Change semanage to produce proper audit records for Common Criteria

- Cleanup packaging for usrmove
2012-01-27 14:09:12 -05:00 · 2012-01-27 14:09:12 -05:00 · 662a1ad3a8
commit 662a1ad3a8
parent 132b0f633b
2 changed files with 35 additions and 14 deletions
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -261,6 +261,31 @@ index c493e98..a084e0e 100644
 		/* assume fsuid==ruid after this point */
 		setfsuid(uid);
 
+diff --git a/policycoreutils/scripts/Makefile b/policycoreutils/scripts/Makefile
+index 17ad6ca..fe6427c 100644
+--- a/policycoreutils/scripts/Makefile
+++ b/policycoreutils/scripts/Makefile
+@@ -1,7 +1,8 @@
+ # Installation directories.
+ PREFIX ?= $(DESTDIR)/usr
+ BINDIR ?= $(PREFIX)/bin
+-SBINDIR ?= $(PREFIX)/sbin
+USRSBINDIR ?= $(PREFIX)/sbin
+SBINDIR ?= $(DESTDIR)/sbin
+ MANDIR ?= $(PREFIX)/share/man
+ LOCALEDIR ?= /usr/share/locale
+ 
+@@ -10,8 +11,8 @@ all: fixfiles genhomedircon chcat
+ install: all
+ 	-mkdir -p $(BINDIR)
+ 	install -m 755 chcat $(BINDIR)
+-	install -m 755 fixfiles $(DESTDIR)/sbin
+-	install -m 755 genhomedircon  $(SBINDIR)
+	install -m 755 fixfiles $(SBINDIR)
+	install -m 755 genhomedircon  $(USRSBINDIR)
+ 	-mkdir -p $(MANDIR)/man8
+ 	install -m 644 fixfiles.8 $(MANDIR)/man8/
+ 	install -m 644 genhomedircon.8 $(MANDIR)/man8/
 diff --git a/policycoreutils/scripts/genhomedircon b/policycoreutils/scripts/genhomedircon
 index ab696a7..58b19cd 100644
 --- a/policycoreutils/scripts/genhomedircon
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -71,11 +71,6 @@ context.
 %patch3 -p1 -b .gui
 %patch4 -p2 -b .sepolgen -d sepolgen-%{sepolgenver}

-sed -i 's#$(DESTDIR)/sbin#$(SBINDIR)#g' scripts/Makefile
-
-#FIXME
-sed -i 's#.*ln -sf /sbin/load_policy.*##g' load_policy/Makefile
-
 %build
 make LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all 
 make -C sepolgen-%{sepolgenver} SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all 
@ -192,6 +187,7 @@ The policycoreutils-sandbox package contains the scripts to create graphical san

 %files sandbox
 %defattr(-,root,root,-)
+%config(noreplace) %{_sysconfdir}/sysconfig/sandbox
 %{_datadir}/sandbox/sandboxX.sh
 %{_datadir}/sandbox/start
 %caps(cap_setpcap,cap_setuid,cap_fowner,cap_dac_override,cap_sys_admin,cap_sys_nice=pe) %{_sbindir}/seunshare
@ -283,7 +279,6 @@ rm -rf %{buildroot}
 %{_bindir}/semodule_link
 %{_bindir}/semodule_package
 %{_bindir}/semodule_unpackage
-%config(noreplace) %{_sysconfdir}/sysconfig/sandbox
 %config(noreplace) %{_sysconfdir}/pam.d/run_init
 %config(noreplace) %{_sysconfdir}/sestatus.conf
 # selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them
@ -339,30 +334,31 @@ The policycoreutils-restorecond package contains the restorecond service.

 %post restorecond
 if [ $1 -eq 1 ] ; then
-    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+   /usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
 fi

 %preun restorecond
 if [ $1 = 0 ]; then
-  /bin/systemctl --no-reload restorecond.service > /dev/null 2>&1 || :
-  /bin/systemctl stop restorecond.service > /dev/null 2>&1 || :
+   /usr/bin/systemctl --no-reload restorecond.service > /dev/null 2>&1 || :
+  /usr/bin/systemctl stop restorecond.service > /dev/null 2>&1 || :
 fi

 %postun restorecond
-/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+/usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
 if [ $1 -ge 1 ] ; then
-    /bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
+    /usr/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 fi

 %triggerun -- restorecond < 2.0.86-13
 %{_bindir}/systemd-sysv-convert --save restorecond >/dev/null 2>&1 ||:
-/bin/systemctl enable restorecond.service >/dev/null 2>&1
-/sbin/chkconfig --del restorecond >/dev/null 2>&1 || :
-/bin/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
+%{_bindir}/systemctl enable restorecond.service >/dev/null 2>&1
+%{_sbindir}/chkconfig --del restorecond >/dev/null 2>&1 || :
+%{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :

 %changelog
 * Fri Jan 26 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-17
 - Change semanage to produce proper audit records for Common Criteria
+- Cleanup packaging for usrmove

 * Thu Jan 26 2012 Harald Hoyer <harald@redhat.com> 2.1.10-16
 - fixed load_policy location