3 %bcond_without python # Python (any) bindings
4 %bcond_without python2 # Python 2 binding
5 %bcond_without python3 # Python 3 binding
6 %bcond_without ruby # Ruby binding
10 %undefine with_python3
14 Summary: SELinux library and simple utilities
15 Summary(pl.UTF-8): Biblioteka SELinux i proste narzędzia
19 License: Public Domain
21 #Source0Download: https://github.com/SELinuxProject/selinux/wiki/Releases
22 Source0: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/%{name}-%{version}.tar.gz
23 # Source0-md5: 1d48ee4e9fadd76794d70c806b69ba7d
24 Patch0: %{name}-vcontext-selinux.patch
25 URL: https://github.com/SELinuxProject/selinux/wiki
26 %ifarch ppc ppc64 sparc sparcv9 sparc64
27 BuildRequires: gcc >= 5:3.4
29 BuildRequires: gcc >= 5:3.2
31 BuildRequires: glibc-devel >= 6:2.3
32 BuildRequires: libsepol-devel >= %{sepol_ver}
33 %{?with_python:BuildRequires: libsepol-static >= %{sepol_ver}}
34 BuildRequires: pcre-devel
35 BuildRequires: pkgconfig
36 %{?with_python2:BuildRequires: python-devel >= 2}
37 %{?with_python3:BuildRequires: python3-devel >= 1:3.2}
38 %{?with_python:BuildRequires: rpm-pythonprov}
39 BuildRequires: rpmbuild(macros) >= 1.714
40 %{?with_ruby:BuildRequires: ruby-devel >= 1.9}
41 BuildRequires: sed >= 4.0
42 %{?with_python:BuildRequires: swig-python}
43 %{?with_ruby:BuildRequires: swig-ruby}
45 Requires: libsepol >= %{sepol_ver}
46 Obsoletes: selinux-libs
47 Conflicts: SysVinit < 2.86-4
49 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
52 Security-enhanced Linux is a patch of the Linux kernel and a number of
53 utilities with enhanced security functionality designed to add
54 mandatory access controls to Linux. The Security-enhanced Linux kernel
55 contains new architectural components originally developed to improve
56 the security of the Flask operating system. These architectural
57 components provide general support for the enforcement of many kinds
58 of mandatory access control policies, including those based on the
59 concepts of Type Enforcement, Role-based Access Control, and
62 libselinux provides an API for SELinux applications to get and set
63 process and file security contexts and to obtain security policy
64 decisions. Required for any applications that use the SELinux API.
66 %description -l pl.UTF-8
67 Security-enhanced Linux jest prototypem jądra Linuksa i wielu
68 aplikacji użytkowych o funkcjach podwyższonego bezpieczeństwa.
69 Zaprojektowany jest tak, aby w prosty sposób ukazać znaczenie
70 obowiązkowej kontroli dostępu dla społeczności linuksowej. Ukazuje
71 również jak taką kontrolę można dodać do istniejącego systemu typu
72 Linux. Jądro SELinux zawiera nowe składniki architektury pierwotnie
73 opracowane w celu ulepszenia bezpieczeństwa systemu operacyjnego
74 Flask. Te elementy zapewniają ogólne wsparcie we wdrażaniu wielu typów
75 polityk obowiązkowej kontroli dostępu, włączając te wzorowane na: Type
76 Enforcement (TE), kontroli dostępu opartej na rolach (RBAC) i
77 zabezpieczeniach wielopoziomowych.
79 libselinux dostarcza API dla aplikacji SELinux aby mogły pobierać i
80 ustawiać procesy i konteksty plików w celu korzystania z polityki
81 bezpieczeństwa. Biblioteka jest wymagana przez wszystkie aplikacje,
82 które używają API SELinux.
