--- /dev/null
+--- restorecond-2.7/restorecond.init.orig 2017-08-04 15:31:00.000000000 +0200
++++ restorecond-2.7/restorecond.init 2017-11-17 20:25:02.319336381 +0100
+@@ -26,35 +26,41 @@
+ # Source function library.
+ . /etc/rc.d/init.d/functions
+
++[ -f /etc/sysconfig/restorecond ] && . /etc/sysconfig/restorecond
++
+ [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 7
+
+ # Check that we are root ... so non-root users stop here
+ test $EUID = 0 || exit 4
+
+-test -x /usr/sbin/restorecond || exit 5
+ test -f /etc/selinux/restorecond.conf || exit 6
+
+ RETVAL=0
+
+ start()
+ {
+- echo -n $"Starting restorecond: "
++ if [ -f /var/lock/subsys/restorecond ]; then
++ msg_already_running "restorecond"
++ return
++ fi
++ msg_starting "restorecond"
+ unset HOME MAIL USER USERNAME
+- daemon /usr/sbin/restorecond
++ daemon /usr/sbin/restorecond
+ RETVAL=$?
+- touch /var/lock/subsys/restorecond
+- echo
+- return $RETVAL
++ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/restorecond
+ }
+
+ stop()
+ {
+- echo -n $"Shutting down restorecond: "
++ if [ ! -f /var/lock/subsys/restorecond ]; then
++ msg_not_running "restorecond"
++ return
++ fi
++
++ msg_stopping "restorecond"
+ killproc restorecond
+ RETVAL=$?
+ rm -f /var/lock/subsys/restorecond
+- echo
+- return $RETVAL
+ }
+
+ restart()
+@@ -63,6 +69,16 @@
+ start
+ }
+
++condrestart()
++{
++ if [ ! -f /var/lock/subsys/restorecond ]; then
++ msg_not_running "restorecond"
++ RETVAL=$1
++ return
++ fi
++ restart
++}
++
+ # See how we were called.
+ case "$1" in
+ start)
+@@ -75,14 +91,17 @@
+ status restorecond
+ RETVAL=$?
+ ;;
+- force-reload|restart|reload)
++ restart)
+ restart
+ ;;
+- condrestart)
+- [ -e /var/lock/subsys/restorecond ] && restart || :
++ force-reload)
++ condrestart 7
++ ;;
++ try-restart|condrestart)
++ condrestart 0
+ ;;
+ *)
+- echo $"Usage: $0 {start|stop|restart|force-reload|status|condrestart}"
++ msg_usage "$0 {start|stop|restart|try-restart|force-reload|status}"
+ RETVAL=3
+ esac
+
--- /dev/null
+%include /usr/lib/rpm/macros.perl
+Summary: restorecond - daemon which corrects contexts of newly created files
+Summary(pl.UTF-8): restorecond - demon poprawiający konteksty nowo tworzonych plików
+Name: selinux-restorecond
+Version: 2.7
+Release: 1
+License: GPL v2+
+Group: Daemons
+#Source0Download: https://github.com/SELinuxProject/selinux/wiki/Releases
+Source0: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/restorecond-%{version}.tar.gz
+# Source0-md5: 46f8ad0a37f955ef148d4e19b8cc8b1f
+Patch0: restorecond-init.patch
+URL: https://github.com/SELinuxProject/selinux/wiki
+BuildRequires: dbus-glib-devel
+BuildRequires: glibc-devel >= 6:2.4
+BuildRequires: pkgconfig
+BuildRequires: pcre-devel
+BuildRequires: libselinux-devel >= 2.7
+Requires(post,preun): /sbin/chkconfig
+Requires: libselinux >= 2.7
+Requires: rc-scripts
+Obsoletes: policycoreutils-restorecond < 2.7
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+Security-enhanced Linux is a patch of the Linux kernel and a number of
+utilities with enhanced security functionality designed to add
+mandatory access controls to Linux. The Security-enhanced Linux kernel
+contains new architectural components originally developed to improve
+the security of the Flask operating system. These architectural
+components provide general support for the enforcement of many kinds
+of mandatory access control policies, including those based on the
+concepts of Type Enforcement, Role-based Access Control, and
+Multi-level Security.
+
+restorecond daemon uses inotify to watch files listed in the
+/etc/selinux/restorecond.conf, when they are created, this daemon will
+make sure they have the correct file context associated with the
+policy.
+
+%description -l pl.UTF-8
+Security-enhanced Linux jest prototypem jądra Linuksa i wielu
+aplikacji użytkowych o funkcjach podwyższonego bezpieczeństwa.
+Zaprojektowany jest tak, aby w prosty sposób ukazać znaczenie
+obowiązkowej kontroli dostępu dla społeczności linuksowej. Ukazuje
+również jak taką kontrolę można dodać do istniejącego systemu typu
+Linux. Jądro SELinux zawiera nowe składniki architektury pierwotnie
+opracowane w celu ulepszenia bezpieczeństwa systemu operacyjnego
+Flask. Te elementy zapewniają ogólne wsparcie we wdrażaniu wielu typów
+polityk obowiązkowej kontroli dostępu, włączając te wzorowane na: Type
+Enforcement (TE), kontroli dostępu opartej na rolach (RBAC) i
+zabezpieczeniach wielopoziomowych.
+
+Demon restorecond używa inotify do śledzenia plików wymienionych w
+pliku /etc/selinux/restorecond.conf, aby przy ich tworzeniu upewnić
+się, że mają przypisane właściwe konteksty plików z polityki.
+
+%prep
+%setup -q -n restorecond-%{version}
+%patch0 -p1
+
+%build
+CFLAGS="%{rpmcflags} %{rpmcppflags} -Wall -W" \
+%{__make} \
+ CC="%{__cc}" \
+ LDFLAGS="%{rpmldflags}"
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%{__make} install \
+ DESTDIR=$RPM_BUILD_ROOT \
+ MANDIR=$RPM_BUILD_ROOT%{_mandir} \
+ SYSTEMDDIR=$RPM_BUILD_ROOT/lib/systemd
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+/sbin/chkconfig --add restorecond
+%service restorecond restart
+
+%preun
+if [ "$1" = "0" ]; then
+ %service restorecond stop
+ /sbin/chkconfig --del restorecond
+fi
+
+%files
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_sbindir}/restorecond
+%attr(754,root,root) /etc/rc.d/init.d/restorecond
+%{systemdunitdir}/restorecond.service
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/selinux/restorecond.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/selinux/restorecond_user.conf
+%{_mandir}/man8/restorecond.8*
+%{_sysconfdir}/xdg/autostart/restorecond.desktop
+%{_datadir}/dbus-1/services/org.selinux.Restorecond.service
projects / packages / selinux-restorecond.git / commitdiff