rpms/xpilot-ng/devel xpilot-ng.spec,1.8,1.9
Michael Thomas (wart)
fedora-extras-commits at redhat.com
Wed Aug 30 04:10:39 UTC 2006
Author: wart
Update of /cvs/extras/rpms/xpilot-ng/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10353
Modified Files:
xpilot-ng.spec
Log Message:
Added -selinux subpackage
Don't create the xpilot user if one already exists
Don't ghost compiled python files anymore.
Index: xpilot-ng.spec
===================================================================
RCS file: /cvs/extras/rpms/xpilot-ng/devel/xpilot-ng.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- xpilot-ng.spec 18 Jul 2006 16:16:40 -0000 1.8
+++ xpilot-ng.spec 30 Aug 2006 04:10:38 -0000 1.9
@@ -1,24 +1,33 @@
+%define selinux_variants mls strict targeted
+%define selinux_policyver %(sed -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp)
+
Name: xpilot-ng
Version: 4.7.2
-Release: 9%{?dist}
+Release: 10%{?dist}
Summary: Multiplayer space arcade game
Group: Amusements/Games
License: GPL
URL: http://xpilot.sourceforge.net
Source0: http://dl.sourceforge.net/sourceforge/xpilot/xpilot-ng-%{version}.tar.gz
-Source1: xpilot-ng.png
-Source2: xpilot-ng-x11.desktop
-Source3: xpilot-ng-sdl.desktop
-Source4: xpilot-ng-server.init
+Source1: xpilot-ng.png
+Source2: xpilot-ng-x11.desktop
+Source3: xpilot-ng-sdl.desktop
+Source4: xpilot-ng-server.init
Source5: xpilot-ng.sysconfig
Source6: xpilot-ng.logrotate
+Source7: xpilotd.te
+Source8: xpilotd.fc
+Source9: xpilotd.if
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: desktop-file-utils
BuildRequires: expat-devel SDL_ttf-devel SDL_image-devel zlib-devel
-# The following BR are not needed for FC-4
BuildRequires: libXt-devel libGLU-devel libXxf86misc-devel
+BuildRequires: selinux-policy-devel hardlink checkpolicy
+%if "%{selinux_policyver}" != ""
+Requires: selinux-policy >= %{selinux_policyver}
+%endif
%description
A highly addictive, infinitely configurable multiplayer space
@@ -42,6 +51,16 @@
are playing alone, but not required if you are joining one of the
public xpilot games hosted on the internet.
+%package selinux
+Summary: SELinux policy files for the xpilot-ng game server
+Group: Amusements/Games
+Requires: %{name}-server = %{version}-%{release}
+Requires(post): /usr/sbin/semodule /usr/sbin/semanage /sbin/fixfiles
+Requires(preun): /sbin/service /usr/sbin/semodule /usr/sbin/semanage /sbin/fixfiles /usr/sbin/setsebool
+Requires(postun): /usr/sbin/semodule
+%description selinux
+SELinux policy files for the xpilot-ng game server
+
%prep
%setup -q
pushd doc/man
@@ -51,10 +70,23 @@
mv xpilot-ng-x11.man.new xpilot-ng-x11.man
popd
+mkdir SELinux
+cp %{SOURCE7} %{SOURCE8} %{SOURCE9} SELinux/
+
%build
CFLAGS="$RPM_OPT_FLAGS" %configure
make %{?_smp_mflags}
+# Build the selinux policy file
+pushd SELinux
+for variant in %{selinux_variants}
+do
+ make NAME=${variant} -f %{_datadir}/selinux/devel/Makefile
+ mv xpilotd.pp xpilotd.pp.${variant}
+ make NAME=${variant} -f %{_datadir}/selinux/devel/Makefile clean
+done
+popd
+
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
@@ -85,6 +117,18 @@
install -p -D -m 644 lib/defaults.txt $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/defaults.txt
install -p -D -m 600 lib/password.txt $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/password.txt
+# Install selinux policies
+pushd SELinux
+for variant in %{selinux_variants}
+do
+ install -d %{buildroot}%{_datadir}/selinux/${variant}
+ install -p -m 644 xpilotd.pp.${variant} \
+ %{buildroot}%{_datadir}/selinux/${variant}/xpilotd.pp
+done
+popd
+# Hardlink identical policy module packages together
+/usr/sbin/hardlink -cv %{buildroot}%{_datadir}/selinux
+
%post
touch --no-create %{_datadir}/icons/hicolor || :
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
@@ -98,26 +142,65 @@
fi
%pre server
-/usr/sbin/fedora-groupadd 25 -r xpilot &>/dev/null || :
-/usr/sbin/fedora-useradd 25 -r -s /sbin/nologin -d /usr/share/xpilot-ng -M \
