openscap-1.2.4-1

Update to the latest upstream. Upstream dropped selinux policy due to
bug rhbz#1209969. We should drop the sub-package as well. However, we
cannot obsolete selinux noarch sub-package from base package that is
arch. Otherwise we risk for things to slip through cracks as they did
with rhbz#1028706. Ideas?

Also introduce new probe for symlink_test.

.gitignore

@@ -46,3 +46,4 @@ openscap-0.6.0.tar.gz
 /openscap-1.2.1.tar.gz
 /openscap-1.2.2.tar.gz
 /openscap-1.2.3.tar.gz
+/openscap-1.2.4.tar.gz

openscap.spec

@@ -5,8 +5,8 @@
 restorecon -R /usr/bin/oscap /usr/libexec/openscap; \
 
 Name:           openscap
-Version:        1.2.3
-Release:        3%{?dist}
+Version:        1.2.4
+Release:        1%{?dist}
 Summary:        Set of open source libraries enabling integration of the SCAP line of standards
 Group:          System Environment/Libraries
 License:        LGPLv2+
@@ -154,18 +154,16 @@ Requires:       pkgconfig
 The %{name}-engine-sce-devel package contains libraries and header files
 for developing applications that use %{name}-engine-sce.
 
-%package        selinux
-Summary:        SELinux policy module for openscap
+%package        selinux-compat
+Summary:        Compat package to handle previous selinux policy
 Group:          System Environment/Base
 Requires:       %{name}-utils = %{version}-%{release}
-Requires:       policycoreutils, libselinux-utils
-Requires(post): selinux-policy-base, policycoreutils
-Requires(postun): policycoreutils
-BuildRequires:  selinux-policy-devel
 BuildArch:      noarch
+Obsoletes:	openscap-selinux
 
-%description    selinux
-This package installs and sets up the  SELinux policy security module for openscap.
+%description    selinux-compat
+This package is empty and kept only for compatibility reasons.
+# It cannot be really dropped because of issues like: rhbz#1028706.
 
 %prep
 %setup -q
@@ -180,7 +178,7 @@ export CFLAGS="$RPM_OPT_FLAGS -fpie"
 export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
 %endif
 
-%configure --enable-sce --enable-perl --enable-selinux_policy --enable-python3
+%configure --enable-sce --enable-perl --enable-python3
 
 make %{?_smp_mflags}
 # Remove shebang from bash-completion script
@@ -214,26 +212,8 @@ rm -rf $RPM_BUILD_ROOT
 
 %post -p /sbin/ldconfig
 
-%post selinux
-semodule -n -i %{_datadir}/selinux/packages/oscap.pp
-if /usr/sbin/selinuxenabled ; then
-    /usr/sbin/load_policy
-    %relabel_files
-fi;
-exit 0
-
 %postun -p /sbin/ldconfig
 
-%postun selinux
-if [ $1 -eq 0 ]; then
-    semodule -n -r oscap
-    if /usr/sbin/selinuxenabled ; then
-       /usr/sbin/load_policy
-       %relabel_files
-    fi;
-fi;
-exit 0
-
 %files
 %defattr(-,root,root,-)
 %doc AUTHORS COPYING ChangeLog NEWS README.md
@@ -262,6 +242,7 @@ exit 0
 %{_libexecdir}/openscap/probe_selinuxboolean
 %{_libexecdir}/openscap/probe_selinuxsecuritycontext
 %{_libexecdir}/openscap/probe_shadow
+%{_libexecdir}/openscap/probe_symlink
 %{_libexecdir}/openscap/probe_sysctl
 %{_libexecdir}/openscap/probe_system_info
 %{_libexecdir}/openscap/probe_systemdunitdependency
@@ -310,6 +291,8 @@ exit 0
 %{_bindir}/oscap
 %{_sysconfdir}/bash_completion.d
 
+%files selinux-compat
+
 %files utils
 %defattr(-,root,root,-)
 %doc docs/oscap-scan.cron
@@ -333,12 +316,11 @@ exit 0
 %files engine-sce
 %{_libdir}/libopenscap_sce.so.*
 
-%files selinux
-%attr(0600,root,root) %{_datadir}/selinux/packages/oscap.pp
-%{_datadir}/selinux/devel/include/contrib/oscap.if
-# %{_mandir}/man8/openscap_selinux.8.*
-
 %changelog
+* Sat Jun 20 2015 Šimon Lukašík <slukasik@redhat.com> - 1.2.4-1
+- upgrade to the latest upstream release.
+- Content of selinux package has been purged.
+
 * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.3-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
 

sources

@@ -1 +1 @@
-2b0ba1f934f363e973cdafd8a8a52099  openscap-1.2.3.tar.gz
+52a412bf25efc107c80090aba50e4892  openscap-1.2.4.tar.gz