From 0e6fae65e571f5c3c27db662c4627dbdbd086ec89f6d0898b5562525e842a58e Mon Sep 17 00:00:00 2001 From: Johannes Segitz Date: Mon, 23 Sep 2024 06:21:25 +0000 Subject: [PATCH] - Add upstream tarball signature - Add key 85649089C9F385B35F40568D21698FD29D4355A4 to setools.keyring OBS-URL: https://build.opensuse.org/package/show/security:SELinux/setools?expand=0&rev=107 --- .gitattributes | 23 ++ .gitignore | 1 + README.SUSE | 2 + _service | 7 + setools-4.5.1.tar.bz2 | 3 + setools-4.5.1.tar.bz2.sha256.asc | 11 + setools.changes | 410 +++++++++++++++++++++++++++++++ setools.keyring | 35 +++ setools.spec | 157 ++++++++++++ 9 files changed, 649 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 README.SUSE create mode 100644 _service create mode 100644 setools-4.5.1.tar.bz2 create mode 100644 setools-4.5.1.tar.bz2.sha256.asc create mode 100644 setools.changes create mode 100644 setools.keyring create mode 100644 setools.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/README.SUSE b/README.SUSE new file mode 100644 index 0000000..7b51550 --- /dev/null +++ b/README.SUSE @@ -0,0 +1,2 @@ +Additional functionality for these tools can be gained by installing python3-networkx. This pulls in many dependencies and is +not needed for most people, therefore it's not required or recommended due to the size of the required dependencies. diff --git a/_service b/_service new file mode 100644 index 0000000..5e7ba79 --- /dev/null +++ b/_service @@ -0,0 +1,7 @@ + + + enable + + + + diff --git a/setools-4.5.1.tar.bz2 b/setools-4.5.1.tar.bz2 new file mode 100644 index 0000000..c9cc15e --- /dev/null +++ b/setools-4.5.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:25e47d00bbffd6046f55409c9ba3b08d9b1d5788cc159ea247d9e0ced8e482e7 +size 264998 diff --git a/setools-4.5.1.tar.bz2.sha256.asc b/setools-4.5.1.tar.bz2.sha256.asc new file mode 100644 index 0000000..c90bf8d --- /dev/null +++ b/setools-4.5.1.tar.bz2.sha256.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +25e47d00bbffd6046f55409c9ba3b08d9b1d5788cc159ea247d9e0ced8e482e7 setools-4.5.1.tar.bz2 +-----BEGIN PGP SIGNATURE----- + +iHUEARYKAB0WIQSFZJCJyfOFs19AVo0haY/SnUNVpAUCZuhwhAAKCRAhaY/SnUNV +pPFLAQCxeYSAb83UT/lCMuJqInvnq/n9FfmfniCgu1HuLEmvKgEAkCGSVFtSAe6C +q+Mu17dAOACwnCYo+aK6eXXuJd3ABQo= +=S2WE +-----END PGP SIGNATURE----- diff --git a/setools.changes b/setools.changes new file mode 100644 index 0000000..433672d --- /dev/null +++ b/setools.changes @@ -0,0 +1,410 @@ +------------------------------------------------------------------- +Wed Sep 18 14:17:31 UTC 2024 - Filippo Bonazzi + +- Add upstream tarball signature +- Add key 85649089C9F385B35F40568D21698FD29D4355A4 to setools.keyring + +------------------------------------------------------------------- +Tue May 28 11:19:10 UTC 2024 - Cathy Hu + +- Rework packaging to modern python packaging + - python-setools module now builds for python310, python311, python312 + for tw and builds for python311 in 15.4 + 15.5 + - setools-console scripts will use python311 as default in factory, 15.4 + and 15.5 + - moved %dir %{_docdir}/%{name}/ and %{_docdir}/%{name}/* out of the + python-setools module into setools-console as it does not belong in there + and causes conflicts between python versions + - moved %{python_sitearch}/setoolsgui from setools-gui into the + python-setools module for multiversion build + +------------------------------------------------------------------- +Thu May 2 07:41:11 UTC 2024 - Filippo Bonazzi + +- Update to version 4.5.1: + - Correct annotations of NetworkX types to make it optional again. + - Fix packaging issue for apol's style sheet (apol.css). +- Drop 0001-Make-networkx-optional-again-Fixes-125.patch fixed upstream +- Change networkx Requires to Suggests + +------------------------------------------------------------------- +Thu Apr 18 13:21:48 UTC 2024 - Cathy Hu + +- Fix build for 15.4 and 15.5: + - Minimum required python version is 3.11, so building only for python311 + - Remove dependency for networkx: 0001-Make-networkx-optional-again-Fixes-125.patch + +------------------------------------------------------------------- +Thu Mar 21 14:06:13 UTC 2024 - Filippo Bonazzi + +- Update to version 4.5.0: + - User Visible Changes + * Add graphical results for information flow analysis and domain + transition analysis, available in apol, sedta, and seinfoflow. + * Add tooltips, What's This?, and detail popups in apol to help + cross-referencing query and analysis results along with + context-sensitive help. + - Under The Hood Changes + * Rework apol to fully generate the UI programmatically. + * Update apol to PyQt6 + * Replace deprecated uses of pkg_resources and distutils. + * Begin adding unit tests for apol UI. + - Updated Dependencies + SETools now higher minimum versions of the following dependencies: + * Python 3.10 + * NetworkX 2.6 + * PyQt6 + * Cython 0.29.14 + - New Dependencies + * pygraphviz (for seinfoflow, sedta, apol) + +------------------------------------------------------------------- +Mon Dec 11 08:09:10 UTC 2023 - Johannes Segitz + +- Update to version 4.4.4: + * Update for compiling with libsepol 3.6. + +------------------------------------------------------------------- +Tue Aug 1 10:27:36 UTC 2023 - Filippo Bonazzi + +- Update to version 4.4.3: + * Fix compilation with Cython 3.0.0. + * Improve man pages. + * Remove neverallow options in sediff. + * Add -r option to seinfoflow to get flows into the source type. + * Reject a rule with no permissions as invalid policy. + +------------------------------------------------------------------- +Fri Jul 14 04:58:38 UTC 2023 - Shung-Hsi Yu + +- Add python3-setuptools as a runtime requirement of python3-setools + (boo#1213305) + +------------------------------------------------------------------- +Wed Apr 26 11:17:30 UTC 2023 - Filippo Bonazzi + +- Update to version 4.4.2: + * Make NetworkX optional. sedta and seinfoflow tools, along with the + equivalent analyses in apol require NetworkX. + * Remove neverallow options in sesearch and apol. These are not usable + since they are removed in the final binary policy. +- Drop make_networkx_optional.patch, now merged upstream + +------------------------------------------------------------------- +Mon Feb 6 16:08:00 UTC 2023 - Filippo Bonazzi + +- Update to version 4.4.1: + * Replace deprecated NetworkX function use in information flow and domain + transition analysis. This function was removed in NetworkX 3.0. + * Fix bug in apol copy and cut functions when copying from a tree view. + * Fix bug with extended permission set construction when a range includes + 0x0. + * Add sesearch -Sp option for permission subset match. + * Fix error in man page description for sesearch -ep option. + * Improve output stability in constraint, common, class, role, and user + queries. + * Updated permission map. + * Fix bug in sechecker parsing of multiline values. + * Other code cleanups not visible to users. + +------------------------------------------------------------------- +Fri