]>
Commit | Line | Data |
---|---|---|
835f2e4f JB |
1 | # |
2 | # Conditional build: | |
8aa53b72 JB |
3 | %bcond_without python # Python (any) bindings |
4 | %bcond_without python2 # Python 2 binding | |
5 | %bcond_without python3 # Python 3 binding | |
3231c037 | 6 | %bcond_without ruby # Ruby binding |
b894de14 | 7 | |
8aa53b72 JB |
8 | %if %{without python} |
9 | %undefine with_python2 | |
10 | %undefine with_python3 | |
11 | %endif | |
12 | ||
df3fa8a3 | 13 | %define sepol_ver 2.7 |
adb66b1f | 14 | Summary: SELinux library and simple utilities |
4967c211 | 15 | Summary(pl.UTF-8): Biblioteka SELinux i proste narzędzia |
adb66b1f | 16 | Name: libselinux |
df3fa8a3 JB |
17 | Version: 2.7 |
18 | Release: 1 | |
fefe9db1 | 19 | License: Public Domain |
adb66b1f | 20 | Group: Libraries |
9bb8f33d | 21 | #Source0Download: https://github.com/SELinuxProject/selinux/wiki/Releases |
df3fa8a3 JB |
22 | Source0: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/%{name}-%{version}.tar.gz |
23 | # Source0-md5: 1d48ee4e9fadd76794d70c806b69ba7d | |
3157c0b5 | 24 | Patch0: %{name}-vcontext-selinux.patch |
bd867b5b | 25 | URL: https://github.com/SELinuxProject/selinux/wiki |
ba4f2429 JB |
26 | %ifarch ppc ppc64 sparc sparcv9 sparc64 |
27 | BuildRequires: gcc >= 5:3.4 | |
28 | %else | |
29 | BuildRequires: gcc >= 5:3.2 | |
30 | %endif | |
51212447 | 31 | BuildRequires: glibc-devel >= 6:2.3 |
e87b3ac3 AM |
32 | BuildRequires: libsepol-devel >= %{sepol_ver} |
33 | %{?with_python:BuildRequires: libsepol-static >= %{sepol_ver}} | |
3231c037 JB |
34 | BuildRequires: pcre-devel |
35 | BuildRequires: pkgconfig | |
8aa53b72 JB |
36 | %{?with_python2:BuildRequires: python-devel >= 2} |
37 | %{?with_python3:BuildRequires: python3-devel >= 1:3.2} | |
835f2e4f | 38 | %{?with_python:BuildRequires: rpm-pythonprov} |
8aa53b72 | 39 | BuildRequires: rpmbuild(macros) >= 1.714 |
3231c037 | 40 | %{?with_ruby:BuildRequires: ruby-devel >= 1.9} |
6b7a7bf6 | 41 | BuildRequires: sed >= 4.0 |
8d42c624 | 42 | %{?with_python:BuildRequires: swig-python} |
3231c037 | 43 | %{?with_ruby:BuildRequires: swig-ruby} |
87678bda | 44 | Requires: glibc(tls) |
e87b3ac3 | 45 | Requires: libsepol >= %{sepol_ver} |
9b0e6c11 | 46 | Obsoletes: selinux-libs |
af1b8555 | 47 | Conflicts: SysVinit < 2.86-4 |
801180f1 | 48 | ExcludeArch: i386 |
c017911b | 49 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
adb66b1f | 50 | |
51 | %description | |
6ed4fb38 AM |
52 | Security-enhanced Linux is a patch of the Linux kernel and a number of |
53 | utilities with enhanced security functionality designed to add | |
adb66b1f | 54 | mandatory access controls to Linux. The Security-enhanced Linux kernel |
55 | contains new architectural components originally developed to improve | |
56 | the security of the Flask operating system. These architectural | |
