[glpi] - use httpd_var_lib_t selinux context for /var/lib/glpi - don't rely on system selinux policy in EPE

[Remi Collet]

commit 156dbbc320c925e2206aeaad12ed32a3200f9651
Author: Remi Collet <remi at fedoraproject.org>
Date:   Fri Nov 7 14:45:15 2014 +0100

    - use httpd_var_lib_t selinux context for /var/lib/glpi
    - don't rely on system selinux policy in EPEL-7
    - fix apache configuration when mod_php not enabled

 glpi-httpd.conf |   12 +++++-------
 glpi.spec       |   12 ++++++++----
 2 files changed, 13 insertions(+), 11 deletions(-)
---
diff --git a/glpi-httpd.conf b/glpi-httpd.conf
index e17d296..6d5b5b9 100644
--- a/glpi-httpd.conf
+++ b/glpi-httpd.conf
@@ -4,8 +4,6 @@ Alias /glpi /usr/share/glpi
     Options None
     AllowOverride Limit Options FileInfo
 
-    php_value memory_limit 64M
-
     <IfModule mod_authz_core.c>
         Require all granted
     </IfModule>
@@ -36,10 +34,11 @@ Alias /glpi /usr/share/glpi
 
     ErrorDocument 403 "<p><b>Restricted area.</b><br />Only local access allowed.<br />Check your configuration or contact your administrator.</p>"
 
-    # migration could be very long
-    php_value max_execution_time 0
-    php_value memory_limit -1
-
+    <IfModule mod_php5.c>
+        # migration could be very long
+        php_value max_execution_time 0
+        php_value memory_limit -1
+    </IfModule>
 </Directory>
 
 <Directory /usr/share/glpi/config>
@@ -67,4 +66,3 @@ Alias /glpi /usr/share/glpi
 #  DocumentRoot /usr/share/glpi
 #  ServerName glpi.example.com
 #</VirtualHost>
-
diff --git a/glpi.spec b/glpi.spec
index 225149b..bef5640 100644
--- a/glpi.spec
+++ b/glpi.spec
@@ -7,7 +7,7 @@
 # Please, preserve the changelog entries
 #
 
-%if 0%{?fedora} < 20 && 0%{?rhel} < 7
+%if 0%{?fedora} < 20
 # See https://bugzilla.redhat.com/1033025
 # selinux-policy : Please include policy for GLPI
 %global useselinux 1
@@ -28,7 +28,7 @@
 
 Name:           glpi
 Version:        0.84.8
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Free IT asset management software
 Summary(fr):    Gestion Libre de Parc Informatique
 
@@ -228,8 +228,7 @@ done >%{name}.lang
 semanage fcontext -a -s system_u -t httpd_sys_rw_content_t -r s0 "%{_sysconfdir}/%{name}(/.*)?"
 semanage fcontext -a -s system_u -t httpd_sys_content_t    -r s0 "%{_datadir}/%{name}(/.*)?"
 semanage fcontext -a -s system_u -t httpd_log_t            -r s0 "%{_localstatedir}/log/%{name}(/.*)?"
-# keep httpd_sys_rw_content_t (httpd_var_lib_t prevent dir creation)
-semanage fcontext -a -s system_u -t httpd_sys_rw_content_t -r s0 "%{_localstatedir}/lib/%{name}(/.*)?"
+semanage fcontext -a -s system_u -t httpd_var_lib_t        -r s0 "%{_localstatedir}/lib/%{name}(/.*)?"
 # files created by app
 restorecon -R %{_sysconfdir}/%{name}
 restorecon -R %{_datadir}/%{name}
@@ -291,6 +290,11 @@ fi
 
 
 %changelog
+* Fri Nov  7 2014 Remi Collet <remi at fedoraproject.org> - 0.84.8-2
+- use httpd_var_lib_t selinux context for /var/lib/glpi
+- don't rely on system selinux policy in EPEL-7
+- fix apache configuration when mod_php not enabled
+
 * Fri Oct 17 2014 Remi Collet <remi at fedoraproject.org> - 0.84.8-1
 - update to 0.84.8
   https://forge.indepnet.net/versions/1072