2019-08-05 11:45:23 +00:00
|
|
|
%global libauditver 3.0
|
2024-12-18 15:14:46 +00:00
|
|
|
%global libsepolver 3.8-0.rc3
|
|
|
|
|
%global libsemanagever 3.8-0.rc3
|
|
|
|
|
%global libselinuxver 3.8-0.rc3
|
2010-02-16 19:49:37 +00:00
|
|
|
|
2016-07-20 20:26:10 +00:00
|
|
|
%global generatorsdir %{_prefix}/lib/systemd/system-generators
|
|
|
|
|
|
2018-07-16 12:47:02 +00:00
|
|
|
# Disable automatic compilation of Python files in extra directories
|
|
|
|
|
%global _python_bytecompile_extra 0
|
|
|
|
|
|
2007-07-20 16:09:40 +00:00
|
|
|
Summary: SELinux policy core utilities
|
2017-12-13 17:33:19 +00:00
|
|
|
Name: policycoreutils
|
2024-11-28 20:58:25 +00:00
|
|
|
Version: 3.8
|
2024-12-18 15:14:46 +00:00
|
|
|
Release: 0.rc3.1%{?dist}
|
2022-11-09 16:24:08 +00:00
|
|
|
License: GPL-2.0-or-later
|
2015-02-02 15:42:37 +00:00
|
|
|
# https://github.com/SELinuxProject/selinux/wiki/Releases
|
2024-12-18 15:14:46 +00:00
|
|
|
Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/selinux-%{version}-rc3.tar.gz
|
|
|
|
|
Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/selinux-%{version}-rc3.tar.gz.asc
|
2024-06-27 15:54:30 +00:00
|
|
|
Source2: https://github.com/bachradsusi.gpg
|
2019-01-30 09:09:38 +00:00
|
|
|
URL: https://github.com/SELinuxProject/selinux
|
2017-08-07 15:13:28 +00:00
|
|
|
Source13: system-config-selinux.png
|
|
|
|
|
Source14: sepolicy-icons.tgz
|
|
|
|
|
Source15: selinux-autorelabel
|
|
|
|
|
Source16: selinux-autorelabel.service
|
|
|
|
|
Source17: selinux-autorelabel-mark.service
|
|
|
|
|
Source18: selinux-autorelabel.target
|
|
|
|
|
Source19: selinux-autorelabel-generator.sh
|
2023-10-30 15:18:33 +00:00
|
|
|
# Drop this when upstream updates translations and the package is rebased
|
|
|
|
|
# wlc --key <apikey> --url https://translate.fedoraproject.org/api/ download selinux/policycoreutils --output ./
|
|
|
|
|
Source20: selinux-policycoreutils.zip
|
|
|
|
|
# wlc --key <apikey> --url https://translate.fedoraproject.org/api/ download selinux/python --output ./
|
|
|
|
|
Source21: selinux-python.zip
|
|
|
|
|
# wlc --key <apikey> --url https://translate.fedoraproject.org/api/ download selinux/gui --output ./
|
|
|
|
|
Source22: selinux-gui.zip
|
|
|
|
|
# wlc --key <apikey> --url https://translate.fedoraproject.org/api/ download selinux/sandbox --output ./
|
|
|
|
|
Source23: selinux-sandbox.zip
|
2019-03-22 16:35:38 +00:00
|
|
|
# https://github.com/fedora-selinux/selinux
|
2024-11-28 20:58:25 +00:00
|
|
|
# $ git format-patch -N 3.8 -- policycoreutils python gui sandbox dbus semodule-utils restorecond
|
2019-03-22 16:35:38 +00:00
|
|
|
# $ for j in [0-9]*.patch; do printf "Patch%s: %s\n" ${j/-*/} $j; done
|
2019-10-16 09:36:01 +00:00
|
|
|
# Patch list start
|
2024-06-27 15:47:47 +00:00
|
|
|
Patch0001: 0001-Don-t-be-verbose-if-you-are-not-on-a-tty.patch
|
|
|
|
|
Patch0002: 0002-sepolicy-generate-Handle-more-reserved-port-types.patch
|
|
|
|
|
Patch0003: 0003-sandbox-Use-matchbox-window-manager-instead-of-openb.patch
|
|
|
|
|
Patch0004: 0004-Use-SHA-2-instead-of-SHA-1.patch
|
|
|
|
|
Patch0005: 0005-python-sepolicy-Fix-spec-file-dependencies.patch
|
2019-10-16 09:36:01 +00:00
|
|
|
# Patch list end
|
2019-03-22 16:35:38 +00:00
|
|
|
|
2009-02-09 18:37:13 +00:00
|
|
|
Obsoletes: policycoreutils < 2.0.61-2
|
2015-07-21 08:55:11 +00:00
|
|
|
Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138
|
2016-05-11 08:47:37 +00:00
|
|
|
# initscripts < 9.66 shipped fedora-autorelabel services which are renamed to selinux-relabel
|
|
|
|
|
Conflicts: initscripts < 9.66
|
install everything in /usr
This patch is needed for the /usr-move feature
https://fedoraproject.org/wiki/Features/UsrMove
This package requires now 'filesystem' >= 3, which is only installable
on a system which has /bin, /sbin, /lib, /lib64 as symlinks to /usr and
not regular directories. The 'filesystem' package acts as a guard, to
prevent *this* package to be installed on old unconverted systems.