57 | components provide general support for the enforcement of many kinds | |
58 | of mandatory access control policies, including those based on the | |
59 | concepts of Type Enforcement, Role-based Access Control, and | |
60 | Multi-level Security. | |
61 | ||
62 | libselinux provides an API for SELinux applications to get and set | |
63 | process and file security contexts and to obtain security policy | |
64 | decisions. Required for any applications that use the SELinux API. | |
65 | ||
c75faa25 JR |
66 | %description -l pl.UTF-8 |
67 | Security-enhanced Linux jest prototypem jądra Linuksa i wielu | |
68 | aplikacji użytkowych o funkcjach podwyższonego bezpieczeństwa. | |
69 | Zaprojektowany jest tak, aby w prosty sposób ukazać znaczenie | |
70 | obowiązkowej kontroli dostępu dla społeczności linuksowej. Ukazuje | |
71 | również jak taką kontrolę można dodać do istniejącego systemu typu | |
72 | Linux. Jądro SELinux zawiera nowe składniki architektury pierwotnie | |
73 | opracowane w celu ulepszenia bezpieczeństwa systemu operacyjnego | |
3f1ec040 | 74 | Flask. Te elementy zapewniają ogólne wsparcie we wdrażaniu wielu typów |
6ed4fb38 AM |
75 | polityk obowiązkowej kontroli dostępu, włączając te wzorowane na: Type |
76 | Enforcement (TE), kontroli dostępu opartej na rolach (RBAC) i | |
77 | zabezpieczeniach wielopoziomowych. | |
06b84620 | 78 | |
6ed4fb38 AM |
79 | libselinux dostarcza API dla aplikacji SELinux aby mogły pobierać i |
80 | ustawiać procesy i konteksty plików w celu korzystania z polityki | |
c75faa25 JR |
81 | bezpieczeństwa. Biblioteka jest wymagana przez wszystkie aplikacje, |
82 | które używają API SELinux. | |
adb66b1f | 83 | |
84 | %package devel | |
9f09f0e2 | 85 | Summary: Header files and devel documentation |
4967c211 | 86 | Summary(pl.UTF-8): Pliki nagłówkowe i dokumentacja programistyczna |
9f09f0e2 | 87 | Group: Development/Libraries |
b894de14 | 88 | Requires: %{name} = %{version}-%{release} |
e87b3ac3 | 89 | Requires: libsepol-devel >= %{sepol_ver} |
9b0e6c11 | 90 | Obsoletes: selinux-libs-devel |
adb66b1f | 91 | |
92 | %description devel | |
93 | Header files and devel documentation for SELinux libraries. | |
94 | ||
c75faa25 JR |
95 | %description devel -l pl.UTF-8 |
96 | Pliki nagłówkowe i dokumentacja programistyczna bibliotek SELinux. | |
adb66b1f | 97 | |
98 | %package static | |
9f09f0e2 | 99 | Summary: Static SELinux library |
4967c211 | 100 | Summary(pl.UTF-8): Biblioteki statyczne SELinux |
9f09f0e2 | 101 | Group: Development/Libraries |
b894de14 | 102 | Requires: %{name}-devel = %{version}-%{release} |
9b0e6c11 | 103 | Obsoletes: selinux-static |
adb66b1f | 104 | |
105 | %description static | |
106 | SELinux static libraries. | |
107 | ||
c75faa25 | 108 | %description static -l pl.UTF-8 |
adb66b1f | 109 | Biblioteki statyczne SELinux. |
110 | ||
