rpms/memcached
5
0
Fork 0
Code Issues Pull Requests Releases Activity

add "selinux" subpackage containing SELinux policy module

Browse Source
This commit is contained in:
Vit Mojzis 2018-06-13 11:32:25 +00:00 committed by Miroslav Lichvar
parent 6565b0dbca
commit 6f0fa3cf49
3 changed files with 57 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +1,2 @@
/memcached-1.5.8.tar.gz /memcached-1.5.8.tar.gz
/memcached-selinux-1.0.tar.gz

57
memcached.spec
View File

@ -2,10 +2,15 @@
%define groupname memcached %define groupname memcached
%bcond_without sasl %bcond_without sasl
%bcond_with seccomp %bcond_with seccomp
%global selinuxtype targeted
%global selinuxmoduletype contrib
%global selinuxmodulename memcached
%global selinuxmodulever 1.0
%global selinuxmoduledir %{selinuxmodulename}-selinux-%{selinuxmodulever}
Name: memcached Name: memcached
Version: 1.5.8 Version: 1.5.8
Release: 1%{?dist} Release: 2%{?dist}
Epoch: 0 Epoch: 0
Summary: High Performance, Distributed Memory Object Cache Summary: High Performance, Distributed Memory Object Cache
@ -14,6 +19,8 @@ License: BSD
URL: https://www.memcached.org/ URL: https://www.memcached.org/
Source0: https://www.memcached.org/files/%{name}-%{version}.tar.gz Source0: https://www.memcached.org/files/%{name}-%{version}.tar.gz
Source1: memcached.sysconfig Source1: memcached.sysconfig
# SELinux policy sources: https://pagure.io/memcached-selinux/tree/master
Source2: https://pagure.io/memcached-selinux/raw/master/f/%{selinuxmoduledir}.tar.gz
Patch1: memcached-unit.patch Patch1: memcached-unit.patch
@ -40,8 +47,21 @@ Requires: %{name} = %{epoch}:%{version}-%{release}
Install memcached-devel if you are developing C/C++ applications that require Install memcached-devel if you are developing C/C++ applications that require
access to the memcached binary include files. access to the memcached binary include files.
%package selinux
Summary: Selinux policy module
Group: System Environment/Base
License: GPLv2
BuildRequires: selinux-policy
%{?selinux_requires}
%description selinux
Install memcached-selinux to ensure your system contains the latest SELinux policy
optimised for use with this version of memcached.
%prep %prep
%setup -q # Unpack memcached sources into memcached-X.X.X directory
# and SELinux policy sources into memcached-selinux-X.X
%setup -q -b 2
%patch1 -p1 -b .unit %patch1 -p1 -b .unit
%build %build
@ -51,6 +71,10 @@ access to the memcached binary include files.
make %{?_smp_mflags} make %{?_smp_mflags}
pushd ../%{selinuxmoduledir}
make
popd
%check %check
# disable testing as it is unreliable on build systems # disable testing as it is unreliable on build systems
exit 0 exit 0
@ -83,6 +107,14 @@ install -Dp -m0644 scripts/memcached.service \
# Default configs # Default configs
install -Dp -m0644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/sysconfig/%{name} install -Dp -m0644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/sysconfig/%{name}
# install SELinux policy module
pushd ../%{selinuxmoduledir}
install -d %{buildroot}%{_datadir}/selinux/packages
install -d -p %{buildroot}%{_datadir}/selinux/devel/include/%{selinuxmoduletype}
# Not installing memcached.if - interface file from selinux-policy-devel will be used
# see. "Independant product policy" documentation for more details
install -m 0644 %{selinuxmodulename}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages
popd
%pre %pre
getent group %{groupname} >/dev/null || groupadd -r %{groupname} getent group %{groupname} >/dev/null || groupadd -r %{groupname}
@ -91,10 +123,15 @@ useradd -r -g %{groupname} -d /run/memcached \
-s /sbin/nologin -c "Memcached daemon" %{username} -s /sbin/nologin -c "Memcached daemon" %{username}
exit 0 exit 0
%pre selinux
%selinux_relabel_pre -s %{selinuxtype}
%post %post
%systemd_post memcached.service %systemd_post memcached.service
%post selinux
# install selinux policy module with priority 200 to override the default policy
%selinux_modules_install -s %{selinuxtype} -p 200 %{_datadir}/selinux/packages/%{selinuxmodulename}.pp.bz2 &> /dev/null
%preun %preun
%systemd_preun memcached.service %systemd_preun memcached.service
@ -103,6 +140,13 @@ exit 0
%postun %postun
%systemd_postun_with_restart memcached.service %systemd_postun_with_restart memcached.service
%postun selinux
if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s %{selinuxtype} -p 200 %{selinuxmodulename}
fi
%posttrans selinux
%selinux_relabel_post -s %{selinuxtype} &> /dev/null
%files %files
%doc AUTHORS ChangeLog COPYING NEWS README.md doc/CONTRIBUTORS doc/*.txt %doc AUTHORS ChangeLog COPYING NEWS README.md doc/CONTRIBUTORS doc/*.txt
@ -117,7 +161,16 @@ exit 0
%files devel %files devel
%{_includedir}/memcached/* %{_includedir}/memcached/*
%files selinux
%defattr(-,root,root,0755)
%attr(0644,root,root) %{_datadir}/selinux/packages/%{selinuxmodulename}.pp.bz2
%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{selinuxmodulename}
%license COPYING
%changelog %changelog
* Tue Jun 05 2018 Vit Mojzis <vmojzis@redhat.com> - 0:1.5.8-2
- add "selinux" subpackage containing SELinux policy module
* Fri May 25 2018 Miroslav Lichvar <mlichvar@redhat.com> - 0:1.5.8-1 * Fri May 25 2018 Miroslav Lichvar <mlichvar@redhat.com> - 0:1.5.8-1
- update to 1.5.8 - update to 1.5.8
- use system CFLAGS and LDFLAGS - use system CFLAGS and LDFLAGS

1
sources
View File

@ -1 +1,2 @@
SHA512 (memcached-1.5.8.tar.gz) = 6f0e3ce9cae3e424c41223597353b9520e7e7f97fb4719a5d520dfd34e1d917d4ee0e42bced0a5799042227b80bc4ed2778715a71b9941239db13cb367bdb088 SHA512 (memcached-1.5.8.tar.gz) = 6f0e3ce9cae3e424c41223597353b9520e7e7f97fb4719a5d520dfd34e1d917d4ee0e42bced0a5799042227b80bc4ed2778715a71b9941239db13cb367bdb088
SHA512 (memcached-selinux-1.0.tar.gz) = 0b1f65c2f45fe15d45f470cd42c8164865d4f667cca5a2139098fdc41afa52ac867cf8edf360c8f59b878e2e41a07edd6673162f097ad9be079cffa1ddecdea5