2004-09-09 12:15:29 +00:00
|
|
|
Summary: SELinux tools for managing policy
|
|
|
|
Name: setools
|
2004-09-09 12:15:59 +00:00
|
|
|
Version: 1.2.1
|
|
|
|
Release: 2.1
|
2004-09-09 12:15:29 +00:00
|
|
|
License: GPL
|
|
|
|
Group: System Environment/Base
|
2004-09-09 12:15:59 +00:00
|
|
|
Source: http://www.tresys.com/Downloads/selinux-tools/setools-%{version}.tgz
|
2004-09-09 12:15:29 +00:00
|
|
|
#Source1: seuser.te
|
|
|
|
Prefix: %{_prefix}
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-buildroot
|
|
|
|
Requires: checkpolicy, policycoreutils, policy, policy-sources
|
2004-09-09 12:15:59 +00:00
|
|
|
Buildrequires: tk-devel tcl-devel
|
2004-09-09 12:15:29 +00:00
|
|
|
Patch0: setools-rhat.patch
|
|
|
|
|
|
|
|
%description
|
|
|
|
Security-enhanced Linux is a patch of the Linux kernel and a number of
|
|
|
|
utilities with enhanced security functionality designed to add mandatory access
|
|
|
|
controls to Linux. The Security-enhanced Linux kernel contains new
|
|
|
|
architectural components originally developed to improve the security of the Flask
|
|
|
|
operating system. These architectural components provide general support for the
|
|
|
|
enforcement of many kinds of mandatory access control policies, including those
|
|
|
|
based on the concepts of Type Enforcement, Role-based Access Control, and
|
|
|
|
Multi-level Security.
|
|
|
|
|
|
|
|
The tools and libraries in this release include:
|
|
|
|
|
|
|
|
1. seuser: A GUI and command line user manager tool for SELinux. This
|
|
|
|
is a tool that actually manages a portion of a running policy (i.e.,
|
|
|
|
user accounts).
|
|
|
|
|
|
|
|
2. seuser scripts: A set of shell scripts: seuseradd, seusermod, and
|
|
|
|
seuserdel. These scripts combine the functions of the associated s*
|
|
|
|
commands with seuser to provide a single interface to manage users in
|
|
|
|
SE Linux.
|
|
|
|
|
|
|
|
3. libapol: The main policy.conf analysis library, which is the core
|
|
|
|
library for all our tools.
|
|
|
|
|
|
|
|
See the help files for apol, sepcut, and seuser for help on using the
|
|
|
|
tools.
|
|
|
|
|
|
|
|
%package gui
|
|
|
|
Summary: Graphical tools for handling SETools
|
|
|
|
Group: System Environment/Base
|
|
|
|
Requires: %name
|
|
|
|
|
|
|
|
%package devel
|
|
|
|
Summary: Libraries used for manipulation of policy by SETools
|
|
|
|
Group: System Environment/Base
|
|
|
|
Requires: %name
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
setools libraries used for manipulation and investigation of policy.
|
|
|
|
|
|
|
|
%description gui
|
|
|
|
Security-enhanced Linux is a patch of the Linux kernel and a number of
|
|
|
|
utilities with enhanced security functionality designed to add mandatory access
|
|
|
|
controls to Linux. The Security-enhanced Linux kernel contains new
|
|
|
|
architectural components originally developed to improve the security of the Flask
|
|
|
|
operating system. These architectural components provide general support for the
|
|
|
|
enforcement of many kinds of mandatory access control policies, including those
|
|
|
|
based on the concepts of Type Enforcement, Role-based Access Control, and
|
|
|
|
Multi-level Security.
|
|
|
|
|
|
|
|
The tools and libraries in this release include:
|
|
|
|
|
|
|
|
1. apol: The GUI-based policy analysis tool.
|
|
|
|
|
|
|
|
2. sepcut: A basic GUI-based policy configuration, browsing,
|
|
|
|
editing, and testing tool. This tool is intended to provide a
|
|
|
|
complete, single user interface for viewing the source files of a
|
|
|
|
policy, configuring policy program modules, editing policy files, and
|
|
|
|
making and testing the policy.
|
|
|
|
|
|
|
|
3. awish: A version of the TCL/TK wish interpreter that includes the
|
|
|
|
setools libraries. We use this to test our GUIs (apol and seuser have the
|
|
|
|
interpreter compiled within them). One could conceivably write one's own
|
|
|
|
GUI tools using TCL/TK as extended via awish.
|
|
|
|
|
|
|
|
See the help files for apol, sepcut, and seuser for help on using the
|
|
|
|
tools.
