diff --git a/.cvsignore b/.cvsignore index e69de29..3ff28ec 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +setools-1.1.1.tgz diff --git a/setools-rhat.patch b/setools-rhat.patch new file mode 100644 index 0000000..d41610d --- /dev/null +++ b/setools-rhat.patch @@ -0,0 +1,117 @@ +--- setools-1.1.1/libapol/Makefile.rhat 2003-11-05 09:55:44.000000000 -0500 ++++ setools-1.1.1/libapol/Makefile 2004-01-09 15:08:43.599401736 -0500 +@@ -1,5 +1,7 @@ + # libapol and lipapol-tcl + ++LIBDIR = $(DESTDIR)/usr/lib ++INCLUDEDIR = $(DESTDIR)/usr/include/selinux/apol + LIB-OBJ = policy.o policy-query.o policy-io.o queue.o util.o clone.o + LIB-OBJ += y.tab.o lex.yy.o avl-util.o policy-avl.o render.o analysis.o + LIB-OBJ += perm-map.o cond.o +@@ -30,6 +32,10 @@ + ../lib: + mkdir -p $@ + ++install: libapol ++ install -m 644 ../lib/libapol.a $(LIBDIR) ++ install -m 644 *.h $(INCLUDEDIR) ++ + clean: + rm -f *.o core y.tab.c y.tab.h lex.yy.c *~ + +--- setools-1.1.1/libseuser/Makefile.rhat 2003-12-29 12:27:01.000000000 -0500 ++++ setools-1.1.1/libseuser/Makefile 2004-01-09 15:10:51.634505763 -0500 +@@ -1,5 +1,8 @@ + # libseuser and libseuser-tcl + ++LIBDIR = $(DESTDIR)/usr/lib ++INCLUDEDIR = $(DESTDIR)/usr/include/selinux/apol ++ + LIB-OBJ = seuser_db.o + LIB-OBJ-TCL = $(LIB-OBJ) seuser_tcl.o + +@@ -9,6 +12,10 @@ + + libseuser-tcl: ../lib/libseuser-tcl.a + ++install: libseuser libseuser-tcl ++ install -m 644 ../lib/libseuser.a $(LIBDIR) ++ install -m 644 *.h $(INCLUDEDIR) ++ + ../lib/libseuser.a: ../lib $(LIB-OBJ) + ar cr $@ $(LIB-OBJ) + +--- setools-1.1.1/packages/Makefile.rhat 2003-12-08 16:04:19.000000000 -0500 ++++ setools-1.1.1/packages/Makefile 2004-01-09 15:08:43.628398362 -0500 +@@ -3,10 +3,11 @@ + # by Kevin Carr kcarr@tresys.com + + # Make sure INSTALL_PATH is set properly for your system! +-INSTALL_PATH=/usr/share/tcl8.3/ ++INSTALL_PATH=$(DESTDIR)/usr/share/tcl8.3/ + + + install: ++ mkdir -p $(INSTALL_PATH) + tar -zxvf BWidget-1.4.1.tar.gz + mv BWidget-1.4.1 $(INSTALL_PATH) + +@@ -20,4 +21,4 @@ + rm -rf BWidget-1.4.1/ + + bare: +- clean +\ No newline at end of file ++ clean +--- setools-1.1.1/Makefile.rhat 2003-12-30 10:58:17.000000000 -0500 ++++ setools-1.1.1/Makefile 2004-01-09 15:12:51.410570671 -0500 +@@ -4,10 +4,9 @@ + MAKE = make + + LIBS = -lfl -lm +-TCLVER = 8.3 + TCL_INCLUDE = -I/usr/include + TCL_LIBINC = -L/usr/lib +-TCL_LIBS = -ltk$(TCLVER) -ltcl$(TCLVER) -ldl $(LIBS) ++TCL_LIBS = -ltk -ltcl -ldl $(LIBS) + + LINKFLAGS = + CC = gcc +@@ -85,6 +84,8 @@ + @echo " install-seuserx: build and install seuser and seuserx (selinux required)" + @echo " install-secmds: build and install command line tools (selinux not required)" + @echo " install-seaudit: build and install seaudit (selinux not required)" ++ @echo " install-bwidget: build and install BWidget (selinux not required)" ++ @echo " install-libraries: build and install libraries" + @echo " " + @echo " all: build everything, but don't install" + @echo " all-nogui: only build non-GUI tools and libraries" +@@ -147,6 +148,15 @@ + install-awish: $(INSTALL_LIBDIR) + cd awish; $(MAKE) install + ++install-libseuser: ++ cd libseuser; $(MAKE) install ++ ++install-libapol: ++ cd libapol; $(MAKE) install ++ ++install-libraries: install-libseuser install-libapol ++ cd libseuser; $(MAKE) install ++ + # installs both