New installations will have the 'filesystem' >=3 layout right away, old
installations need to be converted with anaconda or dracut first; only
after that, the 'filesystem' package, and also *this* package can be
installed.
Packages *should* not install files in /bin, /sbin, /lib, /lib64, but
only in the corresponding directories in /usr. Packages *must* not
install conflicting files with the same names in the corresponding
directories in / and /usr. Especially compatibilty symlinks must not be
installed.
Feel free to modify any of the changes to the spec file, but keep the
above in mind.
2012-01-25 13:22:37 +00:00
|
|
|
Provides: /sbin/fixfiles
|
|
|
|
|
Provides: /sbin/restorecon
|
2004-09-09 20:35:08 +00:00
|
|
|
|
2020-11-04 19:30:35 +00:00
|
|
|
BuildRequires: gcc make
|
2020-11-24 09:47:54 +00:00
|
|
|
BuildRequires: pam-devel libsepol-static >= %{libsepolver} libsemanage-devel >= %{libsemanagever} libselinux-devel >= %{libselinuxver} libcap-devel audit-libs-devel >= %{libauditver} gettext
|
2023-05-10 12:38:07 +00:00
|
|
|
BuildRequires: desktop-file-utils dbus-devel glib2-devel
|
2023-05-26 09:27:31 +00:00
|
|
|
BuildRequires: python3-devel python3-setuptools python3-wheel python3-pip
|
2016-04-25 07:36:31 +00:00
|
|
|
BuildRequires: systemd
|
2020-11-03 14:38:08 +00:00
|
|
|
BuildRequires: git-core
|
2024-06-27 15:54:30 +00:00
|
|
|
BuildRequires: gnupg2
|
2016-02-21 12:05:12 +00:00
|
|
|
Requires: util-linux grep gawk diffutils rpm sed
|
2012-01-19 14:38:34 +00:00
|
|
|
Requires: libsepol >= %{libsepolver} coreutils libselinux-utils >= %{libselinuxver}
|
2004-09-09 10:33:59 +00:00
|
|
|
|
|
|
|
|
%description
|
2005-09-29 01:11:47 +00:00
|
|
|
Security-enhanced Linux is a feature of the Linux® kernel and a number
|
2004-09-09 10:33:59 +00:00
|
|
|
of utilities with enhanced security functionality designed to add
|
|
|
|
|
mandatory access controls to Linux. The Security-enhanced Linux
|
|
|
|
|
kernel contains new architectural components originally developed to
|
|
|
|
|
improve the security of the Flask operating system. These
|
|
|
|
|
architectural components provide general support for the enforcement
|
|
|
|
|
of many kinds of mandatory access control policies, including those
|
|
|
|
|
based on the concepts of Type Enforcement®, Role-based Access
|
|
|
|
|
Control, and Multi-level Security.
|
|
|
|
|
|
|
|
|
|
policycoreutils contains the policy core utilities that are required
|
|
|
|
|
for basic operation of a SELinux system. These utilities include
|
|
|
|
|
load_policy to load policies, setfiles to label filesystems, newrole
|
2012-11-05 18:23:00 +00:00
|
|
|
to switch roles.
|
2005-10-18 14:16:52 +00:00
|
|
|
|
2019-03-22 16:35:38 +00:00
|
|
|
%prep -p /usr/bin/bash
|
2024-06-27 15:54:30 +00:00
|
|
|
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
|
2024-12-18 15:14:46 +00:00
|
|
|
%autosetup -p 1 -n selinux-%{version}-rc3
|
2019-03-22 16:35:38 +00:00
|
|
|
|
|
|
|
|
cp %{SOURCE13} gui/
|
|
|
|
|
tar -xvf %{SOURCE14} -C python/sepolicy/
|
2016-02-21 12:05:12 +00:00
|
|
|
|
2022-04-13 10:59:04 +00:00
|
|
|
# Temporary disabled since upstream updated translations in this release
|
2018-08-07 14:56:59 +00:00
|
|
|
# Since patches containing translation changes were too big, translations were moved to separate tarballs
|
