[selinux-policy/f16] Fix selinux-policy.spec to not print ugly rpmnew file
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Aug 5 20:06:51 UTC 2011
commit ee6088daa63aad42563fa5459ecabf3212ffc7ef
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Aug 5 16:03:13 2011 -0400
Fix selinux-policy.spec to not print ugly rpmnew file
selinux-policy.spec | 58 +++++++++++++++++++++++++++++++-------------------
1 files changed, 36 insertions(+), 22 deletions(-)
---
diff --git a/selinux-policy.spec b/selinux-policy.spec
index ea33730..d73f51d 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -104,19 +104,23 @@ make UNK_PERMS=%5 NAME=%1 TYPE=%2 DISTRO=%{distro} UBAC=n DIRECT_INITRC=%3 MONOL
touch %{buildroot}/%{_sysconfdir}/selinux/%1/modules/semanage.read.LOCK \
touch %{buildroot}/%{_sysconfdir}/selinux/%1/modules/semanage.trans.LOCK \
rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/booleans \
-touch %{buildroot}%{_sysconfdir}/selinux/%1/seusers \
touch %{buildroot}%{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} \
touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs \
install -m0644 selinux_config/securetty_types-%1 %{buildroot}%{_sysconfdir}/selinux/%1/contexts/securetty_types \
install -m0644 selinux_config/file_contexts.subs_dist %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files \
install -m0644 selinux_config/setrans-%1.conf %{buildroot}%{_sysconfdir}/selinux/%1/setrans.conf \
install -m0644 selinux_config/customizable_types %{buildroot}%{_sysconfdir}/selinux/%1/contexts/customizable_types \
+touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/seusers \
+touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/file_contexts.local \
+touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/nodes.local \
+touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/users_extra.local \
+touch %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/users.local \
bzip2 -c %{buildroot}/%{_usr}/share/selinux/%1/base.pp > %{buildroot}/%{_sysconfdir}/selinux/%1/modules/active/base.pp \
rm -f %{buildroot}/%{_usr}/share/selinux/%1/base.pp \
for i in %{buildroot}/%{_usr}/share/selinux/%1/*.pp; do bzip2 -c $i > %{buildroot}/%{_sysconfdir}/selinux/%1/modules/active/modules/`basename $i`; done \
rm -f %{buildroot}/%{_usr}/share/selinux/%1/*pp* \
/usr/sbin/semodule -s %1 -n -B -p %{buildroot}; \
-/usr/bin/md5sum %{buildroot}%{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} | cut -d' ' -f 1 > %{buildroot}%{_sysconfdir}/selinux/%1/.policymd5 \
+/usr/bin/md5sum %{buildroot}%{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} | cut -d' ' -f 1 > %{buildroot}%{_sysconfdir}/selinux/%1/.policymd5; \
rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/contexts/netfilter_contexts
%nil
@@ -131,16 +135,19 @@ rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/contexts/netfilter_contexts
%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/semanage.trans.LOCK \
%dir %attr(700,root,root) %dir %{_sysconfdir}/selinux/%1/modules/active \
%dir %{_sysconfdir}/selinux/%1/modules/active/modules \
-%config(noreplace) %verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/policy.kern \
+%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/policy.kern \
%verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/modules/active/commit_num \
%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/base.pp \
-%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/file_contexts* \
+%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/file_contexts \
+%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/file_contexts.homedirs \
+%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/file_contexts.template \
%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/seusers.final \
%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/netfilter_contexts \
%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/users_extra \
