Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
policycoreutils.10737
policycoreutils.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File policycoreutils.spec of Package policycoreutils.10737
# # spec file for package policycoreutils # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define libaudit_ver 2.2 %define libsepol_ver 2.6 %define libsemanage_ver 2.6 %define libselinux_ver 2.6 %define sepolgen_ver 2.6 #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: policycoreutils Version: 2.6 Release: 0 Summary: SELinux policy core utilities License: GPL-2.0-or-later Group: Productivity/Security Url: https://github.com/SELinuxProject/selinux Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014/%{name}-%{version}.tar.gz Source1: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014/sepolgen-%{sepolgen_ver}.tar.gz Source2: system-config-selinux.png Source3: system-config-selinux.desktop Source4: system-config-selinux.pam Source5: system-config-selinux.console Source6: selinux-polgengui.desktop Source7: selinux-polgengui.console Source8: policycoreutils_man_ru2.tar.bz2 Patch4: policycoreutils-initscript.patch Patch5: policycoreutils-pam-common.patch Patch10: loadpolicy_path.patch Patch11: CVE-2018-1063.patch BuildRequires: audit-devel >= %{libaudit_ver} BuildRequires: dbus-1-glib-devel BuildRequires: fdupes BuildRequires: gettext BuildRequires: hicolor-icon-theme BuildRequires: libcap-devel BuildRequires: libcap-ng-devel BuildRequires: libselinux-devel >= %{libselinux_ver} BuildRequires: libsemanage-devel >= %{libsemanage_ver} BuildRequires: libsepol-devel-static >= %{libsepol_ver} BuildRequires: pam-devel # needed only for dir /usr/share/polkit-1 from policycoreutils-gui BuildRequires: polkit BuildRequires: python-devel BuildRequires: systemd-rpm-macros BuildRequires: update-desktop-files Requires: audit-libs-python Requires: checkpolicy Requires: gawk Requires: python-selinux Requires: policycoreutils-python Requires: rpm Requires: util-linux # we need selinuxenabled Requires(post): selinux-tools Requires(pre): %fillup_prereq Requires(pre): permissions Recommends: %{name}-lang %{?systemd_requires} %description policycoreutils contains the policy core utilities that are required for basic operation of a SELinux system. These utilities include load_policy to load policies, setfiles to label filesystems, newrole to switch roles, and run_init to run %{_initddir} scripts in the proper context. (Security-enhanced Linux is a feature of the kernel and some utilities that implement mandatory access control policies, such as Type Enforcement, Role-based Access Control and Multi-Level Security.) %lang_package %package python Summary: SELinux policy core python utilities Group: Productivity/Security Requires: audit-libs-python >= %{libaudit_ver} Requires: policycoreutils = %{version} Requires: python-ipy Requires: python-selinux >= %{libselinux_ver} Requires: python-semanage >= %{libsemanage_ver} Requires: python2-setools Requires: python-enum34 Requires: python2-setuptools Requires: python-xml Requires: python-yum Requires: python2-networkx Requires: python2-selinux Requires: yum-metadata-parser %description python The policycoreutils-python package contains the management tools used to manage an SELinux environment. %package sandbox Summary: SELinux sandbox utilities Group: Productivity/Security Requires: policycoreutils-python = %{version} Requires: xorg-x11-server-extra %description sandbox The sandbox package contains the scripts to create graphical sandboxes. %package newrole Summary: The newrole application for RBAC/MLS Group: Productivity/Security Requires: policycoreutils = %{version} Requires(pre): permissions %description newrole RBAC/MLS policy machines require newrole as a way of changing the role or level of a logged-in user. %if 0%{?suse_version} != 1500 %package gui Summary: SELinux configuration GUI Group: Productivity/Security Requires: policycoreutils-python = %{version} Requires: python Requires: python-gnome Requires: python-gtk Requires: setools-console %description gui system-config-selinux is a utility for managing the SELinux environment. %endif %prep %setup -q -a 1 %patch4 %patch5 %patch10 -p1 %patch11 %build make %{?