|
|
|
|
# For more information see README.translations
|
2021-03-10 13:18:54 +00:00
|
|
|
# First remove old translation files
|
2022-04-13 10:59:04 +00:00
|
|
|
# rm -f policycoreutils/po/*.po python/po/*.po gui/po/*.po sandbox/po/*.po
|
2023-11-14 19:40:57 +00:00
|
|
|
# unzip %{SOURCE20}
|
|
|
|
|
# cp -r selinux/policycoreutils/po policycoreutils
|
|
|
|
|
# unzip %{SOURCE21}
|
|
|
|
|
# cp -r selinux/python/po python
|
|
|
|
|
# unzip %{SOURCE22}
|
|
|
|
|
# cp -r selinux/gui/po gui
|
|
|
|
|
# unzip %{SOURCE23}
|
|
|
|
|
# cp -r selinux/sandbox/po sandbox
|
2005-08-02 16:57:45 +00:00
|
|
|
|
2004-09-09 10:33:59 +00:00
|
|
|
%build
|
2018-02-26 09:16:00 +00:00
|
|
|
%set_build_flags
|
2018-07-18 20:39:08 +00:00
|
|
|
export PYTHON=%{__python3}
|
|
|
|
|
|
2021-01-20 19:44:33 +00:00
|
|
|
make -C policycoreutils SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" SEMODULE_PATH="/usr/sbin" LIBSEPOLA="%{_libdir}/libsepol.a" all
|
2019-03-22 16:35:38 +00:00
|
|
|
make -C python SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" all
|
|
|
|
|
make -C gui SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" all
|
|
|
|
|
make -C sandbox SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" all
|
|
|
|
|
make -C dbus SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" all
|
|
|
|
|
make -C semodule-utils SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" all
|
|
|
|
|
make -C restorecond SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" all
|
2004-09-09 10:33:59 +00:00
|
|
|
|
|
|
|
|
%install
|
2006-05-10 18:46:34 +00:00
|
|
|
mkdir -p %{buildroot}%{_bindir}
|
|
|
|
|
mkdir -p %{buildroot}%{_sbindir}
|
|
|
|
|
mkdir -p %{buildroot}%{_mandir}/man1
|
2011-12-07 00:30:28 +00:00
|
|
|
mkdir -p %{buildroot}%{_mandir}/man5
|
2006-05-10 18:46:34 +00:00
|
|
|
mkdir -p %{buildroot}%{_mandir}/man8
|
2013-08-09 09:49:38 +00:00
|
|
|
%{__mkdir} -p %{buildroot}/%{_usr}/share/doc/%{name}/
|
2004-09-09 10:33:59 +00:00
|
|
|
|
2020-07-14 02:51:56 +00:00
|
|
|
%make_install -C policycoreutils LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" SEMODULE_PATH="/usr/sbin" LIBSEPOLA="%{_libdir}/libsepol.a"
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2020-07-14 02:51:56 +00:00
|
|
|
%make_install -C python PYTHON=%{__python3} SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a"
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2020-07-14 02:51:56 +00:00
|
|
|
%make_install -C gui PYTHON=%{__python3} SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a"
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2020-07-14 02:51:56 +00:00
|
|
|
%make_install -C sandbox PYTHON=%{__python3} SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a"
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2020-07-14 02:51:56 +00:00
|
|
|
%make_install -C dbus PYTHON=%{__python3} SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a"
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2020-07-14 02:51:56 +00:00
|
|
|
%make_install -C semodule-utils PYTHON=%{__python3} SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a"
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2020-07-14 02:51:56 +00:00
|
|
|
%make_install -C restorecond PYTHON=%{__python3} SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a"
