forked from pool/libselinux
222 lines
8.3 KiB
RPMSpec
222 lines
8.3 KiB
RPMSpec
#
|
|
# spec file for package libselinux (Version 2.0.77)
|
|
#
|
|
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
# norootforbuild
|
|
|
|
%define libsepol_ver 2.0.32
|
|
BuildRequires: libsepol-devel >= %{libsepol_ver}
|
|
|
|
Name: libselinux
|
|
Version: 2.0.77
|
|
Release: 1
|
|
Url: http://www.nsa.gov/selinux/
|
|
License: GPL v2 only; Public Domain, Freeware
|
|
Group: System/Libraries
|
|
Summary: SELinux library and simple utilities
|
|
Source: %{name}-%{version}.tar.bz2
|
|
Patch0: %{name}-%{version}-rhat.patch.bz2
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
%define debug_package_requires libselinux1 = %{version}-%{release}
|
|
|
|
%description
|
|
Security-enhanced Linux is a feature of the Linux(R) kernel and a
|
|
number of utilities with enhanced security functionality designed to
|
|
add mandatory access controls to Linux. The Security-enhanced Linux
|
|
kernel contains new architectural components originally developed to
|
|
improve the security of the Flask operating system. These architectural
|
|
components provide general support for the enforcement of many kinds of
|
|
mandatory access control policies, including those based on the
|
|
concepts of Type Enforcement(R), Role-based Access Control, and
|
|
Multi-level Security.
|
|
|
|
libselinux provides an API for SELinux applications to get and set
|
|
process and file security contexts and to obtain security policy
|
|
decisions. Required for any applications that use the SELinux API.
|
|
|
|
|
|
|
|
%package -n libselinux1
|
|
License: GPL v2 only; Public Domain, Freeware
|
|
Group: System/Libraries
|
|
Summary: SELinux library and simple utilities
|
|
|
|
%description -n libselinux1
|
|
Security-enhanced Linux is a feature of the Linux(R) kernel and a
|
|
number of utilities with enhanced security functionality designed to
|
|
add mandatory access controls to Linux. The Security-enhanced Linux
|
|
kernel contains new architectural components originally developed to
|
|
improve the security of the Flask operating system. These architectural
|
|
components provide general support for the enforcement of many kinds of
|
|
mandatory access control policies, including those based on the
|
|
concepts of Type Enforcement(R), Role-based Access Control, and
|
|
Multi-level Security.
|
|
|
|
libselinux provides an API for SELinux applications to get and set
|
|
process and file security contexts and to obtain security policy
|
|
decisions. Required for any applications that use the SELinux API.
|
|
|
|
|
|
|
|
%package -n selinux-tools
|
|
License: GPL v2 only; Public Domain, Freeware
|
|
Group: System/Base
|
|
Summary: SELinux library and simple utilities
|
|
|
|
%description -n selinux-tools
|
|
Security-enhanced Linux is a feature of the Linux(R) kernel and a
|
|
number of utilities with enhanced security functionality designed to
|
|
add mandatory access controls to Linux. The Security-enhanced Linux
|
|
kernel contains new architectural components originally developed to
|
|
improve the security of the Flask operating system. These architectural
|
|
components provide general support for the enforcement of many kinds of
|
|
mandatory access control policies, including those based on the
|
|
concepts of Type Enforcement(R), Role-based Access Control, and
|
|
Multi-level Security.
|
|
|
|
libselinux provides an API for SELinux applications to get and set
|
|
process and file security contexts and to obtain security policy
|
|
decisions. Required for any applications that use the SELinux API.
|
|
|
|
|
|
|
|
%package devel
|
|
License: GPL v2 only; Public Domain, Freeware
|
|
Summary: Development Include Files and Libraries for SELinux
|
|
Group: Development/Libraries/C and C++
|
|
Requires: libselinux1 = %{version}
|
|
Requires: libsepol-devel >= %{libsepol_ver}
|
|
|
|
%description devel
|
|
Security-enhanced Linux is a patch of the Linux(R) kernel and a number
|
|
of utilities with enhanced security functionality designed to add
|
|
mandatory access controls to Linux. The Security-enhanced Linux kernel
|
|
contains new architectural components originally developed to improve
|
|
the security of the Flask operating system. These architectural
|
|
components provide general support for the enforcement of many kinds of
|
|
mandatory access control policies, including those based on the
|
|
concepts of Type Enforcement(R), Role-based Access Control, and
|
|
Multi-level Security.
|
|
|
|
This package contains the header files and static libraries, which are
|
|
necessary to develop your own software using libselinux.