_smp_mflags} LSPP_PRIV=y LIBDIR="%{_libdir}" LIBEXECDIR="%{_libexecdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all make %{?_smp_mflags} -C sepolgen-%{sepolgen_ver} LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all %install mkdir -p %{buildroot}%{_localstatedir}/lib/selinux mkdir -p %{buildroot}%{_bindir} mkdir -p %{buildroot}%{_sbindir} mkdir -p %{buildroot}/sbin mkdir -p %{buildroot}%{_mandir}/man1 mkdir -p %{buildroot}%{_mandir}/man8 mkdir -p %{buildroot}%{_sysconfdir}/pam.d mkdir -p %{buildroot}%{_sysconfdir}/security/console.apps make LSPP_PRIV=y DESTDIR=%{buildroot} LIBDIR="%{buildroot}%{_libdir}" LIBEXECDIR="%{buildroot}%{_libexecdir}" INITDIR="%{buildroot}%{_initddir}" install make -C sepolgen-%{sepolgen_ver} DESTDIR=%{buildroot} LIBDIR="%{buildroot}%{_libdir}" install install -D -m 644 %{SOURCE2} %{buildroot}%{_datadir}/pixmaps/system-config-selinux.png # Don't install initscript if systemd is available rm -r %{buildroot}%{_initddir} ln -sf service %{buildroot}%{_sbindir}/rcrestorecond install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/system-config-selinux install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/selinux-polgengui install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/console.apps/system-config-selinux install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/security/console.apps/selinux-polgengui tar -jxf %{SOURCE8} -C %{buildroot}/ rm -f %{buildroot}%{_mandir}/ru/man8/genhomedircon.8.gz ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux ln -sf consolehelper %{buildroot}%{_bindir}/selinux-polgengui mkdir -p %{buildroot}%{_fillupdir}/ mv %{buildroot}/%{_sysconfdir}/sysconfig/sandbox %{buildroot}%{_fillupdir}/sysconfig.sandbox rmdir %{buildroot}/%{_sysconfdir}/sysconfig %suse_update_desktop_file -i system-config-selinux System Security Settings %suse_update_desktop_file -i sepolicy System Security Settings %suse_update_desktop_file -i selinux-polgengui System Security Settings %find_lang %{name} %fdupes -s %{buildroot}/%{_datadir} %if 0%{?suse_version} == 1500 rm %{buildroot}/etc/dbus-1/system.d/org.selinux.conf %{buildroot}/etc/pam.d/selinux-polgengui %{buildroot}/etc/pam.d/system-config-selinux %{buildroot}/etc/security/console.apps/selinux-polgengui %{buildroot}/etc/security/console.apps/system-config-selinux %{buildroot}/usr/bin/selinux-polgengui %{buildroot}/usr/bin/sepolgen %{buildroot}/usr/bin/system-config-selinux %{buildroot}/usr/share/applications/selinux-polgengui.desktop %{buildroot}/usr/share/applications/sepolicy.desktop %{buildroot}/usr/share/applications/system-config-selinux.desktop %{buildroot}/usr/share/icons/hicolor/16x16/apps/sepolicy.png %{buildroot}/usr/share/icons/hicolor/22x22/apps/sepolicy.png %{buildroot}/usr/share/icons/hicolor/24x24/apps/system-config-selinux.png %{buildroot}/usr/share/icons/hicolor/256x256/apps/sepolicy.png %{buildroot}/usr/share/icons/hicolor/32x32/apps/sepolicy.png %{buildroot}/usr/share/icons/hicolor/48x48/apps/sepolicy.png %{buildroot}/usr/share/man/man8/selinux-polgengui.8 %{buildroot}/usr/share/pixmaps/sepolicy.png %{buildroot}/usr/share/pixmaps/system-config-selinux.png %{buildroot}/usr/share/polkit-1/actions/org.selinux.config.policy %{buildroot}/usr/share/polkit-1/actions/org.selinux.policy %{buildroot}/usr/share/system-config-selinux/booleansPage.py %{buildroot}/usr/share/system-config-selinux/domainsPage.py %{buildroot}/usr/share/system-config-selinux/fcontextPage.py %{buildroot}/usr/share/system-config-selinux/html_util.py %{buildroot}/usr/share/system-config-selinux/loginsPage.py %{buildroot}/usr/share/system-config-selinux/mappingsPage.py %{buildroot}/usr/share/system-config-selinux/modulesPage.py %{buildroot}/usr/share/system-config-selinux/polgen.glade %{buildroot}/usr/share/system-config-selinux/polgengui.py %{buildroot}/usr/share/system-config-selinux/portsPage.py %{buildroot}/usr/share/system-config-selinux/selinux-polgengui.desktop %{buildroot}/usr/share/system-config-selinux/selinux_server.py %{buildroot}/usr/share/system-config-selinux/semanagePage.py %{buildroot}/usr/share/system-config-selinux/sepolicy.desktop %{buildroot}/usr/share/system-config-selinux/statusPage.py %{buildroot}/usr/share/system-config-selinux/system-config-selinux.desktop %{buildroot}/usr/share/system-config-selinux/system-config-selinux.glade %{buildroot}/usr/share/system-config-selinux/system-config-selinux.png %{buildroot}/usr/share/system-config-selinux/system-config-selinux.py %{buildroot}/usr/share/system-config-selinux/usersPage.py %{buildroot}/usr/share/man/man8/system-config-selinux.8 %endif %pre %service_add_pre restorecond.service %post %service_add_post restorecond.service %fillup_only %preun %service_del_preun restorecond.service %postun %service_del_postun restorecond.service %post python selinuxenabled && [ -f %{_datadir}/selinux/devel/include/build.conf ] && %{_bindir}/sepolgen-ifgen 2>/dev/null exit 0 %post newrole %set_permissions %{_bindir}/newrole %verifyscript %verify_permissions -e %{_bindir}/newrole %files /sbin/restorecon /sbin/fixfiles /sbin/setfiles /sbin/load_policy /sbin/restorecon_xattr %{_sbindir}/genhomedircon %{_sbindir}/load_policy %{_sbindir}/restorecond %{_sbindir}/setsebool %{_sbindir}/semodule %{_sbindir}/sestatus %{_sbindir}/run_init %{_sbindir}/open_init_pty %{_bindir}/secon %{_bindir}/semodule_deps %{_bindir}/semodule_expand %{_bindir}/semodule_link %{_bindir}/semodule_package %{_bindir}/semodule_unpackage %attr(644,root,root) %{_unitdir}/restorecond.service %config(noreplace) %{_sysconfdir}/pam.d/run_init %config(noreplace) %{_sysconfdir}/sestatus.conf %{_sbindir}/rcrestorecond %config(noreplace) %{_sysconfdir}/selinux/restorecond.conf %config(noreplace) %{_sysconfdir}/selinux/restorecond_user.conf %{_sysconfdir}/xdg/autostart/restorecond.desktop %dir %{_libexecdir}/selinux %dir %{_libexecdir}/selinux/hll %{_libexecdir}/selinux/hll/pp %{_datadir}/dbus-1/services/org.selinux.Restorecond.service %{_datadir}/dbus-1/system-services/org.selinux.service # selinux-policy Requires: policycoreutils, so we own this set of directories and our files within them %dir %{_mandir}/ru %dir %{_mandir}/ru/man1 %dir %{_mandir}/ru/man8 %{_mandir}/man8/restorecon_xattr.8%{?ext_man} %{_mandir}/man5/selinux_config.5%{?ext_man} %{_mandir}/man5/sestatus.conf.5%{?ext_man} %{_mandir}/man8/semodule_unpackage.8%{?ext_man} %{_mandir}/man8/fixfiles.8%{?ext_man} %{_mandir}/ru/man8/fixfiles.8%{?ext_man} %{_mandir}/man8/load_policy.8%{?ext_man} %{_mandir}/ru/man8/load_policy.8%{?ext_man} %{_mandir}/man8/open_init_pty.8%{?ext_man} %{_mandir}/ru/man8/open_init_pty.8%{?ext_man} %{_mandir}/man8/restorecon.8%{?ext_man} %{_mandir}/ru/man8/restorecon.8%{?ext_man} %{_mandir}/man8/restorecond.8%{?ext_man} %{_mandir}/ru/man8/restorecond.8%{?ext_man} %{_mandir}/man8/run_init.8%{?ext_man} %{_mandir}/ru/man8/run_init.8%{?ext_man} %{_mandir}/man8/semodule.8%{?ext_man} %{_mandir}/ru/man8/semodule.8%{?ext_man} %{_mandir}/man8/semodule_deps.8%{?ext_man} %{_mandir}/ru/man8/semodule_deps.8%{?ext_man} %{_mandir}/man8/semodule_expand.8%{?ext_man} %{_mandir}/ru/man8/semodule_expand.8%{?ext_man} %{_mandir}/man8/semodule_link.8%{?ext_man} %{_mandir}/ru/man8/semodule_link.8%{?ext_man} %{_mandir}/man8/semodule_package.8%{?ext_man} %{_mandir}/ru/man8/semodule_package.8%{?ext_man} %{_mandir}/man8/sestatus.8%{?ext_man} %{_mandir}/ru/man8/sestatus.8%{?ext_man} %{_mandir}/man8/setfiles.8%{?ext_man} %{_mandir}/ru/man8/setfiles.8%{?ext_man} %{_mandir}/man8/setsebool.8%{?ext_man} %{_mandir}/ru/man8/setsebool.8%{?ext_man} %{_mandir}/man1/secon.1%{?ext_man} %{_mandir}/ru/man1/secon.1%{?ext_man} %{_mandir}/man8/genhomedircon.8%{?ext_man} %files