85 Summary: Header files and devel documentation
86 Summary(pl.UTF-8): Pliki nagłówkowe i dokumentacja programistyczna
87 Group: Development/Libraries
88 Requires: %{name} = %{version}-%{release}
89 Requires: libsepol-devel >= %{sepol_ver}
90 Obsoletes: selinux-libs-devel
93 Header files and devel documentation for SELinux libraries.
95 %description devel -l pl.UTF-8
96 Pliki nagłówkowe i dokumentacja programistyczna bibliotek SELinux.
99 Summary: Static SELinux library
100 Summary(pl.UTF-8): Biblioteki statyczne SELinux
101 Group: Development/Libraries
102 Requires: %{name}-devel = %{version}-%{release}
103 Obsoletes: selinux-static
106 SELinux static libraries.
108 %description static -l pl.UTF-8
109 Biblioteki statyczne SELinux.
112 Summary: SELinux utils
113 Summary(pl.UTF-8): Narzędzia SELinux
114 Group: Applications/System
115 Requires: %{name} = %{version}-%{release}
116 Obsoletes: selinux-utils
121 %description utils -l pl.UTF-8
124 %package -n python-selinux
125 Summary: Python 2 binding for SELinux library
126 Summary(pl.UTF-8): Wiązania Pythona 2 do biblioteki SELinux
127 Group: Libraries/Python
128 Requires: %{name} = %{version}-%{release}
130 %description -n python-selinux
131 Python 2 binding for SELinux library.
133 %description -n python-selinux -l pl.UTF-8
134 Wiązania Pythona 2 do biblioteki SELinux.
136 %package -n python3-selinux
137 Summary: Python 3 binding for SELinux library
138 Summary(pl.UTF-8): Wiązania Pythona 3 do biblioteki SELinux
139 Group: Libraries/Python
140 Requires: %{name} = %{version}-%{release}
142 %description -n python3-selinux
143 Python 3 binding for SELinux library.
145 %description -n python3-selinux -l pl.UTF-8
146 Wiązania Pythona 3 do biblioteki SELinux.
148 %package -n ruby-selinux
149 Summary: Ruby binding for SELinux library
150 Summary(pl.UTF-8): Wiązania języka Ruby do biblioteki SELinux
151 Group: Development/Languages
152 Requires: %{name} = %{version}-%{release}
154 %description -n ruby-selinux
155 Ruby binding for SELinux library.
157 %description -n ruby-selinux -l pl.UTF-8
158 Wiązania języka Ruby do biblioteki SELinux.
164 # "-z defs" doesn't mix with --as-needed when some object needs symbols from
165 # ld.so (because of __thread variable in this case)
166 %{__sed} -i -e 's/-z,defs,//' src/Makefile
169 %{__make} -j1 all %{?with_python2:pywrap} %{?with_ruby:rubywrap} \
171 CFLAGS="%{rpmcppflags} %{rpmcflags} -D_FILE_OFFSET_BITS=64" \
172 LDFLAGS="%{rpmldflags} -lpcre -lpthread" \
175 PYSITEDIR=%{py_sitedir} \
177 %{?with_ruby:RUBYINC="$(pkg-config --cflags ruby-%{ruby_abi})"}
180 %{__make} -j1 -C src pywrap \
182 CFLAGS="%{rpmcppflags} %{rpmcflags} -D_FILE_OFFSET_BITS=64" \
183 LDFLAGS="%{rpmldflags} -lpthread" \
186 PYSITEDIR=%{py3_sitedir} \
191 rm -rf $RPM_BUILD_ROOT
193 %{__make} install %{?with_python2:install-pywrap} %{?with_ruby:install-rubywrap} \
194 LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
