Adapt specfile, make-rhat-patches, and README to contrib merge
The "rawhide" branch of selinux-policy and selinux-policy-contrib is about to be merged together. Update dist-git for this, so that the next build can be performed with the new repo structure. Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
This commit is contained in:
parent
aebc05fc19
commit
54876665ae
34
README.md
34
README.md
@ -5,13 +5,12 @@ SELinux Fedora Policy is a fork of the [SElinux reference policy](https://github
|
||||
## Structure
|
||||
|
||||
### GitHub
|
||||
On GitHub, we have two repositories (selinux-policy and selinux-policy-contrib) for dist-git repository.
|
||||
On GitHub, we have one repository containing the policy sources.
|
||||
|
||||
$ cd selinux-policy
|
||||
$ git remote -v
|
||||
origin git@github.com:fedora-selinux/selinux-policy.git (fetch)
|
||||
|
||||
|
||||
$ git branch -r
|
||||
origin/HEAD -> origin/master
|
||||
origin/f27
|
||||
@ -19,21 +18,10 @@ On GitHub, we have two repositories (selinux-policy and selinux-policy-contrib)
|
||||
origin/master
|
||||
origin/rawhide
|
||||
|
||||
$ cd selinux-policy-contrib
|
||||
$ git remote -v
|
||||
origin git@github.com:fedora-selinux/selinux-policy-contrib.git (fetch)
|
||||
|
||||
$ git branch -r
|
||||
origin/HEAD -> origin/master
|
||||
origin/f27
|
||||
origin/f28
|
||||
origin/master
|
||||
origin/rawhide
|
||||
|
||||
Note: As opposed to dist-git, the Rawhide content in both selinux-policy and selinux-policy-contrib repositories resides in _rawhide_ branches rather than _master_.
|
||||
Note: As opposed to dist-git, the Rawhide content resides in the _rawhide_ branch rather than _master_.
|
||||
|
||||
### dist-git
|
||||
Package sources in dist-git are composed from _selinux-policy_, _selinux-policy-contrib_, and _macro-expander_ repository snapshot tarballs, _container-selinux_ policy files snapshot, and from other config files.
|
||||
Package sources in dist-git are composed from _selinux-policy_, and _macro-expander_ repository snapshot tarballs, _container-selinux_ policy files snapshot, and from other config files.
|
||||
|
||||
## Build process
|
||||
|
||||
@ -43,25 +31,19 @@ Package sources in dist-git are composed from _selinux-policy_, _selinux-policy-
|
||||
$ git clone git@github.com:fedora-selinux/selinux-policy.git
|
||||
$ cd selinux-policy
|
||||
|
||||
2. Clone the [fedora-selinux/selinux-policy-contrib](https://github.com/fedora-selinux/selinux-policy-contrib) repository.
