setools/setools.spec

185 lines
5.7 KiB
RPMSpec
Raw Normal View History

Summary: SELinux tools for managing policy
Name: setools
Version: 1.1.1
Release: 1
License: GPL
Group: System Environment/Base
Source: http://www.tresys.com/Downloads/selinux-tools/setools-1.1.1.tgz
#Source1: seuser.te
Prefix: %{_prefix}
BuildRoot: %{_tmppath}/%{name}-buildroot
Requires: checkpolicy, policycoreutils, policy, policy-sources
Buildrequires: tk-devel
BuildArch: i386
Patch0: setools-rhat.patch
%description
Security-enhanced Linux is a patch of the Linux kernel and a number of
utilities with enhanced security functionality designed to add mandatory access
controls to Linux. The Security-enhanced Linux kernel contains new
architectural components originally developed to improve the security of the Flask
operating system. These architectural components provide general support for the
enforcement of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement, Role-based Access Control, and
Multi-level Security.
The tools and libraries in this release include:
1. seuser: A GUI and command line user manager tool for SELinux. This
is a tool that actually manages a portion of a running policy (i.e.,
user accounts).
2. seuser scripts: A set of shell scripts: seuseradd, seusermod, and
seuserdel. These scripts combine the functions of the associated s*
commands with seuser to provide a single interface to manage users in
SE Linux.
3. libapol: The main policy.conf analysis library, which is the core
library for all our tools.
See the help files for apol, sepcut, and seuser for help on using the
tools.
%package gui
Summary: Graphical tools for handling SETools
Group: System Environment/Base
Requires: %name
%package devel
Summary: Libraries used for manipulation of policy by SETools
Group: System Environment/Base
Requires: %name
%description devel
setools libraries used for manipulation and investigation of policy.
%description gui
Security-enhanced Linux is a patch of the Linux kernel and a number of
utilities with enhanced security functionality designed to add mandatory access
controls to Linux. The Security-enhanced Linux kernel contains new
architectural components originally developed to improve the security of the Flask
operating system. These architectural components provide general support for the
enforcement of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement, Role-based Access Control, and
Multi-level Security.
The tools and libraries in this release include:
1. apol: The GUI-based policy analysis tool.
2. sepcut: A basic GUI-based policy configuration, browsing,
editing, and testing tool. This tool is intended to provide a
complete, single user interface for viewing the source files of a
policy, configuring policy program modules, editing policy files, and
making and testing the policy.
3. awish: A version of the TCL/TK wish interpreter that includes the
setools libraries. We use this to test our GUIs (apol and seuser have the
interpreter compiled within them). One could conceivably write one's own
GUI tools using TCL/TK as extended via awish.
See the help files for apol, sepcut, and seuser for help on using the
tools.
%prep
%setup -q
%patch0 -p1 -b .rhat
%build
make all
%install
rm -rf ${RPM_BUILD_ROOT}
mkdir -p $RPM_BUILD_ROOT/%_bindir
mkdir -p $RPM_BUILD_ROOT/%_libdir
mkdir -p $RPM_BUILD_ROOT/usr/include/selinux/apol
make DESTDIR="${RPM_BUILD_ROOT}" install
rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/domains/program/seuser.te
rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/file_contexts/program/seuser.fc
%clean
rm -rf ${RPM_BUILD_ROOT}
%files gui
%defattr(-,root,root)
%_bindir/apol
%_bindir/seuserx
%_bindir/awish
%_bindir/seaudit
/usr/share/tcl8.3/BWidget-1.4.1/*
%files devel
%defattr(-,root,root)
%_libdir/libseuser.a
%_libdir/libapol.a
/usr/include/selinux/apol/*
%files
%defattr(-,root,root)
%_bindir/seuser
%_bindir/seuseradd
%_bindir/seuserdel
%_bindir/seusermod
%_bindir/sepcut
%_bindir/seinfo
%_bindir/sesearch
%_libdir/apol/*
#/etc/security/selinux/src/policy/domains/program/seuser.te
#/etc/security/selinux/src/policy/file_contexts/program/seuser.fc
%post
#if test -x /usr/bin/selinuxenabled && `/usr/bin/selinuxenabled`; then
# cd /etc/security/selinux/src/policy
# make install
# make reload
# chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/domains/program/seuser.te
# chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/file_contexts/program/seuser.fc
# chcon system_u:object_r:seuser_exec_t /usr/bin/seuser
# chcon system_u:object_r:seuser_conf_t /usr/lib/apol/seuser.conf
#fi
%postun
#cd /etc/security/selinux/src/policy
#make install
#make reload
%changelog
* Tue Dec 30 2003 Dan Walsh <dwalsh@redhat.com> 1.1.1-1
- New version from upstream
- Remove seuser.te. Now in policy file.
* Tue Dec 30 2003 Dan Walsh <dwalsh@redhat.com> 1.1-2
- Add Defattr to devel
- move libs to base kit
* Fri Dec 19 2003 Dan Walsh <dwalsh@redhat.com> 1.1-1
- Update to latest code from tresys
- Break into three separate packages for cmdline, devel and gui
- Incorporate the tcl patch
* Mon Dec 15 2003 Jens Petersen <petersen@redhat.com> - 1.0.1-3
- apply setools-1.0.1-tcltk.patch to build against tcl/tk 8.4
- buildrequire tk-devel
* Thu Nov 20 2003 Dan Walsh <dwalsh@redhat.com> 1.0.1-2
- Add Bwidgets to this RPM
* Tue Nov 4 2003 Dan Walsh <dwalsh@redhat.com> 1.0.1-1
- Upgrade to 1.0.1
* Wed Oct 15 2003 Dan Walsh <dwalsh@redhat.com> 1.0-6
- Clean up build
* Tue Oct 14 2003 Dan Walsh <dwalsh@redhat.com> 1.0-5
- Update with correct seuser.te
* Wed Oct 1 2003 Dan Walsh <dwalsh@redhat.com> 1.0-4
- Update with final release from Tresys
* Mon Jun 2 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
- Initial version