[policycoreutils/f18] Add missing spec.py from templates directory needed for sepolicy generate

Daniel J Walsh dwalsh at fedoraproject.org
Wed Oct 17 12:44:29 UTC 2012 

commit 84aee825fefc357c591ae3519e1ffea81ee59ec4
Author: rhatdan <dwalsh at redhat.com>
Date:   Wed Oct 17 08:43:56 2012 -0400

    Add missing spec.py from templates directory needed for sepolicy generate
    
    - Add /var/tmp as collection point for sandbox apps.

 policycoreutils-rhat.patch |   92 ++++++++++++++++++++++++++++++++++++++++++-
 policycoreutils.spec       |    6 ++-
 2 files changed, 94 insertions(+), 4 deletions(-)
---
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 1410fa5..7e118b1 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -334740,7 +334740,7 @@ index 4ba51bf..bd50ade 100644
 +#~ msgid "Disable SELinux protection for NIS Transfer Daemon"
 +#~ msgstr "停用 NIS 傳輸 daemon 的 SELinux 保護"
 diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
-index 0ecb6be..4546014 100644
+index 0ecb6be..6760bc1 100644
 --- a/policycoreutils/sandbox/sandbox
 +++ b/policycoreutils/sandbox/sandbox
 @@ -26,7 +26,7 @@ import signal
@@ -334752,7 +334752,15 @@ index 0ecb6be..4546014 100644
  
  PROGNAME = "policycoreutils"
  SEUNSHARE = "/usr/sbin/seunshare"
-@@ -275,7 +275,7 @@ kill -TERM $WM_PID  2> /dev/null
+@@ -241,6 +241,7 @@ class Sandbox:
+            for f in files:
+                   copyfile(f, homedir, self.__homedir)
+                   copyfile(f, "/tmp", self.__tmpdir)
++                  copyfile(f, "/var/tmp", self.__tmpdir)
+ 
+     def __setup_sandboxrc(self, wm = "/usr/bin/matchbox-window-manager -use_titlebar no"):
+            execfile =self.__homedir + "/.sandboxrc"
+@@ -275,7 +276,7 @@ kill -TERM $WM_PID  2> /dev/null
                 types = _("""
  Policy defines the following types for use with the -t:
  \t%s
@@ -334761,7 +334769,7 @@ index 0ecb6be..4546014 100644
          except RuntimeError:
                 pass
  
-@@ -349,7 +349,12 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
+@@ -349,7 +350,12 @@ sandbox [-h] [-c] [-l level ] [-[X|M] [-H homedir] [-T tempdir]] [-I includefile
  
          if self.__options.X_ind:
                 self.setype = DEFAULT_X_TYPE
@@ -341752,6 +341760,84 @@ index 0000000..f77e50e
 +udp_ports="""
 +semanage ports -a -t TEMPLATETYPE_port_t -p udp PORTNUM
 +"""
+diff --git a/policycoreutils/sepolicy/sepolicy/templates/spec.py b/policycoreutils/sepolicy/sepolicy/templates/spec.py
+new file mode 100644
+index 0000000..ca109aa
+--- /dev/null
++++ b/policycoreutils/sepolicy/sepolicy/templates/spec.py
+@@ -0,0 +1,72 @@
++header_comment_section="""\
++# vim: sw=4:ts=4:et
++"""
++
++base_section="""\
++
++%define selinux_policyver VERSION
++
++Name:   MODULENAME_selinux
++Version:	1.0
++Release:	1%{?dist}
++Summary:	SELinux policy module for MODULENAME
++
++Group:	System Environment/Base		
++License:	GPLv2+	
++# This is an example. You will need to change it.
++URL:		http://HOSTNAME
++Source0:	MODULENAME.pp
++Source1:	MODULENAME.if
++Source2:	MODULENAME_selinux.8
++
++Requires: policycoreutils 
++Requires: selinux-policy-base >= %{selinux_policyver}
++Requires(post): /usr/sbin/semodule, /sbin/restorecon, /usr/sbin/selinuxenabled, /usr/sbin/semanage
++Requires(postun): /usr/sbin/semodule, /sbin/restorecon
++BuildArch: noarch
++
++%description
++This package installs and sets up the  SELinux policy security module for MODULENAME.
++
++%install
++# Install SELinux interfaces
++install -d %{buildroot}%{_datadir}/selinux/devel/include/contrib
++install -m 644 MODULENAME.if %{buildroot}%{_datadir}/selinux/devel/include/contrib/MODULENAME.if
++install -d %{buildroot}%{_datadir}/selinux/packages
++install -m 644 MODULENAME.pp %{buildroot}%{_datadir}/selinux/packages/
++install -d %{buildroot}%{_mandir}/man8/
++install -m 644 MODULENAME_selinux.8 %{buildroot}%{_mandir}/man8/
++
++%post
++if /usr/sbin/selinuxenabled ; then
++    semodule -i %{_datadir}/selinux/packages/MODULENAME.pp;
++    %relabel_files
++fi;
++exit 0
++
++%postun
++if [ $1 -eq 0 ]; then
++    semodule -r MODULENAME;
++    %relabel_files
++fi;
++exit 0
++
++%files
++%attr(0600,root,root) %{_datadir}/selinux/packages/MODULENAME.pp
++%{_datadir}/selinux/devel/include/contrib/MODULENAME.if
++%{_mandir}/man8/MODULENAME_selinux.8.*
++
++%changelog
++* TODAYSDATE YOUR NAME <YOUR at EMAILADDRESS> 1.0-1
++- Initial version
++
++"""
++
++define_relabel_files_begin ="""\
++\n
++%define relabel_files() \\
++"""
++
++define_relabel_files_end ="""\
++restorecon -R FILENAME; \\
++"""
 diff --git a/policycoreutils/sepolicy/sepolicy/templates/tmp.py b/policycoreutils/sepolicy/sepolicy/templates/tmp.py
 new file mode 100644
 index 0000000..c000a75
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 33504e5..8331039 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.13
-Release: 11%{?dist}
+Release: 12%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -330,6 +330,10 @@ The policycoreutils-restorecond package contains the restorecond service.
 %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 
 %changelog
+* Wed Oct 17 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-12
+- Add missing spec.py from templates directory needed for sepolicy generate
+- Add /var/tmp as collection point for sandbox apps.
+
 * Tue Oct 16 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.12-11
 - Handle audit2allow -b in foreign locales

More information about the scm-commits mailing list