin
+ * Add selabel_cmp interface and label_file backend
+ * Support specifying file_contexts.bin file path
+ * Support file_contexts.bin without file_contexts
+ * Simplify procattr cache
+ * Use /proc/thread-self when available
+ * Add const to selinux_opt for label backends
+ * Fix binary file labels for regexes with metachars
+ * Fix file labels for regexes with metachars
+ * Fix if file_contexts not '\n' terminated
+ * Enhance file context support
+ * Fix property processing and cleanup formatting
+ * Add read_spec_entries function to replace sscanf
+ * Support consistent mode size for bin files
+ * Fix more bin file processing core dumps
+ * add selinux_openssh_contexts_path()
+ * setrans_client: minimize overhead when mcstransd is not present
+ * Ensure selabel_lookup_best_match links NULL terminated
+ * Fix core dumps with corrupt *.bin files
+ * Add selabel partial and best match APIs
+ * Use os.walk() instead of the deprecated os.path.walk()
+ * Remove deprecated mudflap option
+ * Mount procfs before checking /proc/filesystems
+ * Fix -Wformat errors with gcc-5.0.0
+ * label_file: handle newlines in file names
+ * Fix audit2why error handling if SELinux is disabled
+ * pcre_study can return NULL without error
+ * Only check SELinux enabled status once in selinux_check_access
+- changes in 2.4
+ * Remove assumption that SHLIBDIR is ../../ relative to LIBDIR
+ * Fix bugs found by hardened gcc flags
+ * Set the system to permissive if failing to disable SELinux because
+ policy has already been loaded
+ * Add db_exception and db_datatype support to label_db backend
+ * Log an error on unknown classes and permissions
+ * Add pcre version string to the compiled file_contexts format
+ * Deprecate use of flask.h and av_permissions.h
+ * Compiled file_context files and the original should have the same DAC
+ permissions
+-------------------------------------------------------------------
+Wed May 27 11:53:54 UTC 2015 - dimstar@opensuse.org
+
+- Update libselinux-2.2-ruby.patch: use RbConfig instead of
+ deprecated Config.
+
+-------------------------------------------------------------------
+Sun May 18 00:15:17 UTC 2014 - crrodriguez@opensuse.org
+
+- Update to version 2.3
+* Get rid of security_context_t and fix const declarations.
+* Refactor rpm_execcon() into a new setexecfilecon() from Guillem Jover.
+
+-------------------------------------------------------------------
+Thu Oct 31 13:43:41 UTC 2013 - p.drouand@gmail.com
+
+- Update to version 2.2
+ * Fix avc_has_perm() returns -1 even when SELinux is in permissive mode.
+ * Support overriding Makefile RANLIB
+ * Update pkgconfig definition
+ * Mount sysfs before trying to mount selinuxfs.
+ * Fix man pages
+ * Support overriding PATH and LIBBASE in Makefile
+ * Fix LDFLAGS usage
+ * Avoid shadowing stat in load_mmap
+ * Support building on older PCRE libraries
+ * Fix handling of temporary file in sefcontext_compile
+ * Fix procattr cache
+ * Define python constants for getenforce result
+ * Fix label substitution handling of /
+ * Add selinux_current_policy_path from
+ * Change get_context_list to only return good matches
+ * Support udev-197 and higher
+ * Add support for local substitutions
+ * Change setfilecon to not return ENOSUP if context is already correct
+ * Python wrapper leak fixes
+ * Export SELINUX_TRANS_DIR definition in selinux.h
+ * Add selinux_systemd_contexts_path
+ * Add selinux_set_policy_root
+ * Add man page for sefcontext_compile
+- Remove libselinux-rhat.patch; merged on upstream
+- Adapt libselinux-ruby.patch to upstream changes
+- Use fdupes to symlink duplicate manpages
+
+-------------------------------------------------------------------
+Thu Jun 27 14:57:53 UTC 2013 - vcizek@suse.com
+
+- change the source url to the official 2.1.13 release tarball
+
+-------------------------------------------------------------------
+Wed Jan 30 12:33:45 UTC 2013 - vcizek@suse.com
+
+- update to 2.1.12
+- added BuildRequires: pcre-devel
+
+-------------------------------------------------------------------
+Mon Jan 7 22:34:03 UTC 2013 - jengelh@inai.de
+
+- Remove obsolete defines/sections
+
