Various updating and installing scenarios are now supported:
- using rpm triggers for other packages in selinux-policy
- inside the selinux_modules_install and selinux_modules_uninstall
rpm macros when selinux subpackages are being built
Remove git from BuildRequires in %selinux_requires
In %selinux_requires macro, as part of BuildRequires is also git
package. It looks like some leftover and this commit removes it.
Upstream repo: https://github.com/fedora-selinux/selinux-policy-macros
There's no unified practice how to install SELinux modules from packages
and how to relabel a filesystem after the change. This update provides
several new macros which should help maintainers with the process.
%selinux_relabel_pre [-s <policytype>]
- backups the current file_contexts for later use with fixfiles
%selinux_relabel_post [-s <policytype>]
- relabels a filesystem based on changes in file_contexts using fixfiles
%selinux_modules_install [-s <policytype>] module [module]...
%selinux_modules_uninstall [-s <policytype>] module [module]...
- install and uninstall modules to the priority 200