3 %bcond_without python # Python (any) bindings
4 %bcond_without python2 # Python 2 binding
5 %bcond_without python3 # Python 3 binding
6 %bcond_without ruby # Ruby binding
10 %undefine with_python3
14 Summary: SELinux library and simple utilities
15 Summary(pl.UTF-8): Biblioteka SELinux i proste narzędzia
19 License: Public Domain
21 #Source0Download: https://github.com/SELinuxProject/selinux/wiki/Releases
22 Source0: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20161014/%{name}-%{version}.tar.gz
23 # Source0-md5: 0e066ba6d6e590ba4b53eed64905d901
24 Patch0: %{name}-vcontext-selinux.patch
25 URL: https://github.com/SELinuxProject/selinux/wiki
26 %ifarch ppc ppc64 sparc sparcv9 sparc64
27 BuildRequires: gcc >= 5:3.4
29 BuildRequires: gcc >= 5:3.2
31 BuildRequires: glibc-devel >= 6:2.3
32 BuildRequires: libsepol-devel >= %{sepol_ver}
33 %{?with_python:BuildRequires: libsepol-static >= %{sepol_ver}}
34 BuildRequires: pcre-devel
35 BuildRequires: pkgconfig
36 %{?with_python2:BuildRequires: python-devel >= 2}
37 %{?with_python3:BuildRequires: python3-devel >= 1:3.2}
38 %{?with_python:BuildRequires: rpm-pythonprov}
39 BuildRequires: rpmbuild(macros) >= 1.714
40 %{?with_ruby:BuildRequires: ruby-devel >= 1.9}
41 BuildRequires: sed >= 4.0
42 %{?with_python:BuildRequires: swig-python}
43 %{?with_ruby:BuildRequires: swig-ruby}
45 Requires: libsepol >= %{sepol_ver}
46 Obsoletes: selinux-libs
47 Conflicts: SysVinit < 2.86-4
49 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
52 Security-enhanced Linux is a patch of the Linux kernel and a number of
53 utilities with enhanced security functionality designed to add
54 mandatory access controls to Linux. The Security-enhanced Linux kernel
55 contains new architectural components originally developed to improve
56 the security of the Flask operating system. These architectural
57 components provide general support for the enforcement of many kinds
58 of mandatory access control policies, including those based on the
59 concepts of Type Enforcement, Role-based Access Control, and
62 libselinux provides an API for SELinux applications to get and set
63 process and file security contexts and to obtain security policy
64 decisions. Required for any applications that use the SELinux API.
66 %description -l pl.UTF-8
67 Security-enhanced Linux jest prototypem jądra Linuksa i wielu
68 aplikacji użytkowych o funkcjach podwyższonego bezpieczeństwa.
69 Zaprojektowany jest tak, aby w prosty sposób ukazać znaczenie
70 obowiązkowej kontroli dostępu dla społeczności linuksowej. Ukazuje
71 również jak taką kontrolę można dodać do istniejącego systemu typu
72 Linux. Jądro SELinux zawiera nowe składniki architektury pierwotnie
73 opracowane w celu ulepszenia bezpieczeństwa systemu operacyjnego
74 Flask. Te elementy zapewniają ogólne wsparcie we wdrażaniu wielu typów
75 polityk obowiązkowej kontroli dostępu, włączając te wzorowane na: Type
76 Enforcement (TE), kontroli dostępu opartej na rolach (RBAC) i
77 zabezpieczeniach wielopoziomowych.
79 libselinux dostarcza API dla aplikacji SELinux aby mogły pobierać i
80 ustawiać procesy i konteksty plików w celu korzystania z polityki
81 bezpieczeństwa. Biblioteka jest wymagana przez wszystkie aplikacje,
82 które używają API SELinux.
