# # spec file for package libselinux # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define libsepol_ver 2.8 %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: libselinux Version: 2.8 Release: 0 Summary: SELinux runtime library and utilities License: GPL-2.0-only AND SUSE-Public-Domain Group: Development/Libraries/C and C++ Url: https://github.com/SELinuxProject/selinux/wiki/Releases Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/libselinux-%{version}.tar.gz Source1: selinux-ready Source2: baselibs.conf Patch3: python3.patch # PATCH-FIX-UPSTREAM Include for readv prototype Patch4: readv-proto.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: fdupes BuildRequires: libsepol-devel >= %{libsepol_ver} BuildRequires: libsepol-devel-static >= %{libsepol_ver} BuildRequires: pcre-devel BuildRequires: pkg-config BuildRequires: python-rpm-macros BuildRequires: python3 BuildRequires: python3-devel BuildRequires: ruby-devel BuildRequires: swig %description libselinux provides an interface to get and set process and file security contexts and to obtain security policy decisions. %package -n libselinux1 Summary: SELinux runtime library License: GPL-2.0-only AND SUSE-Public-Domain Group: System/Libraries %description -n libselinux1 libselinux provides an interface to get and set process and file security contexts and to obtain security policy decisions. (Security-enhanced Linux is a feature of the kernel and some utilities that implement mandatory access control policies, such as Type Enforcement, Role-based Access Control and Multi-Level Security.) %package -n selinux-tools Summary: SELinux command-line utilities License: GPL-2.0-only AND SUSE-Public-Domain Group: System/Base %description -n selinux-tools Security-enhanced Linux is a feature of the kernel and some utilities that implement mandatory access control policies, such as Type Enforcement, Role-based Access Control and Multi-Level Security. This subpackage contains utilities to inspect and administer the system's SELinux state. %package devel Summary: Development files for the SELinux runtime library License: GPL-2.0-only AND SUSE-Public-Domain Group: Development/Libraries/C and C++ Requires: glibc-devel Requires: libselinux1 = %{version} #Automatic dependency on libsepol-devel via pkgconfig %description devel libselinux provides an interface to get and set process and file security contexts and to obtain security policy decisions. This package contains the development files, which are necessary to develop your own software using libselinux. %package devel-static Summary: Static archives for the SELinux runtime License: GPL-2.0-only AND SUSE-Public-Domain Group: Development/Libraries/C and C++ Requires: libselinux-devel = %{version} Requires: pkgconfig(libpcre) Requires: pkgconfig(libsepol) %description devel-static libselinux provides an interface to get and set process and file security contexts and to obtain security policy decisions. This package contains the static development files, which are necessary to develop your own software using libselinux. %prep %setup -q -n libselinux-%{version} %patch3 -p1 %patch4 -p1 %build make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS" CC="%{__cc}" make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS" -C src V=1 make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS" -C src swigify V=1 make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS" -C src pywrap V=1 make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS" -C src rubywrap V=1 %install mkdir -p $RPM_BUILD_ROOT/%{_lib} mkdir -p $RPM_BUILD_ROOT%{_libdir} mkdir -p $RPM_BUILD_ROOT%{_includedir} mkdir -p $RPM_BUILD_ROOT%{_sbindir} make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" BINDIR="%{_sbindir}" install rm -f $RPM_BUILD_ROOT%{_sbindir}/compute_* rm -f $RPM_BUILD_ROOT%{_sbindir}/deftype rm -f $RPM_BUILD_ROOT%{_sbindir}/execcon rm -f $RPM_BUILD_ROOT%{_sbindir}/getenforcemode rm -f $RPM_BUILD_ROOT%{_sbindir}/getfilecon rm -f $RPM_BUILD_ROOT%{_sbindir}/getpidcon rm -f $RPM_BUILD_ROOT%{_sbindir}/mkdircon rm -f $RPM_BUILD_ROOT%{_sbindir}/policyvers rm -f $RPM_BUILD_ROOT%{_sbindir}/setfilecon rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxconfig rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxdisable rm -f $RPM_BUILD_ROOT%{_sbindir}/getseuser rm -f $RPM_BUILD_ROOT%{_sbindir}/selinux_check_securetty_context mv $RPM_BUILD_ROOT%{_sbindir}/getdefaultcon $RPM_BUILD_ROOT%{_sbindir}/selinuxdefcon mv $RPM_BUILD_ROOT%{_sbindir}/getconlist $RPM_BUILD_ROOT%{_sbindir}/selinuxconlist install -m 0755 %{SOURCE1} $RPM_BUILD_ROOT%{_sbindir}/selinux-ready make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="%{_libdir}" \ SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a \ -C src install V=1 make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="%{_libdir}" \ SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a \ -C src install-pywrap V=1 make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="%{_libdir}" \ SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a \ -C src install-rubywrap V=1 # Remove duplicate files %fdupes -s %{buildroot}%{_mandir} %post -n libselinux1 -p /sbin/ldconfig %postun -n libselinux1 -p /sbin/ldconfig %files -n selinux-tools %defattr(-,root,root,-) %{_sbindir}/avcstat %{_sbindir}/getenforce %{_sbindir}/getsebool %{_sbindir}/matchpathcon %{_sbindir}/selabel_digest %{_sbindir}/selabel_lookup %{_sbindir}/selinux_check_access %{_sbindir}/selabel_lookup_best_match %{_sbindir}/selabel_partial_match %{_sbindir}/selinuxconlist %{_sbindir}/selinuxdefcon %{_sbindir}/selinuxenabled %{_sbindir}/setenforce %{_sbindir}/togglesebool #%#{_sbindir}/selinux_restorecon %{_sbindir}/selinux-ready %{_sbindir}/selinuxexeccon %{_sbindir}/sefcontext_compile %{_mandir}/man5/* %{_mandir}/man8/* %files -n libselinux1 %defattr(-,root,root,-) /%{_lib}/libselinux.so.* %files devel %defattr(-,root,root,-) %{_libdir}/libselinux.so %{_includedir}/selinux/ %{_mandir}/man3/* %{_libdir}/pkgconfig/libselinux.pc %files devel-static %defattr(-,root,root,-) %{_libdir}/libselinux.a %package -n python3-selinux Summary: Python bindings for the SELinux runtime library License: SUSE-Public-Domain Group: Development/Libraries/Python %define oldpython python %ifpython2 Obsoletes: %{oldpython}-selinux < %{version} Provides: %{oldpython}-selinux = %{version} %endif Requires: libselinux1 = %{version} Requires: python3 %description -n python3-selinux libselinux provides an interface to get and set process and file security contexts and to obtain security policy decisions. This subpackage contains Python extensions to use SELinux from that language. %package -n ruby-selinux Summary: Ruby bindings for the SELinux runtime library License: SUSE-Public-Domain Group: Development/Languages/Ruby Requires: libselinux1 = %{version} Requires: ruby %description -n ruby-selinux libselinux provides an interface to get and set process and file security contexts and to obtain security policy decisions. This subpackage contains Ruby extensions to use SELinux from that language. %files -n python3-selinux %defattr(-,root,root,-) %{python3_sitearch}/*selinux* %files -n ruby-selinux %defattr(-,root,root,-) %{_libdir}/ruby/vendor_ruby/%{rb_ver}/%{rb_arch}/selinux.so %changelog