111 | %package utils | |
9f09f0e2 | 112 | Summary: SELinux utils |
4967c211 | 113 | Summary(pl.UTF-8): Narzędzia SELinux |
9f09f0e2 | 114 | Group: Applications/System |
b894de14 | 115 | Requires: %{name} = %{version}-%{release} |
9b0e6c11 | 116 | Obsoletes: selinux-utils |
adb66b1f | 117 | |
118 | %description utils | |
119 | SELinux utils. | |
120 | ||
c75faa25 JR |
121 | %description utils -l pl.UTF-8 |
122 | Narzędzia SELinux. | |
adb66b1f | 123 | |
1531e56e | 124 | %package -n python-selinux |
8aa53b72 JB |
125 | Summary: Python 2 binding for SELinux library |
126 | Summary(pl.UTF-8): Wiązania Pythona 2 do biblioteki SELinux | |
1531e56e | 127 | Group: Libraries/Python |
b894de14 | 128 | Requires: %{name} = %{version}-%{release} |
1531e56e JB |
129 | |
130 | %description -n python-selinux | |
8aa53b72 | 131 | Python 2 binding for SELinux library. |
1531e56e | 132 | |
c75faa25 | 133 | %description -n python-selinux -l pl.UTF-8 |
8aa53b72 JB |
134 | Wiązania Pythona 2 do biblioteki SELinux. |
135 | ||
136 | %package -n python3-selinux | |
137 | Summary: Python 3 binding for SELinux library | |
138 | Summary(pl.UTF-8): Wiązania Pythona 3 do biblioteki SELinux | |
139 | Group: Libraries/Python | |
140 | Requires: %{name} = %{version}-%{release} | |
141 | ||
142 | %description -n python3-selinux | |
143 | Python 3 binding for SELinux library. | |
144 | ||
145 | %description -n python3-selinux -l pl.UTF-8 | |
146 | Wiązania Pythona 3 do biblioteki SELinux. | |
1531e56e | 147 | |
3231c037 JB |
148 | %package -n ruby-selinux |
149 | Summary: Ruby binding for SELinux library | |
150 | Summary(pl.UTF-8): Wiązania języka Ruby do biblioteki SELinux | |
151 | Group: Development/Languages | |
b894de14 | 152 | Requires: %{name} = %{version}-%{release} |
3231c037 JB |
153 | |
154 | %description -n ruby-selinux | |
155 | Ruby binding for SELinux library. | |
156 | ||
157 | %description -n ruby-selinux -l pl.UTF-8 | |
158 | Wiązania języka Ruby do biblioteki SELinux. | |
159 | ||
adb66b1f | 160 | %prep |
161 | %setup -q | |
3157c0b5 | 162 | %patch0 -p1 |
adb66b1f | 163 | |
6b7a7bf6 JB |
164 | # "-z defs" doesn't mix with --as-needed when some object needs symbols from |
165 | # ld.so (because of __thread variable in this case) | |
8aa53b72 | 166 | %{__sed} -i -e 's/-z,defs,//' src/Makefile |
6b7a7bf6 | 167 | |
adb66b1f | 168 | %build |
8aa53b72 | 169 | %{__make} -j1 all %{?with_python2:pywrap} %{?with_ruby:rubywrap} \ |
06b84620 | 170 | CC="%{__cc}" \ |
6ed4fb38 | 171 | CFLAGS="%{rpmcppflags} %{rpmcflags} -D_FILE_OFFSET_BITS=64" \ |
3231c037 JB |
172 | LDFLAGS="%{rpmldflags} -lpcre -lpthread" \ |
173 | LIBDIR=%{_libdir} \ | |
8aa53b72 | 174 | PYPREFIX=python2 \ |
bbc4d714 | 175 | PYSITEDIR=%{py_sitedir} \ |
f18e2780 | 176 | PYTHON=%{__python} \ |
b894de14 | 177 | %{?with_ruby:RUBYINC="$(pkg-config --cflags ruby-%{ruby_abi})"} |