85 Summary: Header files and devel documentation
86 Summary(pl.UTF-8): Pliki nagłówkowe i dokumentacja programistyczna
87 Group: Development/Libraries
88 Requires: %{name} = %{version}-%{release}
89 Requires: libsepol-devel >= %{sepol_ver}
90 Obsoletes: selinux-libs-devel
93 Header files and devel documentation for SELinux libraries.
95 %description devel -l pl.UTF-8
96 Pliki nagłówkowe i dokumentacja programistyczna bibliotek SELinux.
99 Summary: Static SELinux library
100 Summary(pl.UTF-8): Biblioteki statyczne SELinux
101 Group: Development/Libraries
102 Requires: %{name}-devel = %{version}-%{release}
103 Obsoletes: selinux-static
106 SELinux static libraries.
108 %description static -l pl.UTF-8
109 Biblioteki statyczne SELinux.
112 Summary: SELinux utils
113 Summary(pl.UTF-8): Narzędzia SELinux
114 Group: Applications/System
115 Requires: %{name} = %{version}-%{release}
116 Obsoletes: selinux-utils
121 %description utils -l pl.UTF-8
124 %package -n python-selinux
125 Summary: Python 2 binding for SELinux library
126 Summary(pl.UTF-8): Wiązania Pythona 2 do biblioteki SELinux
127 Group: Libraries/Python
128 Requires: %{name} = %{version}-%{release}
130 %description -n python-selinux
131 Python 2 binding for SELinux library.
133 %description -n python-selinux -l pl.UTF-8
134 Wiązania Pythona 2 do biblioteki SELinux.
136 %package -n python3-selinux
137 Summary: Python 3 binding for SELinux library
138 Summary(pl.UTF-8): Wiązania Pythona 3 do biblioteki SELinux
139 Group: Libraries/Python
140 Requires: %{name} = %{version}-%{release}
142 %description -n python3-selinux
143 Python 3 binding for SELinux library.
145 %description -n python3-selinux -l pl.UTF-8
146 Wiązania Pythona 3 do biblioteki SELinux.
148 %package -n ruby-selinux
149 Summary: Ruby binding for SELinux library
150 Summary(pl.UTF-8): Wiązania języka Ruby do biblioteki SELinux
151 Group: Development/Languages
152 Requires: %{name} = %{version}-%{release}
154 %description -n ruby-selinux
155 Ruby binding for SELinux library.
157 %description -n ruby-selinux -l pl.UTF-8
158 Wiązania języka Ruby do biblioteki SELinux.
164 # "-z defs" doesn't mix with --as-needed when some object needs symbols from
165 # ld.so (because of __thread variable in this case)
166 %{__sed} -i -e 's/-z,defs,//' src/Makefile
169 %{__make} -j1 all %{?with_python2:pywrap} %{?with_ruby:rubywrap} \
171 CFLAGS="%{rpmcppflags} %{rpmcflags} -D_FILE_OFFSET_BITS=64" \
172 LDFLAGS="%{rpmldflags} -lpcre -lpthread" \
175 PYSITEDIR=%{py_sitedir} \
177 %{?with_ruby:RUBYINC="$(pkg-config --cflags ruby-%{ruby_abi})"}
180 %{__make} -j1 -C src pywrap \
182 CFLAGS="%{rpmcppflags} %{rpmcflags} -D_FILE_OFFSET_BITS=64" \
183 LDFLAGS="%{rpmldflags} -lpthread" \
186 PYSITEDIR=%{py3_sitedir} \
191 rm -rf $RPM_BUILD_ROOT
193 %{__make} install %{?with_python2:install-pywrap} %{?with_ruby:install-rubywrap} \
194 LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
