Accepting request 14277 from security:SELinux

Copy from security:SELinux/setools based on submit request 14277 from user prusnak OBS-URL: https://build.opensuse.org/request/show/14277 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/setools?expand=0&rev=1
2009-08-11 15:57:05 +00:00 · 2009-08-11 15:57:05 +00:00 · f0c00e6242
commit f0c00e6242
13 changed files with 637 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.osc
--- a/apol.desktop
+++ b/apol.desktop
@ -0,0 +1,11 @@
+[Desktop Entry]
+Name=SELinux Policy Analysis
+GenericName=SELinux Policy Analysis Tool 
+Comment=This tool can examine, search, and relate policy components and policy rules 
+Icon=apol
+Exec=apol
+Type=Application
+Terminal=false
+Encoding=UTF-8
+Categories=System;Security;
+StartupNotify=true
--- a/0
+++ b/0
--- a/seaudit.desktop
+++ b/seaudit.desktop
@ -0,0 +1,11 @@
+[Desktop Entry]
+Name=SELinux Audit Log Analysis
+GenericName=SELinux Audit Log Analysis Tool
+Comment=The tool parses syslog files and extracts all policy , AVC and change of boolean messages. 
+Icon=seaudit
+Exec=seaudit
+Type=Application
+Terminal=false
+Encoding=UTF-8
+Categories=System;Security;
+StartupNotify=true
--- a/sediffx.desktop
+++ b/sediffx.desktop
@ -0,0 +1,11 @@
+[Desktop Entry]
+Name=SELinux Policy Difference
+GenericName=SELinux Policy Difference tool
+Comment=This tool allows you to compare two policy files
+Icon=sediffx
+Exec=sediffx
+Type=Application
+Terminal=false
+Encoding=UTF-8
+Categories=System;Security;
+StartupNotify=true
--- a/setools-3.3.5-javacflags.patch
+++ b/setools-3.3.5-javacflags.patch
@ -0,0 +1,110 @@
+--- libapol/swig/java/Makefile.am
+++ libapol/swig/java/Makefile.am
+@@ -97,7 +97,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libapol/swig/java/Makefile.in
+++ libapol/swig/java/Makefile.in
+@@ -643,7 +643,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libpoldiff/swig/java/Makefile.am
+++ libpoldiff/swig/java/Makefile.am
+@@ -72,7 +72,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libpoldiff/swig/java/Makefile.in
+++ libpoldiff/swig/java/Makefile.in
+@@ -618,7 +618,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libqpol/swig/java/Makefile.am
+++ libqpol/swig/java/Makefile.am
+@@ -77,7 +77,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(filter %.java, $(BUILT_SOURCES))
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libqpol/swig/java/Makefile.in
+++ libqpol/swig/java/Makefile.in
+@@ -620,7 +620,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(filter %.java, $(BUILT_SOURCES))
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libseaudit/swig/java/Makefile.am
+++ libseaudit/swig/java/Makefile.am
+@@ -69,7 +69,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libseaudit/swig/java/Makefile.in
+++ libseaudit/swig/java/Makefile.in
+@@ -615,7 +615,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libsefs/swig/java/Makefile.am
+++ libsefs/swig/java/Makefile.am
+@@ -64,7 +64,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
+--- libsefs/swig/java/Makefile.in
+++ libsefs/swig/java/Makefile.in
+@@ -610,7 +610,7 @@
+ # just depend upon the first class file, and let the Java compiler
+ # create the rest of them.
+ $(firstword $(classes)): $(java_files)
+-	$(JAVAC) $(AM_JFLAGS) $(JAVAFLAGS) -d . $^
+	$(JAVAC) $(AM_JFLAGS) $(JAVACFLAGS) -d . $^
+ 
+ $(wordlist 2,$(words $(classes)),$(classes)): $(firstword $(classes))
+ 
--- a/setools-3.3.5-nonvoid.patch
+++ b/setools-3.3.5-nonvoid.patch
@ -0,0 +1,84 @@
+--- libqpol/src/module_compiler.c
+++ libqpol/src/module_compiler.c
+@@ -257,6 +257,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ type_datum_t *declare_type(unsigned char primary, unsigned char isattr)
+@@ -324,6 +325,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ user_datum_t *declare_user(void)
+@@ -419,6 +421,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ /* Return a type_datum_t for the local avrule_decl with the given ID.
