Remove selinux policy

This removes the dirsrv selinux policy from 389-admin. The same policy is being implemented in the selinux-policy-base package now, so we no longer need to build and carry it here.
2010-11-15 09:57:06 -08:00 · 2010-11-15 09:57:06 -08:00 · 8dca43e9bd
commit 8dca43e9bd
parent c7c7683152
1 changed files with 9 additions and 49 deletions
--- a/389-admin.spec
+++ b/389-admin.spec
@ -1,15 +1,13 @@
 %global pkgname   dirsrv
 # for a pre-release, define the prerel field - comment out for official release
-%global prerel .a2
+# % global prerel .a2
 # also need the relprefix 0. field for a pre-release - also comment out for official release
-%global relprefix 0.
-
-%global selinux_variants mls targeted
+# % global relprefix 0.

 Summary:          389 Administration Server (admin)
 Name:             389-admin
 Version:          1.1.12
-Release:          %{?relprefix}2%{?prerel}%{?dist}
+Release:          %{?relprefix}1%{?prerel}%{?dist}
 License:          GPLv2 and ASL 2.0
 URL:              http://port389.org/
 Group:            System Environment/Daemons
@ -17,6 +15,7 @@ BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Provides:         fedora-ds-admin = %{version}-%{release}
 Obsoletes:        fedora-ds-admin < 1.1.8-1
 Obsoletes:        %{name}-selinux
+Conflicts:        selinux-policy-base < 3.9.7-13

 BuildRequires:    nspr-devel
 BuildRequires:    nss-devel
@ -29,12 +28,6 @@ BuildRequires:    apr-devel
 BuildRequires:    mod_nss
 BuildRequires:    389-adminutil-devel

-# The following are needed to build the SELinux policy
-BuildRequires:    checkpolicy
-BuildRequires:    selinux-policy-devel
-BuildRequires:    /usr/share/selinux/devel/Makefile
-BuildRequires:    389-ds-base-selinux-devel
-
 Requires:         389-ds-base
 Requires:         mod_nss

@ -82,17 +75,6 @@ export USE_64=1

 make %{?_smp_mflags}

-# Build the SELinux policy module for each variant
-cd selinux-built
-cp %{_datadir}/%{pkgname}-selinux/%{pkgname}.if .
-cp %{_datadir}/%{pkgname}-selinux/%{pkgname}.te .
-for selinuxvariant in %{selinux_variants}
-do
-  make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile
-  mv %{pkgname}-admin.pp %{pkgname}-admin.pp.${selinuxvariant}
-  make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean
-done
-cd -

 %install
 rm -rf $RPM_BUILD_ROOT 
@ -109,15 +91,6 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.a
 rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.la

-# Install the SELinux policy
-cd selinux-built
-for selinuxvariant in %{selinux_variants}
-do
-  install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
-  install -p -m 644 %{pkgname}-admin.pp.${selinuxvariant} \
-    %{buildroot}%{_datadir}/selinux/${selinuxvariant}/%{pkgname}-admin.pp
-done
-cd -

 %clean
 rm -rf $RPM_BUILD_ROOT
@ -160,32 +133,15 @@ if %{pkgname}admin_consoleconf then
    posix.chmod('%{_sysconfdir}/%{pkgname}/admin-serv/console.conf', %{pkgname}admin_consoleconf.mode)
    posix.chown('%{_sysconfdir}/%{pkgname}/admin-serv/console.conf', %{pkgname}admin_consoleconf.uid, %{pkgname}admin_consoleconf.gid)
 end
-- load the selinux policy module
-variants = "%{selinux_variants}"
-for selinuxvariant in string.gfind(variants, "%a+") do
-  os.execute('semodule -s '..selinuxvariant..' -i %{_datadir}/selinux/'..selinuxvariant..'/%{pkgname}-admin.pp > /dev/null 2>&1')
-end
-- label the files installed by this package
-os.execute('fixfiles -R %{name} restore > /dev/null 2>&1')

 %preun
 if [ $1 = 0 ]; then
        /sbin/service %{pkgname}-admin stop >/dev/null 2>&1 || :
        /sbin/chkconfig --del %{pkgname}-admin
-        for selinuxvariant in %{selinux_variants}
-        do
-          semodule -s ${selinuxvariant} -r %{pkgname}-admin 2>/dev/null || :
-        done
 fi

 %postun
 /sbin/ldconfig
-if [ "$1" -ge "1" ]; then # Upgrade
-for selinuxvariant in %{selinux_variants}
-do
-  semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/%{pkgname}-admin.pp 2>/dev/null || :
-done
-fi

 %posttrans -p <lua>
 -- if we saved the run level configuration in %pre, restore it now
@ -207,7 +163,6 @@ end
 %dir %{_sysconfdir}/%{pkgname}/admin-serv
 %config(noreplace)%{_sysconfdir}/%{pkgname}/admin-serv/*.conf
 %{_datadir}/%{pkgname}
-%{_datadir}/selinux/*/%{pkgname}-admin.pp
 %{_sysconfdir}/rc.d/init.d/%{pkgname}-admin
 %config(noreplace)%{_sysconfdir}/sysconfig/%{pkgname}-admin
 %{_sbindir}/*
@ -216,6 +171,11 @@ end
 %{_mandir}/man8/*

 %changelog
+* Fri Nov 12 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.1.12-1
+- This is the final 1.1.12 release
+- git tag 389-admin-1.1.12
+- Bug 648949 - Merge dirsrv and dirsrv-admin policy modules into base policy
+
 * Tue Oct 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.12-0.2.a2
 - fix mozldap build breakage