195 SHLIBDIR=$RPM_BUILD_ROOT/%{_lib} \
197 PYSITEDIR=$RPM_BUILD_ROOT%{py_sitedir} \
199 RUBYINSTALL=$RPM_BUILD_ROOT%{ruby_vendorarchdir} \
200 DESTDIR=$RPM_BUILD_ROOT
202 # make symlink across / absolute
203 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libselinux.so.*) \
204 $RPM_BUILD_ROOT%{_libdir}/libselinux.so
207 %py_comp $RPM_BUILD_ROOT%{py_sitedir}/selinux
208 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}/selinux
213 %{__make} -C src install-pywrap \
214 DESTDIR=$RPM_BUILD_ROOT \
215 LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
217 PYSITEDIR=$RPM_BUILD_ROOT%{py3_sitedir} \
220 %py3_comp $RPM_BUILD_ROOT%{py3_sitedir}/selinux
221 %py3_ocomp $RPM_BUILD_ROOT%{py3_sitedir}/selinux
225 rm -rf $RPM_BUILD_ROOT
227 %post -p /sbin/ldconfig
228 %postun -p /sbin/ldconfig
231 %defattr(644,root,root,755)
232 %doc ChangeLog LICENSE
233 %attr(755,root,root) /%{_lib}/libselinux.so.*
234 %{_mandir}/man5/booleans.5*
235 %{_mandir}/man5/customizable_types.5*
236 %{_mandir}/man5/default_contexts.5*
237 %{_mandir}/man5/default_type.5*
238 %{_mandir}/man5/failsafe_context.5*
239 %{_mandir}/man5/file_contexts.homedirs.5*
240 %{_mandir}/man5/file_contexts.local.5
241 %{_mandir}/man5/file_contexts.subs.5
242 %{_mandir}/man5/file_contexts.subs_dist.5
243 %{_mandir}/man5/local.users.5*
244 %{_mandir}/man5/removable_context.5*
245 %{_mandir}/man5/secolor.conf.5*
246 %{_mandir}/man5/securetty_types.5*
247 %{_mandir}/man5/service_seusers.5*
248 %{_mandir}/man5/seusers.5*
249 %{_mandir}/man5/user_contexts.5*
250 %{_mandir}/man5/virtual_domain_context.5*
251 %{_mandir}/man5/virtual_image_context.5*
254 %defattr(644,root,root,755)
255 %attr(755,root,root) %{_libdir}/libselinux.so
256 %{_pkgconfigdir}/libselinux.pc
257 %{_includedir}/selinux
258 %{_mandir}/man3/avc_*.3*
259 %{_mandir}/man3/checkPasswdAccess.3*
260 %{_mandir}/man3/context_*.3*
261 %{_mandir}/man3/fgetfilecon*.3*
262 %{_mandir}/man3/fini_selinuxmnt.3*
263 %{_mandir}/man3/freecon*.3*
264 %{_mandir}/man3/fsetfilecon*.3*
265 %{_mandir}/man3/get_default_context*.3*
266 %{_mandir}/man3/get_default_type.3*
267 %{_mandir}/man3/get_ordered_context_list*.3*
268 %{_mandir}/man3/getcon*.3*
269 %{_mandir}/man3/getexeccon*.3*
270 %{_mandir}/man3/getfilecon*.3*
271 %{_mandir}/man3/getfscreatecon*.3*
272 %{_mandir}/man3/getkeycreatecon*.3*
273 %{_mandir}/man3/getpeercon*.3*
274 %{_mandir}/man3/getpidcon*.3*
275 %{_mandir}/man3/getprevcon*.3*
276 %{_mandir}/man3/getseuserbyname.3*
277 %{_mandir}/man3/getsockcreatecon*.3*
278 %{_mandir}/man3/init_selinuxmnt.3*
279 %{_mandir}/man3/is_context_customizable.3*
280 %{_mandir}/man3/is_selinux_*.3*
281 %{_mandir}/man3/lgetfilecon*.3*
282 %{_mandir}/man3/lsetfilecon*.3*
283 %{_mandir}/man3/manual_user_enter_context.3*
284 %{_mandir}/man3/matchmediacon.3*
285 %{_mandir}/man3/matchpathcon*.3*
286 %{_mandir}/man3/mode_to_security_class.3*