|
|
|
|
|
|
|
|
%prep
|
|
%setup -q
|
|
%patch0 -p1
|
|
|
|
%build
|
|
make %{?jobs:-j%jobs} LIBDIR="%{_libdir}" CFLAGS="$RPM_OPT_FLAGS"
|
|
|
|
%install
|
|
mkdir -p $RPM_BUILD_ROOT/%{_lib}
|
|
mkdir -p $RPM_BUILD_ROOT%{_libdir}
|
|
mkdir -p $RPM_BUILD_ROOT%{_includedir}
|
|
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
|
|
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/setrans
|
|
make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="$RPM_BUILD_ROOT%{_libdir}" SHLIBDIR="$RPM_BUILD_ROOT/%{_lib}" BINDIR="$RPM_BUILD_ROOT%{_sbindir}" install
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/compute_*
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/deftype
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/execcon
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/getenforcemode
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/getfilecon
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/getpidcon
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/mkdircon
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/policyvers
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/setfilecon
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxconfig
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/selinuxdisable
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/getseuser
|
|
rm -f $RPM_BUILD_ROOT%{_sbindir}/selinux_check_securetty_context
|
|
mv $RPM_BUILD_ROOT%{_sbindir}/getdefaultcon $RPM_BUILD_ROOT%{_sbindir}/selinuxdefcon
|
|
mv $RPM_BUILD_ROOT%{_sbindir}/getconlist $RPM_BUILD_ROOT%{_sbindir}/selinuxconlist
|
|
|
|
%clean
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
%post -n libselinux1 -p /sbin/ldconfig
|
|
|
|
%postun -n libselinux1 -p /sbin/ldconfig
|
|
|
|
%files -n selinux-tools
|
|
%defattr(-,root,root,-)
|
|
%{_sbindir}/avcstat
|
|
%{_sbindir}/getenforce
|
|
%{_sbindir}/getsebool
|
|
/sbin/matchpathcon
|
|
%{_sbindir}/matchpathcon
|
|
%{_sbindir}/selinuxconlist
|
|
%{_sbindir}/selinuxdefcon
|
|
%{_sbindir}/selinuxenabled
|
|
%{_sbindir}/setenforce
|
|
%{_sbindir}/togglesebool
|
|
%{_mandir}/man5/*
|
|
%{_mandir}/man8/*
|
|
|
|
%files -n libselinux1
|
|
%defattr(-,root,root,-)
|
|
/%{_lib}/libselinux.so.*
|
|
%{_localstatedir}/run/setrans
|
|
|
|
%files devel
|
|
%defattr(-,root,root,-)
|
|
%{_libdir}/libselinux.so
|
|
%{_libdir}/libselinux.a
|
|
%dir %{_includedir}/selinux
|
|
%{_includedir}/selinux/*
|
|
%{_mandir}/man3/*
|
|
|
|
%changelog
|
|
* Wed Jan 14 2009 prusnak@suse.cz
|
|
- updated to 2.0.77
|
|
* add new function getseuser which will take username and service
|
|
and return seuser and level; ipa will populate file in future
|
|
* change selinuxdefcon to return just the context by default
|
|
* fix segfault if seusers file does not work
|
|
* strip trailing / for matchpathcon
|
|
* fix restorecon python code
|
|
* Mon Dec 01 2008 prusnak@suse.cz
|
|
- updated to 2.0.76
|
|
* allow shell-style wildcarding in X names
|
|
* add Restorecon/Install python functions
|
|
* correct message types in AVC log messages
|
|
* make matchpathcon -V pass mode
|
|
* add man page for selinux_file_context_cmp
|
|
* update flask headers from refpolicy trunk
|
|
* Wed Oct 22 2008 mrueckert@suse.de
|
|
- fix debug_packages_requires define
|
|
* Tue Sep 23 2008 prusnak@suse.cz
|
|
- require only version, not release [bnc#429053]
|
|
* Tue Sep 02 2008 prusnak@suse.cz
|
|
- updated to 2.0.71
|
|
* Add group support to seusers using %%groupname syntax from Dan Walsh.
|
|
* Mark setrans socket close-on-exec from Stephen Smalley.
|
|
* Only apply nodups checking to base file contexts from Stephen Smalley.
|
|
* Merge ruby bindings from Dan Walsh.
|
|
* Mon Sep 01 2008 aj@suse.de
|
|
- Fix build of debuginfo.
|
|
* Fri Aug 22 2008 prusnak@suse.cz
|
|
- added baselibs.conf file
|
|
- split bindings into separate subpackage (libselinux-bindings)
|
|
- split tools into separate subpackage (selinux-tools)
|
|
* Fri Aug 01 2008 ro@suse.de
|
|
- fix requires for debuginfo package
|
|
* Tue Jul 15 2008 prusnak@suse.cz
|
|
- initial version 2.0.67
|
|
* based on Fedora package by Dan Walsh <dwalsh@redhat.com>
|