+@@ -771,6 +774,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ static int require_type_or_attribute(int pass, unsigned char isattr)
+@@ -828,6 +832,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ int require_type(int pass)
+@@ -893,6 +898,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ int require_bool(int pass)
+@@ -946,6 +952,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ int require_sens(int pass)
+@@ -1014,6 +1021,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ int require_cat(int pass)
+@@ -1072,6 +1080,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ static int is_scope_in_stack(scope_datum_t * scope, scope_stack_t * stack)
+--- libqpol/src/policy_define.c
+++ libqpol/src/policy_define.c
+@@ -1407,6 +1407,7 @@
+ 		assert(0);	       /* should never get here */
+ 	}
+ 	}
+	return 0;
+ }
+ 
+ avrule_t *define_cond_compute_type(int which)
--- a/setools-3.3.5-strcmp.patch
+++ b/setools-3.3.5-strcmp.patch
@ -0,0 +1,19 @@
+--- sediff/result_item_render.c
+++ sediff/result_item_render.c
+@@ -27,6 +27,7 @@
+ #include "result_item_render.h"
+ 
+ #include <assert.h>
+#include <string.h>
+ 
+ static const char *form_name_map[] = {
+ 	"Added", "Added New Type", "Removed", "Removed Missing Type", "Modified"
+@@ -139,7 +140,7 @@
+ 		}
+ 		case ' ':
+ 		{
+-			if (current_tag != "modified") {
+			if ( strcmp( current_tag, "modified") != 0 ) {
+ 				gtk_text_buffer_insert_with_tags_by_name(tb, iter, s + start, end - start + 1, current_tag, NULL);
+ 				start = end + 1;
+ 				current_tag = "modified";
--- a/setools-3.3.5.tar.bz2
+++ b/setools-3.3.5.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4a4e80d85f25b1b4bccbd57e4c8d237b19cbdf83de8619adcc9834c502ab3a75
+size 1328617
--- a/setools.changes
+++ b/setools.changes
@ -0,0 +1,34 @@
+-------------------------------------------------------------------
+Wed Jul 15 13:32:35 CEST 2009 - prusnak@suse.cz
+
+- disable Requires: usermode
+
+-------------------------------------------------------------------
+Tue Jun 23 12:30:53 CEST 2009 - prusnak@suse.cz
+
+- require libsepol-devel-static
+
+-------------------------------------------------------------------
+Mon Oct 20 16:19:09 CEST 2008 - prusnak@suse.cz
+
+- disable Python for now (weird glibc errors)
+
+-------------------------------------------------------------------
+Tue Sep  2 13:41:08 CEST 2008 - prusnak@suse.cz
+
+- updated to 3.3.5
+  * Fixed errors in libapol's AV and TE rule rendering functions
+    where errno was not being set properly.
+  * Fixed error in apol_syn_avrule_render() where braces were
+    not being added around the target set when there is exactly one
+    target type and the keyword 'self'.  Thanks to Ryan Kagin
+    for reporting this error.
+  * Added qpol_type_get_ispermissive(). SETools can now handle
+    version 23 policy.