Sep 2 09:24:56 UTC 2022 - Johannes Segitz + +- Added README.SUSE and drop recommend for python3-networkx altogether + (bsc#1202676) + +------------------------------------------------------------------- +Tue Feb 22 09:13:19 UTC 2022 - Shung-Hsi Yu + +- Add make_networkx_optional.patch to cut down installation requirements +- Change python3-networkx from require into recommend + +------------------------------------------------------------------- +Tue Jun 8 11:10:02 UTC 2021 - Dominique Leuenberger + +- Fix dependency of python3-setools: require python3, not python + (which is python2) (bsc#1200649). + +------------------------------------------------------------------- +Tue Mar 9 09:24:10 UTC 2021 - Johannes Segitz + +- Update to the version 4.4.0: + * Added support for old Boolean name substitution in seinfo and sesearch. + * Added sechecker tool which is a configuration file driven analysis tool. + +------------------------------------------------------------------- +Tue Nov 3 17:56:44 UTC 2020 - Benjamin Greiner + +- Stay on a single python3 flavor even if there are more than one + gh#openSUSE/python-rpm-macros#73 + +------------------------------------------------------------------- +Wed Oct 21 07:29:51 UTC 2020 - Thorsten Kukuk + +- Cleanup BuildRequires +- Fix setools-gui dependencies, we are using python-qt5 and not + tcl/tk + +------------------------------------------------------------------- +Wed Jul 29 18:16:13 UTC 2020 - Thorsten Kukuk + +- python3-setools needs python3-networkx + +------------------------------------------------------------------- +Fri Apr 3 08:45:25 UTC 2020 - Johannes Segitz + +- Update to the upstream version 4.3.0: + * Revised sediff method for TE rules. This drastically reduced memory + and run time. + * Added infiniband context support to seinfo, sediff, and apol. + * Added apol configuration for location of Qt assistant. + * Fixed sediff issue where properties header would display when not + requested. + * Fixed sediff issue with type_transition file name comparison. + * Fixed permission map socket sendto information flow direction. + * Added methods to TypeAttribute class to make it a complete Python + collection. + * Genfscon now will look up classes rather than using fixed values + which were dropped from libsepol +- Dropped python3.8-compat.patch + +------------------------------------------------------------------- +Thu Oct 31 12:02:30 CET 2019 - Matej Cepl + +- Add python3.8-compat.patch to allow build with Python 3.8 + Still doesn't work though because of gh#SELinuxProject/setools#31 + +------------------------------------------------------------------- +Thu Oct 31 09:38:27 CET 2019 - Matej Cepl + +- Update to the upstream version 4.2.2: + - Remove source policy references from man pages, as loading + source policies is no longer supported. + - Fixed a performance regression in alias loading after alias + dereferencing fixes in 4.2.1. + +------------------------------------------------------------------- +Tue Feb 5 08:01:41 UTC 2019 - jsegitz@suse.com + +- Update to 4.2.1 + * Set SIGPIPE handler for CLI tools. + * Fixed alias dereferencing in TypeQuery and type, category, and + sensitivity lookups. + * Fixed sediff bug for rendering modified nodecons. + * Fixed devicetreecon count output. + * Fixed policy target platform check. + * Fixed bug in creating permission set intersection in apol. +- Provide python-setools + +------------------------------------------------------------------- +Fri