libselinux/libselinux.spec

%global ruby_inc %(pkg-config --cflags ruby)
%global libsepol_version 3.1

Name:    libselinux
Version: 3.1
Release: 5
License: Public Domain
Summary: SELinux library and simple utilities
Url:     https://github.com/SELinuxProject/selinux/wiki
Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/libselinux-3.1.tar.gz

#Patch0:  libselinux-Use-Python-distutils-to-install-SELinux-p.patch

Patch6000: backport-libselinux-fix-segfault-in-add_xattr_entry.patch
Patch6001: backport-libselinux-selinux_check_passwd_access_internal-resp.patch
Patch6002: backport-libselinux-selabel_get_digests_all_partial_matches-f.patch
Patch6003: backport-libselinux-getconlist-free-memory-on-multiple-level-.patch
Patch6004: backport-libselinux-getdefaultcon-free-memory-on-multiple-sam.patch
Patch6005: backport-libselinux-store_stem-do-not-free-possible-non-heap-.patch
Patch6006: backport-libselinux-matchmediacon-close-file-on-error.patch
Patch6007: backport-libselinux-init_selinux_config-free-resources-on-err.patch
Patch6008: backport-libselinux-label_file-init-do-not-pass-NULL-to-strdu.patch
Patch6009: backport-libselinux-matchpathcon-free-memory-on-realloc-failu.patch
Patch6010: backport-libselinux-label_db-db_init-open-file-with-CLOEXEC-m.patch
Patch6011: backport-libselinux-make-selinux_status_open-3-reentrant.patch
Patch6012: backport-libselinux-selinux_status_open-return-1-in-fallback-.patch
Patch6013: backport-libselinux-Fix-potential-undefined-shifts.patch

Patch9000: do-malloc-trim-after-load-policy.patch

BuildRequires: gcc python3-devel systemd swig pcre2-devel xz-devel
BuildRequires: ruby-devel libsepol-static

Requires:  libsepol >= %{libsepol_version} pcre2
Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138

Provides:  %{name}-utils = %{version}-%{release}
Obsoletes: %{name}-utils < %{version}-%{release}

%description
libselinux provides an interface to get and set process and file
security contexts and to obtain security policy decisions.

%package devel
Summary: Header files and libraries used to build SELinux
Requires: %{name} = %{version}-%{release}
Requires: libsepol-devel >= %{libsepol_version}

Provides:  %{name}-static = %{version}-%{release}
Obsoletes: %{name}-static < %{version}-%{release}

%description devel
libselinux provides an interface to get and set process and file
security contexts and to obtain security policy decisions.

%package -n python3-libselinux
Summary: SELinux python3 bindings for libselinux
Requires:  %{name} = %{version}-%{release}
Provides:  %{name}-python3 = %{version}-%{release}
Obsoletes: %{name}-python3 < %{version}-%{release}

%description -n python3-libselinux
The libselinux-python3 package contains the python bindings for developing
SELinux applications.

%package ruby
Summary: SELinux ruby bindings for libselinux
Requires: %{name} = %{version}-%{release}
Provides: ruby(selinux)

%description ruby
The libselinux-ruby package contains the ruby bindings for developing
SELinux applications.

%package_help

%prep
%autosetup -p 1 -n libselinux-%{version}

%build
export LDFLAGS="%{?__global_ldflags}"
export DISABLE_RPM="y"
export USE_PCRE2="y"

make clean
%make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" swigify
%make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" all
%make_build %{__python3} LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" pywrap
%make_build RUBYINC="%{ruby_inc}" SHLIBDIR="%{_libdir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" CFLAGS="-g %{optflags}" rubywrap

%install
rm -rf   %{buildroot}
mkdir -p %{buildroot}%{_tmpfilesdir}
mkdir -p %{buildroot}%{_libdir}
mkdir -p %{buildroot}%{_includedir}
mkdir -p %{buildroot}%{_sbindir}

install -d -m 0755 %{buildroot}%{_rundir}/setrans
echo "d %{_rundir}/setrans 0755 root root" > %{buildroot}%{_tmpfilesdir}/libselinux.conf

make PYTHON=%{__python3} DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" \
SHLIBDIR="%{_lib}" BINDIR="%{_bindir}" SBINDIR="%{_sbindir}" LIBSEPOLA="%{_libdir}/libsepol.a" install-pywrap

make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" \
BINDIR="%{_bindir}" SBINDIR="%{_sbindir}" RUBYINSTALL=%{ruby_vendorarchdir} install install-rubywrap

rm -f %{buildroot}%{_sbindir}/{deftype,execcon,getenforcemode,getfilecon,getpidcon}
rm -f %{buildroot}%{_sbindir}/{mkdircon,policyvers,setfilecon,selinuxconfig,getseuser}
rm -f %{buildroot}%{_sbindir}/{compute_*,selinuxdisable,togglesebool,selinux_check_securetty_context}

mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon
mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist

%ldconfig_scriptlets

%files
%license LICENSE
%{_libdir}/libselinux.so.*
%{_sbindir}/{selabel_lookup_best_match,selabel_partial_match,selinux_check_access}
%{_sbindir}/{avcstat,getenforce,getsebool,matchpathcon,sefcontext_compile,selinuxconlist}
%{_sbindir}/{selinuxdefcon,selinuxexeccon,selinuxenabled,setenforce,selabel_digest,selabel_lookup}
%{_sbindir}/{selabel_get_digests_all_partial_matches,validatetrans}
%dir %{_rundir}/setrans/
%{_tmpfilesdir}/libselinux.conf

%files devel
%{_libdir}/libselinux.a
%{_libdir}/libselinux.so
%{_libdir}/pkgconfig/libselinux.pc
%{_includedir}/selinux/

%files -n python3-libselinux
%{python3_sitearch}/selinux/
%{python3_sitearch}/selinux-%{version}-*
%{python3_sitearch}/_selinux.*.so

%files ruby
%{ruby_vendorarchdir}/selinux.so

%files help
%{_mandir}/man3/*
%{_mandir}/man5/*
%{_mandir}/man8/*
%{_mandir}/ru/man5/*
%{_mandir}/ru/man8/*

%changelog
* Tue Nov 16 2021 luhuaxin <1539327763@qq.com> - 3.1-5
- backport upstream patches

* Mon Nov 15 2021 lujie <lujie42@huawei.com> - 3.1-4
- fix potential undefined shifts

* Wed Jul 2 2021 luhuaxin <1539327763@qq.com> - 3.1-3
- do malloc trim after load policy

* Tue Oct 27 2020 gaoyusong <gaoyusong1@huawei.com> - 3.1-2
- delete BuildRequires python2-devel 

* Fri Jul 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.1-1
- update to 3.1; delete python2-libselinux

* Tue Jun 23 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9-3
- add missing _selniux.so

* Mon Jun 22 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9-2
- use python distutils to install selinux python bindings

* Thu Sep 5 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9-1
- Package init
Package init 2019-09-30 10:58:02 -04:00			`%global ruby_inc %(pkg-config --cflags ruby)`
update to 3.1 2020-07-22 20:48:26 +08:00			`%global libsepol_version 3.1`
Package init 2019-09-30 10:58:02 -04:00
			`Name: libselinux`
update to 3.1 2020-07-22 20:48:26 +08:00			`Version: 3.1`
backport upstream patches 2021-11-16 17:26:16 +08:00			`Release: 5`
Package init 2019-09-30 10:58:02 -04:00			`License: Public Domain`
			`Summary: SELinux library and simple utilities`
			`Url: https://github.com/SELinuxProject/selinux/wiki`
update to 3.1 2020-07-22 20:48:26 +08:00			`Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/libselinux-3.1.tar.gz`
Package init 2019-09-30 10:58:02 -04:00
update to 3.1 2020-07-22 20:48:26 +08:00			`#Patch0: libselinux-Use-Python-distutils-to-install-SELinux-p.patch`
use python disturils to install selinux python bindings 2020-06-22 20:41:02 +08:00
backport upstream patches 2021-11-16 17:26:16 +08:00			`Patch6000: backport-libselinux-fix-segfault-in-add_xattr_entry.patch`
			`Patch6001: backport-libselinux-selinux_check_passwd_access_internal-resp.patch`
			`Patch6002: backport-libselinux-selabel_get_digests_all_partial_matches-f.patch`
			`Patch6003: backport-libselinux-getconlist-free-memory-on-multiple-level-.patch`
			`Patch6004: backport-libselinux-getdefaultcon-free-memory-on-multiple-sam.patch`
			`Patch6005: backport-libselinux-store_stem-do-not-free-possible-non-heap-.patch`
			`Patch6006: backport-libselinux-matchmediacon-close-file-on-error.patch`
			`Patch6007: backport-libselinux-init_selinux_config-free-resources-on-err.patch`
			`Patch6008: backport-libselinux-label_file-init-do-not-pass-NULL-to-strdu.patch`
			`Patch6009: backport-libselinux-matchpathcon-free-memory-on-realloc-failu.patch`
			`Patch6010: backport-libselinux-label_db-db_init-open-file-with-CLOEXEC-m.patch`
			`Patch6011: backport-libselinux-make-selinux_status_open-3-reentrant.patch`
			`Patch6012: backport-libselinux-selinux_status_open-return-1-in-fallback-.patch`
			`Patch6013: backport-libselinux-Fix-potential-undefined-shifts.patch`

			`Patch9000: do-malloc-trim-after-load-policy.patch`
fix potential undefined shifts 2021-11-15 20:58:55 +08:00
Package init 2019-09-30 10:58:02 -04:00			`BuildRequires: gcc python3-devel systemd swig pcre2-devel xz-devel`
delete BuildRequires python2-devel 2020-10-27 11:17:33 +08:00			`BuildRequires: ruby-devel libsepol-static`
Package init 2019-09-30 10:58:02 -04:00
			`Requires: libsepol >= %{libsepol_version} pcre2`
			`Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138`

update to 3.1 2020-07-22 20:48:26 +08:00			`Provides: %{name}-utils = %{version}-%{release}`
			`Obsoletes: %{name}-utils < %{version}-%{release}`
Package init 2019-09-30 10:58:02 -04:00
			`%description`
			`libselinux provides an interface to get and set process and file`
			`security contexts and to obtain security policy decisions.`