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2018-12-14 12:16:41 +00:00
|
|
|
# Fix perms on newrole so that objcopy can process it
|
|
|
|
|
chmod 0755 %{buildroot}%{_bindir}/newrole
|
2013-02-12 21:16:02 +00:00
|
|
|
|
2013-06-28 16:50:17 +00:00
|
|
|
# Systemd
|
2011-07-05 21:18:12 +00:00
|
|
|
rm -rf %{buildroot}/%{_sysconfdir}/rc.d/init.d/restorecond
|
|
|
|
|
|
2011-12-22 18:59:59 +00:00
|
|
|
rm -f %{buildroot}/usr/share/man/man8/open_init_pty.8
|
|
|
|
|
rm -f %{buildroot}/usr/sbin/open_init_pty
|
2014-02-17 11:09:26 +00:00
|
|
|
rm -f %{buildroot}/usr/sbin/run_init
|
|
|
|
|
rm -f %{buildroot}/usr/share/man/man8/run_init.8*
|
|
|
|
|
rm -f %{buildroot}/etc/pam.d/run_init*
|
2011-12-22 18:59:59 +00:00
|
|
|
|
2016-07-20 20:26:10 +00:00
|
|
|
mkdir -m 755 -p %{buildroot}/%{generatorsdir}
|
2017-08-07 15:13:28 +00:00
|
|
|
install -m 644 -p %{SOURCE16} %{buildroot}/%{_unitdir}/
|
|
|
|
|
install -m 644 -p %{SOURCE17} %{buildroot}/%{_unitdir}/
|
|
|
|
|
install -m 644 -p %{SOURCE18} %{buildroot}/%{_unitdir}/
|
|
|
|
|
install -m 755 -p %{SOURCE19} %{buildroot}/%{generatorsdir}/
|
|
|
|
|
install -m 755 -p %{SOURCE15} %{buildroot}/%{_libexecdir}/selinux/
|
2016-04-25 07:36:31 +00:00
|
|
|
|
2018-07-16 12:47:02 +00:00
|
|
|
# Manually invoke the python byte compile macro for each path that needs byte
|
|
|
|
|
# compilation.
|
|
|
|
|
%py_byte_compile %{__python3} %{buildroot}%{_datadir}/system-config-selinux
|
|
|
|
|
|
2018-08-06 12:38:57 +00:00
|
|
|
%find_lang policycoreutils
|
|
|
|
|
%find_lang selinux-python
|
|
|
|
|
%find_lang selinux-gui
|
|
|
|
|
%find_lang selinux-sandbox
|
2004-09-09 10:33:59 +00:00
|
|
|
|
2015-07-24 15:27:03 +00:00
|
|
|
%package python-utils
|
|
|
|
|
Summary: SELinux policy core python utilities
|
2018-02-19 10:56:26 +00:00
|
|
|
Requires: python3-policycoreutils = %{version}-%{release}
|
2015-07-24 15:27:03 +00:00
|
|
|
Obsoletes: policycoreutils-python <= 2.4-4
|
2018-03-16 16:05:10 +00:00
|
|
|
BuildArch: noarch
|
2015-07-24 15:27:03 +00:00
|
|
|
|
|
|
|
|
%description python-utils
|
|
|
|
|
The policycoreutils-python-utils package contains the management tools use to manage
|
|
|
|
|
an SELinux environment.
|
|
|
|
|
|
|
|
|
|
%files python-utils
|
|
|
|
|
%{_sbindir}/semanage
|
|
|
|
|
%{_bindir}/chcat
|
|
|
|
|
%{_bindir}/audit2allow
|
|
|
|
|
%{_bindir}/audit2why
|
|
|
|
|
%{_mandir}/man1/audit2allow.1*
|
|
|
|
|
%{_mandir}/man1/audit2why.1*
|
|
|
|
|
%{_sysconfdir}/dbus-1/system.d/org.selinux.conf
|
|
|
|
|
%{_mandir}/man8/chcat.8*
|
|
|
|
|
%{_mandir}/man8/semanage*.8*
|
|
|
|
|
%{_datadir}/bash-completion/completions/semanage
|
|
|
|
|
|
2017-08-07 15:13:28 +00:00
|
|
|
%package dbus
|
|
|
|
|
Summary: SELinux policy core DBUS api
|
2018-02-19 10:56:26 +00:00
|
|
|
Requires: python3-policycoreutils = %{version}-%{release}
|
2020-06-01 07:16:08 +00:00
|
|
|
Requires: python3-gobject-base
|
2021-05-10 12:43:32 +00:00
|
|
|
Requires: polkit
|
2018-03-16 16:05:10 +00:00
|
|
|
BuildArch: noarch
|
2017-08-07 15:13:28 +00:00
|
|
|
|
|
|
|
|
%description dbus
|
|
|
|
|
The policycoreutils-dbus package contains the management DBUS API use to manage
|
|
|
|
|
an SELinux environment.
|
|
|
|
|
|
|
|
|
|
%files dbus
|
|
|
|
|
%{_sysconfdir}/dbus-1/system.d/org.selinux.conf
|
|
|
|
|
%{_datadir}/dbus-1/system-services/org.selinux.service
|
|
|
|
|
%{_datadir}/polkit-1/actions/org.selinux.policy
|
|
|
|
|
%{_datadir}/polkit-1/actions/org.selinux.config.policy
|
2018-07-16 12:47:02 +00:00
|
|
|
%{_datadir}/system-config-selinux/selinux_server.py
|
|
|
|
|
%dir %{_datadir}/system-config-selinux/__pycache__
|
|
|
|
|
%{_datadir}/system-config-selinux/__pycache__/selinux_server.*
|
2017-08-07 15:13:28 +00:00
|
|
|
|
2018-02-19 10:56:26 +00:00
|
|
|
%package -n python3-policycoreutils
|
|
|
|
|
%{?python_provide:%python_provide python3-policycoreutils}
|
|
|
|
|
# Remove before F31
|
|
|
|
|
Provides: %{name}-python3 = %{version}-%{release}
|
2018-03-21 16:54:54 +00:00
|
|
|
Provides: %{name}-python3 = %{version}-%{release}
|
2018-02-19 10:56:26 +00:00
|
|
|
Obsoletes: %{name}-python3 < %{version}-%{release}
|
2013-12-13 13:48:16 +00:00
|
|
|
Summary: SELinux policy core python3 interfaces
|
|
|
|
|
Requires:policycoreutils = %{version}-%{release}
|
2018-07-18 11:04:23 +00:00
|
|
|
Requires:python3-libsemanage >= %{libsemanagever} python3-libselinux
|
2018-02-19 10:56:26 +00:00
|
|
|
# no python3-audit-libs yet
|
2015-07-23 12:26:03 +00:00
|
|
|
Requires:audit-libs-python3 >= %{libauditver}
|
2015-09-01 14:52:10 +00:00
|
|
|
Requires: checkpolicy
|
2020-11-09 09:52:03 +00:00
|
|
|
Requires: python3-setools >= 4.4.0
|
2022-11-21 16:38:59 +00:00
|
|
|
Requires: python3-distro
|
2018-03-16 16:05:10 +00:00
|
|
|
BuildArch: noarch
|
2013-12-13 13:48:16 +00:00
|
|
|
|
2018-02-19 10:56:26 +00:00
|
|
|
%description -n python3-policycoreutils
|
|
|
|
|
The python3-policycoreutils package contains the interfaces that can be used
|
2013-12-13 13:48:16 +00:00
|
|
|
by python 3 in an SELinux environment.