+-------------------------------------------------------------------
+Wed Jul 25 11:15:02 UTC 2012 - meissner@suse.com
+
+- updated to 2.1.9 again (see below)
+
+-------------------------------------------------------------------
+Fri Jun 1 18:34:04 CEST 2012 - mls@suse.de
+
+- update to libselinux-2.1.9
+ * better man pages
+ * selinux_status interfaces
+ * simple interface for access checks
+ * multiple bug fixes
+- fix build for ruby-1.9
+
+-------------------------------------------------------------------
+Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de
+
+- use %_smp_mflags
+
+-------------------------------------------------------------------
+Thu Feb 25 14:57:16 UTC 2010 - prusnak@suse.cz
+
+- updated to 2.0.91
+ * changes too numerous to list
+
+-------------------------------------------------------------------
+Sat Dec 12 16:43:54 CET 2009 - jengelh@medozas.de
+
+- add baselibs.conf as a source
+
+-------------------------------------------------------------------
+Fri Jul 24 17:09:50 CEST 2009 - thomas@novell.com
+
+- updated selinux-ready script
+
+-------------------------------------------------------------------
+Wed Jul 22 15:17:25 CEST 2009 - prusnak@suse.cz
+
+- change libsepol-devel to libsepol-devel-static in dependencies
+ of python bindings
+
+-------------------------------------------------------------------
+Wed Jul 1 12:26:48 CEST 2009 - prusnak@suse.cz
+
+- put libsepol-devel back to Requires of libselinux-devel
+
+-------------------------------------------------------------------
+Mon Jun 29 21:24:16 CEST 2009 - prusnak@suse.cz
+
+- added selinux-ready tool to selinux-tools package
+
+-------------------------------------------------------------------
+Tue Jun 9 20:17:54 CEST 2009 - crrodriguez@suse.de
+
+- remove static libraries
+- libselinux-devel does not require libsepol-devel
+
+-------------------------------------------------------------------
+Wed May 27 14:06:14 CEST 2009 - prusnak@suse.cz
+
+- updated to 2.0.80
+ * deny_unknown wrapper function from KaiGai Kohei
+ * security_compute_av_flags API from KaiGai Kohei
+ * Netlink socket management and callbacks from KaiGai Kohei
+ * Netlink socket handoff patch from Adam Jackson
+ * AVC caching of compute_create results by Eric Paris
+ * fix incorrect conversion in discover_class code
+
+-------------------------------------------------------------------
+Fri Apr 17 17:12:06 CEST 2009 - prusnak@suse.cz
+
+- fixed memory leak (memleak.patch)
+
+-------------------------------------------------------------------
+Wed Jan 14 14:04:30 CET 2009 - prusnak@suse.cz
+
+- updated to 2.0.77
+ * add new function getseuser which will take username and service
+ and return seuser and level; ipa will populate file in future
+ * change selinuxdefcon to return just the context by default
+ * fix segfault if seusers file does not work
+ * strip trailing / for matchpathcon
+ * fix restorecon python code
+
+-------------------------------------------------------------------
+Mon Dec 1 11:32:50 CET 2008 - prusnak@suse.cz
+
+- updated to 2.0.76
+ * allow shell-style wildcarding in X names
+ * add Restorecon/Install python functions
+ * correct message types in AVC log messages
+ * make matchpathcon -V pass mode
+ * add man page for selinux_file_context_cmp
+ * update flask headers from refpolicy trunk
+
+-------------------------------------------------------------------
+Wed Oct 22 16:28:59 CEST 2008 - mrueckert@suse.de
+
+- fix debug_packages_requires define
+
+-------------------------------------------------------------------
+Tue Sep 23 12:51:10 CEST 2008 - prusnak@suse.cz
+
+- require only version, not release [bnc#429053]
+
+-------------------------------------------------------------------
+Tue Sep 2 12:09:22 CEST 2008 - prusnak@suse.cz
+
+- updated to 2.0.71
+ * Add group support to seusers using %groupname syntax from Dan Walsh.
+ * Mark setrans socket close-on-exec from Stephen Smalley.
+ * Only apply nodups checking to base file contexts from Stephen Smalley.
+ * Merge ruby bindings from Dan Walsh.
+
+-------------------------------------------------------------------
+Mon Sep 1 07:35:00 CEST 2008 - aj@suse.de
+
+- Fix build of debuginfo.