|
||||
2. Create, backport, cherry-pick needed changes to a particular branch and push them.
|
||||
|
||||
$ cd ~/devel/github
|
||||
$ git clone git@github.com:fedora-selinux/selinux-policy-contrib.git
|
||||
$ cd selinux-policy-contrib
|
||||
|
||||
3. Create, backport, cherry-pick needed changes to a particular branch and push them.
|
||||
|
||||
4. Clone the **selinux-policy** dist-git repository.
|
||||
3. Clone the **selinux-policy** dist-git repository.
|
||||
|
||||
$ cd ~/devel/dist-git
|
||||
$ fedpkg clone selinux-policy
|
||||
$ cd selinux-policy
|
||||
|
||||
5. Download the latest snaphots from selinux-policy and selinux-policy-contrib github repositories.
|
||||
4. Download the latest snaphot from the selinux-policy github repository.
|
||||
|
||||
$ ./make-rhat-patches.sh
|
||||
|
||||
6. Add changes to the dist-git repository, bump release, create a changelog entry, commit and push.
|
||||
7. Build the package.
|
||||
5. Add changes to the dist-git repository, bump release, create a changelog entry, commit and push.
|
||||
6. Build the package.
|
||||
|
||||
$ fedpkg build
|
||||
|
@ -7,8 +7,6 @@ DOCKER_FEDORA_VERSION=master
|
||||
DISTGIT_BRANCH=master
|
||||
REPO_SELINUX_POLICY=${REPO_SELINUX_POLICY:-https://github.com/fedora-selinux/selinux-policy}
|
||||
REPO_SELINUX_POLICY_BRANCH=${REPO_SELINUX_POLICY_BRANCH:-$FEDORA_VERSION}
|
||||
REPO_SELINUX_POLICY_CONTRIB=${REPO_SELINUX_POLICY_CONTRIB:-https://github.com/fedora-selinux/selinux-policy-contrib}
|
||||
REPO_SELINUX_POLICY_CONTRIB_BRANCH=${REPO_SELINUX_POLICY_CONTRIB_BRANCH:-$FEDORA_VERSION}
|
||||
REPO_CONTAINER_SELINUX=${REPO_CONTAINER_SELINUX:-https://github.com/containers/container-selinux}
|
||||
REPO_MACRO_EXPANDER=${REPO_MACRO_EXPANDER:-https://github.com/fedora-selinux/macro-expander.git}
|
||||
|
||||
@ -25,8 +23,6 @@ pushd $POLICYSOURCES > /dev/null
|
||||
|
||||
git clone --depth=1 -q $REPO_SELINUX_POLICY selinux-policy \
|
||||
-b $REPO_SELINUX_POLICY_BRANCH
|
||||
git clone --depth=1 -q $REPO_SELINUX_POLICY_CONTRIB selinux-policy-contrib \
|
||||
-b $REPO_SELINUX_POLICY_CONTRIB_BRANCH
|
||||
git clone --depth=1 -q $REPO_CONTAINER_SELINUX container-selinux
|
||||
git clone --depth=1 -q $REPO_MACRO_EXPANDER macro-expander
|
||||
|
||||
@ -37,13 +33,6 @@ BASE_SHORT_HEAD_ID=$(c=${BASE_HEAD_ID}; echo ${c:0:7})
|
||||
git archive --prefix=selinux-policy-$BASE_HEAD_ID/ --format tgz HEAD > $DISTGIT_PATH/selinux-policy-$BASE_SHORT_HEAD_ID.tar.gz
|
||||
popd > /dev/null
|
||||
|
||||
pushd selinux-policy-contrib > /dev/null
|
||||
# prepare policy patches against upstream commits matching the last upstream merge
|
||||
CONTRIB_HEAD_ID=$(git rev-parse HEAD)
|
||||
CONTRIB_SHORT_HEAD_ID=$(c=${CONTRIB_HEAD_ID}; echo ${c:0:7})
|
||||
git archive --prefix=selinux-policy-contrib-$CONTRIB_HEAD_ID/ --format tgz HEAD > $DISTGIT_PATH/selinux-policy-contrib-$CONTRIB_SHORT_HEAD_ID.tar.gz
|
||||
popd > /dev/null
|
||||
|
||||
pushd container-selinux > /dev/null
|
||||
# Actual container-selinux files are in master branch
|
||||
#git checkout -b ${DOCKER_FEDORA_VERSION} -t origin/${DOCKER_FEDORA_VERSION} -q
|
||||
@ -53,7 +42,6 @@ popd > /dev/null
|
||||
pushd $DISTGIT_PATH > /dev/null
|
||||
if [ $DOWNLOAD_DEFAULT_GITHUB_TARBALLS == 1 ]; then
|
||||
wget -O selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz https://github.com/fedora-selinux/selinux-policy/archive/${BASE_HEAD_ID}.tar.gz &> /dev/null
|
||||
wget -O selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz https://github.com/fedora-selinux/selinux-policy-contrib/archive/${CONTRIB_HEAD_ID}.tar.gz &> /dev/null
|
||||
fi
|
||||
cp $POLICYSOURCES/container-selinux/container-selinux.tgz .