|
|
|
|
|
|
2018-08-06 12:38:57 +00:00
|
|
|
%files -f selinux-python.lang -n python3-policycoreutils
|
2018-03-13 13:43:27 +00:00
|
|
|
%{python3_sitelib}/seobject.py*
|
|
|
|
|
%{python3_sitelib}/__pycache__
|
|
|
|
|
%{python3_sitelib}/sepolgen
|
2017-12-13 16:14:18 +00:00
|
|
|
%dir %{python3_sitelib}/sepolicy
|
2017-02-15 12:41:54 +00:00
|
|
|
%{python3_sitelib}/sepolicy/templates
|
|
|
|
|
%dir %{python3_sitelib}/sepolicy/help
|
|
|
|
|
%{python3_sitelib}/sepolicy/help/*
|
|
|
|
|
%{python3_sitelib}/sepolicy/__init__.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/booleans.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/communicate.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/generate.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/interface.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/manpage.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/network.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/transition.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/sedbus.py*
|
2023-05-26 09:27:31 +00:00
|
|
|
%{python3_sitelib}/sepolicy*.dist-info/
|
2017-02-15 12:41:54 +00:00
|
|
|
%{python3_sitelib}/sepolicy/__pycache__
|
2013-12-13 13:48:16 +00:00
|
|
|
|
2012-11-12 22:02:39 +00:00
|
|
|
%package devel
|
|
|
|
|
Summary: SELinux policy core policy devel utilities
|
2015-07-27 08:02:17 +00:00
|
|
|
Requires: policycoreutils-python-utils = %{version}-%{release}
|
2023-08-01 09:38:39 +00:00
|
|
|
Requires: /usr/bin/make python3-dnf
|
2020-09-27 13:32:11 +00:00
|
|
|
Requires: (selinux-policy-devel if selinux-policy)
|
2012-11-12 22:02:39 +00:00
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
|
The policycoreutils-devel package contains the management tools use to develop policy in an SELinux environment.
|
|
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
|
%{_bindir}/sepolgen
|
|
|
|
|
%{_bindir}/sepolgen-ifgen
|
|
|
|
|
%{_bindir}/sepolgen-ifgen-attr-helper
|
|
|
|
|
%dir /var/lib/sepolgen
|
|
|
|
|
/var/lib/sepolgen/perm_map
|
2013-04-03 15:18:44 +00:00
|
|
|
%{_bindir}/sepolicy
|
|
|
|
|
%{_mandir}/man8/sepolgen.8*
|
2013-06-28 16:50:17 +00:00
|
|
|
%{_mandir}/man8/sepolicy-booleans.8*
|
|
|
|
|
%{_mandir}/man8/sepolicy-generate.8*
|
|
|
|
|
%{_mandir}/man8/sepolicy-interface.8*
|
|
|
|
|
%{_mandir}/man8/sepolicy-network.8*
|
|
|
|
|
%{_mandir}/man8/sepolicy.8*
|
|
|
|
|
%{_mandir}/man8/sepolicy-communicate.8*
|
|
|
|
|
%{_mandir}/man8/sepolicy-manpage.8*
|
|
|
|
|
%{_mandir}/man8/sepolicy-transition.8*
|
2013-04-03 15:18:44 +00:00
|
|
|
%{_usr}/share/bash-completion/completions/sepolicy
|
2018-03-16 16:03:10 +00:00
|
|
|
|
2012-11-12 22:02:39 +00:00
|
|
|
|
2009-08-26 18:05:32 +00:00
|
|
|
%package sandbox
|
|
|
|
|
Summary: SELinux sandbox utilities
|
2018-02-19 10:56:26 +00:00
|
|
|
Requires: python3-policycoreutils = %{version}-%{release}
|
2023-12-14 17:08:50 +00:00
|
|
|
%if 0%{?fedora} || 0%{?rhel} <= 9
|
|
|
|
|
Requires: xorg-x11-server-Xephyr >= 1.14.1-2
|
2024-05-09 13:56:29 +00:00
|
|
|
Requires: xmodmap
|
2018-12-10 17:00:15 +00:00
|
|
|
Requires: matchbox-window-manager
|
2024-05-09 13:56:29 +00:00
|
|
|
%endif
|
|
|
|
|
Requires: rsync
|
2009-08-26 20:45:29 +00:00
|
|
|
BuildRequires: libcap-ng-devel
|
2009-08-26 18:05:32 +00:00
|
|
|
|
|
|
|
|
%description sandbox
|
2013-06-28 16:50:17 +00:00
|
|
|
The policycoreutils-sandbox package contains the scripts to create graphical
|
2013-02-25 05:32:25 +00:00
|
|
|
sandboxes
|
2009-08-26 18:05:32 +00:00
|
|
|
|
2018-08-06 12:38:57 +00:00
|
|
|
%files -f selinux-sandbox.lang sandbox
|
2012-01-27 19:09:12 +00:00
|
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/sandbox
|
2009-08-26 18:05:32 +00:00
|
|
|
%{_datadir}/sandbox/sandboxX.sh
|
2010-12-15 21:47:38 +00:00
|
|
|
%{_datadir}/sandbox/start
|
2011-12-07 00:30:28 +00:00
|
|
|
%caps(cap_setpcap,cap_setuid,cap_fowner,cap_dac_override,cap_sys_admin,cap_sys_nice=pe) %{_sbindir}/seunshare
