SHA256
1
0
forked from pool/libselinux
libselinux/libselinux.spec

226 lines
8.4 KiB
RPMSpec
Raw Normal View History

#
# spec file for package libselinux (Version 2.0.77)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
%define libsepol_ver 2.0.32
BuildRequires: libsepol-devel >= %{libsepol_ver}
Name: libselinux
Version: 2.0.77
Release: 2
Url: http://www.nsa.gov/selinux/
License: GPL v2 only; Public Domain, Freeware
Group: System/Libraries
Summary: SELinux library and simple utilities
Source: %{name}-%{version}.tar.bz2
Patch0: %{name}-%{version}-rhat.patch.bz2
Patch1: %{name}-%{version}-memleak.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define debug_package_requires libselinux1 = %{version}-%{release}
%description
Security-enhanced Linux is a feature of the Linux(R) kernel and a
number of utilities with enhanced security functionality designed to
add mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These architectural
components provide general support for the enforcement of many kinds of
mandatory access control policies, including those based on the
concepts of Type Enforcement(R), Role-based Access Control, and
Multi-level Security.
libselinux provides an API for SELinux applications to get and set
process and file security contexts and to obtain security policy
decisions. Required for any applications that use the SELinux API.
%package -n libselinux1
License: GPL v2 only; Public Domain, Freeware
Group: System/Libraries
Summary: SELinux library and simple utilities
%description -n libselinux1
Security-enhanced Linux is a feature of the Linux(R) kernel and a
number of utilities with enhanced security functionality designed to
add mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These architectural
components provide general support for the enforcement of many kinds of
mandatory access control policies, including those based on the
concepts of Type Enforcement(R), Role-based Access Control, and
Multi-level Security.
libselinux provides an API for SELinux applications to get and set
process and file security contexts and to obtain security policy
decisions. Required for any applications that use the SELinux API.
%package -n selinux-tools
License: GPL v2 only; Public Domain, Freeware
Group: System/Base
Summary: SELinux library and simple utilities
%description -n selinux-tools
Security-enhanced Linux is a feature of the Linux(R) kernel and a
number of utilities with enhanced security functionality designed to
add mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These architectural
components provide general support for the enforcement of many kinds of
mandatory access control policies, including those based on the
concepts of Type Enforcement(R), Role-based Access Control, and
Multi-level Security.
libselinux provides an API for SELinux applications to get and set
process and file security contexts and to obtain security policy
decisions. Required for any applications that use the SELinux API.
%package devel
License: GPL v2 only; Public Domain, Freeware
Summary: Development Include Files and Libraries for SELinux
Group: Development/Libraries/C and C++
Requires: libselinux1 = %{version}
Requires: libsepol-devel >= %{libsepol_ver}
%description devel
Security-enhanced Linux is a patch of the Linux(R) kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux kernel
contains new architectural components originally developed to improve
the security of the Flask operating system. These architectural
components provide general support for the enforcement of many kinds of
mandatory access control policies, including those based on the
concepts of Type Enforcement(R), Role-based Access Control, and
Multi-level Security.
This package contains the header files and static libraries, which are
necessary to develop your own software using libselinux.
