[selinux-policy: 3/4] Do a better job of cleaning up old policy files, trigger relabel of /home on upgrade to F19
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Jan 29 15:53:30 UTC 2013
commit b59d07ae2884e594046e0889ffe0f3945d8f6f18
Author: Dan Walsh <dwalsh at redhat.com>
Date: Mon Jan 28 15:36:16 2013 -0500
Do a better job of cleaning up old policy files, trigger relabel of /home on upgrade to F19
selinux-policy.spec | 21 ++++-----------------
1 files changed, 4 insertions(+), 17 deletions(-)
---
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 4df2d60..d8d87da 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -57,7 +57,6 @@ Url: http://oss.tresys.com/repos/refpolicy/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
BuildRequires: python gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-devel >= %{POLICYCOREUTILSVER} bzip2
-Requires: selinux-policy-filesystem
Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
Requires(post): /bin/awk /usr/bin/sha512sum
@@ -68,20 +67,11 @@ SELinux Base package
%defattr(-,root,root,-)
%dir %{_usr}/share/selinux
%dir %{_usr}/share/selinux/packages
+%dir %{_sysconfdir}/selinux
%ghost %config(noreplace) %{_sysconfdir}/selinux/config
%ghost %{_sysconfdir}/sysconfig/selinux
%{_usr}/lib/tmpfiles.d/selinux-policy.conf
-%package filesystem
-Summary: SELinux policy filesystem
-Group: System Environment/Base
-
-%description filesystem
-SELinux policy filesytem
-
-%files filesystem
-%dir %{_sysconfdir}/selinux
-
%package devel
Summary: SELinux policy devel
Group: System Environment/Base
@@ -262,17 +252,14 @@ fi;
. %{_sysconfdir}/selinux/config; \
if [ -e /etc/selinux/%2/.rebuild ]; then \
rm /etc/selinux/%2/.rebuild; \
- (cd /etc/selinux/%2/modules/active/modules; rm -f gnomeclock.pp ctdbd.pp fcoemon.pp isnsd.pp l2tpd.pp qemu.pp nsplugin.pp razor.pp pyzord.pp phpfpm.pp hotplug.pp consoletype.pp kudzu.pp howl.pp) \
- if [ %1 -ne 1 ]; then \
- /usr/sbin/semodule -n -s %2 -r gnomeclock matahari xfs kudzu kerneloops execmem openoffice ada tzdata hal hotplug howl java mono moilscanner gamin audio_entropy audioentropy iscsid polkit_auth polkit rtkit_daemon ModemManager telepathysofiasip ethereal passanger qpidd pyzor razor pki-selinux phpfpm consoletype ctdbd fcoemon isnsd l2tp 2>/dev/null; \
- fi \
+ (cd /etc/selinux/%2/modules/active/modules; rm -f gnomeclock.pp matahari.pp xfs.pp kudzu.pp kerneloops.pp execmem.pp openoffice.pp ada.pp tzdata.pp hal.pp hotplug.pp howl.pp java.pp mono.pp moilscanner.pp gamin.pp audio_entropy.pp audioentropy.pp iscsid.pp polkit_auth.pp polkit.pp rtkit_daemon.pp ModemManager.pp telepathysofiasip.pp ethereal.pp passanger.pp qpidd.pp pyzor.pp razor.pp pki-selinux.pp phpfpm.pp consoletype.pp ctdbd.pp fcoemon.pp isnsd.pp l2tp.pp ) \
/usr/sbin/semodule -B -n -s %2; \
else \
touch /etc/selinux/%2/modules/active/modules/sandbox.disabled \
fi; \
[ "${SELINUXTYPE}" == "%2" ] && selinuxenabled && load_policy; \
if [ %1 -eq 1 ]; then \
- /sbin/restorecon -R /root /var/log /var/run 2> /dev/null; \
+ /sbin/restorecon -R /root /var/log /run 2> /dev/null; \
else \
%relabel %2 \
fi;
@@ -434,7 +421,7 @@ SELinux Reference policy targeted base module.
%postInstall $1 targeted
exit 0
-%triggerpostun targeted -- selinux-policy-targeted < 3.11.0-1.fc18
+%triggerpostun targeted -- selinux-policy-targeted < selinux-policy-3.12.1-7.fc19
restorecon -R -p /home
exit 0
More information about the scm-commits
mailing list