+
+-------------------------------------------------------------------
+Thu Jul 17 11:46:28 CEST 2008 - prusnak@suse.cz
+
+- initial version 3.3.4
+  * based on Fedora package by Dan Walsh <dwalsh@redhat.com>
+
--- a/setools.pam
+++ b/setools.pam
@ -0,0 +1,4 @@
+#%PAM-1.0
+auth        include     common-auth
+account     include     common-account
+session     include     common-session
--- a/setools.spec
+++ b/setools.spec
@ -0,0 +1,326 @@
+#
+# spec file for package setools (Version 3.3.5)
+#
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
+# norootforbuild
+
+%define dataversion 3.3
+
+Name:           setools
+Version:        3.3.5
+Release:        2
+Url:            http://oss.tresys.com/projects/setools/
+License:        GPL v2 only
+Group:          System/Base
+Summary:        Policy analysis tools for SELinux
+Source:         http://oss.tresys.com/projects/setools/chrome/site/dists/%{name}-%{version}/%{name}-%{version}.tar.bz2
+Source1:        setools.pam
+Source2:        apol.desktop
+Source3:        seaudit.desktop
+Source4:        sediffx.desktop
+Patch0:         %{name}-%{version}-javacflags.patch
+Patch1:         %{name}-%{version}-nonvoid.patch
+Patch2:         %{name}-%{version}-strcmp.patch
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+BuildRequires:  autoconf automake bison flex pkgconfig
+BuildRequires:  gcc gcc-c++ glibc-devel libstdc++-devel
+BuildRequires:  libselinux-devel libsepol-devel-static
+BuildRequires:  gtk2-devel libglade2-devel libxml2-devel sqlite3-devel
+BuildRequires:  java-devel python-devel swig tcl-devel tk-devel
+BuildRequires:  update-alternatives update-desktop-files
+Requires:       setools-libs = %{version}-%{release} setools-libs-tcl = %{version}-%{release} setools-gui = %{version}-%{release} setools-console = %{version}-%{release}
+
+%description
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This meta-package depends upon the main packages necessary to run
+SETools.
+
+%package libs
+License:        LGPL v2
+Summary:        Policy analysis support libraries for SELinux
+Group:          System Environment/Libraries
+
+%description libs
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes the following run-time libraries:
+
+  libapol       policy analysis library
+  libpoldiff    semantic policy difference library
+  libqpol       library that abstracts policy internals
+  libseaudit    parse and filter SELinux audit messages in log files
+  libsefs       SELinux file contexts library
+
+
+
+%package java
+License:        LGPL v2
+Summary:        Java bindings for SELinux policy analysis
+Group:          Development/Languages
+Requires:       java setools-libs = %{version}
+
+%description java
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes Java bindings for the following libraries:
+
+  libapol       policy analysis library
+  libpoldiff    semantic policy difference library
+  libqpol       library that abstracts policy internals
+  libseaudit    parse and filter SELinux audit messages in log files
+  libsefs       SELinux file contexts library
+
+%package tcl
+License:        LGPL v2
+Summary:        Tcl bindings for SELinux policy analysis
+Group:          Development/Languages
+Requires:       tcl setools-libs = %{version}
+
+%description tcl
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes Tcl bindings for the following libraries:
+
+  libapol       policy analysis library
+  libpoldiff    semantic policy difference library
+  libqpol       library that abstracts policy internals
+  libseaudit    parse and filter SELinux audit messages in log files
+  libsefs       SELinux file contexts library
+
+%package devel
+License:        LGPL v2
+Summary:        Policy analysis development files for SELinux
+Group:          Development/Libraries
+Requires:       libselinux-devel libsepol-devel setools-libs = %{version}
+
+%description devel
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes header files and archives for the following
+libraries:
+
+  libapol       policy analysis library
+  libpoldiff    semantic policy difference library
+  libqpol       library that abstracts policy internals
+  libseaudit    parse and filter SELinux audit messages in log files
+  libsefs       SELinux file contexts library
+
+%package console
+Summary:        Policy analysis command-line tools for SELinux
+Group:          System/Base
+License:        GPL v2 only
+Requires:       setools-libs = %{version} libselinux
+
+%description console
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes the following console tools:
+
+  seaudit-report  audit log analysis tool
+  sechecker       SELinux policy checking tool
+  secmds          command line tools: seinfo, sesearch, findcon,
+                  replcon, and indexcon
+  sediff          semantic policy difference tool
+
+%package gui
+License:        GPL v2 only
+Summary:        Policy analysis graphical tools for SELinux
+Group:          System/Base
+Requires:       tcl tk bwidget
+Requires:       setools-libs = %{version} setools-tcl = %{version}
+Requires:       glib2 gtk2
+# Requires:       usermode
+
+%description gui
+SETools is a collection of graphical tools, command-line tools, and
+libraries designed to facilitate SELinux policy analysis.
