# # spec file for package libselinux (Version 2.0.77) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild %define libsepol_ver 2.0.32 BuildRequires: libsepol-devel >= %{libsepol_ver} Name: libselinux Version: 2.0.77 Release: 1 Url: http://www.nsa.gov/selinux/ License: GPL v2 only; Public Domain, Freeware Group: System/Libraries Summary: SELinux library and simple utilities Source: %{name}-%{version}.tar.bz2 Patch0: %{name}-%{version}-rhat.patch.bz2 BuildRoot: %{_tmppath}/%{name}-%{version}-build %define debug_package_requires libselinux1 = %{version}-%{release} %description Security-enhanced Linux is a feature of the Linux(R) kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement(R), Role-based Access Control, and Multi-level Security. libselinux provides an API for SELinux applications to get and set process and file security contexts and to obtain security policy decisions. Required for any applications that use the SELinux API. %package -n libselinux1 License: GPL v2 only; Public Domain, Freeware Group: System/Libraries Summary: SELinux library and simple utilities %description -n libselinux1 Security-enhanced Linux is a feature of the Linux(R) kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement(R), Role-based Access Control, and Multi-level Security. libselinux provides an API for SELinux applications to get and set process and file security contexts and to obtain security policy decisions. Required for any applications that use the SELinux API. %package -n selinux-tools License: GPL v2 only; Public Domain, Freeware Group: System/Base Summary: SELinux library and simple utilities %description -n selinux-tools Security-enhanced Linux is a feature of the Linux(R) kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement(R), Role-based Access Control, and Multi-level Security. libselinux provides an API for SELinux applications to get and set process and file security contexts and to obtain security policy decisions. Required for any applications that use the SELinux API. %package devel License: GPL v2 only; Public Domain, Freeware Summary: Development Include Files and Libraries for SELinux Group: Development/Libraries/C and C++ Requires: libselinux1 = %{version} Requires: libsepol-devel >= %{libsepol_ver} %description devel Security-enhanced Linux is a patch of the Linux(R) kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement(R), Role-based Access Control, and Multi-level Security. This package contains the header files and static libraries, which are necessary to develop your own software using libselinux. %prep %setup -q %patch0 -p1 %build make %{?jobs:-j%jobs} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS" %install mkdir -p $RPM_BUILD_ROOT/%{_lib} mkdir -p $RPM_BUILD_ROOT%{_libdir} mkdir -p $RPM_BUILD_ROOT%{_includedir} mkdir -p $RPM_BUILD_ROOT%{_sbindir} mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/setrans make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="$RPM_BUILD_ROOT%{_libdir}" SHLIBDIR="$RPM_BUILD_ROOT/%{_lib}" BINDIR="$RPM_BUILD_ROOT%{_sbindir}" install rm -f $RPM_BUILD_ROOT%{_sbindir}/compute_* rm -f $RPM_BUILD_ROOT%{_sbindir}/deftype rm -f $RPM_BUILD_ROOT%{_sbindir}/execcon rm -f $RPM_BUILD_ROOT%{_sbindir}/getenforcemode rm -f $RPM_BUILD_ROOT%{_sbindir}/getfilecon rm -f $RPM_BUILD_ROOT%{_sbindir}/getpidcon rm -f $RPM_BUILD_ROOT%{_sbindir}/mkdircon rm -f $RPM_BUILD_ROOT%{_sbindir}/policyvers rm -f $RPM_BUILD_ROOT%{_sbindir}/setfilecon rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxconfig rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxdisable rm -f $RPM_BUILD_ROOT%{_sbindir}/getseuser rm -f $RPM_BUILD_ROOT%{_sbindir}/selinux_check_securetty_context mv $RPM_BUILD_ROOT%{_sbindir}/getdefaultcon $RPM_BUILD_ROOT%{_sbindir}/selinuxdefcon mv $RPM_BUILD_ROOT%{_sbindir}/getconlist $RPM_BUILD_ROOT%{_sbindir}/selinuxconlist %clean rm -rf $RPM_BUILD_ROOT %post -n libselinux1 -p /sbin/ldconfig %postun -n libselinux1 -p /sbin/ldconfig %files -n selinux-tools %defattr(-,root,root,-) %{_sbindir}/avcstat %{_sbindir}/getenforce %{_sbindir}/getsebool /sbin/matchpathcon %{_sbindir}/matchpathcon %{_sbindir}/selinuxconlist %{_sbindir}/selinuxdefcon %{_sbindir}/selinuxenabled %{_sbindir}/setenforce %{_sbindir}/togglesebool %{_mandir}/man5/* %{_mandir}/man8/* %files -n libselinux1 %defattr(-,root,root,-) /%{_lib}/libselinux.so.* %{_localstatedir}/run/setrans %files devel %defattr(-,root,root,-) %{_libdir}/libselinux.so %{_libdir}/libselinux.a %dir %{_includedir}/selinux %{_includedir}/selinux/* %{_mandir}/man3/* %changelog * Wed Jan 14 2009 prusnak@suse.cz - updated to 2.0.77 * add new function getseuser which will take username and service and return seuser and level; ipa will populate file in future * change selinuxdefcon to return just the context by default * fix segfault if seusers file does not work * strip trailing / for matchpathcon * fix restorecon python code * Mon Dec 01 2008 prusnak@suse.cz - updated to 2.0.76 * allow shell-style wildcarding in X names * add Restorecon/Install python functions * correct message types in AVC log messages * make matchpathcon -V pass mode * add man page for selinux_file_context_cmp * update flask headers from refpolicy trunk * Wed Oct 22 2008 mrueckert@suse.de - fix debug_packages_requires define * Tue Sep 23 2008 prusnak@suse.cz - require only version, not release [bnc#429053] * Tue Sep 02 2008 prusnak@suse.cz - updated to 2.0.71 * Add group support to seusers using %%groupname syntax from Dan Walsh. * Mark setrans socket close-on-exec from Stephen Smalley. * Only apply nodups checking to base file contexts from Stephen Smalley. * Merge ruby bindings from Dan Walsh. * Mon Sep 01 2008 aj@suse.de - Fix build of debuginfo. * Fri Aug 22 2008 prusnak@suse.cz - added baselibs.conf file - split bindings into separate subpackage (libselinux-bindings) - split tools into separate subpackage (selinux-tools) * Fri Aug 01 2008 ro@suse.de - fix requires for debuginfo package * Tue Jul 15 2008 prusnak@suse.cz - initial version 2.0.67 * based on Fedora package by Dan Walsh