lang -f %{name}.lang %files python %{_sbindir}/semanage %{_bindir}/audit2allow %{_bindir}/audit2why %{_bindir}/chcat %{_bindir}/sandbox %{_bindir}/sepolicy %{_bindir}/sepolgen-ifgen %{_bindir}/sepolgen-ifgen-attr-helper %{python_sitearch}/seobject.py* %{python_sitearch}/sepolgen %{_prefix}/lib*/python2.7/site-packages/sepolicy %{_prefix}/lib*/python2.7/site-packages/sepolicy*.egg-info %dir %{_localstatedir}/lib/sepolgen %dir %{_localstatedir}/lib/selinux %{_localstatedir}/lib/sepolgen/perm_map %{_mandir}/man1/audit2allow.1%{?ext_man} %{_mandir}/ru/man1/audit2allow.1%{?ext_man} %{_mandir}/man1/audit2why.1%{?ext_man} %{_mandir}/man8/chcat.8%{?ext_man} %{_mandir}/ru/man8/chcat.8%{?ext_man} %{_mandir}/man8/sandbox.8%{?ext_man} %{_mandir}/man5/sandbox* %{_mandir}/man8/semanage*.8%{?ext_man} %{_mandir}/man8/sepolicy*.8%{?ext_man} %{_mandir}/man8/sepolgen.8%{?ext_man} %{_mandir}/ru/man8/semanage.8%{?ext_man} %{_datadir}/bash-completion/completions/semanage %{_datadir}/bash-completion/completions/sepolicy %{_datadir}/bash-completion/completions/setsebool %files sandbox %attr(0755,root,root) %{_sbindir}/seunshare %dir %{_datadir}/sandbox %{_datadir}/sandbox/sandboxX.sh %{_datadir}/sandbox/start %{_fillupdir}/sysconfig.sandbox %{_mandir}/man8/seunshare.8%{?ext_man} %files newrole %verify(not mode) %attr(0755,root,root) %{_bindir}/newrole %{_mandir}/man1/newrole.1%{?ext_man} %config(noreplace) %{_sysconfdir}/pam.d/newrole %if 0%{?suse_version} != 1500 %files gui %{_bindir}/system-config-selinux %{_bindir}/selinux-polgengui %{_datadir}/applications/system-config-selinux.desktop %{_datadir}/system-config-selinux/system-config-selinux.desktop %{_bindir}/sepolgen %{_datadir}/applications/selinux-polgengui.desktop %{_datadir}/applications/sepolicy.desktop %{_datadir}/system-config-selinux/selinux-polgengui.desktop %{_datadir}/system-config-selinux/sepolicy.desktop #%dir %{_datadir}/icons #%dir %{_datadir}/icons/hicolor #%dir %{_datadir}/icons/hicolor/24x24 #%dir %{_datadir}/icons/hicolor/24x24/apps %{_datadir}/icons/hicolor/24x24/apps/system-config-selinux.png %{_datadir}/icons/hicolor/16x16/apps/sepolicy.png %{_datadir}/icons/hicolor/22x22/apps/sepolicy.png %{_datadir}/icons/hicolor/256x256/apps/sepolicy.png %{_datadir}/icons/hicolor/32x32/apps/sepolicy.png %{_datadir}/icons/hicolor/48x48/apps/sepolicy.png %{_datadir}/pixmaps/sepolicy.png %{_datadir}/pixmaps/system-config-selinux.png %{_datadir}/polkit-1/actions/org.selinux.config.policy %{_datadir}/polkit-1/actions/org.selinux.policy %dir %{_datadir}/system-config-selinux #%dir %{_datadir}/system-config-selinux/templates %{_datadir}/system-config-selinux/system-config-selinux.png %{_datadir}/system-config-selinux/*.py* #%{_datadir}/system-config-selinux/selinux.tbl %{_datadir}/system-config-selinux/*.glade %{_mandir}/man8/selinux-polgengui.8%{?ext_man} %{_mandir}/man8/system-config-selinux.8%{?ext_man} #%%{_datadir}/system-config-selinux/templates/*.py* %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.selinux.conf %config(noreplace) %{_sysconfdir}/pam.d/system-config-selinux %config(noreplace) %{_sysconfdir}/pam.d/selinux-polgengui %dir %{_sysconfdir}/security/console.apps %config(noreplace) %{_sysconfdir}/security/console.apps/selinux-polgengui %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-selinux %endif %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