adb66b1f | 178 | |
8aa53b72 JB |
179 | %if %{with python3} |
180 | %{__make} -j1 -C src pywrap \ | |
181 | CC="%{__cc}" \ | |
182 | CFLAGS="%{rpmcppflags} %{rpmcflags} -D_FILE_OFFSET_BITS=64" \ | |
183 | LDFLAGS="%{rpmldflags} -lpthread" \ | |
184 | LIBDIR=%{_libdir} \ | |
f18e2780 | 185 | PYPREFIX=python3 \ |
bbc4d714 | 186 | PYSITEDIR=%{py3_sitedir} \ |
f18e2780 | 187 | PYTHON=%{__python3} |
8aa53b72 JB |
188 | %endif |
189 | ||
adb66b1f | 190 | %install |
191 | rm -rf $RPM_BUILD_ROOT | |
06b84620 | 192 | |
8aa53b72 | 193 | %{__make} install %{?with_python2:install-pywrap} %{?with_ruby:install-rubywrap} \ |
b894de14 ER |
194 | LIBDIR=$RPM_BUILD_ROOT%{_libdir} \ |
195 | SHLIBDIR=$RPM_BUILD_ROOT/%{_lib} \ | |
df3fa8a3 | 196 | LIBSEPOLA=%{_libdir}/libsepol.a \ |
8aa53b72 | 197 | PYPREFIX=python2 \ |
bbc4d714 | 198 | PYSITEDIR=$RPM_BUILD_ROOT%{py_sitedir} \ |
8aa53b72 | 199 | PYTHON=%{__python} \ |
b894de14 | 200 | RUBYINSTALL=$RPM_BUILD_ROOT%{ruby_vendorarchdir} \ |
8aa53b72 | 201 | DESTDIR=$RPM_BUILD_ROOT |
adb66b1f | 202 | |
c017911b | 203 | # make symlink across / absolute |
4c5842ce | 204 | ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libselinux.so.*) \ |
c017911b JB |
205 | $RPM_BUILD_ROOT%{_libdir}/libselinux.so |
206 | ||
8aa53b72 JB |
207 | %if %{with python2} |
208 | %py_comp $RPM_BUILD_ROOT%{py_sitedir}/selinux | |
209 | %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}/selinux | |
210 | %py_postclean | |
211 | %endif | |
212 | ||
213 | %if %{with python3} | |
214 | %{__make} -C src install-pywrap \ | |
215 | DESTDIR=$RPM_BUILD_ROOT \ | |
f18e2780 | 216 | LIBDIR=$RPM_BUILD_ROOT%{_libdir} \ |
df3fa8a3 | 217 | LIBSEPOLA=%{_libdir}/libsepol.a \ |
8aa53b72 | 218 | PYPREFIX=python3 \ |
bbc4d714 | 219 | PYSITEDIR=$RPM_BUILD_ROOT%{py3_sitedir} \ |
8aa53b72 JB |
220 | PYTHON=%{__python3} |
221 | ||
222 | %py3_comp $RPM_BUILD_ROOT%{py3_sitedir}/selinux | |
223 | %py3_ocomp $RPM_BUILD_ROOT%{py3_sitedir}/selinux | |
224 | %endif | |
225 | ||
adb66b1f | 226 | %clean |
227 | rm -rf $RPM_BUILD_ROOT | |
228 | ||
229 | %post -p /sbin/ldconfig | |
230 | %postun -p /sbin/ldconfig | |
231 | ||
232 | %files | |
233 | %defattr(644,root,root,755) | |
df3fa8a3 | 234 | %doc LICENSE |
c017911b | 235 | %attr(755,root,root) /%{_lib}/libselinux.so.* |
f63476a2 JB |
236 | %{_mandir}/man5/booleans.5* |
237 | %{_mandir}/man5/customizable_types.5* | |
238 | %{_mandir}/man5/default_contexts.5* | |
239 | %{_mandir}/man5/default_type.5* | |
240 | %{_mandir}/man5/failsafe_context.5* | |
64ef7b6a AM |
241 | %{_mandir}/man5/file_contexts.homedirs.5* |
242 | %{_mandir}/man5/file_contexts.local.5 | |
243 | %{_mandir}/man5/file_contexts.subs.5 | |
244 | %{_mandir}/man5/file_contexts.subs_dist.5 | |
f63476a2 JB |
245 | %{_mandir}/man5/local.users.5* |
246 | %{_mandir}/man5/removable_context.5* | |