GUI and non-GUI versions + install-seuserx: $(INSTALL_LIBDIR) + cd seuser; $(MAKE) install +@@ -166,8 +176,11 @@ + + install-nogui: $(INSTALL_LIBDIR) install-seuser install-secmds + ++install-bwidget: ++ cd packages; make + +-install: install-apol install-seuserx install-sepcut install-awish install-secmds install-seaudit ++ ++install: install-apol install-seuser install-seuserx install-sepcut install-awish install-secmds install-seaudit install-bwidget install-libraries + + # Next four targets are to support installation as part of a system + # install. These targets are deprecated. diff --git a/setools.spec b/setools.spec new file mode 100644 index 0000000..3fba120 --- /dev/null +++ b/setools.spec @@ -0,0 +1,184 @@ +Summary: SELinux tools for managing policy +Name: setools +Version: 1.1.1 +Release: 1 +License: GPL +Group: System Environment/Base +Source: http://www.tresys.com/Downloads/selinux-tools/setools-1.1.1.tgz +#Source1: seuser.te +Prefix: %{_prefix} +BuildRoot: %{_tmppath}/%{name}-buildroot +Requires: checkpolicy, policycoreutils, policy, policy-sources +Buildrequires: tk-devel +BuildArch: i386 +Patch0: setools-rhat.patch + +%description +Security-enhanced Linux is a patch of the Linux kernel and a number of +utilities with enhanced security functionality designed to add mandatory access +controls to Linux. The Security-enhanced Linux kernel contains new +architectural components originally developed to improve the security of the Flask +operating system. These architectural components provide general support for the +enforcement of many kinds of mandatory access control policies, including those +based on the concepts of Type Enforcement, Role-based Access Control, and +Multi-level Security. + +The tools and libraries in this release include: + +1. seuser: A GUI and command line user manager tool for SELinux. This +is a tool that actually manages a portion of a running policy (i.e., +user accounts). + +2. seuser scripts: A set of shell scripts: seuseradd, seusermod, and +seuserdel. These scripts combine the functions of the associated s* +commands with seuser to provide a single interface to manage users in +SE Linux. + +3. libapol: The main policy.conf analysis library, which is the core +library for all our tools. + +See the help files for apol, sepcut, and seuser for help on using the +tools. + +%package gui +Summary: Graphical tools for handling SETools +Group: System Environment/Base +Requires: %name + +%package devel +Summary: Libraries used for manipulation of policy by SETools +Group: System Environment/Base +Requires: %name + +%description devel +setools libraries used for manipulation and investigation of policy. + +%description gui +Security-enhanced Linux is a patch of the Linux kernel and a number of +utilities with enhanced security functionality designed to add mandatory access +controls to Linux. The Security-enhanced Linux kernel contains new +architectural components originally developed to improve the security of the Flask +operating system. These architectural components provide general support for the +enforcement of many kinds of mandatory access control policies, including those +based on the concepts of Type Enforcement, Role-based Access Control, and +Multi-level Security. + +The tools and libraries in this release include: + +1. apol: The GUI-based policy analysis tool. + +2. sepcut: A basic GUI-based policy configuration, browsing, +editing, and testing tool. This tool is intended to provide a +complete, single user interface for viewing the source files of a +policy, configuring policy program modules, editing policy files, and +making and testing the policy. + +3. awish: A version of the TCL/TK wish interpreter that includes the +setools libraries. We use this to test our GUIs (apol and seuser have the +interpreter compiled within them). One could conceivably write one's own +GUI tools using TCL/TK as extended via awish. + +See the help files for apol, sepcut, and seuser for help on using the +tools. + +%prep +%setup -q +%patch0 -p1 -b .rhat + +%build +make all + +%install +rm -rf ${RPM_BUILD_ROOT} +mkdir -p $RPM_BUILD_ROOT/%_bindir +mkdir -p $RPM_BUILD_ROOT/%_libdir +mkdir -p $RPM_BUILD_ROOT/usr/include/selinux/apol +make DESTDIR="${RPM_BUILD_ROOT}" install +rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/domains/program/seuser.te +rm -f ${RPM_BUILD_ROOT}/etc/security/selinux/src/policy/file_contexts/program/seuser.fc + +%clean +rm -rf ${RPM_BUILD_ROOT} + +%files gui +%defattr(-,root,root) +%_bindir/apol +%_bindir/seuserx +%_bindir/awish +%_bindir/seaudit +/usr/share/tcl8.3/BWidget-1.4.1/* + +%files devel +%defattr(-,root,root) +%_libdir/libseuser.a +%_libdir/libapol.a +/usr/include/selinux/apol/* + +%files +%defattr(-,root,root) +%_bindir/seuser +%_bindir/seuseradd +%_bindir/seuserdel +%_bindir/seusermod +%_bindir/sepcut +%_bindir/seinfo +%_bindir/sesearch +%_libdir/apol/* +#/etc/security/selinux/src/policy/domains/program/seuser.te +#/etc/security/selinux/src/policy/file_contexts/program/seuser.fc + +%post +#if test -x /usr/bin/selinuxenabled && `/usr/bin/selinuxenabled`; then +# cd /etc/security/selinux/src/policy +# make install +# make reload +# chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/domains/program/seuser.te +# chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/file_contexts/program/seuser.fc +# chcon system_u:object_r:seuser_exec_t /usr/bin/seuser +# chcon system_u:object_r:seuser_conf_t /usr/lib/apol/seuser.conf +#fi + +%postun +#cd /etc/security/selinux/src/policy +#make install +#make reload + +%changelog +* Tue Dec 30 2003 Dan Walsh 1.1.1-1 +- New version from upstream +- Remove seuser.te. Now in policy file. + +* Tue Dec 30 2003 Dan Walsh 1.1-2 +- Add Defattr to devel +- move libs to base kit + +* Fri Dec 19 2003 Dan Walsh 1.1-1 +- Update to latest code from tresys +- Break into three separate packages for cmdline, devel and gui +- Incorporate the tcl patch + +* Mon Dec 15 2003 Jens Petersen - 1.0.1-3 +- apply setools-1.0.1-tcltk.patch to build against tcl/tk 8.4 +- buildrequire tk-devel + +* Thu Nov 20 2003 Dan Walsh 1.0.1-2 +- Add Bwidgets to this RPM + +* Tue Nov 4 2003 Dan Walsh 1.0.1-1 +- Upgrade to 1.0.1 + +* Wed Oct 15 2003 Dan Walsh 1.0-6 +- Clean up build + +* Tue Oct 14 2003 Dan Walsh 1.0-5 +- Update with correct seuser.te + +* Wed Oct 1 2003 Dan Walsh 1.0-4 +- Update with final release from Tresys + +* Mon Jun 2 2003 Dan Walsh 1.0-1 +- Initial version + + + + diff --git a/sources b/sources index e69de29..19eeaa0 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +b0147413a6d28dd9d281fc8e41e124ea setools-1.1.1.tgz