diff --git a/.cvsignore b/.cvsignore index 45b8b0a..7bcd7b9 100644 --- a/.cvsignore +++ b/.cvsignore @@ -10,3 +10,4 @@ setools-2.2.tar.bz2 setools-2.3.tar.bz2 setools-2.4.tar.bz2 setools-3.1.tar.bz2 +setools-3.2.tar.bz2 diff --git a/setools.spec b/setools.spec index df59724..164806f 100644 --- a/setools.spec +++ b/setools.spec @@ -1,220 +1,254 @@ -Summary: SELinux tools for managing policy Name: setools -Version: 3.1 -Release: 4%{?dist} +Version: 3.2 +Release: 1 License: GPL +URL: http://oss.tresys.com/projects/setools +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root +Source: setools-%{version}.tar.bz2 +AutoReqProv: no +Summary: Policy analysis tools for SELinux. Group: System Environment/Base -URL: http://www.tresys.com/ -Source: http://www.tresys.com/Downloads/selinux-tools/setools-%{version}.tar.bz2 -Source1: setools.pam -Source4: seaudit.console -Source5: apol.desktop -Source7: seaudit.desktop -Source9: sediffx.desktop -Source10: seaudit.png -Source11: apol.png -Source12: sediffx.png -Patch: setools-rhat.patch -Prefix: %{_prefix} -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Requires: checkpolicy, policycoreutils, tcl >= 8.4 -Buildrequires: tk-devel >= 8.4, tcl-devel >= 8.4 libsepol-devel >= 1.15.1 -BuildRequires: gtk2-devel, libglade2-devel -BuildRequires: libselinux-devel, libxml2-devel -BuildRequires: autoconf -BuildRequires: libcap-devel -BuildPrereq: bison, flex, pkgconfig +# disable auto dependency generation because they are explicitly listed +%define __find_requires %{nil} %description -Security-enhanced Linux is a patch of the Linux kernel and a number of -utilities with enhanced security functionality designed to add -mandatory access -controls to Linux. The Security-enhanced Linux kernel contains new -architectural components originally developed to improve the security - of the Flask -operating system. These architectural components provide general - support for the -enforcement of many kinds of mandatory access control policies, including - those -based on the concepts of Type Enforcement, Role-based Access Control, and -Multi-level Security. +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. The +following are included: -The tools and libraries in this release include: + apol Tcl/Tk-based policy analysis tool + awish customized wish interpreter + libapol policy analysis library + libapol-tcl bindings between apol and libapol + libpoldiff semantic policy difference library + libqpol library that abstracts policy internals + libseaudit parse and filter SELinux audit messages in log files + libsefs SELinux filesystem database library + seaudit audit log analysis tools: seaudit and seaudit-report + sechecker SELinux policy checking tool + secmds command line tools: seinfo, sesearch, findcon, + replcon, indexcon, and searchcon + sediff semantic policy difference tools: sediff and sediffx -1. libapol: The main policy.conf analysis library, which is the core -library for all our tools. +%package libs +License: LGPL +Summary: Policy analysis support libraries for SELinux. +Group: System Environment/Libraries +Requires: libselinux >= 1.30 libsepol >= 1.12.27 libxml2 +Provides: libqpol = 1.1 libapol = 3.1 libpoldiff = 1.1 libsefs = 3.0.2 libseaudit = 4.0.0 +BuildPrereq: flex, bison, pkgconfig +BuildRequires: libselinux-devel >= 1.30 libsepol-devel >= 1.12.27 libxml2-devel +BuildRequires: tk-devel >= 8.4.9 tcl-devel >= 8.4.9 +BuildRequires: gtk2-devel >= 2.4 libglade2-devel libxml2-devel +Prereq: /sbin/ldconfig +Conflicts: setools -See the help files for apol for help on using the -tools. +%description libs +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. + +This package includes the following run-time libraries: + + libapol policy analysis library + libpoldiff semantic policy difference library + libqpol library that abstracts policy internals + libseaudit parse and filter SELinux audit messages in log files + libsefs SELinux filesystem database library + +%package devel +Summary: Policy analysis development files for SELinux. +Group: System Environment/Libraries +Requires: libselinux-devel >= 1.30 libsepol-devel >= 1.12.27 libxml2-devel +Requires: %{name} = %{version}-%{release} sqlite-devel + +%description devel +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. + +This package includes header files and archives for the following +libraries: + + libapol policy analysis library + libapol-tcl bindings between apol and libapol + libpoldiff semantic policy difference library + libqpol library that abstracts policy internals + libseaudit parse and filter SELinux audit messages in log files + libsefs SELinux filesystem database library + +%package console +AutoReqProv: no +Summary: Policy analysis command-line tools for SELinux. +Group: System Environment/Base +Requires: libqpol >= 1.1 libapol >= 3.1 libpoldiff >= 1.1 libsefs >= 3.0 libseaudit >= 4.0 +Requires: libselinux >= 1.30 + +%description console +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. + +This package includes the following console tools: + + seaudit-report audit log analysis tool + sechecker SELinux policy checking tool + secmds command line tools: seinfo, sesearch, findcon, + replcon, indexcon, and searchcon + sediff semantic policy difference tool %package gui -Summary: Graphical tools for handling SETools +AutoReqProv: no +Summary: Policy analysis graphical tools for SELinux. Group: System Environment/Base +Requires: libqpol >= 1.1 libapol >= 3.1 libpoldiff >= 1.1 libsefs >= 3.0 libseaudit >= 4.0 +Requires: tcl >= 8.4.9 tk >= 8.4.9 bwidget >= 1.8 +Requires: glib >= 1.2 gtk2 >= 2.4 gdk-pixbuf libxml2 libglade2 Requires: %{name} = %{version}-%{release} -Requires: tk >= 8.4, libglade2 > 2, usermode %description gui -Security-enhanced Linux is a patch of the Linux kernel and a number of -utilities with enhanced security functionality designed to add - mandatory access -controls to Linux. The Security-enhanced Linux kernel contains new -architectural components originally developed to improve -the security of the Flask -operating system. These architectural components provide -general support for the -enforcement of many kinds of mandatory access control policies, - including those -based on the concepts of Type Enforcement, Role-based Access Control, and -Multi-level Security. +SETools is a collection of graphical tools, command-line tools, and +libraries designed to facilitate SELinux policy analysis. -The tools and libraries in this release include: +This package includes the following graphical tools: -1. apol: The GUI-based policy analysis tool. - -2. awish: A version of the TCL/TK wish interpreter that includes the -setools libraries. We use this to test our GUIs (apol have the -interpreter compiled within them). One could conceivably write one's own -GUI tools using TCL/TK as extended via awish. - -See the help files for apol for help on using the -tools. + apol Tcl/Tk-based policy analysis tool + awish customized wish interpreter + seaudit audit log analysis tool + sediffx semantic policy difference tool %prep %setup -q -%patch -p1 -b .rhat %build -autoconf -%configure --disable-bwidget-check --disable-selinux-check -make clean -make LIBDIR=%{_libdir} all +%configure --disable-bwidget-check --disable-selinux-check +make %install rm -rf ${RPM_BUILD_ROOT} -mkdir -p $RPM_BUILD_ROOT/%{_bindir} -mkdir -p $RPM_BUILD_ROOT/%{_sbindir} -mkdir -p $RPM_BUILD_ROOT/%_libdir -mkdir -p $RPM_BUILD_ROOT%{_includedir}/selinux/apol -mkdir -p $RPM_BUILD_ROOT/usr/share/doc/setools-%{version} -mkdir -p $RPM_BUILD_ROOT/usr/share/tcl8.4 -mkdir -p $RPM_BUILD_ROOT/usr/share/pixmaps - -make DESTDIR="${RPM_BUILD_ROOT}" LIBDIR=%{_libdir} install -rm -rf ${RPM_BUILD_ROOT}%{_includedir}/libsefs/sqlite - +%makeinstall +rm -f ${RPM_BUILD_ROOT}%{_libdir}/lib*so +mkdir -p ${RPM_BUILD_ROOT}/usr/share/pixmaps install -d -m 755 ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d -install -m 644 %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d/seaudit +install -m 644 packages/rpm/seaudit.pam ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d/seaudit install -d -m 755 ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps -install -m 644 %{SOURCE4} ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps/seaudit +install -m 644 packages/rpm/seaudit.console ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps/seaudit install -d -m 755 ${RPM_BUILD_ROOT}%{_datadir}/applications -install -m 664 %{SOURCE5} ${RPM_BUILD_ROOT}%{_datadir}/applications/apol.desktop -install -m 664 %{SOURCE7} ${RPM_BUILD_ROOT}%{_datadir}/applications/seaudit.desktop -install -m 664 %{SOURCE9} ${RPM_BUILD_ROOT}%{_datadir}/applications/sediffx.desktop -install -m 664 %{SOURCE10} ${RPM_BUILD_ROOT}/usr/share/pixmaps/seaudit.png -install -m 664 %{SOURCE11} ${RPM_BUILD_ROOT}/usr/share/pixmaps/apol.png -install -m 664 %{SOURCE12} ${RPM_BUILD_ROOT}/usr/share/pixmaps/sediffx.png - +install -m 664 packages/rpm/apol.desktop ${RPM_BUILD_ROOT}%{_datadir}/applications/apol.desktop +install -m 664 packages/rpm/seaudit.desktop ${RPM_BUILD_ROOT}%{_datadir}/applications/seaudit.desktop +install -m 664 packages/rpm/sediffx.desktop ${RPM_BUILD_ROOT}%{_datadir}/applications/sediffx.desktop +install -m 664 apol/apol.png ${RPM_BUILD_ROOT}/usr/share/pixmaps/apol.png +install -m 664 seaudit/seaudit.png ${RPM_BUILD_ROOT}/usr/share/pixmaps/seaudit.png +install -m 664 sediff/sediffx.png ${RPM_BUILD_ROOT}/usr/share/pixmaps/sediffx.png cd $RPM_BUILD_ROOT/%{_bindir}/ ln -sf consolehelper seaudit %clean rm -rf ${RPM_BUILD_ROOT} -%files gui +%files libs %defattr(-,root,root) -%dir /usr/share/tcl8.4/BWidget-1.8.0 -/usr/share/tcl8.4/BWidget-1.8.0/* -%{_bindir}/apol -%{_bindir}/sediffx -%{_bindir}/awish -%{_bindir}/seaudit -%{_bindir}/seaudit-report +%{_libdir}/libqpol.so.* +%{_libdir}/libapol.so.* +%{_libdir}/libpoldiff.so.* +%{_libdir}/libsefs.so.* +%{_libdir}/libseaudit.so.* +%{_datadir}/setools-%{version}/seaudit-report.conf +%{_datadir}/setools-%{version}/seaudit-report.css +%doc AUTHORS ChangeLog COPYING COPYING.GPL COPYING.LGPL KNOWN-BUGS NEWS README + +%files devel +%{_libdir}/libqpol.a +%{_libdir}/libapol.a +%{_libdir}/libpoldiff.a +%{_libdir}/libsefs.a +%{_libdir}/libseaudit.a +%{_libdir}/libapol-tcl.a +%dir %{_includedir}/qpol +%{_includedir}/qpol/*.h +%dir %{_includedir}/apol +%{_includedir}/apol/*.h +%dir %{_includedir}/poldiff +%{_includedir}/poldiff/*.h +%dir %{_includedir}/sefs +%{_includedir}/sefs/*.h +%dir %{_includedir}/seaudit +%{_includedir}/seaudit/*.h + +%files console +%{_bindir}/seinfo +%{_bindir}/sesearch +%{_bindir}/indexcon %{_bindir}/findcon %{_bindir}/replcon %{_bindir}/searchcon -%{_bindir}/indexcon +%{_bindir}/sechecker +%{_bindir}/sediff +%{_bindir}/seaudit-report +%{_datadir}/setools-%{version}/sechecker-profiles/all-checks.sechecker +%{_datadir}/setools-%{version}/sechecker-profiles/analysis-checks.sechecker +%{_datadir}/setools-%{version}/sechecker-profiles/devel-checks.sechecker +%{_datadir}/setools-%{version}/sechecker-profiles/sechecker.dtd +%{_datadir}/setools-%{version}/sechecker_help.txt +%{_datadir}/setools-%{version}/seaudit-report-service +%{_mandir}/man1/findcon.1.gz +%{_mandir}/man1/indexcon.1.gz +%{_mandir}/man1/replcon.1.gz +%{_mandir}/man1/searchcon.1.gz +%{_mandir}/man1/sechecker.1.gz +%{_mandir}/man1/sediff.1.gz +%{_mandir}/man1/seinfo.1.gz +%{_mandir}/man1/sesearch.1.gz +%{_mandir}/man8/seaudit-report.8.gz + +%files gui +%{_bindir}/seaudit +%{_bindir}/sediffx +%{_bindir}/apol +%{_bindir}/awish +%{_datadir}/setools-%{version}/sediff_help.txt +%{_datadir}/setools-%{version}/sediffx.glade +%{_datadir}/setools-%{version}/sediffx.png +%{_datadir}/setools-%{version}/sediffx-small.png +%{_datadir}/setools-%{version}/apol_help.txt +%{_datadir}/setools-%{version}/domaintrans_help.txt +%{_datadir}/setools-%{version}/file_relabel_help.txt +%{_datadir}/setools-%{version}/infoflow_help.txt +%{_datadir}/setools-%{version}/types_relation_help.txt +%{_datadir}/setools-%{version}/apol_perm_mapping_ver12 +%{_datadir}/setools-%{version}/apol_perm_mapping_ver15 +%{_datadir}/setools-%{version}/apol_perm_mapping_ver16 +%{_datadir}/setools-%{version}/apol_perm_mapping_ver17 +%{_datadir}/setools-%{version}/apol_perm_mapping_ver18 +%{_datadir}/setools-%{version}/apol_perm_mapping_ver19 +%{_datadir}/setools-%{version}/apol_perm_mapping_ver20 +%{_datadir}/setools-%{version}/apol_perm_mapping_ver21 +%{_datadir}/setools-%{version}/apol.gif +%{_datadir}/setools-%{version}/apol.tcl +%{_datadir}/setools-%{version}/seaudit.glade +%{_datadir}/setools-%{version}/seaudit_help.txt +%{_datadir}/setools-%{version}/seaudit.png +%{_datadir}/setools-%{version}/seaudit-small.png +%{_datadir}/setools-%{version}/dot_seaudit +%{_mandir}/man1/apol.1.gz +%{_mandir}/man1/sediffx.1.gz +%{_mandir}/man8/seaudit.8.gz %{_sbindir}/seaudit + +%config(noreplace) %{_sysconfdir}/pam.d/seaudit +%config(noreplace) %{_sysconfdir}/security/console.apps/seaudit %{_datadir}/applications/apol.desktop %{_datadir}/applications/seaudit.desktop %{_datadir}/applications/sediffx.desktop -%config(noreplace) %{_sysconfdir}/pam.d/seaudit -%config(noreplace) %{_sysconfdir}/security/console.apps/seaudit - -/usr/share/setools/apol.tcl -/usr/share/setools/apol_perm_mapping_ver12 -/usr/share/setools/apol_perm_mapping_ver15 -/usr/share/setools/apol_perm_mapping_ver16 -/usr/share/setools/apol_perm_mapping_ver17 -/usr/share/setools/apol_perm_mapping_ver18 -/usr/share/setools/apol_perm_mapping_ver19 -/usr/share/setools/apol_perm_mapping_ver20 -/usr/share/setools/apol_perm_mapping_ver21 -/usr/share/setools/*.glade -/usr/share/setools/*.png -/usr/share/setools/*.gif -/usr/share/setools/dot_seaudit -/usr/share/setools/seaudit-report-service -/usr/share/setools/seaudit-report.conf -/usr/share/setools/seaudit-report.css - -%{_mandir}/man*/* -%attr(0644,root,root) /usr/share/pixmaps/seaudit.png %attr(0644,root,root) /usr/share/pixmaps/apol.png +%attr(0644,root,root) /usr/share/pixmaps/seaudit.png %attr(0644,root,root) /usr/share/pixmaps/sediffx.png -%package devel -Summary: Development environment for SETools -Group: System Environment/Base -Requires: %{name} = %{version}-%{release} sqlite-devel +%post libs +/sbin/ldconfig -%description devel -Headers, static libraries and API docs for SETools. - -%files devel -%defattr(-,root,root) -%{_includedir}/apol -%{_includedir}/poldiff -%{_includedir}/qpol -%{_includedir}/sefs -%{_includedir}/seaudit -%{_includedir}/selinux/apol - -%{_libdir}/libsefs.a -%{_libdir}/libapol.a -%{_libdir}/libapol-tcl.a -%{_libdir}/libqpol.a -%{_libdir}/libseaudit.a -%{_libdir}/libpoldiff.a - -%post devel -p /sbin/ldconfig - -%postun devel -p /sbin/ldconfig - -%files -%defattr(-,root,root) -%{_bindir}/seinfo -%{_bindir}/sesearch -%{_bindir}/sechecker -%{_bindir}/sediff -%doc KNOWN-BUGS -%doc README -%{_mandir}/man1/sechecker.1.gz -%{_mandir}/man1/seinfo.1.gz -%{_mandir}/man1/sediff.1.gz -%{_mandir}/man1/sesearch.1.gz -%attr(755,root,root) %dir /usr/share/setools -%attr(755,root,root) %dir /usr/share/setools/sechecker-profiles -/usr/share/setools/sechecker-profiles/* -/usr/share/setools/*.txt -%attr(755,root,root) %{_libdir}/libapol.so* -%attr(755,root,root) %{_libdir}/libqpol.so* -%attr(755,root,root) %{_libdir}/libpoldiff.so* -%attr(755,root,root) %{_libdir}/libsefs.so* -%attr(755,root,root) %{_libdir}/libseaudit.so* +%postun -p /sbin/ldconfig %changelog -* Tue Mar 29 2007 Dan Walsh 3.1-4 +* Mon Apr 30 2007 Dan Walsh 3.2-1 - Start shipping the rest of the setools command line apps * Tue Feb 20 2007 Dan Walsh 3.1-3 @@ -464,7 +498,3 @@ Headers, static libraries and API docs for SETools. * Mon Jun 2 2003 Dan Walsh 1.0-1 - Initial version - - - - diff --git a/sources b/sources index dfba786..aca44bb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -700028fed279939f98054f4a6185a47e setools-3.1.tar.bz2 +699988ceb2d996cf172aa66bf24d7c0b setools-3.2.tar.bz2