projects / packages / selinux-sandbox.git / blame
| Commit | Line | Data |
|---|---|---|
| caf1e72f JB |
1 | # TODO: install and package init script? |
| 2 | Summary: SELinux sandbox utilities | |
| 3 | Summary(pl.UTF-8): Narzędzia do obsługi piaskownic SELinuksa | |
| 4 | Name: selinux-sandbox | |
| 5 | Version: 2.7 | |
| 6 | Release: 1 | |
| 7 | License: GPL v2 | |
| 8 | Group: Applications/System | |
| 9 | #Source0Download: https://github.com/SELinuxProject/selinux/wiki/Releases | |
| 10 | Source0: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/%{name}-%{version}.tar.gz | |
| 11 | # Source0-md5: 7360e9dc7b1757b7f82face655982bfa | |
| 12 | Patch0: %{name}-init.patch | |
| 13 | URL: https://github.com/SELinuxProject/selinux/wiki | |
| 14 | BuildRequires: libcap-ng-devel | |
| 15 | BuildRequires: libselinux-devel >= 2.7 | |
| 16 | BuildRequires: rpm-pythonprov | |
| 17 | Requires: libselinux >= 2.7 | |
| 18 | # uses "policycoreutils" translations domain | |
| 19 | Requires: policycoreutils >= 2.7 | |
| 20 | Requires: python-selinux >= 2.7 | |
| 21 | Requires: python-sepolicy >= 2.7 | |
| 22 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
| 23 | ||
| 24 | %description | |
| 25 | Security-enhanced Linux is a patch of the Linux kernel and a number of | |
| 26 | utilities with enhanced security functionality designed to add | |
| 27 | mandatory access controls to Linux. The Security-enhanced Linux kernel | |
| 28 | contains new architectural components originally developed to improve | |
| 29 | the security of the Flask operating system. These architectural | |
| 30 | components provide general support for the enforcement of many kinds | |
| 31 | of mandatory access control policies, including those based on the | |
| 32 | concepts of Type Enforcement, Role-based Access Control, and | |
| 33 | Multi-level Security. | |
| 34 | ||
| 35 | This package contains SELinux sandbox utilities. | |
| 36 | ||
| 37 | %description -l pl.UTF-8 | |
| 38 | Security-enhanced Linux jest prototypem jądra Linuksa i wielu | |
| 39 | aplikacji użytkowych o funkcjach podwyższonego bezpieczeństwa. | |
| 40 | Zaprojektowany jest tak, aby w prosty sposób ukazać znaczenie | |
| 41 | obowiązkowej kontroli dostępu dla społeczności linuksowej. Ukazuje | |
| 42 | również jak taką kontrolę można dodać do istniejącego systemu typu | |
| 43 | Linux. Jądro SELinux zawiera nowe składniki architektury pierwotnie | |
| 44 | opracowane w celu ulepszenia bezpieczeństwa systemu operacyjnego | |
| 45 | Flask. Te elementy zapewniają ogólne wsparcie we wdrażaniu wielu typów | |
| 46 | polityk obowiązkowej kontroli dostępu, włączając te wzorowane na: Type | |
| 47 | Enforcement (TE), kontroli dostępu opartej na rolach (RBAC) i | |
| 48 | zabezpieczeniach wielopoziomowych. | |
| 49 | ||
| 50 | Ten pakiet zawiera narzędzia do obsługi piaskownic SELinuksa. | |
| 51 | ||
| 52 | %prep | |
| 53 | %setup -q | |
| 54 | %patch0 -p1 | |
| 55 | ||
| 56 | %build | |
| 57 | CFLAGS="%{rpmcflags} %{rpmcppflags}" \ | |
| 58 | %{__make} \ | |
| 59 | CC="%{__cc}" \ | |
| 60 | LDFLAGS="%{rpmldflags}" | |
| 61 | ||
| 62 | %install | |
| 63 | rm -rf $RPM_BUILD_ROOT | |
| 64 | ||
| 65 | %{__make} install \ | |
| 66 | DESTDIR=$RPM_BUILD_ROOT | |
| 67 | ||
| 68 | #install -Dp sandbox.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sandbox | |
| 69 | ||
| 70 | %clean | |
| 71 | rm -rf $RPM_BUILD_ROOT | |
| 72 | ||
| 73 | %files | |
| 74 | %defattr(644,root,root,755) | |
| 75 | %attr(755,root,root) %{_bindir}/sandbox | |
| 76 | %attr(755,root,root) %{_sbindir}/seunshare | |
| 77 | #%attr(754,root,root) /etc/rc.d/init.d/sandbox | |
| 78 | %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/sandbox | |
| 79 | %dir %{_datadir}/sandbox | |
| 80 | %attr(755,root,root) %{_datadir}/sandbox/*.sh | |
| 81 | %attr(755,root,root) %{_datadir}/sandbox/start | |
| 82 | %{_mandir}/man5/sandbox.5* | |
| 83 | %{_mandir}/man8/sandbox.8* | |
| 84 | %{_mandir}/man8/seunshare.8* |