[389-ds-base] Remove selinux policy
Nathan Kinder
nkinder at fedoraproject.org
Fri Nov 12 22:01:02 UTC 2010
commit a2c95ac0a98ce097f312a7e3684d8441990d6ded
Author: Nathan Kinder <nkinder at redhat.com>
Date: Fri Nov 12 13:59:55 2010 -0800
Remove selinux policy
This removes the dirsrv selinux policy from 389-ds-base. The same
policy is being implemented in the selinux-policy-base package now,
so we no longer need to build and carry it here.
389-ds-base.spec | 78 +++++------------------------------------------------
1 files changed, 8 insertions(+), 70 deletions(-)
---
diff --git a/389-ds-base.spec b/389-ds-base.spec
index 1ea8d62..bc72567 100644
--- a/389-ds-base.spec
+++ b/389-ds-base.spec
@@ -3,17 +3,16 @@
# for a pre-release, define the prerel field e.g. .a1 .rc2 - comment out for official release
# also remove the space between % and global - this space is needed because
# fedpkg verrel stupidly ignores comment lines
-%global prerel .a5
+# % global prerel .a5
# also need the relprefix field for a pre-release e.g. .0 - also comment out for official release
-%global relprefix 0.
+# % global relprefix 0.
-%global selinux_variants mls targeted
%global use_openldap 1
Summary: 389 Directory Server (base)
Name: 389-ds-base
Version: 1.2.7
-Release: %{?relprefix}6%{?prerel}%{?dist}
+Release: %{?relprefix}1%{?prerel}%{?dist}
License: GPLv2 with exceptions
URL: http://port389.org/
Group: System Environment/Daemons
@@ -21,6 +20,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Provides: fedora-ds-base = %{version}-%{release}
Obsoletes: fedora-ds-base < 1.2.1-1
Obsoletes: %{name}-selinux
+Conflicts: selinux-policy-base < 3.9.8
BuildRequires: nspr-devel
BuildRequires: nss-devel
@@ -44,22 +44,12 @@ BuildRequires: bzip2-devel
BuildRequires: zlib-devel
BuildRequires: openssl-devel
BuildRequires: tcp_wrappers
-# The following are needed to build the SELinux policy
-BuildRequires: checkpolicy
-BuildRequires: selinux-policy-devel
-BuildRequires: /usr/share/selinux/devel/Makefile
# the following is for the pam passthru auth plug-in
BuildRequires: pam-devel
# this is needed for using semanage from our setup scripts
Requires: policycoreutils-python
-# these are needed for selinux
-Requires: selinux-policy
-Requires(post): policycoreutils
-Requires(preun): policycoreutils
-Requires(postun): policycoreutils
-
# the following are needed for some of our scripts
%if %{use_openldap}
Requires: openldap-clients
@@ -116,14 +106,6 @@ Obsoletes: fedora-ds-base-devel < 1.2.1-1
%description devel
Development Libraries and headers for the 389 Directory Server base package.
-%package selinux-devel
-Summary: Development interface for 389 Directory Server base SELinux policy
-Group: Development/Libraries
-Requires: %{name} = %{version}-%{release}
-
-%description selinux-devel
-SELinux policy interface for the 389 Directory Server base package.
-
%prep
%setup -q -n %{name}-%{version}%{?prerel}
cp %{SOURCE2} README.devel
@@ -143,15 +125,6 @@ export USE_64=1
make %{?_smp_mflags}
-# Build the SELinux policy module for each variant
-cd selinux-built
-for selinuxvariant in %{selinux_variants}
-do
- make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile
- mv %{pkgname}.pp %{pkgname}.pp.${selinuxvariant}
- make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean
-done
-cd -
%install
rm -rf $RPM_BUILD_ROOT
@@ -176,23 +149,6 @@ install -p -m 644 ldap/servers/plugins/replication/repl-session-plugin.h $RPM_BU
# make sure perl scripts have a proper shebang
sed -i -e 's|#{{PERL-EXEC}}|#!/usr/bin/perl|' $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/script-templates/template-*.pl
-# Install the SELinux policy
-cd selinux-built
-for selinuxvariant in %{selinux_variants}
-do
- install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
- install -p -m 644 %{pkgname}.pp.${selinuxvariant} \
- %{buildroot}%{_datadir}/selinux/${selinuxvariant}/%{pkgname}.pp
-done
-cd -
-
-# Install the SELinux policy interface
-cd selinux-built
-install -d %{buildroot}%{_datadir}/%{pkgname}-selinux
-install -p -m 644 %{pkgname}.if %{buildroot}%{_datadir}/%{pkgname}-selinux/%{pkgname}.if
-install -p -m 644 %{pkgname}.te %{buildroot}%{_datadir}/%{pkgname}-selinux/%{pkgname}.te
-install -p -m 644 %{pkgname}.fc %{buildroot}%{_datadir}/%{pkgname}-selinux/%{pkgname}.fc
-cd -
%clean
rm -rf $RPM_BUILD_ROOT
@@ -244,13 +200,6 @@ else
-- print("in %{pkgname} post - installing")
%{pkgname}_upgrading = false
end
--- load the selinux policy module
-variants = "%{selinux_variants}"
-for selinuxvariant in string.gfind(variants, "%a+") do
- os.execute('semodule -s '..selinuxvariant..' -i %{_datadir}/selinux/'..selinuxvariant..'/%{pkgname}.pp > /dev/null 2>&1')
-end
--- label the files installed by this package
-os.execute('fixfiles -R %{name} restore > /dev/null 2>&1')
%preun
@@ -259,20 +208,10 @@ if [ $1 = 0 ]; then # Final removal
/sbin/chkconfig --del %{pkgname}
/sbin/service %{pkgname}-snmp stop >/dev/null 2>&1 || :
/sbin/chkconfig --del %{pkgname}-snmp
- for selinuxvariant in %{selinux_variants}
- do
- semodule -s ${selinuxvariant} -r %{pkgname} 2>/dev/null || :
- done
fi
%postun
/sbin/ldconfig
-if [ "$1" -ge "1" ]; then # Upgrade
-for selinuxvariant in %{selinux_variants}
-do
- semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/%{pkgname}.pp 2>/dev/null || :
-done
-fi
%posttrans -p <lua>
-- if we saved the run level configuration in %pre, restore it now
@@ -338,7 +277,6 @@ end
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/template-initconfig
%config(noreplace)%{_sysconfdir}/sysconfig/%{pkgname}
%{_datadir}/%{pkgname}
-%{_datadir}/selinux/*/%{pkgname}.pp
%{_sysconfdir}/rc.d/init.d/%{pkgname}
%{_sysconfdir}/rc.d/init.d/%{pkgname}-snmp
%{_bindir}/*
@@ -360,11 +298,11 @@ end
%{_includedir}/%{pkgname}
%{_libdir}/%{pkgname}/*.so
-%files selinux-devel
-%defattr(-,root,root,-)
-%{_datadir}/%{pkgname}-selinux
-
%changelog
+* Fri Nov 12 2010 Nathan Kinder <nkinder at redhat.com> - 1.2.7-1
+- 1.2.5 release - git tag 389-ds-base-1.2.7
+- Bug 648949 - Merge dirsrv and dirsrv-admin policy modules into base policy
+
* Tue Nov 9 2010 Rich Megginson <rmeggins at redhat.com> - 1.2.7-0.6.a5
- 1.2.7.a5 release - git tag 389-ds-base-1.2.7.a5
- Bug 643979 - Strange byte sequence for attribute with no values (nsslapd-ref
More information about the scm-commits
mailing list