+
+This package includes the following graphical tools:
+
+  apol          policy analysis tool
+  seaudit       audit log analysis tool
+  sediffx       semantic policy difference tool
+
+%define setoolsdir %{_datadir}/setools-%{dataversion}
+%define tcllibdir %{_libdir}/setools
+
+%prep
+%setup -q
+%patch0
+%patch1
+%patch2
+
+%build
+%configure \
+	--disable-bwidget-check \
+	--disable-selinux-check \
+	--disable-swig-python \
+	--enable-swig-java \
+	--enable-swig-tcl \
+	--with-java-prefix=%{java_home} \
+	--with-javac-flags="-source 1.5 -target 1.5"
+make %{?jobs:-j%jobs}
+
+%install
+make DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" install
+mkdir -p $RPM_BUILD_ROOT%{_datadir}/applications
+mkdir -p $RPM_BUILD_ROOT%{_datadir}/pixmaps
+install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
+install -p -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/seaudit
+# install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/security/console.apps
+# install -p -m 644 packages/rpm/seaudit.console $RPM_BUILD_ROOT%{_sysconfdir}/security/console.apps/seaudit
+install -d -m 755 $RPM_BUILD_ROOT%{_datadir}/applications
+install -p -m 644 apol/apol.png $RPM_BUILD_ROOT%{_datadir}/pixmaps/apol.png
+install -p -m 644 seaudit/seaudit.png $RPM_BUILD_ROOT%{_datadir}/pixmaps/seaudit.png
+install -p -m 644 sediff/sediffx.png $RPM_BUILD_ROOT%{_datadir}/pixmaps/sediffx.png
+%suse_update_desktop_file -i apol System Security
+%suse_update_desktop_file -i seaudit System Security
+%suse_update_desktop_file -i sediffx System
+# replace absolute symlinks with relative symlinks
+ln -sf ../setools-%{dataversion}/qpol.jar $RPM_BUILD_ROOT/%{_javadir}/qpol.jar
+ln -sf ../setools-%{dataversion}/apol.jar $RPM_BUILD_ROOT/%{_javadir}/apol.jar
+ln -sf ../setools-%{dataversion}/poldiff.jar $RPM_BUILD_ROOT/%{_javadir}/poldiff.jar
+ln -sf ../setools-%{dataversion}/seaudit.jar $RPM_BUILD_ROOT/%{_javadir}/seaudit.jar
+ln -sf ../setools-%{dataversion}/sefs.jar $RPM_BUILD_ROOT/%{_javadir}/sefs.jar
+# remove static libs
+rm -f $RPM_BUILD_ROOT/%{_libdir}/*.a
+# ensure permissions are correct
+chmod 0755 $RPM_BUILD_ROOT%{_libdir}/*.so.*
+chmod 0755 $RPM_BUILD_ROOT%{_libdir}/%{name}/*/*.so.*
+# chmod 0755 $RPM_BUILD_ROOT%{py_sitedir}/*.so.*
+chmod 0755 $RPM_BUILD_ROOT%{_bindir}/*
+ln -sf consolehelper $RPM_BUILD_ROOT%{_bindir}/seaudit
+chmod 0755 $RPM_BUILD_ROOT%{_sbindir}/*
+chmod 0755 $RPM_BUILD_ROOT%{setoolsdir}/seaudit-report-service
+chmod 0644 $RPM_BUILD_ROOT%{tcllibdir}/*/pkgIndex.tcl
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files libs