247 | %{_mandir}/man5/secolor.conf.5* | |
248 | %{_mandir}/man5/securetty_types.5* | |
249 | %{_mandir}/man5/service_seusers.5* | |
250 | %{_mandir}/man5/seusers.5* | |
251 | %{_mandir}/man5/user_contexts.5* | |
252 | %{_mandir}/man5/virtual_domain_context.5* | |
253 | %{_mandir}/man5/virtual_image_context.5* | |
adb66b1f | 254 | |
255 | %files devel | |
256 | %defattr(644,root,root,755) | |
c017911b | 257 | %attr(755,root,root) %{_libdir}/libselinux.so |
3f14fe48 | 258 | %{_pkgconfigdir}/libselinux.pc |
06b84620 | 259 | %{_includedir}/selinux |
8aa53b72 JB |
260 | %{_mandir}/man3/avc_*.3* |
261 | %{_mandir}/man3/checkPasswdAccess.3* | |
262 | %{_mandir}/man3/context_*.3* | |
263 | %{_mandir}/man3/fgetfilecon*.3* | |
264 | %{_mandir}/man3/fini_selinuxmnt.3* | |
265 | %{_mandir}/man3/freecon*.3* | |
266 | %{_mandir}/man3/fsetfilecon*.3* | |
267 | %{_mandir}/man3/get_default_context*.3* | |
268 | %{_mandir}/man3/get_default_type.3* | |
269 | %{_mandir}/man3/get_ordered_context_list*.3* | |
270 | %{_mandir}/man3/getcon*.3* | |
271 | %{_mandir}/man3/getexeccon*.3* | |
272 | %{_mandir}/man3/getfilecon*.3* | |
273 | %{_mandir}/man3/getfscreatecon*.3* | |
274 | %{_mandir}/man3/getkeycreatecon*.3* | |
275 | %{_mandir}/man3/getpeercon*.3* | |
276 | %{_mandir}/man3/getpidcon*.3* | |
277 | %{_mandir}/man3/getprevcon*.3* | |
278 | %{_mandir}/man3/getseuserbyname.3* | |
279 | %{_mandir}/man3/getsockcreatecon*.3* | |
280 | %{_mandir}/man3/init_selinuxmnt.3* | |
281 | %{_mandir}/man3/is_context_customizable.3* | |
282 | %{_mandir}/man3/is_selinux_*.3* | |
283 | %{_mandir}/man3/lgetfilecon*.3* | |
284 | %{_mandir}/man3/lsetfilecon*.3* | |
285 | %{_mandir}/man3/manual_user_enter_context.3* | |
286 | %{_mandir}/man3/matchmediacon.3* | |
287 | %{_mandir}/man3/matchpathcon*.3* | |
288 | %{_mandir}/man3/mode_to_security_class.3* | |
289 | %{_mandir}/man3/print_access_vector.3* | |
290 | %{_mandir}/man3/query_user_context.3* | |
291 | %{_mandir}/man3/rpm_execcon.3* | |
292 | %{_mandir}/man3/security_*.3* | |
293 | %{_mandir}/man3/selabel_*.3* | |
294 | %{_mandir}/man3/selinux_*.3* | |
295 | %{_mandir}/man3/set_matchpathcon_*.3* | |
296 | %{_mandir}/man3/set_selinuxmnt.3* | |
297 | %{_mandir}/man3/setcon*.3* | |
298 | %{_mandir}/man3/setexeccon*.3* | |
299 | %{_mandir}/man3/setfilecon*.3* | |
300 | %{_mandir}/man3/setfscreatecon*.3* | |
301 | %{_mandir}/man3/setkeycreatecon*.3* | |
302 | %{_mandir}/man3/setsockcreatecon*.3* | |
303 | %{_mandir}/man3/sidget.3* | |
304 | %{_mandir}/man3/sidput.3* | |
305 | %{_mandir}/man3/string_to_av_perm.3* | |
306 | %{_mandir}/man3/string_to_security_class.3* | |
f63476a2 JB |
307 | %{_mandir}/man5/file_contexts.5* |
308 | %{_mandir}/man5/media.5* | |
e18dd3a0 | 309 | %{_mandir}/man5/selabel_*.5* |
f63476a2 JB |
310 | %{_mandir}/man5/sepgsql_contexts.5* |
