[pam_shield/el5] - fixed selinux conflict by adding context definition - added some additional cleanup on uninstall
Carl Thompson
redragon at fedoraproject.org
Fri Aug 12 08:07:07 UTC 2011
commit d533f6eb5553552c93d86754ed6d117a1c7dcc8c
Author: Carl Thompson <fedora at red-dragon.com>
Date: Fri Aug 12 03:06:40 2011 -0500
- fixed selinux conflict by adding context definition
- added some additional cleanup on uninstall
pam_shield.spec | 23 ++++++++++++++++++++++-
1 files changed, 22 insertions(+), 1 deletions(-)
---
diff --git a/pam_shield.spec b/pam_shield.spec
index 9a35fc4..ff99018 100644
--- a/pam_shield.spec
+++ b/pam_shield.spec
@@ -1,6 +1,6 @@
Name: pam_shield
Version: 0.9.5
-Release: 8%{?dist}
+Release: 9%{?dist}
Summary: Pam Shield - A pam module to counter brute force attacks
Group: System Environment/Libraries
@@ -12,6 +12,11 @@ Source2: shield-purge.8.gz
Source3: shield-trigger-iptables.8.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: pam-devel, gdbm-devel
+%if 0%{?rhel} <= 5
+Requires: policycoreutils
+%else
+Requires: policycoreutils-python
+%endif
Patch0: shield_purge_segfault.patch
Patch1: shield-trigger-iptables.patch
@@ -69,6 +74,19 @@ install -m 644 %{SOURCE3} %{buildroot}%{_mandir}/man8/
%clean
rm -rf %{buildroot}
+%post
+semanage fcontext -a -t var_auth_t '/var/lib/pam_shield' 2>/dev/null || :
+restorecon -R /var/lib/pam_shield || :
+
+%postun
+if [ $1 -eq 0 ] ; then
+semanage fcontext -d -t var_auth_t '/var/lib/pam_shield' 2>/dev/null || :
+if [ -e "/var/lib/pam_shield/db" ]
+then
+rm -f /var/lib/pam_shield/db
+fi
+fi
+
%files
%defattr(-,root,root)
/%{_lib}/security/pam_shield.so
@@ -89,6 +107,9 @@ rm -rf %{buildroot}
%{_sbindir}/shield-trigger-iptables
%changelog
+* Thu Aug 11 2011 Carl Thompson <fedora at red-dragon.com> 0.9.5-9
+- fixed selinux conflict by adding context definition
+- added some additional cleanup on uninstall
* Sat Apr 30 2011 Carl Thompson <fedora at red-dragon.com> 0.9.5-8
- patches shield-trigger-iptables to insert rules instead of add
- and added checks for chain existance and creation if necessary
More information about the scm-commits
mailing list