%prep
%setup -q
%patch0 -p1
%patch1
%build
make %{?jobs:-j%jobs} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS"
%install
mkdir -p $RPM_BUILD_ROOT/%{_lib}
mkdir -p $RPM_BUILD_ROOT%{_libdir}
mkdir -p $RPM_BUILD_ROOT%{_includedir}
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/setrans
make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="$RPM_BUILD_ROOT%{_libdir}" SHLIBDIR="$RPM_BUILD_ROOT/%{_lib}" BINDIR="$RPM_BUILD_ROOT%{_sbindir}" install
rm -f $RPM_BUILD_ROOT%{_sbindir}/compute_*
rm -f $RPM_BUILD_ROOT%{_sbindir}/deftype
rm -f $RPM_BUILD_ROOT%{_sbindir}/execcon
rm -f $RPM_BUILD_ROOT%{_sbindir}/getenforcemode
rm -f $RPM_BUILD_ROOT%{_sbindir}/getfilecon
rm -f $RPM_BUILD_ROOT%{_sbindir}/getpidcon
rm -f $RPM_BUILD_ROOT%{_sbindir}/mkdircon
rm -f $RPM_BUILD_ROOT%{_sbindir}/policyvers
rm -f $RPM_BUILD_ROOT%{_sbindir}/setfilecon
rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxconfig
rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxdisable
rm -f $RPM_BUILD_ROOT%{_sbindir}/getseuser
rm -f $RPM_BUILD_ROOT%{_sbindir}/selinux_check_securetty_context
mv $RPM_BUILD_ROOT%{_sbindir}/getdefaultcon $RPM_BUILD_ROOT%{_sbindir}/selinuxdefcon
mv $RPM_BUILD_ROOT%{_sbindir}/getconlist $RPM_BUILD_ROOT%{_sbindir}/selinuxconlist
%clean
rm -rf $RPM_BUILD_ROOT
%post -n libselinux1 -p /sbin/ldconfig
%postun -n libselinux1 -p /sbin/ldconfig
%files -n selinux-tools
%defattr(-,root,root,-)
%{_sbindir}/avcstat
%{_sbindir}/getenforce
%{_sbindir}/getsebool
/sbin/matchpathcon
%{_sbindir}/matchpathcon
%{_sbindir}/selinuxconlist
%{_sbindir}/selinuxdefcon
%{_sbindir}/selinuxenabled
%{_sbindir}/setenforce
%{_sbindir}/togglesebool
%{_mandir}/man5/*
%{_mandir}/man8/*
%files -n libselinux1
%defattr(-,root,root,-)
/%{_lib}/libselinux.so.*
%{_localstatedir}/run/setrans
%files devel
%defattr(-,root,root,-)
%{_libdir}/libselinux.so
%{_libdir}/libselinux.a
%dir %{_includedir}/selinux
%{_includedir}/selinux/*
%{_mandir}/man3/*
%changelog
* Fri Apr 17 2009 prusnak@suse.cz
- fixed memory leak (memleak.patch)
* Wed Jan 14 2009 prusnak@suse.cz
- updated to 2.0.77
* add new function getseuser which will take username and service
and return seuser and level; ipa will populate file in future
* change selinuxdefcon to return just the context by default
* fix segfault if seusers file does not work
* strip trailing / for matchpathcon
* fix restorecon python code
* Mon Dec 01 2008 prusnak@suse.cz
- updated to 2.0.76
* allow shell-style wildcarding in X names
* add Restorecon/Install python functions
* correct message types in AVC log messages
* make matchpathcon -V pass mode
* add man page for selinux_file_context_cmp
* update flask headers from refpolicy trunk
* Wed Oct 22 2008 mrueckert@suse.de
- fix debug_packages_requires define
* Tue Sep 23 2008 prusnak@suse.cz
- require only version, not release [bnc#429053]
* Tue Sep 02 2008 prusnak@suse.cz
- updated to 2.0.71
* Add group support to seusers using %%groupname syntax from Dan Walsh.
* Mark setrans socket close-on-exec from Stephen Smalley.
* Only apply nodups checking to base file contexts from Stephen Smalley.
* Merge ruby bindings from Dan Walsh.
* Mon Sep 01 2008 aj@suse.de
- Fix build of debuginfo.
* Fri Aug 22 2008 prusnak@suse.cz
- added baselibs.conf file
- split bindings into separate subpackage (libselinux-bindings)
- split tools into separate subpackage (selinux-tools)
* Fri Aug 01 2008 ro@suse.de
- fix requires for debuginfo package
* Tue Jul 15 2008 prusnak@suse.cz
- initial version 2.0.67
* based on Fedora package by Dan Walsh <dwalsh@redhat.com>