%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/homedir_template \
%verify(not mtime) %{_sysconfdir}/selinux/%1/modules/active/modules/*.pp \
-#%verify(not md5 size mtime) %attr(600,root,root) %config(noreplace) %{_sysconfdir}/selinux/%1/modules/active/seusers \
+%ghost %{_sysconfdir}/selinux/%1/modules/active/*.local \
+%ghost %{_sysconfdir}/selinux/%1/modules/active/seusers \
%dir %{_sysconfdir}/selinux/%1/policy/ \
%verify(not mtime) %{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} \
%{_sysconfdir}/selinux/%1/.policymd5 \
@@ -161,6 +168,7 @@ rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/contexts/netfilter_contexts
%dir %{_sysconfdir}/selinux/%1/contexts/files \
%verify(not mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts \
%verify(not mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.homedirs \
+%verify(not mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local \
%verify(not mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs \
%verify(not mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs_dist \
%config %{_sysconfdir}/selinux/%1/contexts/files/media \
@@ -171,15 +179,6 @@ rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/contexts/netfilter_contexts
%config(noreplace) %{_sysconfdir}/selinux/%1/contexts/users/user_u \
%config(noreplace) %{_sysconfdir}/selinux/%1/contexts/users/staff_u
-%define saveFileContext() \
-if [ -s /etc/selinux/config ]; then \
- . %{_sysconfdir}/selinux/config; \
- FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
- if [ "${SELINUXTYPE}" = %1 -a -f ${FILE_CONTEXT} ]; then \
- [ -f ${FILE_CONTEXT}.pre ] || cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.pre; \
- fi \
-fi;
-
%define relabel() \
. %{_sysconfdir}/selinux/config; \
FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
@@ -188,14 +187,29 @@ if [ $? = 0 -a "${SELINUXTYPE}" = %1 -a -f ${FILE_CONTEXT}.pre ]; then \
/sbin/fixfiles -C ${FILE_CONTEXT}.pre restore; \
/sbin/restorecon -R /root /var/log /var/run 2> /dev/null; \
rm -f ${FILE_CONTEXT}.pre; \
-fi;
+fi;
+
+%define preInstall() \
+if [ -s /etc/selinux/config ]; then \
+ . %{_sysconfdir}/selinux/config; \
+ FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
+ if [ "${SELINUXTYPE}" = %1 -a -f ${FILE_CONTEXT} ]; then \
+ [ -f ${FILE_CONTEXT}.pre ] || cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.pre; \
+ fi; \
+ touch /etc/selinux/%1/.rebuild; \
+ if [ -e /etc/selinux/%1/.policymd5 ]; then \
+ md5=`md5sum /etc/selinux/%1/modules/active/policy.kern | cut -d ' ' -f 1`; \
+ checkmd5=`cat /etc/selinux/%1/.policymd5`; \
+ if [ "$md5" == "$checkmd5" ] ; then \
+ rm /etc/selinux/%1/.rebuild; \
+ fi; \
+ fi; \
+fi;
%define postInstall() \
. %{_sysconfdir}/selinux/config; \
-rm -f /etc/selinux/%2/modules/active/policy.kern.rpmnew; \
-md5=`md5sum /etc/selinux/%2/modules/active/policy.kern | cut -d ' ' -f 1`; \
-checkmd5=`cat /etc/selinux/%2/.policymd5`; \
-if [ "$md5" != "$checkmd5" ] ; then \
+if [ -e /etc/selinux/%2/.rebuild ]; then \
+ rm /etc/selinux/%2/.rebuild; \
if [ %1 -ne 1 ]; then \
/usr/sbin/semodule -n -s %2 -r moilscanner gamin audio_entropy iscsid polkit_auth polkit rtkit_daemon ModemManager telepathysofiasip ethereal passanger qpidd 2>/dev/null; \
fi \
@@ -336,7 +350,7 @@ Conflicts: 389-ds-base < 1.2.7, 389-admin < 1.1.12
SELinux Reference policy targeted base module.
%pre targeted
-%saveFileContext targeted
+%preInstall targeted
%post targeted
%postInstall $1 targeted
@@ -381,7 +395,7 @@ Conflicts: seedit
SELinux Reference policy minimum base module.
%pre minimum
-%saveFileContext minimum
+%preInstall minimum
if [ $1 -ne 1 ]; then
/usr/sbin/semodule -s minimum -l 2>/dev/null | awk '{ print $1 }' > /usr/share/selinux/minimum/instmodules.lst
fi
@@ -439,7 +453,7 @@ Conflicts: seedit
SELinux Reference policy mls base module.
%pre mls
-%saveFileContext mls
+%preInstall mls
%post mls
%postInstall $1 mls
More information about the scm-commits
mailing list