287 %{_mandir}/man3/print_access_vector.3*
288 %{_mandir}/man3/query_user_context.3*
289 %{_mandir}/man3/rpm_execcon.3*
290 %{_mandir}/man3/security_*.3*
291 %{_mandir}/man3/selabel_*.3*
292 %{_mandir}/man3/selinux_*.3*
293 %{_mandir}/man3/set_matchpathcon_*.3*
294 %{_mandir}/man3/set_selinuxmnt.3*
295 %{_mandir}/man3/setcon*.3*
296 %{_mandir}/man3/setexeccon*.3*
297 %{_mandir}/man3/setfilecon*.3*
298 %{_mandir}/man3/setfscreatecon*.3*
299 %{_mandir}/man3/setkeycreatecon*.3*
300 %{_mandir}/man3/setsockcreatecon*.3*
301 %{_mandir}/man3/sidget.3*
302 %{_mandir}/man3/sidput.3*
303 %{_mandir}/man3/string_to_av_perm.3*
304 %{_mandir}/man3/string_to_security_class.3*
305 %{_mandir}/man5/file_contexts.5*
306 %{_mandir}/man5/media.5*
307 %{_mandir}/man5/selabel_*.5*
308 %{_mandir}/man5/sepgsql_contexts.5*
309 %{_mandir}/man5/x_contexts.5*
312 %defattr(644,root,root,755)
313 %{_libdir}/libselinux.a
316 %defattr(644,root,root,755)
317 %attr(755,root,root) %{_sbindir}/avcstat
318 %attr(755,root,root) %{_sbindir}/compute_*
319 %attr(755,root,root) %{_sbindir}/getconlist
320 %attr(755,root,root) %{_sbindir}/getdefaultcon
321 %attr(755,root,root) %{_sbindir}/getenforce
322 %attr(755,root,root) %{_sbindir}/getfilecon
323 %attr(755,root,root) %{_sbindir}/getpidcon
324 %attr(755,root,root) %{_sbindir}/getsebool
325 %attr(755,root,root) %{_sbindir}/getseuser
326 %attr(755,root,root) %{_sbindir}/matchpathcon
327 %attr(755,root,root) %{_sbindir}/policyvers
328 %attr(755,root,root) %{_sbindir}/selabel_digest
329 %attr(755,root,root) %{_sbindir}/selabel_lookup
330 %attr(755,root,root) %{_sbindir}/selabel_lookup_best_match
331 %attr(755,root,root) %{_sbindir}/selabel_partial_match
332 %attr(755,root,root) %{_sbindir}/selinux*
333 %attr(755,root,root) %{_sbindir}/setenforce
334 %attr(755,root,root) %{_sbindir}/sefcontext_compile
335 %attr(755,root,root) %{_sbindir}/setfilecon
336 %attr(755,root,root) %{_sbindir}/togglesebool
337 %{_mandir}/man8/avcstat.8*
338 %{_mandir}/man8/booleans.8*
339 %{_mandir}/man8/getenforce.8*
340 %{_mandir}/man8/getsebool.8*
341 %{_mandir}/man8/matchpathcon.8*
342 %{_mandir}/man8/sefcontext_compile.8*
343 %{_mandir}/man8/selinux*.8*
344 %{_mandir}/man8/setenforce.8*
345 %{_mandir}/man8/togglesebool.8*
348 %files -n python-selinux
349 %defattr(644,root,root,755)
350 %dir %{py_sitedir}/selinux
351 %attr(755,root,root) %{py_sitedir}/_selinux.so
352 %attr(755,root,root) %{py_sitedir}/selinux/audit2why.so
353 %{py_sitedir}/selinux/__init__.py[co]
357 %files -n python3-selinux
358 %defattr(644,root,root,755)
359 %dir %{py3_sitedir}/selinux
360 %attr(755,root,root) %{py3_sitedir}/_selinux.so
361 %attr(755,root,root) %{py3_sitedir}/selinux/audit2why.so
362 %{py3_sitedir}/selinux/__init__.py
363 %{py3_sitedir}/selinux/__pycache__
367 %files -n ruby-selinux
368 %defattr(644,root,root,755)
369 %attr(755,root,root) %{ruby_vendorarchdir}/selinux.so