|
2010-12-15 19:15:49 +00:00
|
|
|
%{_mandir}/man8/seunshare.8*
|
2020-07-10 13:51:12 +00:00
|
|
|
%{_bindir}/sandbox
|
2011-08-18 11:23:59 +00:00
|
|
|
%{_mandir}/man5/sandbox.5*
|
2020-07-10 13:51:12 +00:00
|
|
|
%{_mandir}/man8/sandbox.8*
|
2009-08-26 18:05:32 +00:00
|
|
|
|
2006-10-20 13:08:28 +00:00
|
|
|
%package newrole
|
2013-06-28 16:50:17 +00:00
|
|
|
Summary: The newrole application for RBAC/MLS
|
|
|
|
|
Requires: policycoreutils = %{version}-%{release}
|
2006-10-20 13:08:28 +00:00
|
|
|
|
|
|
|
|
%description newrole
|
2013-06-28 16:50:17 +00:00
|
|
|
RBAC/MLS policy machines require newrole as a way of changing the role
|
2006-10-20 13:08:28 +00:00
|
|
|
or level of a logged in user.
|
|
|
|
|
|
|
|
|
|
%files newrole
|
2013-02-18 19:14:39 +00:00
|
|
|
%attr(0755,root,root) %caps(cap_dac_read_search,cap_setpcap,cap_audit_write,cap_sys_admin,cap_fowner,cap_chown,cap_dac_override=pe) %{_bindir}/newrole
|
2006-10-20 13:08:28 +00:00
|
|
|
%{_mandir}/man1/newrole.1.gz
|
2010-10-29 13:39:03 +00:00
|
|
|
%config(noreplace) %{_sysconfdir}/pam.d/newrole
|
2006-10-20 13:08:28 +00:00
|
|
|
|
2006-11-14 16:03:27 +00:00
|
|
|
%package gui
|
|
|
|
|
Summary: SELinux configuration GUI
|
2018-02-19 10:56:26 +00:00
|
|
|
Requires: policycoreutils-devel = %{version}-%{release}, python3-policycoreutils = %{version}-%{release}
|
2017-08-07 15:13:28 +00:00
|
|
|
Requires: policycoreutils-dbus = %{version}-%{release}
|
2018-02-20 11:44:11 +00:00
|
|
|
Requires: gtk3, python3-gobject
|
2006-11-14 16:03:27 +00:00
|
|
|
BuildRequires: desktop-file-utils
|
2018-03-16 16:05:10 +00:00
|
|
|
BuildArch: noarch
|
2006-11-14 16:03:27 +00:00
|
|
|
|
|
|
|
|
%description gui
|
|
|
|
|
system-config-selinux is a utility for managing the SELinux environment
|
|
|
|
|
|
2018-08-06 12:38:57 +00:00
|
|
|
%files -f selinux-gui.lang gui
|
2006-11-14 16:03:27 +00:00
|
|
|
%{_bindir}/system-config-selinux
|
2007-10-19 16:35:27 +00:00
|
|
|
%{_bindir}/selinux-polgengui
|
2013-09-18 19:03:38 +00:00
|
|
|
%{_datadir}/applications/sepolicy.desktop
|
2013-02-25 05:32:25 +00:00
|
|
|
%{_datadir}/applications/system-config-selinux.desktop
|
|
|
|
|
%{_datadir}/applications/selinux-polgengui.desktop
|
2010-05-27 21:23:08 +00:00
|
|
|
%{_datadir}/icons/hicolor/24x24/apps/system-config-selinux.png
|
|
|
|
|
%{_datadir}/pixmaps/system-config-selinux.png
|
2007-04-15 01:42:09 +00:00
|
|
|
%dir %{_datadir}/system-config-selinux
|
2018-07-16 12:47:02 +00:00
|
|
|
%dir %{_datadir}/system-config-selinux/__pycache__
|
2010-06-02 15:48:11 +00:00
|
|
|
%{_datadir}/system-config-selinux/system-config-selinux.png
|
2018-07-16 12:47:02 +00:00
|
|
|
%{_datadir}/system-config-selinux/*Page.py
|
|
|
|
|
%{_datadir}/system-config-selinux/__pycache__/*Page.*
|
|
|
|
|
%{_datadir}/system-config-selinux/system-config-selinux.py
|
|
|
|
|
%{_datadir}/system-config-selinux/__pycache__/system-config-selinux.*
|
2017-10-20 11:51:23 +00:00
|
|
|
%{_datadir}/system-config-selinux/*.ui
|
2017-02-15 12:41:54 +00:00
|
|
|
%{python3_sitelib}/sepolicy/gui.py*
|
|
|
|
|
%{python3_sitelib}/sepolicy/sepolicy.glade
|
2013-11-15 14:06:16 +00:00
|
|
|
%{_datadir}/icons/hicolor/*/apps/sepolicy.png
|
|
|
|
|
%{_datadir}/pixmaps/sepolicy.png
|
2013-04-08 19:13:24 +00:00
|
|
|
%{_mandir}/man8/system-config-selinux.8*
|
|
|
|
|
%{_mandir}/man8/selinux-polgengui.8*
|
2013-06-28 16:50:17 +00:00
|
|
|
%{_mandir}/man8/sepolicy-gui.8*
|
2006-11-14 16:03:27 +00:00
|
|
|
|
2004-09-09 10:33:59 +00:00
|
|
|
%files -f %{name}.lang
|
install everything in /usr
This patch is needed for the /usr-move feature
https://fedoraproject.org/wiki/Features/UsrMove
This package requires now 'filesystem' >= 3, which is only installable
on a system which has /bin, /sbin, /lib, /lib64 as symlinks to /usr and
not regular directories. The 'filesystem' package acts as a guard, to
prevent *this* package to be installed on old unconverted systems.