Dec 7 15:10:14 UTC 2018 - jsegitz@suse.com + +- Changed requires of console subpackage to python3-setools + +------------------------------------------------------------------- +Wed Nov 21 14:17:32 UTC 2018 - jsegitz@suse.com + +- Upgrade to 4.2.0 + * Support for Python 2.7 was dropped + * Symbol names are now available as the name attribute (e.g. Boolean.name, Type.name, etc.) + * Move constraint expression to its own class. + * Made Conditional.evaluate() more useful and added BaseTERule.enabled() method to determine if a rule is enabled.. + * Added support for SCTP portcons + * Updated permission maps +- Dropped warning.patch +- Single spec, limited to python3. Obsoletes python-setools, provides + python3-setools + +------------------------------------------------------------------- +Mon Jun 11 08:14:26 UTC 2018 - jsegitz@suse.com + +- Added warning.patch in former change to prevent warnings from + stopping the build + +------------------------------------------------------------------- +Wed May 16 07:28:39 UTC 2018 - mcepl@suse.com + +- Upgrade to 4.1.1 + +------------------------------------------------------------------- +Wed Dec 20 12:23:39 UTC 2017 - jsegitz@suse.com + +- Update to version 4.0.1. SETools was reimplemented in Python. +- Doesn't build + * setools-libs + * setools-java + * setools-tcl + * setools-devel + anymore since the files are not povided anymore +- Dropped + * add-to-header-define_cond_filename_trans.patch + * implicit-fortify-decl.patch + * setools-3.3.5-javacflags.patch + * setools-3.3.5-nonvoid.patch + * setools-3.3.5-strcmp.patch + * setools-am121.patch + * setools-libsepol.patch + * setools-setup_py-prefix.patch + * setools-swig-2.0.7.patch + * setools-swig-2x.patch + * setools-tclass.patch + +------------------------------------------------------------------- +Sat Sep 30 07:54:34 UTC 2017 - coolo@suse.com + +- Move to minimum java target of 1.6, 1.5 is no longer supported + +------------------------------------------------------------------- +Mon Jun 26 16:30:02 UTC 2017 - jsegitz@suse.com + +- Added implicit-fortify-decl.patch to prevent warnings about implicit + declarations + +------------------------------------------------------------------- +Thu Aug 25 15:42:18 UTC 2016 - jsegitz@novell.com + +- Deleted setools-3.3.7-libselinux-2.3.patch, we have a + current libselinux now + +------------------------------------------------------------------- +Mon Jul 18 10:41:14 UTC 2016 - jsegitz@novell.com + +- Patch to work with current libsepol, libselinux + Added: setools-tclass.patch + +------------------------------------------------------------------- +Mon Mar 23 02:32:05 UTC 2015 - p.drouand@gmail.com + +- Update to version 3.3.8 + * Fix bug preventing seaudit from starting + * Add python bindings for seinfo and sesearch + * seinfo exits with an error status + * Support for named file transition rules + * Add support for default types in sesearch + * Man page updates for seinfo, seaudit, and sediff + * Fix file type drop down list for open/close Apol query + * Fix compile errors on new parameter in libsepol role_set_expand(). +- Update home project and download Urls +- Remove merged patches + * setools-python.patch + * 0003-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch + * 0006-Changes-to-support-named-file_trans-rules.patch + * 0007-Remove-unused-variables.patch +- Update setools-3.3.6-libsepol.patch > setools-libsepol.patch +- Remove redundant %clean section + +------------------------------------------------------------------- +Mon May 26 20:47:23 CEST 2014 - ro@suse.de + +- add patch: setools-3.3.7-libselinux-2.3.patch + fix build with libselinux-2.3 + +------------------------------------------------------------------- +Fri Oct 11 15:36:20 UTC 2013 - vcizek@suse.com + +- don't fail if there are no never-allow rules in the policy +- remove dangling symlink /usr/bin/seaudit (bnc#812285) + * added 0003-Since-we-do-not-ship-neverallow-rules-all-always-fai.patch + +------------------------------------------------------------------- +Fri Sep 13 09:16:43 UTC 2013 - pgajdos@suse.com + +- javapackages-tools in buildrequires + +------------------------------------------------------------------- +Tue Mar 12 14:02:59 UTC 2013 - vcizek@suse.com + +- added patches: + * 0006-Changes-to-support-named-file_trans-rules.patch + * 0007-Remove-unused-variables.patch + - these two add support for named file trans rules + * add-to-header-define_cond_filename_trans.patch + - add missing define_cond_filename_trans() declaration + +------------------------------------------------------------------- +Thu Oct 25 11:20:26 UTC 2012 - coolo@suse.com + +- add explicit buildrequire on libbz2-devel + +------------------------------------------------------------------- +Tue Aug 28 15:35:33 UTC 2012 - idonmez@suse.com + +- Add setools-3.3.6-libsepol.patch to fix compilation with new + libsepol + +------------------------------------------------------------------- +Sun Aug 5 15:44:47 UTC 2012 - meissner@suse.com + +- updated to version 3.3.7 +- removed 2 upstream patches + +------------------------------------------------------------------- +Tue Jul 3 09:13:03 UTC 2012 - coolo@suse.com + +- add setools-am121.patch to fix build with automake 1.12.1 + +------------------------------------------------------------------- +Thu Jun 14 12:01:51 CEST 2012 - mls@suse.de + +- fix build with swig-2.0.7 (untested, though) + +------------------------------------------------------------------- +Mon Feb 13 10:56:00 UTC 2012 - coolo@suse.com + +- patch license to follow spdx.org standard + +------------------------------------------------------------------- +Wed Nov 23 09:26:22 UTC 2011 - coolo@suse.com + +- add libtool as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Thu May 26 09:30:05 UTC 2011 - idonmez@novell.com + +- Add setools-swig-2x.patch: correctly detect swig 2.x + +------------------------------------------------------------------- +Thu Feb 25 15:46:44 UTC 2010 - prusnak@suse.cz + +- updated to 3.3.6 + +------------------------------------------------------------------- +Sat Sep 5 10:51:41 CEST 2009 - dmueller@suse.de + +- remove libselinux requires, it does not exist and + autorequires will do the right thing anyway + +------------------------------------------------------------------- +Wed Jul 15 13:32:35 CEST 2009 - prusnak@suse.cz + +- disable Requires: usermode + +------------------------------------------------------------------- +Tue Jun 23 12:30:53 CEST 2009 - prusnak@suse.cz + +- require libsepol-devel-static + +------------------------------------------------------------------- +Mon Oct 20 16:19:09 CEST 2008 - prusnak@suse.cz + +- disable Python for now (weird glibc errors) + +------------------------------------------------------------------- +Tue Sep 2 13:41:08 CEST 2008 - prusnak@suse.cz + +- updated to 3.3.5 + * Fixed errors in libapol's AV and TE rule rendering functions + where errno was not being set properly. + * Fixed