- -c 'XPilot Server' -g xpilot xpilot >/dev/null || :
+user_uid=`id -u xpilot 2>/dev/null`
+if [ x"$user_uid" = x ] ; then
+ /usr/sbin/fedora-groupadd 25 -r xpilot &>/dev/null || :
+ /usr/sbin/fedora-useradd 25 -r -s /sbin/nologin -d /usr/share/xpilot-ng \
+ -M -c 'XPilot Server' -g xpilot xpilot >/dev/null || :
+fi
%post server
/sbin/chkconfig --add xpilot-ng-server
%preun server
-if [ "$1" = "0" ]; then
+if [ "$1" -le "0" ]; then
/sbin/service xpilot-ng-server stop > /dev/null 2>&1
/sbin/chkconfig --del xpilot-ng-server
fi
%postun server
if [ "$1" -ge "1" ]; then
- /sbin/service xpilot-ng-server condrestart >/dev/null 2>&1
+ /sbin/service xpilot-ng-server condrestart > /dev/null 2>&1
fi
test "$1" != 0 || /usr/sbin/fedora-userdel xpilot &>/dev/null || :
test "$1" != 0 || /usr/sbin/fedora-groupdel xpilot &>/dev/null || :
+%post selinux
+# Install SELinux policy modules
+for selinuxvariant in %{selinux_variants}
+do
+ /usr/sbin/semodule -s ${selinuxvariant} -i \
+ %{_datadir}/selinux/${selinuxvariant}/xpilotd.pp &> /dev/null || :
+done
+/usr/sbin/semanage port -a -t xpilotd_port_t -p udp 15345 &> /dev/null || :
+/usr/sbin/semanage port -a -t xpilotd_port_t -p udp 32200-32299 &> /dev/null || :
+/sbin/fixfiles -R %{name}-server restore || :
+/sbin/service %{name}-server condrestart > /dev/null 2>&1 || :
+
+%preun selinux
+if [ "$1" -lt "1" ] ; then
+ # Disable the policy and restart the daemon
+ /usr/sbin/setsebool xpilotd_disable_trans 1 &> /dev/null || :
+ /sbin/service %{name}-server condrestart > /dev/null 2>&1 || :
+ # Unload the module
+ /usr/sbin/semanage port -d -t xpilotd_port_t -p udp 15345 &> /dev/null || :
+ /usr/sbin/semanage port -d -t xpilotd_port_t -p udp 32200-32299 &> /dev/null || :
+ for variant in %{selinux_variants} ; do
+ /usr/sbin/semodule -s ${variant} -r xpilotd &> /dev/null || :
+ done
+ # Set the context back
+ /sbin/fixfiles -R %{name}-server restore || :
+fi
+
+%postun selinux
+if [ "$1" -ge "1" ] ; then
+ # Replace the module if it is already loaded. semodule -u also
+ # checks the module version
+ for variant in %{selinux_variants} ; do
+ /usr/sbin/semodule -u %{_datadir}/selinux/${variant}/xpilotd.pp || :
+ done
+fi
+
%clean
rm -rf $RPM_BUILD_ROOT
@@ -144,29 +227,30 @@
%{_initrddir}/xpilot-ng-server
%config(noreplace) %{_sysconfdir}/sysconfig/%{name}-server
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}-server
-%dir %{_datadir}/%{name}
-%{_datadir}/%{name}/defaults.txt
-%{_datadir}/%{name}/password.txt
-%{_datadir}/%{name}/robots.txt
-%{_datadir}/%{name}/shipshapes.txt
-%{_datadir}/%{name}/mapconvert.py
-%{_datadir}/%{name}/maps
+%{_datadir}/%{name}
%dir %{_sysconfdir}/%{name}
%config(noreplace) %attr(0600,xpilot,xpilot) %{_sysconfdir}/%{name}/password.txt
%config(noreplace) %{_sysconfdir}/%{name}/defaults.txt
%{_mandir}/man6/xpilot-ng-server.6.gz
%{_mandir}/man6/xpilot-ng-xp-mapedit.6.gz
%doc README COPYING
-#The following two entries need to be removed with FC-4
-%ghost %{_datadir}/%{name}/mapconvert.pyc
-%ghost %{_datadir}/%{name}/mapconvert.pyo
+
+%files selinux
+%defattr(-,root,root,-)
+%doc SELinux/*.??
+%{_datadir}/selinux/*/xpilotd.pp
%changelog
+* Tue Aug 29 2006 Wart <wart at kobold.org> 4.7.2-10
+- Added SELinux policies for the game server
+- Don't attempt to create the xpilot user if it already exists
+- Don't ghost the compiled python files anymore
+
* Mon Jul 17 2006 Wart <wart at kobold.org> 4.7.2-9
- Use the new xpilot user in the init.d script
- Add info on firewall configuration in the sysconfig script
- Explicitly disable reporting to the meta server (BZ #199164)
-- Don't restart the server in %postun unless it was already running.
+- Don't restart the server in %%postun unless it was already running.
* Tue Jul 11 2006 Wart <wart at kobold.org> 4.7.2-8
- Fix Requires: for the -server subpackage
More information about the scm-commits
mailing list