New installations will have the 'filesystem' >=3 layout right away, old
installations need to be converted with anaconda or dracut first; only
after that, the 'filesystem' package, and also *this* package can be
installed.
Packages *should* not install files in /bin, /sbin, /lib, /lib64, but
only in the corresponding directories in /usr. Packages *must* not
install conflicting files with the same names in the corresponding
directories in / and /usr. Especially compatibilty symlinks must not be
installed.
Feel free to modify any of the changes to the spec file, but keep the
above in mind.
2012-01-25 13:22:37 +00:00
|
|
|
%{_sbindir}/restorecon
|
2017-02-15 12:41:54 +00:00
|
|
|
%{_sbindir}/restorecon_xattr
|
install everything in /usr
This patch is needed for the /usr-move feature
https://fedoraproject.org/wiki/Features/UsrMove
This package requires now 'filesystem' >= 3, which is only installable
on a system which has /bin, /sbin, /lib, /lib64 as symlinks to /usr and
not regular directories. The 'filesystem' package acts as a guard, to
prevent *this* package to be installed on old unconverted systems.
New installations will have the 'filesystem' >=3 layout right away, old
installations need to be converted with anaconda or dracut first; only
after that, the 'filesystem' package, and also *this* package can be
installed.
Packages *should* not install files in /bin, /sbin, /lib, /lib64, but
only in the corresponding directories in /usr. Packages *must* not
install conflicting files with the same names in the corresponding
directories in / and /usr. Especially compatibilty symlinks must not be
installed.
Feel free to modify any of the changes to the spec file, but keep the
above in mind.
2012-01-25 13:22:37 +00:00
|
|
|
%{_sbindir}/fixfiles
|
|
|
|
|
%{_sbindir}/setfiles
|
|
|
|
|
%{_sbindir}/load_policy
|
2007-10-04 14:30:30 +00:00
|
|
|
%{_sbindir}/genhomedircon
|
2005-11-07 19:20:59 +00:00
|
|
|
%{_sbindir}/setsebool
|
2005-08-02 16:57:45 +00:00
|
|
|
%{_sbindir}/semodule
|
2024-11-28 20:58:25 +00:00
|
|
|
%{_sbindir}/unsetfiles
|
2021-03-08 15:41:05 +00:00
|
|
|
# symlink to %%{_bindir}/sestatus
|
2004-09-09 10:34:37 +00:00
|
|
|
%{_sbindir}/sestatus
|
2006-05-05 20:39:18 +00:00
|
|
|
%{_bindir}/secon
|
2018-04-03 10:12:50 +00:00
|
|
|
%{_bindir}/semodule_expand
|
|
|
|
|
%{_bindir}/semodule_link
|
|
|
|
|
%{_bindir}/semodule_package
|
|
|
|
|
%{_bindir}/semodule_unpackage
|
2021-03-08 15:41:05 +00:00
|
|
|
%{_bindir}/sestatus
|
2015-04-13 08:39:12 +00:00
|
|
|
%{_libexecdir}/selinux/hll
|
2016-04-25 07:36:31 +00:00
|
|
|
%{_libexecdir}/selinux/selinux-autorelabel
|
|
|
|
|
%{_unitdir}/selinux-autorelabel-mark.service
|
|
|
|
|
%{_unitdir}/selinux-autorelabel.service
|
2016-07-20 20:26:10 +00:00
|
|
|
%{_unitdir}/selinux-autorelabel.target
|
|
|
|
|
%{generatorsdir}/selinux-autorelabel-generator.sh
|
2004-09-09 10:34:37 +00:00
|
|
|
%config(noreplace) %{_sysconfdir}/sestatus.conf
|
2011-12-07 00:30:28 +00:00
|
|
|
%{_mandir}/man5/selinux_config.5.gz
|
|
|
|
|
%{_mandir}/man5/sestatus.conf.5.gz