+
+-------------------------------------------------------------------
+Fri Aug 22 14:45:29 CEST 2008 - prusnak@suse.cz
+
+- added baselibs.conf file
+- split bindings into separate subpackage (libselinux-bindings)
+- split tools into separate subpackage (selinux-tools)
+
+-------------------------------------------------------------------
+Fri Aug 1 17:32:20 CEST 2008 - ro@suse.de
+
+- fix requires for debuginfo package
+
+-------------------------------------------------------------------
+Tue Jul 15 16:26:31 CEST 2008 - prusnak@suse.cz
+
+- initial version 2.0.67
+ * based on Fedora package by Dan Walsh
+
diff --git a/libselinux-bindings.spec b/libselinux-bindings.spec
new file mode 100644
index 0000000..a76b085
--- /dev/null
+++ b/libselinux-bindings.spec
@@ -0,0 +1,123 @@
+#
+# spec file for package libselinux-bindings
+#
+# Copyright (c) 2023 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%{?sle15_python_module_pythons}
+%define python_subpackage_only 1
+%define libsepol_ver 3.5
+%define upname libselinux
+Name: libselinux-bindings
+Version: 3.5
+Release: 0
+Summary: SELinux runtime library and utilities
+License: SUSE-Public-Domain
+Group: Development/Libraries/C and C++
+URL: https://github.com/SELinuxProject/selinux/wiki/Releases
+Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{upname}-%{version}.tar.gz
+Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{upname}-%{version}.tar.gz.asc
+Source2: libselinux.keyring
+Source3: selinux-ready
+Source4: baselibs.conf
+# PATCH-FIX-UPSTREAM Include for readv prototype
+Patch4: readv-proto.patch
+Patch5: skip_cycles.patch
+# PATCH-FIX-UPSTREAM python3.8-compat.patch mcepl@suse.com
+# Make linking working even when default pkg-config doesn’t provide -lpython
+Patch6: python3.8-compat.patch
+Patch7: swig4_moduleimport.patch
+BuildRequires: %{python_module devel}
+BuildRequires: %{python_module pip}
+BuildRequires: %{python_module wheel}
+BuildRequires: fdupes
+BuildRequires: libselinux-devel = %{version}
+BuildRequires: libsepol-devel >= %{libsepol_ver}
+BuildRequires: libsepol-devel-static >= %{libsepol_ver}
+BuildRequires: pkgconfig
+BuildRequires: python-rpm-macros
+BuildRequires: ruby-devel
+BuildRequires: swig
+BuildRequires: pkgconfig(libpcre2-8)
+%python_subpackages
+
+%description
+libselinux provides an interface to get and set process and file
+security contexts and to obtain security policy decisions.
+
+%package -n python-selinux
+%define oldpython python
+Summary: Python bindings for the SELinux runtime library
+Group: Development/Libraries/Python
+Requires: libselinux1 = %{version}
+Obsoletes: python-selinux < %{version}
+Provides: python-selinux = %{version}
+%ifpython2
+Obsoletes: %{oldpython}-selinux < %{version}
+Provides: %{oldpython}-selinux = %{version}
+%endif
+
+%description -n python-selinux
+libselinux provides an interface to get and set process and file
+security contexts and to obtain security policy decisions.
+
+This subpackage contains Python extensions to use SELinux from that
+language.
+
+%package -n ruby-selinux
+Summary: Ruby bindings for the SELinux runtime library
+Group: Development/Languages/Ruby
+Requires: libselinux1 = %{version}
+Requires: ruby
+
+%description -n ruby-selinux
+libselinux provides an interface to get and set process and file
+security contexts and to obtain security policy decisions.
+
+This subpackage contains Ruby extensions to use SELinux from that
+language.
+
+%prep
+%autosetup -p1 -n %{upname}-%{version}
+
+%build
+%{python_expand :
+%make_build LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" swigify USE_PCRE2=y PYTHON=$python
+%make_build LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" pywrap USE_PCRE2=y PYTHON=$python
+%make_build LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" rubywrap USE_PCRE2=y PYTHON=$python
+}
+
+%install
+mkdir -p %{buildroot}/%{_lib}
+mkdir -p %{buildroot}%{_libdir}
+mkdir -p %{buildroot}%{_includedir}
+mkdir -p %{buildroot}%{_sbindir}
+%{python_expand :
+make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" PYTHON=$python LIBSEPOLA=%{_libdir}/libsepol.a install-pywrap V=1
+make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" PYTHON=$python LIBSEPOLA=%{_libdir}/libsepol.a install-rubywrap V=1
+}
+
+# Remove duplicate files
+%fdupes -s %{buildroot}%{_mandir}
+
+%files %{python_files selinux}
+%{python_sitearch}/selinux
+%{python_sitearch}/selinux-%{version}*-info
+%{python_sitearch}/_selinux*
+
+%files -n ruby-selinux
+%{_libdir}/ruby/vendor_ruby/%{rb_ver}/%{rb_arch}/selinux.so
+
+%changelog
diff --git a/libselinux.changes b/libselinux.changes
index d40e2ac..2594e7f 100644
--- a/libselinux.changes
+++ b/libselinux.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Fri Aug 4 13:14:14 UTC 2023 - Matej Cepl
+
+- (bsc#1212618) Divide libselinux and libselinux-bindings again.