195 SHLIBDIR=$RPM_BUILD_ROOT/%{_lib} \
196 LIBSEPOLA=%{_libdir}/libsepol.a \
198 PYSITEDIR=$RPM_BUILD_ROOT%{py_sitedir} \
200 RUBYINSTALL=$RPM_BUILD_ROOT%{ruby_vendorarchdir} \
201 DESTDIR=$RPM_BUILD_ROOT
203 # make symlink across / absolute
204 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libselinux.so.*) \
205 $RPM_BUILD_ROOT%{_libdir}/libselinux.so
208 %py_comp $RPM_BUILD_ROOT%{py_sitedir}/selinux
209 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}/selinux
214 %{__make} -C src install-pywrap \
215 DESTDIR=$RPM_BUILD_ROOT \
216 LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
217 LIBSEPOLA=%{_libdir}/libsepol.a \
219 PYSITEDIR=$RPM_BUILD_ROOT%{py3_sitedir} \
222 %py3_comp $RPM_BUILD_ROOT%{py3_sitedir}/selinux
223 %py3_ocomp $RPM_BUILD_ROOT%{py3_sitedir}/selinux
227 rm -rf $RPM_BUILD_ROOT
229 %post -p /sbin/ldconfig
230 %postun -p /sbin/ldconfig
233 %defattr(644,root,root,755)
235 %attr(755,root,root) /%{_lib}/libselinux.so.*
236 %{_mandir}/man5/booleans.5*
237 %{_mandir}/man5/customizable_types.5*
238 %{_mandir}/man5/default_contexts.5*
239 %{_mandir}/man5/default_type.5*
240 %{_mandir}/man5/failsafe_context.5*
241 %{_mandir}/man5/file_contexts.homedirs.5*
242 %{_mandir}/man5/file_contexts.local.5
243 %{_mandir}/man5/file_contexts.subs.5
244 %{_mandir}/man5/file_contexts.subs_dist.5
245 %{_mandir}/man5/local.users.5*
246 %{_mandir}/man5/removable_context.5*
247 %{_mandir}/man5/secolor.conf.5*
248 %{_mandir}/man5/securetty_types.5*
249 %{_mandir}/man5/service_seusers.5*
250 %{_mandir}/man5/seusers.5*
251 %{_mandir}/man5/user_contexts.5*
252 %{_mandir}/man5/virtual_domain_context.5*
253 %{_mandir}/man5/virtual_image_context.5*
256 %defattr(644,root,root,755)
257 %attr(755,root,root) %{_libdir}/libselinux.so
258 %{_pkgconfigdir}/libselinux.pc
259 %{_includedir}/selinux
260 %{_mandir}/man3/avc_*.3*
261 %{_mandir}/man3/checkPasswdAccess.3*
262 %{_mandir}/man3/context_*.3*
263 %{_mandir}/man3/fgetfilecon*.3*
264 %{_mandir}/man3/fini_selinuxmnt.3*
265 %{_mandir}/man3/freecon*.3*
266 %{_mandir}/man3/fsetfilecon*.3*
267 %{_mandir}/man3/get_default_context*.3*
268 %{_mandir}/man3/get_default_type.3*
269 %{_mandir}/man3/get_ordered_context_list*.3*
270 %{_mandir}/man3/getcon*.3*
271 %{_mandir}/man3/getexeccon*.3*
272 %{_mandir}/man3/getfilecon*.3*
273 %{_mandir}/man3/getfscreatecon*.3*
274 %{_mandir}/man3/getkeycreatecon*.3*
275 %{_mandir}/man3/getpeercon*.3*
276 %{_mandir}/man3/getpidcon*.3*
277 %{_mandir}/man3/getprevcon*.3*
278 %{_mandir}/man3/getseuserbyname.3*
279 %{_mandir}/man3/getsockcreatecon*.3*
280 %{_mandir}/man3/init_selinuxmnt.3*
281 %{_mandir}/man3/is_context_customizable.3*
282 %{_mandir}/man3/is_selinux_*.3*
283 %{_mandir}/man3/lgetfilecon*.3*
284 %{_mandir}/man3/lsetfilecon*.3*
285 %{_mandir}/man3/manual_user_enter_context.3*
286 %{_mandir}/man3/matchmediacon.3*
287 %{_mandir}/man3/matchpathcon*.3*
288 %{_mandir}/man3/mode_to_security_class.3*
