selinux-refpolicy/refpolicy/support/selinux-refpolicy-sources.spec.skel
2005-08-24 20:42:15 +00:00

99 lines
4.0 KiB
Plaintext

%define type refpolicy
%define POLICYDIR /etc/selinux/%{type}
%define FILE_CON ${POLICYDIR}/contexts/files/file_contexts
%define FC_PRE ${FILE_CON}.pre
Summary: SELinux Reference Policy configuration source files
Name: selinux-refpolicy-sources
Version: REFPOL_VERSION
Release: 1
License: GPL
Group: System Environment/Base
PreReq: m4 make policycoreutils kernel gcc
Requires: checkpolicy >= 1.20
Requires: python
BuildRequires: make m4 python
Obsoletes: policy-sources
Source: refpolicy-%{version}.tar.bz2
Url: http://serefpolicy.sourceforge.net
BuildArch: noarch
BuildRoot: /tmp/rpmbuild/%{name}
%description
This subpackage includes the SELinux Reference Policy
source files, which can be used to build a targeted policy
or strict policy configuration.
%prep
%setup -q -n refpolicy
%build
cp -f policy/modules.conf.targeted_example policy/modules.conf
sed -i -e '/^TYPE/s/strict/targeted/' Makefile
sed -i -e 's/^#DISTRO/DISTRO/' Makefile
make conf
make clean
rm -f support/*.pyc
%install
rm -fR $RPM_BUILD_ROOT
make DESTDIR=$RPM_BUILD_ROOT install-src
%clean
rm -fR $RPM_BUILD_ROOT
%files
%defattr(0600,root,root,0700)
%dir %{_sysconfdir}/selinux/%{type}/src/policy
%config %{_sysconfdir}/selinux/%{type}/src/policy/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/doc
%config %{_sysconfdir}/selinux/%{type}/src/policy/doc/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/doc/templates
%config %{_sysconfdir}/selinux/%{type}/src/policy/doc/templates/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/support
%config %{_sysconfdir}/selinux/%{type}/src/policy/support/*
%attr(0755,root,root) %{_sysconfdir}/selinux/%{type}/src/policy/support/genclassperms.py
%attr(0755,root,root) %{_sysconfdir}/selinux/%{type}/src/policy/support/pyplate.py
%attr(0755,root,root) %{_sysconfdir}/selinux/%{type}/src/policy/support/sedoctool.py
%attr(0755,root,root) %{_sysconfdir}/selinux/%{type}/src/policy/support/segenxml.py
%attr(0755,root,root) %{_sysconfdir}/selinux/%{type}/src/policy/support/set_tunables
%dir %{_sysconfdir}/selinux/%{type}/src/policy/config
%config(noreplace) %{_sysconfdir}/selinux/%{type}/src/policy/config/local.users
%dir %{_sysconfdir}/selinux/%{type}/src/policy/config/appconfig-targeted
%config %{_sysconfdir}/selinux/%{type}/src/policy/config/appconfig-targeted/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/config/appconfig-strict
%config %{_sysconfdir}/selinux/%{type}/src/policy/config/appconfig-strict/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy
%config(noreplace) %{_sysconfdir}/selinux/%{type}/src/policy/policy/users
%config(noreplace) %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules.conf
%config(noreplace) %{_sysconfdir}/selinux/%{type}/src/policy/policy/tunables.conf
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/flask
%config %{_sysconfdir}/selinux/%{type}/src/policy/policy/flask/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/kernel
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/kernel/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/apps
%config %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/apps/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/services
%config %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/services/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/system
%config %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/system/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/admin
%config %{_sysconfdir}/selinux/%{type}/src/policy/policy/modules/admin/*
%dir %{_sysconfdir}/selinux/%{type}/src/policy/policy/support
%config %{_sysconfdir}/selinux/%{type}/src/policy/policy/support/*
%post
if [ -x /usr/sbin/selinuxenabled -a -f /etc/selinux/config ]; then
. /etc/selinux/config
if [ "${SELINUXTYPE}" = "%{type}" ] && /usr/sbin/selinuxenabled; then
make -C %{POLICYDIR}/src/policy load > /dev/null 2>&1
[ -f %{FC_PRE} ] \
&& fixfiles -l /dev/null -C %{FC_PRE} restore \
&& rm -f %{FC_PRE}
fi
fi
exit 0
%changelog