+%defattr(-,root,root,-)
+%doc AUTHORS ChangeLog COPYING COPYING.GPL COPYING.LGPL KNOWN-BUGS NEWS README
+%{_libdir}/libapol.so.*
+%{_libdir}/libpoldiff.so.*
+%{_libdir}/libqpol.so.*
+%{_libdir}/libseaudit.so.*
+%{_libdir}/libsefs.so.*
+%dir %{setoolsdir}
+# %files -n python-setools
+# %defattr(-,root,root,-)
+# %{py_sitedir}/*
+
+%files java
+%defattr(-,root,root,-)
+%{_libdir}/libjapol.so.*
+%{_libdir}/libjpoldiff.so.*
+%{_libdir}/libjqpol.so.*
+%{_libdir}/libjseaudit.so.*
+%{_libdir}/libjsefs.so.*
+%{setoolsdir}/*.jar
+%{_javadir}/*.jar
+
+%files tcl
+%defattr(-,root,root,-)
+%dir %{tcllibdir}
+%{tcllibdir}/apol/
+%{tcllibdir}/poldiff/
+%{tcllibdir}/qpol/
+%{tcllibdir}/seaudit/
+%{tcllibdir}/sefs/
+
+%files devel
+%defattr(-,root,root,-)
+%{_libdir}/*.so
+%{_libdir}/pkgconfig/*
+%{_includedir}/apol/
+%{_includedir}/poldiff/
+%{_includedir}/qpol/
+%{_includedir}/seaudit/
+%{_includedir}/sefs/
+
+%files console
+%defattr(-,root,root,-)
+%{_bindir}/findcon
+%{_bindir}/indexcon
+%{_bindir}/replcon
+%{_bindir}/seaudit-report
+%{_bindir}/sechecker
+%{_bindir}/sediff
+%{_bindir}/seinfo
+%{_bindir}/sesearch
+%{setoolsdir}/sechecker-profiles/
+%{setoolsdir}/sechecker_help.txt
+%{setoolsdir}/seaudit-report-service
+%{setoolsdir}/seaudit-report.conf
+%{setoolsdir}/seaudit-report.css
+%{_mandir}/man1/findcon.1.gz
+%{_mandir}/man1/indexcon.1.gz
+%{_mandir}/man1/replcon.1.gz
+%{_mandir}/man1/sechecker.1.gz
+%{_mandir}/man1/sediff.1.gz
+%{_mandir}/man1/seinfo.1.gz
+%{_mandir}/man1/sesearch.1.gz
+%{_mandir}/man8/seaudit-report.8.gz
+
+%files gui
+%defattr(-,root,root,-)
+%{_bindir}/apol
+%{_bindir}/seaudit
+%{_bindir}/sediffx
+%dir %{tcllibdir}
+%{tcllibdir}/apol_tcl/
+%{setoolsdir}/apol_help.txt
+%{setoolsdir}/apol_perm_mapping_*
+%{setoolsdir}/domaintrans_help.txt
+%{setoolsdir}/file_relabel_help.txt
+%{setoolsdir}/infoflow_help.txt
+%{setoolsdir}/seaudit_help.txt
+%{setoolsdir}/sediff_help.txt
+%{setoolsdir}/types_relation_help.txt
+%{setoolsdir}/*.glade
+%{setoolsdir}/*.png
+%{setoolsdir}/apol.gif
+%{setoolsdir}/dot_seaudit
+%{_mandir}/man1/apol.1.gz
+%{_mandir}/man1/sediffx.1.gz
+%{_mandir}/man8/seaudit.8.gz
+%{_sbindir}/seaudit
+%config(noreplace) %{_sysconfdir}/pam.d/seaudit
+# %config(noreplace) %{_sysconfdir}/security/console.apps/seaudit
+%{_datadir}/applications/*
+%attr(0644,root,root) %{_datadir}/pixmaps/*.png
+
+%post libs -p /sbin/ldconfig
+
+%postun libs -p /sbin/ldconfig
+
+%post java -p /sbin/ldconfig
+
+%postun java -p /sbin/ldconfig
+
+%post tcl -p /sbin/ldconfig
+
+%postun tcl -p /sbin/ldconfig
+
+%changelog