[selinux-policy] Only build the sandbox.pp file for targeted

Wed Sep 25 16:53:55 UTC 2013

commit b03c8659de3b10b2a08e249a3cd81c666154c0c2
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Wed Sep 25 12:53:36 2013 -0400

    Only build the sandbox.pp file for targeted

 config.tgz               |  Bin 3264 -> 3189 bytes
 modules-mls-contrib.conf |    7 -------
 selinux-policy.spec      |    5 +++--
 3 files changed, 3 insertions(+), 9 deletions(-)
---

diff --git a/config.tgz b/config.tgz
index 8c27ac6..c4a79da 100644
Binary files a/config.tgz and b/config.tgz differ
diff --git a/modules-mls-contrib.conf b/modules-mls-contrib.conf
index 09758d1..733628e 100644
--- a/modules-mls-contrib.conf
+++ b/modules-mls-contrib.conf
@@ -1256,13 +1256,6 @@ sambagui = module
 # 
 samba = module
 
-# Layer: apps
-# Module: sandbox
-#
-# Experimental policy for running apps within a sandbox
-# 
-sandbox = module
-
 # Layer: services
 # Module: sasl
 #
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 427995a..c82dda0 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.12.1
-Release: 82%{?dist}
+Release: 82.1%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -185,7 +185,6 @@ rm -f %{buildroot}/%{_usr}/share/selinux/%1/base.pp  \
 for i in %{buildroot}/%{_usr}/share/selinux/%1/*.pp; do bzip2 -c $i > %{buildroot}/%{_sysconfdir}/selinux/%1/modules/active/modules/`basename $i`; done \
 rm -f %{buildroot}/%{_usr}/share/selinux/%1/*pp*  \
 mkdir -p %{buildroot}%{_usr}/share/selinux/packages \
-mv %{buildroot}/%{_sysconfdir}/selinux/%1/modules/active/modules/sandbox.pp %{buildroot}/usr/share/selinux/packages \
 /usr/sbin/semodule -s %1 -n -B -p %{buildroot}; \
 /usr/bin/sha512sum %{buildroot}%{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} | cut -d' ' -f 1 > %{buildroot}%{_sysconfdir}/selinux/%1/.policy.sha512; \
 rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/contexts/netfilter_contexts  \
@@ -348,6 +347,7 @@ cp %{SOURCE28} %{buildroot}/%{_usr}/share/selinux/targeted
 %makeCmds targeted mcs n allow
 %makeModulesConf targeted base contrib
 %installCmds targeted mcs n allow
+mv %{buildroot}/%{_sysconfdir}/selinux/targeted/modules/active/modules/sandbox.pp %{buildroot}/usr/share/selinux/packages
 %modulesList targeted 
 %endif
 
@@ -359,6 +359,7 @@ cp %{SOURCE28} %{buildroot}/%{_usr}/share/selinux/minimum
 %makeCmds minimum mcs n allow
 %makeModulesConf targeted base contrib
 %installCmds minimum mcs n allow
+rm -f %{buildroot}/%{_sysconfdir}/selinux/minimum/modules/active/modules/sandbox.pp
 %modulesList minimum
 %endif
 