311 | %{_mandir}/man5/x_contexts.5* | |
adb66b1f | 312 | |
313 | %files static | |
314 | %defattr(644,root,root,755) | |
315 | %{_libdir}/libselinux.a | |
316 | ||
317 | %files utils | |
318 | %defattr(644,root,root,755) | |
f63476a2 JB |
319 | %attr(755,root,root) %{_sbindir}/avcstat |
320 | %attr(755,root,root) %{_sbindir}/compute_* | |
321 | %attr(755,root,root) %{_sbindir}/getconlist | |
322 | %attr(755,root,root) %{_sbindir}/getdefaultcon | |
323 | %attr(755,root,root) %{_sbindir}/getenforce | |
324 | %attr(755,root,root) %{_sbindir}/getfilecon | |
325 | %attr(755,root,root) %{_sbindir}/getpidcon | |
326 | %attr(755,root,root) %{_sbindir}/getsebool | |
327 | %attr(755,root,root) %{_sbindir}/getseuser | |
328 | %attr(755,root,root) %{_sbindir}/matchpathcon | |
329 | %attr(755,root,root) %{_sbindir}/policyvers | |
4a31f10c JB |
330 | %attr(755,root,root) %{_sbindir}/selabel_digest |
331 | %attr(755,root,root) %{_sbindir}/selabel_lookup | |
332 | %attr(755,root,root) %{_sbindir}/selabel_lookup_best_match | |
333 | %attr(755,root,root) %{_sbindir}/selabel_partial_match | |
f63476a2 JB |
334 | %attr(755,root,root) %{_sbindir}/selinux* |
335 | %attr(755,root,root) %{_sbindir}/setenforce | |
64ef7b6a | 336 | %attr(755,root,root) %{_sbindir}/sefcontext_compile |
f63476a2 JB |
337 | %attr(755,root,root) %{_sbindir}/setfilecon |
338 | %attr(755,root,root) %{_sbindir}/togglesebool | |
f63476a2 JB |
339 | %{_mandir}/man8/avcstat.8* |
340 | %{_mandir}/man8/booleans.8* | |
341 | %{_mandir}/man8/getenforce.8* | |
342 | %{_mandir}/man8/getsebool.8* | |
343 | %{_mandir}/man8/matchpathcon.8* | |
21e1440d | 344 | %{_mandir}/man8/sefcontext_compile.8* |
f63476a2 JB |
345 | %{_mandir}/man8/selinux*.8* |
346 | %{_mandir}/man8/setenforce.8* | |
347 | %{_mandir}/man8/togglesebool.8* | |
1531e56e | 348 | |
8aa53b72 | 349 | %if %{with python2} |
1531e56e JB |
350 | %files -n python-selinux |
351 | %defattr(644,root,root,755) | |
f0f66b1d | 352 | %dir %{py_sitedir}/selinux |
bbc4d714 | 353 | %attr(755,root,root) %{py_sitedir}/_selinux.so |
f0f66b1d | 354 | %attr(755,root,root) %{py_sitedir}/selinux/audit2why.so |
8aa53b72 JB |
355 | %{py_sitedir}/selinux/__init__.py[co] |
356 | %endif | |
357 | ||
358 | %if %{with python3} | |
359 | %files -n python3-selinux | |
360 | %defattr(644,root,root,755) | |
361 | %dir %{py3_sitedir}/selinux | |
df3fa8a3 JB |
362 | %attr(755,root,root) %{py3_sitedir}/_selinux.cpython-*.so |
363 | %attr(755,root,root) %{py3_sitedir}/selinux/audit2why.cpython-*.so | |
8aa53b72 JB |
364 | %{py3_sitedir}/selinux/__init__.py |
365 | %{py3_sitedir}/selinux/__pycache__ | |
835f2e4f | 366 | %endif |
3231c037 JB |
367 | |
368 | %if %{with ruby} | |
369 | %files -n ruby-selinux | |
370 | %defattr(644,root,root,755) | |
371 | %attr(755,root,root) %{ruby_vendorarchdir}/selinux.so | |
372 | %endif |