1 Summary: SELinux tools for managing policy
2 Summary(pl): Narzêdzia do zarz±dzania polityk± SELinux
8 #Source0: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
9 Source0: http://www.tresys.com/Downloads/selinux-tools/%{name}-%{version}.tgz
10 # Source0-md5: b0147413a6d28dd9d281fc8e41e124ea
11 Patch0: %{name}-userbuild.patch
12 BuildRequires: perl-base
13 BuildRequires: tk-devel
14 BuildRequires: libglade2-devel
17 Requires: policycoreutils
20 # R: policy, policy-sources
21 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
24 This package contains some tools and libraries for Security-enhanced
25 Linux (a project with enhanced security functionality designed to add
26 mandatory access controls to Linux). This package includes the
28 - apol: The GUI-based policy analysis tool.
29 - sepcut: A basic GUI-based policy configuration, browsing, editing,
30 and testing tool, intended to provide a complete, single user
31 interface for viewing the source files of a policy, configuring
32 policy program modules, editing policy files, and making and testing
34 - seuser: A GUI and command line user manager tool for SELinux. This
35 is a tool that actually manages a portion of a running policy (i.e.,
37 - seuser scripts: A set of shell scripts: seuseradd, seusermod, and
38 seuserdel. These scripts combine the functions of the associated s*
39 commands with seuser to provide a single interface to manage users
42 And the following tool which can serve as building blocks for the
43 development of additional tools:
44 - awish: A version of the TCL/TK wish interpreter that includes the
45 setools libraries. It's used to test SELinux GUIs (apol and seuser
46 have the interpreter compiled within them). One could conceivably
47 write one's own GUI tools using TCL/TK as extended via awish.
49 # unpackaged yet (what about headers?)
50 - libapol: The main policy.conf analysis library, which is the core
51 library for all our tools.
52 - libseuser: The primary logic used for seuser.
56 Ten pakiet zawiera narzêdzia i biblioteki dla Linuksa w wersji
57 Security-enhanced (jest to projekt z rozszerzon± funkcjonalno¶ci±
58 zwi±zan± z bezpieczeñstwem opracowan± w celu dodania mandatowej
59 kontroli dostêpu do Linuksa). Ten pakiet zawiera nastêpuj±ce
61 - apol - narzêdzie do analizy polityki z graficznym interfejsem.
62 - sepcut - podstawowe graficzne narzêdzie do konfiguracji,
63 przegl±dania, edycji i testowania polityki, maj±ce zapewniæ
64 kompletny interfejs do przegl±dania plików ¼ród³owych polityki,
65 konfigurowania modu³ów programu polityki, edycji plików polityki
66 oraz tworzenia i testowania polityki.
67 - seuser - graficzne oraz dzia³aj±ce z linii poleceñ narzêdzie do
68 zarz±dzania u¿ytkownikami dla SELinuksa. Jest to narzêdzie
69 zarz±dzaj±ce czê¶ci± funkcjonuj±cej polityki (czyli kontami
71 - skrypty seuser - zbiór skryptów pow³oki: seuseradd, seusermod oraz
72 seuserdel. £±cz± one funkcjonalno¶æ poleceñ s* z seuser, aby
73 zapewniæ pojedynczy interfejs do zarz±dzania u¿ytkownikami w
76 Pakiet zawiera tak¿e narzêdzie mog±ce s³u¿yæ jako czê¶æ do budowania
77 innych narzêdzi - jest to awish, czyli wersja interpretera wish z
78 TCL/TK zawieraj±ca biblioteki setools. Jest u¿ywany do testowania
79 GUI dla SELinuksa (apol i seuser maj± interpreter wkompilowany).
80 Mo¿na pisaæ w³asne graficzne narzêdzia przy u¿yciu awisha.
89 CFLAGS="%{rpmcflags}" \
90 TCL_LIBS="-ltk -ltcl -lfl -lm -ldl"
93 rm -rf $RPM_BUILD_ROOT
94 install -d $RPM_BUILD_ROOT%{_bindir}
97 DESTDIR=$RPM_BUILD_ROOT
100 rm -rf $RPM_BUILD_ROOT
103 # not ready... (policy, chcon from patched coreutils?)
105 cd /etc/security/selinux/src/policy
108 chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/domains/program/seuser.te
109 chcon system_u:object_r:policy_src_t /etc/security/selinux/src/policy/file_contexts/program/seuser.fc
110 chcon system_u:object_r:seuser_exec_t /usr/bin/seuser
111 chcon system_u:object_r:seuser_conf_t /usr/lib/apol/seuser.conf
114 cd /etc/security/selinux/src/policy
120 %defattr(644,root,root,755)
121 %attr(755,root,root) %{_bindir}/*
123 /etc/security/selinux/src/policy/domains/program/seuser.te
124 /etc/security/selinux/src/policy/file_contexts/program/seuser.fc