|
||||
cp $POLICYSOURCES/macro-expander/macro-expander.sh ./macro-expander
|
||||
@ -63,14 +51,11 @@ popd > /dev/null
|
||||
popd > /dev/null
|
||||
rm -rf $POLICYSOURCES
|
||||
|
||||
# Update commit ids in selinux-policy.spec file
|
||||
sed -i "s/%global commit0 [^ ]*$/%global commit0 $BASE_HEAD_ID/" selinux-policy.spec
|
||||
sed -i "s/%global commit1 [^ ]*$/%global commit1 $CONTRIB_HEAD_ID/" selinux-policy.spec
|
||||
# Update commit id in selinux-policy.spec file
|
||||
sed -i "s/%global commit [^ ]*$/%global commit $BASE_HEAD_ID/" selinux-policy.spec
|
||||
|
||||
# Update sources
|
||||
sha512sum --tag selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz container-selinux.tgz macro-expander > sources
|
||||
sha512sum --tag selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz container-selinux.tgz macro-expander > sources
|
||||
|
||||
echo -e "\nSELinux policy tarballs and container.tgz with container policy files have been created."
|
||||
echo "Commit ids of selinux-policy and selinux-policy-contrib in spec file were changed to:"
|
||||
echo "commit0 " ${BASE_HEAD_ID}
|
||||
echo "commit1 " ${CONTRIB_HEAD_ID}
|
||||
echo -e "\nSELinux policy tarball and container-selinux.tgz with container policy files have been created."
|
||||
echo "Commit id of selinux-policy in spec file was changed to ${BASE_HEAD_ID}"
|
||||
|
@ -1,12 +1,7 @@
|
||||
# github repo with selinux-policy base sources
|
||||
%global git0 https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit0 f1505fca7063b21b5f2ef90f904032c5cc023a22
|
||||
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
|
||||
|
||||
# github repo with selinux-policy contrib sources
|
||||
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
|
||||
%global commit1 dad9c7670560b550c3837a3bd2237a94c3e54814
|
||||
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
|
||||
# github repo with selinux-policy sources
|
||||
%global giturl https://github.com/fedora-selinux/selinux-policy
|
||||
%global commit 6c91ffd68953945d6ccda57789f62985abdc9bd6
|
||||
%global shortcommit %(c=%{commit}; echo ${c:0:7})
|
||||
|
||||
%define distro redhat
|
||||
%define polyinstatiate n
|
||||
@ -31,8 +26,7 @@ Name: selinux-policy
|
||||
Version: 3.14.7
|
||||
Release: 9%{?dist}
|
||||
License: GPLv2+
|
||||
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
|
||||
Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
|
||||
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
Source1: modules-targeted-base.conf
|
||||
Source31: modules-targeted-contrib.conf
|
||||
Source2: booleans-targeted.conf
|
||||
@ -68,7 +62,7 @@ Source35: container-selinux.tgz
|
||||
# Provide rpm macros for packages installing SELinux modules
|
||||
Source102: rpm.macros
|
||||
|
||||
Url: %{git0}
|
||||
Url: %{giturl}
|
||||
BuildArch: noarch
|
||||
BuildRequires: python3 gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-devel >= %{POLICYCOREUTILSVER} bzip2
|
||||
Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
|
||||
@ -399,12 +393,8 @@ end
|
||||
%build
|
||||
|
||||
%prep
|
||||
%setup -n %{name}-contrib-%{commit1} -q -b 29
|
||||
tar -xf %{SOURCE35}
|
||||
contrib_path=`pwd`
|
||||
%setup -n %{name}-%{commit0} -q
|
||||
refpolicy_path=`pwd`
|
||||
cp $contrib_path/* $refpolicy_path/policy/modules/contrib
|
||||
%setup -n %{name}-%{commit} -q
|
||||
tar -C policy/modules/contrib -xf %{SOURCE35}
|
||||
|
||||
mkdir selinux_config
|
||||
for i in %{SOURCE1} %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE5} %{SOURCE6} %{SOURCE8} %{SOURCE14} %{SOURCE15} %{SOURCE17} %{SOURCE18} %{SOURCE19} %{SOURCE20} %{SOURCE22} %{SOURCE23} %{SOURCE25} %{SOURCE26} %{SOURCE31} %{SOURCE32};do
|
||||
|
Loading…
Reference in New Issue
Block a user