|
2009-10-14 14:47:50 +00:00
|
|
|
%{_mandir}/man8/fixfiles.8*
|
2009-07-29 13:43:53 +00:00
|
|
|
%{_mandir}/man8/load_policy.8*
|
|
|
|
|
%{_mandir}/man8/restorecon.8*
|
2017-02-15 12:41:54 +00:00
|
|
|
%{_mandir}/man8/restorecon_xattr.8*
|
2009-07-29 13:43:53 +00:00
|
|
|
%{_mandir}/man8/semodule.8*
|
|
|
|
|
%{_mandir}/man8/sestatus.8*
|
|
|
|
|
%{_mandir}/man8/setfiles.8*
|
|
|
|
|
%{_mandir}/man8/setsebool.8*
|
|
|
|
|
%{_mandir}/man1/secon.1*
|
2024-11-28 20:58:25 +00:00
|
|
|
%{_mandir}/man1/unsetfiles.1*
|
2010-06-03 15:04:49 +00:00
|
|
|
%{_mandir}/man8/genhomedircon.8*
|
2018-04-03 10:12:50 +00:00
|
|
|
%{_mandir}/man8/semodule_expand.8*
|
|
|
|
|
%{_mandir}/man8/semodule_link.8*
|
|
|
|
|
%{_mandir}/man8/semodule_unpackage.8*
|
|
|
|
|
%{_mandir}/man8/semodule_package.8*
|
2018-09-10 20:27:11 +00:00
|
|
|
%dir %{_datadir}/bash-completion
|
|
|
|
|
%{_datadir}/bash-completion/completions/setsebool
|
2014-07-31 12:50:37 +00:00
|
|
|
%{!?_licensedir:%global license %%doc}
|
2022-11-21 15:06:48 +00:00
|
|
|
%license policycoreutils/LICENSE
|
2013-08-09 09:49:38 +00:00
|
|
|
%doc %{_usr}/share/doc/%{name}
|
2010-09-23 20:23:05 +00:00
|
|
|
|
|
|
|
|
%package restorecond
|
|
|
|
|
Summary: SELinux restorecond utilities
|
2017-12-13 17:33:19 +00:00
|
|
|
BuildRequires: systemd-units
|
2010-09-23 20:23:05 +00:00
|
|
|
|
|
|
|
|
%description restorecond
|
|
|
|
|
The policycoreutils-restorecond package contains the restorecond service.
|
|
|
|
|
|
|
|
|
|
%files restorecond
|
|
|
|
|
%{_sbindir}/restorecond
|
2011-07-05 21:18:12 +00:00
|
|
|
%{_unitdir}/restorecond.service
|
2020-07-10 18:17:04 +00:00
|
|
|
%{_userunitdir}/restorecond_user.service
|
2011-07-05 21:18:12 +00:00
|
|
|
%config(noreplace) %{_sysconfdir}/selinux/restorecond.conf
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/selinux/restorecond_user.conf
|
2010-09-23 20:23:05 +00:00
|
|
|
%{_sysconfdir}/xdg/autostart/restorecond.desktop
|
|
|
|
|
%{_datadir}/dbus-1/services/org.selinux.Restorecond.service
|
|
|
|
|
%{_mandir}/man8/restorecond.8*
|
2019-03-11 16:01:59 +00:00
|
|
|
|
2014-07-31 12:50:37 +00:00
|
|
|
%{!?_licensedir:%global license %%doc}
|
2022-11-21 15:06:48 +00:00
|
|
|
%license policycoreutils/LICENSE
|
2006-11-14 16:03:27 +00:00
|
|
|
|
2018-06-07 17:32:22 +00:00
|
|
|
%post
|
|
|
|
|
%systemd_post selinux-autorelabel-mark.service
|
|
|
|
|
|
|
|
|
|
%preun
|
|
|
|
|
%systemd_preun selinux-autorelabel-mark.service
|
|
|
|
|
|
2011-07-05 21:18:12 +00:00
|
|
|
%post restorecond
|
2012-09-17 16:37:51 +00:00
|
|
|
%systemd_post restorecond.service
|
2006-07-18 15:10:35 +00:00
|
|
|
|
2011-07-05 21:18:12 +00:00
|
|
|
%preun restorecond
|
2012-10-25 17:58:08 +00:00
|
|
|
%systemd_preun restorecond.service
|
2007-02-22 17:43:38 +00:00
|
|
|
|
2010-09-23 20:23:05 +00:00
|
|
|
%postun restorecond
|
2012-09-17 16:37:51 +00:00
|
|
|
%systemd_postun_with_restart restorecond.service
|
2011-07-05 21:18:12 +00:00
|
|
|
|
2004-09-09 10:33:59 +00:00
|
|
|
%changelog
|
2024-06-27 16:01:13 +00:00
|
|
|
%autochangelog
|
