[cgit] docs: install README.SELinux again

Pavel Raiskup praiskup at fedoraproject.org
Tue Jul 8 08:35:12 UTC 2014 

commit a9267ec22bb0b1d6917696f3c2451e98fa72bb37
Author: Pavel Raiskup <praiskup at redhat.com>
Date:   Mon Jul 7 23:24:37 2014 +0200

    docs: install README.SELinux again
    
    Instruct user to set the same fcontext as is set to /var/www/git
    on particular distribution.
    
    Related: #1036123
    Version: 0.10.2-2

 README.SELinux |    5 ++---
 cgit.spec      |   25 ++++++++++++++++++++++++-
 2 files changed, 26 insertions(+), 4 deletions(-)
---
diff --git a/README.SELinux b/README.SELinux
index 95c690c..1f63c62 100644
--- a/README.SELinux
+++ b/README.SELinux
@@ -11,11 +11,10 @@ handled automatically for repositories in the default path, /var/lib/git.  If
 your repositories are in a different path, /srv/git, for example, you can set
 the proper context using semanage:
 
-    # semanage fcontext -a -t httpd_sys_content_t "/srv/git(/.*)?"
+    # semanage fcontext -a -t @CGIT_CONTEXT@ "/srv/git(/.*)?"
 
 If you have other confined daemons that need to access the git repositories,
-you may want to use public_content_t, or public_content_rw_t instead of
-httpd_sys_content_t.
+you may want to use public_content_t, or public_content_rw_t instead.
 
 Then use restorecon to update the contexts:
 
diff --git a/cgit.spec b/cgit.spec
index 26718af..c9d3917 100644
--- a/cgit.spec
+++ b/cgit.spec
@@ -22,7 +22,7 @@ make V=1 %{?_smp_mflags} \\\
 
 Name:           cgit
 Version:        0.10.2
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A fast web interface for git
 
 Group:          Development/Tools
@@ -32,6 +32,7 @@ Source0:        http://git.zx2c4.com/cgit/snapshot/%{name}-%{version}.tar.xz
 Source1:        http://www.kernel.org/pub/software/scm/git//git-%{gitver}.tar.xz
 Source2:        cgitrc
 Source3:        cgit.httpd
+Source4:        README.SELinux
 # On all but RHEL5 highlight is version 3. 
 %if 0%{?fedora} || 0%{?rhel} >= 6
 Patch1:         cgit-0.9.1-highlightv3.patch
@@ -67,6 +68,25 @@ rm -rf git
 mv git-%{gitver} git
 sed -i 's/^\(CFLAGS = \).*/\1%{optflags}/' git/Makefile
 
+# I tried to use matchpathcon, but we would need to require
+# selinux-policy-targeted probably.
+
+build_dist=%{?fedora:fedora}%{?rhel:rhel}
+build_ver=%{?fedora}%{?rhel}
+
+cgit_context=git_content_t
+case "$build_dist-$build_ver" in
+    fedora-19|fedora-20|rhel-6|rhel-7)
+        cgit_context=httpd_git_content_t
+        ;;
+    rhel-5|-)
+        cgit_context=httpd_sys_content_t
+        ;;
+esac
+
+sed -e "s|@CGIT_CONTEXT@|$cgit_context|g" \
+    %{SOURCE4} > README.SELinux
+
 %build
 %{make_cgit}
 
@@ -105,6 +125,9 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Mon Jul 07 2014 Pavel Raiskup <praiskup at redhat.com> - 0.10.2-2
+- install README.SELinux documentation again (#1036123)
+
 * Tue Jul 01 2014 Kevin Fenzi <kevin at scrye.com> 0.10.2-1
 - Update to 0.10.2. Fixes bug #1114970

More information about the scm-commits mailing list