now how about this? do you like it? is it finally good enough for you?

2005-11-15 00:07:50 +00:00 · 2005-11-15 00:07:50 +00:00 · af6090863d
parent 46e7261190
commit af6090863d
1 changed files with 45 additions and 44 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -34,50 +34,6 @@ Obsoletes: selinux-policy-%{polname1}-sources
 %description %{polname1}
 SELinux Reference policy targeted base module.

-%files %{polname1}
-%fileList %{polname1}
-
-%pre %{polname1}
-%saveFileContext %{polname1}
-
-%post %{polname1}
-if [ ! -s /etc/selinux/config ]; then
-	#
-	#	New install so we will default to targeted policy
-	#
-	echo "
-# This file controls the state of SELinux on the system.
-# SELINUX= can take one of these three values:
-#	enforcing - SELinux security policy is enforced.
-#	permissive - SELinux prints warnings instead of enforcing.
-#	disabled - No SELinux policy is loaded.
-SELINUX=enforcing
-# SELINUXTYPE= can take one of these two values:
-#	targeted - Only targeted network daemons are protected.
-#	strict - Full SELinux protection.
-#	mls - Multi Level Security protection.
-SELINUXTYPE=targeted 
-# SETLOCALDEFS= Check local definition changes
-SETLOCALDEFS=0 
-
-" > /etc/selinux/config
-
-	ln -sf /etc/selinux/config /etc/sysconfig/selinux 
-	restorecon /etc/selinux/config 2> /dev/null
-else
-	# if first time update booleans.local needs to be copied to sandbox
-	[ -f /etc/selinux/%{polname1}/booleans.local ] && mv /etc/selinux/%{polname1}/booleans.local /etc/selinux/%{polname1}/modules/active/
-	[ -f /etc/selinux/%{polname1}/seusers ] && cp -f /etc/selinux/%{polname1}/seusers /etc/selinux/%{polname1}/modules/active/seusers
-	grep -q "^SETLOCALDEFS" /etc/selinux/config || echo -n "
-# SETLOCALDEFS= Check local definition changes
-SETLOCALDEFS=0 
-">> /etc/selinux/config
-fi
-%rebuildpolicy %{polname1}
-%relabel %{polname1}
-
-%triggerpostun %{polname1} -- selinux-policy-%{polname1} <= 2.0.0
-%rebuildpolicy %{polname1}
 %define installCmds() \
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=%{monolithic} base.pp \
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%{direct_initrc} MONOLITHIC=%{monolithic} modules \
@ -169,6 +125,51 @@ make conf
 %clean
 %{__rm} -fR $RPM_BUILD_ROOT

+%files %{polname1}
+%fileList %{polname1}
+
+%pre %{polname1}
+%saveFileContext %{polname1}
+
+%post %{polname1}
+if [ ! -s /etc/selinux/config ]; then
+	#
+	#	New install so we will default to targeted policy
+	#
+	echo "
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+#	enforcing - SELinux security policy is enforced.
+#	permissive - SELinux prints warnings instead of enforcing.
+#	disabled - No SELinux policy is loaded.
+SELINUX=enforcing
+# SELINUXTYPE= can take one of these two values:
+#	targeted - Only targeted network daemons are protected.
+#	strict - Full SELinux protection.
+#	mls - Multi Level Security protection.
+SELINUXTYPE=targeted 
+# SETLOCALDEFS= Check local definition changes
+SETLOCALDEFS=0 
+
+" > /etc/selinux/config
+
+	ln -sf /etc/selinux/config /etc/sysconfig/selinux 
+	restorecon /etc/selinux/config 2> /dev/null
+else
+	# if first time update booleans.local needs to be copied to sandbox
+	[ -f /etc/selinux/%{polname1}/booleans.local ] && mv /etc/selinux/%{polname1}/booleans.local /etc/selinux/%{polname1}/modules/active/
+	[ -f /etc/selinux/%{polname1}/seusers ] && cp -f /etc/selinux/%{polname1}/seusers /etc/selinux/%{polname1}/modules/active/seusers
+	grep -q "^SETLOCALDEFS" /etc/selinux/config || echo -n "
+# SETLOCALDEFS= Check local definition changes
+SETLOCALDEFS=0 
+">> /etc/selinux/config
+fi
+%rebuildpolicy %{polname1}
+%relabel %{polname1}
+
+%triggerpostun %{polname1} -- selinux-policy-%{polname1} <= 2.0.0
+%rebuildpolicy %{polname1}
+
 %if 0
 %package %{polname2} 
 Summary: SELinux %{polname2} base policy