+ libselinux itself is in Ring0 so it has to have absolutely
+ minimal dependencies, so it is better to separate
+ libselinux-bindings into a separate pacakge.
+
-------------------------------------------------------------------
Tue Jul 4 08:32:49 UTC 2023 - Johannes Segitz
diff --git a/libselinux.spec b/libselinux.spec
index 144d098..2c0031c 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -16,8 +16,6 @@
#
-%{?sle15_python_module_pythons}
-%define python_subpackage_only 1
%define libsepol_ver 3.5
Name: libselinux
Version: 3.5
@@ -38,19 +36,13 @@ Patch5: skip_cycles.patch
# Make linking working even when default pkg-config doesn’t provide -lpython
Patch6: python3.8-compat.patch
Patch7: swig4_moduleimport.patch
-BuildRequires: %{python_module devel}
-BuildRequires: %{python_module pip}
-BuildRequires: %{python_module setuptools}
-BuildRequires: %{python_module wheel}
BuildRequires: fdupes
BuildRequires: libsepol-devel >= %{libsepol_ver}
BuildRequires: libsepol-devel-static >= %{libsepol_ver}
BuildRequires: pkgconfig
-BuildRequires: python-rpm-macros
BuildRequires: ruby-devel
BuildRequires: swig
BuildRequires: pkgconfig(libpcre2-8)
-%python_subpackages
%description
libselinux provides an interface to get and set process and file
@@ -112,60 +104,21 @@ security contexts and to obtain security policy decisions.
This package contains the static development files, which are
necessary to develop your own software using libselinux.
-%package -n python-selinux
-%define oldpython python
-Summary: Python bindings for the SELinux runtime library
-Group: Development/Libraries/Python
-# Requires: %%{python_base_requirement}
-Requires: libselinux1 = %{version}
-Obsoletes: python-selinux < %{version}
-Provides: python-selinux = %{version}
-%ifpython2
-Obsoletes: %{oldpython}-selinux < %{version}
-Provides: %{oldpython}-selinux = %{version}
-%endif
-
-%description -n python-selinux
-libselinux provides an interface to get and set process and file
-security contexts and to obtain security policy decisions.
-
-This subpackage contains Python extensions to use SELinux from that
-language.
-
-%package -n ruby-selinux
-Summary: Ruby bindings for the SELinux runtime library
-Group: Development/Languages/Ruby
-Requires: libselinux1 = %{version}
-Requires: ruby
-
-%description -n ruby-selinux
-libselinux provides an interface to get and set process and file
-security contexts and to obtain security policy decisions.
-
-This subpackage contains Ruby extensions to use SELinux from that
-language.
-
%prep
%autosetup -p1 -n libselinux-%{version}
%build
-%{python_expand :
-%make_build LIBDIR="%{_libdir}" CC="gcc" CFLAGS="%{optflags} -fno-semantic-interposition -ffat-lto-objects" USE_PCRE2=y PYTHON=$python
-%make_build LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" swigify USE_PCRE2=y PYTHON=$python
-%make_build LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" pywrap USE_PCRE2=y PYTHON=$python
-%make_build LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" rubywrap USE_PCRE2=y PYTHON=$python
-}
+%make_build LIBDIR="%{_libdir}" CC="gcc" \
+ CFLAGS="%{optflags} -fno-semantic-interposition -ffat-lto-objects" \
+ USE_PCRE2=y
%install
mkdir -p %{buildroot}/%{_lib}
mkdir -p %{buildroot}%{_libdir}
mkdir -p %{buildroot}%{_includedir}
mkdir -p %{buildroot}%{_sbindir}
-%{python_expand :
-make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" PYTHON=$python BINDIR="%{_sbindir}" install
-make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" PYTHON=$python LIBSEPOLA=%{_libdir}/libsepol.a install-pywrap V=1
-make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" PYTHON=$python LIBSEPOLA=%{_libdir}/libsepol.a install-rubywrap V=1
-}
+make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" \
+ BINDIR="%{_sbindir}" install
mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon
mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist
@@ -221,12 +174,4 @@ install -m 0755 %{SOURCE3} %{buildroot}%{_sbindir}/selinux-ready
%files devel-static
%{_libdir}/libselinux.a
-%files %{python_files selinux}
-%{python_sitearch}/selinux
-%{python_sitearch}/selinux-%{version}*-info
-%{python_sitearch}/_selinux*
-
-%files -n ruby-selinux
-%{_libdir}/ruby/vendor_ruby/%{rb_ver}/%{rb_arch}/selinux.so
-
%changelog