error in apol_syn_avrule_render() where braces were + not being added around the target set when there is exactly one + target type and the keyword 'self'. Thanks to Ryan Kagin + for reporting this error. + * Added qpol_type_get_ispermissive(). SETools can now handle + version 23 policy. + +------------------------------------------------------------------- +Thu Jul 17 11:46:28 CEST 2008 - prusnak@suse.cz + +- initial version 3.3.4 + * based on Fedora package by Dan Walsh + diff --git a/setools.keyring b/setools.keyring new file mode 100644 index 0000000..624582a --- /dev/null +++ b/setools.keyring @@ -0,0 +1,35 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEZuhGfhYJKwYBBAHaRw8BAQdADz/tF/gexoZlGld9hGmv5HXcHP95b15YoRSb +sznX8EG0K0NocmlzdG9waGVyIEouIFBlQmVuaXRvIDxwZWJlbml0b0BpZWVlLm9y +Zz6ImQQTFgoAQQIbAQUJBi93EgULCQgHAwUVCgkICwUWAwIBAAIeBQIXgBYhBMTG +KxZwwt8zFEjyhsY2PvHJaXsUBQJm6EbDAhkBAAoJEMY2PvHJaXsUJpIBAOaL1q/G +fySXrUXeT5PH7Wsh8netz5HJo2CjGnYDiaU5AP9iXke5TVjcV5SaY6cVX2vAtHPK +V66d0WzANjgbPjOUA7Q8Q2hyaXN0b3BoZXIgSi4gUGVCZW5pdG8gPENocmlzdG9w +aGVyLlBlQmVuaXRvQG1pY3Jvc29mdC5jb20+iJYEExYKAD4WIQTExisWcMLfMxRI +8obGNj7xyWl7FAUCZuhGuwIbAQUJBi93EgULCQgHAwUVCgkICwUWAwIBAAIeBQIX +gAAKCRDGNj7xyWl7FBWpAP93mwXC2ivfdKfbwI+lULSYPWfjY+TiPrTLY67Td8KL +TQEA7Ois59PhnpBHXzJyW3cWrPvN+wEZsN9P5yoLmgykVAO0NkNocmlzdG9waGVy +IEouIFBlQmVuaXRvIDxjaHBlYmVuaUBsaW51eC5taWNyb3NvZnQuY29tPoiWBBMW +CgA+FiEExMYrFnDC3zMUSPKGxjY+8clpexQFAmboRqsCGwEFCQYvdxIFCwkIBwMF +FQoJCAsFFgMCAQACHgUCF4AACgkQxjY+8clpexRxqgEA6GMbzoXA0pKnqUb6jd2r +SYksnPlIaQLrP13U/XNQ42wA+QHj6tHKqI8KE98V+Pxq3gloxa2Pv1OxTfZD2MjY +gOIItDBDaHJpc3RvcGhlciBKLiBQZUJlbml0byA8Y2hwZWJlbmlAbWljcm9zb2Z0 +LmNvbT6IlgQTFgoAPhYhBMTGKxZwwt8zFEjyhsY2PvHJaXsUBQJm6EahAhsBBQkG +L3cSBQsJCAcDBRUKCQgLBRYDAgEAAh4FAheAAAoJEMY2PvHJaXsUYVIA/jiBubsO +CGfxTGGkeR+6f9ZBHQ9/Qoxocuvce3HSSk7XAQDASqRpXcaMcm8ZaKSOm6wXAa8J +7NguD2Ov8QEsZDA9BLg4BGboSckSCisGAQQBl1UBBQEBB0DUELErM3F1hWb3j/Wm +3vDku3kdA2YVLxZtonOkF6XOUgMBCAeIfgQYFgoAJhYhBMTGKxZwwt8zFEjyhsY2 +PvHJaXsUBQJm6EnJAhsMBQkDwmcAAAoJEMY2PvHJaXsU+x4BAMeSfc01SUt1eNtW +AEj/caCS4ako0iZd7QZT8recX3zfAP0crszn37KtEaiHb5vHy38tym3+cSzDzvb8 ++9wp84UkArgzBGboSbQWCSsGAQQB2kcPAQEHQJDi94fnaJtloFcS6jDbPcg4xuJB +3TEojTql8N+WBlTAiQFWBBgWCgAmFiEExMYrFnDC3zMUSPKGxjY+8clpexQFAmbo +SbQCGwIFCQPCZwAA4gkQxjY+8clpexTAFiAEGRYKAH0WIQSFZJCJyfOFs19AVo0h +aY/SnUNVpAUCZuhJtF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu +cGdwLmZpZnRoaG9yc2VtYW4ubmV0ODU2NDkwODlDOUYzODVCMzVGNDA1NjhEMjE2 +OThGRDI5RDQzNTVBNAAKCRAhaY/SnUNVpFg5AP9SZa0U2GqZgJ4qVioUyCu4J5A7 +NVVW7wKylAEphRGG9wEA4ETyrF90dU/ZM+ty4buWsnPiYFf8IzyTCIYnlXCiyANd ++QD+J1Hzc+oB4J+n2s5ZZ/iA4AafxqoZsREYJmHoK27cVlIA/2NRj6qBA8PNHsDV +xIlxic7DWU+KEF28BO3UQQ6fqEUG +=XJN+ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/setools.spec b/setools.spec new file mode 100644 index 0000000..9f1a042 --- /dev/null +++ b/setools.spec @@ -0,0 +1,157 @@ +# +# spec file for package setools +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%{?sle15_python_module_pythons} +%if 0%{?suse_version} < 1600 +# set python_for_executables from python macros to python311 +# to build python scripts in bin dirs only for python311 +%define python_for_executables python311 +%endif + +Name: setools +Version: 4.5.1 +Release: 0 +URL: https://github.com/SELinuxProject/setools +Summary: Policy analysis tools for SELinux +License: GPL-2.0-only +Group: System/Management +Source: https://github.com/SELinuxProject/setools/releases/download/%{version}/%{name}-%{version}.tar.bz2 +Source2: https://github.com/SELinuxProject/setools/releases/download/%{version}/%{name}-%{version}.tar.bz2.sha256.asc +Source3: setools.keyring +Source4: README.SUSE +BuildRequires: %{python_module Cython >= 0.29.14} +BuildRequires: %{python_module devel >= 3.10} +BuildRequires: %{python_module setuptools} +BuildRequires: fdupes +BuildRequires: libselinux-devel +BuildRequires: libsepol-devel +BuildRequires: python-rpm-macros +Requires: setools-console = %{version}-%{release} +Requires: setools-gui = %{version}-%{release} +# needed since setools is not a python-main package, see +# https://github.com/openSUSE/python-rpm-macros +%define python_subpackage_only 1 +%python_subpackages + +%description +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. + +This meta-package depends upon the main packages necessary to run +SETools. + +%package console +Summary: Policy analysis command-line tools for SELinux +License: GPL-2.0-only +Group: System/Base +Requires: %{python_for_executables}-setools = %{version} + +%description console +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. + +This package includes the following console tools: + + seinfo Provide information about policies + sesearch Tool to query policies + sedta Domain transition analysis tool + seinfoflow Information flow analysis tool + sediff Semantic policy difference tool + +%package -n python-setools +Summary: Python bindings for SELinux policy analysis +License: LGPL-2.0-only +Group: Development/Languages/Python +Requires: %{python_for_executables} >= 3.10 +Requires: %{python_for_executables}-setuptools +# Only suggest python-networkx due to its large amount of dependencies +# (see README.SUSE) +Suggests: %{python_for_executables}-networkx +Obsoletes: python-setools < %{version}-%{release} +Provides: python-setools = %{version}-%{release} +%if "%{python_flavor}" != "python3" +Obsoletes: python3-setools < %{version}-%{release} +%endif + +%description -n python-setools +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. + +%package gui +Summary: Policy analysis graphical tools for SELinux +License: GPL-2.0-only +Group: System/Base +Requires: %{python_for_executables}-PyQt6 +Requires: %{python_for_executables}-pygraphviz +Requires: %{python_for_executables}-setools = %{version} + +%description gui +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. + +This package includes the following graphical tools: + + apol policy analysis tool + +%prep +%setup -q -n %{name} +%autopatch -p1 + +%build +%python_build + +%install +%python_install +install -m 644 -D %{SOURCE2} %{buildroot}%{_docdir}/%{name}/README.SUSE +%fdupes -s %{buildroot}%{python_sitearch} + +%files %{python_files setools} +%defattr(-,root,root,-) +%{python_sitearch}/setools +%{python_sitearch}/setoolsgui +%{python_sitearch}/setools-%{version}*-info + +%files console +%defattr(-,root,root,-) +%{_bindir}/seinfo +%{_bindir}/sesearch +%{_bindir}/sedta +%{_bindir}/seinfoflow +%{_bindir}/sediff +%{_bindir}/sechecker +%{_mandir}/man1/sechecker.1.gz +%{_mandir}/man1/sedta.1.gz +%{_mandir}/man1/seinfoflow.1.gz +%{_mandir}/man1/sediff.1.gz +%{_mandir}/man1/seinfo.1.gz +%{_mandir}/man1/sesearch.1.gz +%{_mandir}/ru/man1/apol.1.gz +%{_mandir}/ru/man1/sediff.1.gz +%{_mandir}/ru/man1/sedta.1.gz +%{_mandir}/ru/man1/seinfo.1.gz +%{_mandir}/ru/man1/seinfoflow.1.gz +%{_mandir}/ru/man1/sesearch.1.gz +%dir %{_docdir}/%{name}/ +%{_docdir}/%{name}/* + +%files gui +%defattr(-,root,root,-) +%{_bindir}/apol +%{_mandir}/man1/apol.1.gz + +%changelog