289 %{_mandir}/man3/print_access_vector.3*
290 %{_mandir}/man3/query_user_context.3*
291 %{_mandir}/man3/rpm_execcon.3*
292 %{_mandir}/man3/security_*.3*
293 %{_mandir}/man3/selabel_*.3*
294 %{_mandir}/man3/selinux_*.3*
295 %{_mandir}/man3/set_matchpathcon_*.3*
296 %{_mandir}/man3/set_selinuxmnt.3*
297 %{_mandir}/man3/setcon*.3*
298 %{_mandir}/man3/setexeccon*.3*
299 %{_mandir}/man3/setfilecon*.3*
300 %{_mandir}/man3/setfscreatecon*.3*
301 %{_mandir}/man3/setkeycreatecon*.3*
302 %{_mandir}/man3/setsockcreatecon*.3*
303 %{_mandir}/man3/sidget.3*
304 %{_mandir}/man3/sidput.3*
305 %{_mandir}/man3/string_to_av_perm.3*
306 %{_mandir}/man3/string_to_security_class.3*
307 %{_mandir}/man5/file_contexts.5*
308 %{_mandir}/man5/media.5*
309 %{_mandir}/man5/selabel_*.5*
310 %{_mandir}/man5/sepgsql_contexts.5*
311 %{_mandir}/man5/x_contexts.5*
314 %defattr(644,root,root,755)
315 %{_libdir}/libselinux.a
318 %defattr(644,root,root,755)
319 %attr(755,root,root) %{_sbindir}/avcstat
320 %attr(755,root,root) %{_sbindir}/compute_*
321 %attr(755,root,root) %{_sbindir}/getconlist
322 %attr(755,root,root) %{_sbindir}/getdefaultcon
323 %attr(755,root,root) %{_sbindir}/getenforce
324 %attr(755,root,root) %{_sbindir}/getfilecon
325 %attr(755,root,root) %{_sbindir}/getpidcon
326 %attr(755,root,root) %{_sbindir}/getsebool
327 %attr(755,root,root) %{_sbindir}/getseuser
328 %attr(755,root,root) %{_sbindir}/matchpathcon
329 %attr(755,root,root) %{_sbindir}/policyvers
330 %attr(755,root,root) %{_sbindir}/selabel_digest
331 %attr(755,root,root) %{_sbindir}/selabel_lookup
332 %attr(755,root,root) %{_sbindir}/selabel_lookup_best_match
333 %attr(755,root,root) %{_sbindir}/selabel_partial_match
334 %attr(755,root,root) %{_sbindir}/selinux*
335 %attr(755,root,root) %{_sbindir}/setenforce
336 %attr(755,root,root) %{_sbindir}/sefcontext_compile
337 %attr(755,root,root) %{_sbindir}/setfilecon
338 %attr(755,root,root) %{_sbindir}/togglesebool
339 %{_mandir}/man8/avcstat.8*
340 %{_mandir}/man8/booleans.8*
341 %{_mandir}/man8/getenforce.8*
342 %{_mandir}/man8/getsebool.8*
343 %{_mandir}/man8/matchpathcon.8*
344 %{_mandir}/man8/sefcontext_compile.8*
345 %{_mandir}/man8/selinux*.8*
346 %{_mandir}/man8/setenforce.8*
347 %{_mandir}/man8/togglesebool.8*
350 %files -n python-selinux
351 %defattr(644,root,root,755)
352 %dir %{py_sitedir}/selinux
353 %attr(755,root,root) %{py_sitedir}/_selinux.so
354 %attr(755,root,root) %{py_sitedir}/selinux/audit2why.so
355 %{py_sitedir}/selinux/__init__.py[co]
359 %files -n python3-selinux
360 %defattr(644,root,root,755)
361 %dir %{py3_sitedir}/selinux
362 %attr(755,root,root) %{py3_sitedir}/_selinux.cpython-*.so
363 %attr(755,root,root) %{py3_sitedir}/selinux/audit2why.cpython-*.so
364 %{py3_sitedir}/selinux/__init__.py
365 %{py3_sitedir}/selinux/__pycache__
369 %files -n ruby-selinux
370 %defattr(644,root,root,755)
371 %attr(755,root,root) %{ruby_vendorarchdir}/selinux.so