Added SELinux subpackage
This commit is contained in:
Nathan Kinder
parent
db21b436d8
commit
54cf04a0fa
1 changed files with 79 additions and 3 deletions
|
|
@ -1,13 +1,15 @@
|
|||
%global pkgname dirsrv
|
||||
# for a pre-release, define the prerel field - comment out for official release
|
||||
%global prerel .a3
|
||||
%global prerel .a4
|
||||
# also need the relprefix field for a pre-release - also comment out for official release
|
||||
%global relprefix 0.
|
||||
|
||||
%global selinux_variants mls targeted
|
||||
|
||||
Summary: 389 Administration Server (admin)
|
||||
Name: 389-admin
|
||||
Version: 1.1.10
|
||||
Release: %{?relprefix}3%{?prerel}%{?dist}
|
||||
Release: %{?relprefix}4%{?prerel}%{?dist}
|
||||
License: GPLv2 and ASL 2.0
|
||||
URL: http://port389.org/
|
||||
Group: System Environment/Daemons
|
||||
|
|
@ -27,6 +29,12 @@ BuildRequires: apr-devel
|
|||
BuildRequires: mod_nss
|
||||
BuildRequires: 389-adminutil-devel
|
||||
|
||||
# The following are needed to build the SELinux policy
|
||||
BuildRequires: checkpolicy
|
||||
BuildRequires: selinux-policy-devel
|
||||
BuildRequires: /usr/share/selinux/devel/Makefile
|
||||
BuildRequires: 389-ds-base-selinux-devel
|
||||
|
||||
Requires: 389-ds-base
|
||||
Requires: mod_nss
|
||||
# the following are needed for some of our scripts
|
||||
|
|
@ -49,12 +57,22 @@ for 389 Directory Server. It provides some management web apps that can
|
|||
be used through a web browser. It provides the authentication, access control,
|
||||
and CGI utilities used by the console.
|
||||
|
||||
%package selinux
|
||||
Summary: SELinux policy for 389 Administration Server
|
||||
Group: System Environment/Daemons
|
||||
Requires: selinux-policy
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
Requires: 389-ds-base-selinux
|
||||
|
||||
%description selinux
|
||||
SELinux policy for the 389 Adminstration Server package.
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{version}%{?prerel}
|
||||
%patch1
|
||||
|
||||
%build
|
||||
%configure --disable-rpath
|
||||
%configure --disable-rpath --with-selinux
|
||||
|
||||
# Generate symbolic info for debuggers
|
||||
export XCFLAGS=$RPM_OPT_FLAGS
|
||||
|
|
@ -65,6 +83,18 @@ export USE_64=1
|
|||
|
||||
make %{?_smp_mflags}
|
||||
|
||||
# Build the SELinux policy module for each variant
|
||||
cd selinux-built
|
||||
cp %{_datadir}/%{pkgname}-selinux/%{pkgname}.if .
|
||||
cp %{_datadir}/%{pkgname}-selinux/%{pkgname}.te .
|
||||
for selinuxvariant in %{selinux_variants}
|
||||
do
|
||||
make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile
|
||||
mv %{pkgname}-admin.pp %{pkgname}-admin.pp.${selinuxvariant}
|
||||
make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean
|
||||
done
|
||||
cd -
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
|
@ -80,6 +110,16 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
|
|||
rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.a
|
||||
rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.la
|
||||
|
||||
# Install the SELinux policy
|
||||
cd selinux-built
|
||||
for selinuxvariant in %{selinux_variants}
|
||||
do
|
||||
install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
|
||||
install -p -m 644 %{pkgname}-admin.pp.${selinuxvariant} \
|
||||
%{buildroot}%{_datadir}/selinux/${selinuxvariant}/%{pkgname}-admin.pp
|
||||
done
|
||||
cd -
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
|
@ -143,6 +183,34 @@ if %{pkgname}admin_exists then
|
|||
os.execute('/sbin/service %{pkgname}-admin start >/dev/null 2>&1')
|
||||
end
|
||||
|
||||
%post selinux
|
||||
if [ "$1" -le "1" ] ; then # First install
|
||||
for selinuxvariant in %{selinux_variants}
|
||||
do
|
||||
semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/%{pkgname}-admin.pp 2>/dev/null || :
|
||||
done
|
||||
fixfiles -R %{name} restore || :
|
||||
/sbin/service %{pkgname}-admin condrestart > /dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%preun selinux
|
||||
if [ "$1" -lt "1" ]; then # Final removal
|
||||
for selinuxvariant in %{selinux_variants}
|
||||
do
|
||||
semodule -s ${selinuxvariant} -r %{pkgname}-admin 2>/dev/null || :
|
||||
done
|
||||
fixfiles -R %{name} restore || :
|
||||
/sbin/service %{pkgname}-admin condrestart > /dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%postun selinux
|
||||
if [ "$1" -ge "1" ]; then # Upgrade
|
||||
for selinuxvariant in %{selinux_variants}
|
||||
do
|
||||
semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/%{pkgname}-admin.pp 2>/dev/null || :
|
||||
done
|
||||
fi
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
%doc LICENSE
|
||||
|
|
@ -156,7 +224,15 @@ end
|
|||
%{_libdir}/%{pkgname}
|
||||
%{_mandir}/man8/*
|
||||
|
||||
%files selinux
|
||||
%defattr(-,root,root,-)
|
||||
%{_datadir}/selinux/*/%{pkgname}-admin.pp
|
||||
|
||||
%changelog
|
||||
* Mon Jan 18 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.10.a4-0.4
|
||||
- the 1.1.10.a4 release
|
||||
- added SELinux subpackage
|
||||
|
||||
* Thu Jan 14 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.10.a3-0.3
|
||||
- the 1.1.10.a3 release
|
||||
- make sure we can find ICU genrb on all platforms
|
||||
|
|
|
|||
Reference in a new issue