[pam_shield] - fixed selinux conflict by adding context definition - added some additional cleanup on uninstall
Carl Thompson
redragon at fedoraproject.org
Fri Aug 12 07:44:39 UTC 2011
commit 45e96d51f8a39400e29f632663eb7aaf57a714be
Author: Carl <redragon at gkar.home>
Date: Fri Aug 12 02:44:18 2011 -0500
- fixed selinux conflict by adding context definition
- added some additional cleanup on uninstall
pam_shield.spec | 25 ++++++++++++++++++++++++-
1 files changed, 24 insertions(+), 1 deletions(-)
---
diff --git a/pam_shield.spec b/pam_shield.spec
index 9a35fc4..244e908 100644
--- a/pam_shield.spec
+++ b/pam_shield.spec
@@ -1,6 +1,6 @@
Name: pam_shield
Version: 0.9.5
-Release: 8%{?dist}
+Release: 9%{?dist}
Summary: Pam Shield - A pam module to counter brute force attacks
Group: System Environment/Libraries
@@ -10,8 +10,14 @@ Source0: http://www.heiho.net/pam_shield/pam_shield-0.9.5.tar.gz
Source1: shield-trigger.8.gz
Source2: shield-purge.8.gz
Source3: shield-trigger-iptables.8.gz
+Source4: pam_shield.selinux
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: pam-devel, gdbm-devel
+%if 0%{?rhel} <= 5
+Requires: policycoreutils
+%else
+Requires: policycoreutils-python
+%endif
Patch0: shield_purge_segfault.patch
Patch1: shield-trigger-iptables.patch
@@ -69,6 +75,20 @@ install -m 644 %{SOURCE3} %{buildroot}%{_mandir}/man8/
%clean
rm -rf %{buildroot}
+%post
+semanage fcontext -a -t var_auth_t '/var/lib/pam_shield' 2>/dev/null || :
+restorecon -R /var/lib/pam_shield || :
+
+%postun
+if [ $1 -eq 0 ] ; then
+semanage fcontext -d -t var_auth_t '/var/lib/pam_shield' 2>/dev/null || :
+fi
+
+%postun
+if [ $1 -eq 0 ] ; then
+rm -f /var/lib/pam_shield/db
+fi
+
%files
%defattr(-,root,root)
/%{_lib}/security/pam_shield.so
@@ -89,6 +109,9 @@ rm -rf %{buildroot}
%{_sbindir}/shield-trigger-iptables
%changelog
+* Thu Aug 11 2011 Carl Thompson <fedora at red-dragon.com> 0.9.5-9
+- fixed selinux conflict by adding context definition
+- added some additional cleanup on uninstall
* Sat Apr 30 2011 Carl Thompson <fedora at red-dragon.com> 0.9.5-8
- patches shield-trigger-iptables to insert rules instead of add
- and added checks for chain existance and creation if necessary
More information about the scm-commits
mailing list