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%setup -q
|
|
|
|
%patch0 -p1 -b .rhat
|
|
|
|
|
|
|
|
%build
|
2004-09-09 12:15:59 +00:00
|
|
|
make INSTALL_LIBDIR='%{_libdir}/apol' \
|
|
|
|
LIBDIR=%{_libdir} all
|
2004-09-09 12:15:29 +00:00
|
|
|
|
|
|
|
%install
|
|
|
|
rm -rf ${RPM_BUILD_ROOT}
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/%_bindir
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/%_libdir
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/usr/include/selinux/apol
|
2004-09-09 12:15:59 +00:00
|
|
|
make INSTALL_LIBDIR=$RPM_BUILD_ROOT'%{_libdir}/apol' LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
|
|
|
|
DESTDIR="${RPM_BUILD_ROOT}" install
|
2004-09-09 12:15:29 +00:00
|
|
|
rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/domains/program/seuser.te
|
|
|
|
rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/file_contexts/program/seuser.fc
|
|
|
|
|
|
|
|
%clean
|
|
|
|
rm -rf ${RPM_BUILD_ROOT}
|
|
|
|
|
|
|
|
%files gui
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%_bindir/apol
|
|
|
|
%_bindir/seuserx
|
|
|
|
%_bindir/awish
|
|
|
|
%_bindir/seaudit
|
|
|
|
/usr/share/tcl8.3/BWidget-1.4.1/*
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%_libdir/libseuser.a
|
|
|
|
%_libdir/libapol.a
|
|
|
|
/usr/include/selinux/apol/*
|
|
|
|
|
|
|
|
%files
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%_bindir/seuser
|
|
|
|
%_bindir/seuseradd
|
|
|
|
%_bindir/seuserdel
|
|
|
|
%_bindir/seusermod
|
|
|
|
%_bindir/sepcut
|
|
|
|
%_bindir/seinfo
|
|
|
|
%_bindir/sesearch
|
|
|
|
%_libdir/apol/*
|
|
|
|
#/etc/security/selinux/src/policy/domains/program/seuser.te
|
|
|
|
#/etc/security/selinux/src/policy/file_contexts/program/seuser.fc
|
|
|
|
|
|
|
|
%post
|
|
|
|
#if test -x /usr/bin/selinuxenabled && `/usr/bin/selinuxenabled`; then
|
|
|
|
# cd /etc/security/selinux/src/policy
|
|
|
|
# make install
|
|
|
|
# make reload
|
|
|
|
# chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/domains/program/seuser.te
|
|
|
|
# chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/file_contexts/program/seuser.fc
|
|
|
|
# chcon system_u:object_r:seuser_exec_t /usr/bin/seuser
|
|
|
|
# chcon system_u:object_r:seuser_conf_t /usr/lib/apol/seuser.conf
|
|
|
|
#fi
|
|
|
|
|
|
|
|
%postun
|
|
|
|
#cd /etc/security/selinux/src/policy
|
|
|
|
#make install
|
|
|
|
#make reload
|
|
|
|
|
|
|
|
%changelog
|
2004-09-09 12:15:59 +00:00
|
|
|
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
|
|
|
|
- rebuilt
|
|
|
|
|
|
|
|
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
|
|
|
|
- rebuilt
|
|
|
|
|
|
|
|
* Fri Feb 6 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-1
|
|
|
|
- New patch
|
|
|
|
|
|
|
|
* Fri Feb 6 2004 Dan Walsh <dwalsh@redhat.com> 1.2-1
|
|
|
|
- Latest upstream version
|
|
|
|
|
2004-09-09 12:15:29 +00:00
|
|
|
* Tue Dec 30 2003 Dan Walsh <dwalsh@redhat.com> 1.1.1-1
|
|
|
|
- New version from upstream
|
|
|
|
- Remove seuser.te. Now in policy file.
|
|
|
|
|
|
|
|
* Tue Dec 30 2003 Dan Walsh <dwalsh@redhat.com> 1.1-2
|
|
|
|
- Add Defattr to devel
|
|
|
|
- move libs to base kit
|
|
|
|
|
|
|
|
* Fri Dec 19 2003 Dan Walsh <dwalsh@redhat.com> 1.1-1
|
|
|
|
- Update to latest code from tresys
|
|
|
|
- Break into three separate packages for cmdline, devel and gui
|
|
|
|
- Incorporate the tcl patch
|
|
|
|
|
|
|
|
* Mon Dec 15 2003 Jens Petersen <petersen@redhat.com> - 1.0.1-3
|
|
|
|
- apply setools-1.0.1-tcltk.patch to build against tcl/tk 8.4
|
|
|
|
- buildrequire tk-devel
|
|
|
|
|
|
|
|
* Thu Nov 20 2003 Dan Walsh <dwalsh@redhat.com> 1.0.1-2
|
|
|
|
- Add Bwidgets to this RPM
|
|
|
|
|
|
|
|
* Tue Nov 4 2003 Dan Walsh <dwalsh@redhat.com> 1.0.1-1
|
|
|
|
- Upgrade to 1.0.1
|
|
|
|
|
|
|
|
* Wed Oct 15 2003 Dan Walsh <dwalsh@redhat.com> 1.0-6
|
|
|
|
- Clean up build
|
|
|
|
|
|
|
|
* Tue Oct 14 2003 Dan Walsh <dwalsh@redhat.com> 1.0-5
|
|
|
|
- Update with correct seuser.te
|
|
|
|
|
|
|
|
* Wed Oct 1 2003 Dan Walsh <dwalsh@redhat.com> 1.0-4
|
|
|
|
- Update with final release from Tresys
|
|
|
|
|
|
|
|
* Mon Jun 2 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
|
|
|
|
- Initial version
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|