			`%package devel`
			`Summary: Header files and libraries used to build SELinux`
			`Requires: %{name} = %{version}-%{release}`
			`Requires: libsepol-devel >= %{libsepol_version}`

update to 3.1 2020-07-22 20:48:26 +08:00			`Provides: %{name}-static = %{version}-%{release}`
			`Obsoletes: %{name}-static < %{version}-%{release}`
Package init 2019-09-30 10:58:02 -04:00
			`%description devel`
			`libselinux provides an interface to get and set process and file`
			`security contexts and to obtain security policy decisions.`

			`%package -n python3-libselinux`
			`Summary: SELinux python3 bindings for libselinux`
			`Requires: %{name} = %{version}-%{release}`
			`Provides: %{name}-python3 = %{version}-%{release}`
			`Obsoletes: %{name}-python3 < %{version}-%{release}`

			`%description -n python3-libselinux`
			`The libselinux-python3 package contains the python bindings for developing`
			`SELinux applications.`

			`%package ruby`
			`Summary: SELinux ruby bindings for libselinux`
			`Requires: %{name} = %{version}-%{release}`
			`Provides: ruby(selinux)`

			`%description ruby`
			`The libselinux-ruby package contains the ruby bindings for developing`
			`SELinux applications.`

			`%package_help`

			`%prep`
fix potential undefined shifts 2021-11-15 20:58:55 +08:00			`%autosetup -p 1 -n libselinux-%{version}`
Package init 2019-09-30 10:58:02 -04:00
			`%build`
			`export LDFLAGS="%{?__global_ldflags}"`
			`export DISABLE_RPM="y"`
			`export USE_PCRE2="y"`

			`make clean`
			`%make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" swigify`
			`%make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" all`
			`%make_build %{__python3} LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" pywrap`
			`%make_build RUBYINC="%{ruby_inc}" SHLIBDIR="%{_libdir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" CFLAGS="-g %{optflags}" rubywrap`

			`%install`
			`rm -rf %{buildroot}`
			`mkdir -p %{buildroot}%{_tmpfilesdir}`
			`mkdir -p %{buildroot}%{_libdir}`
			`mkdir -p %{buildroot}%{_includedir}`
			`mkdir -p %{buildroot}%{_sbindir}`

			`install -d -m 0755 %{buildroot}%{_rundir}/setrans`
			`echo "d %{_rundir}/setrans 0755 root root" > %{buildroot}%{_tmpfilesdir}/libselinux.conf`

			`make PYTHON=%{__python3} DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" \`
			`SHLIBDIR="%{_lib}" BINDIR="%{_bindir}" SBINDIR="%{_sbindir}" LIBSEPOLA="%{_libdir}/libsepol.a" install-pywrap`

			`make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" \`
			`BINDIR="%{_bindir}" SBINDIR="%{_sbindir}" RUBYINSTALL=%{ruby_vendorarchdir} install install-rubywrap`

			`rm -f %{buildroot}%{_sbindir}/{deftype,execcon,getenforcemode,getfilecon,getpidcon}`
			`rm -f %{buildroot}%{_sbindir}/{mkdircon,policyvers,setfilecon,selinuxconfig,getseuser}`
			`rm -f %{buildroot}%{_sbindir}/{compute_*,selinuxdisable,togglesebool,selinux_check_securetty_context}`

			`mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon`
			`mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist`

			`%ldconfig_scriptlets`

			`%files`
			`%license LICENSE`
			`%{_libdir}/libselinux.so.*`
			`%{_sbindir}/{selabel_lookup_best_match,selabel_partial_match,selinux_check_access}`
			`%{_sbindir}/{avcstat,getenforce,getsebool,matchpathcon,sefcontext_compile,selinuxconlist}`
			`%{_sbindir}/{selinuxdefcon,selinuxexeccon,selinuxenabled,setenforce,selabel_digest,selabel_lookup}`
update to 3.1 2020-07-22 20:48:26 +08:00			`%{_sbindir}/{selabel_get_digests_all_partial_matches,validatetrans}`
Package init 2019-09-30 10:58:02 -04:00			`%dir %{_rundir}/setrans/`
			`%{_tmpfilesdir}/libselinux.conf`

			`%files devel`
			`%{_libdir}/libselinux.a`
			`%{_libdir}/libselinux.so`
			`%{_libdir}/pkgconfig/libselinux.pc`
			`%{_includedir}/selinux/`

			`%files -n python3-libselinux`
			`%{python3_sitearch}/selinux/`
use python disturils to install selinux python bindings 2020-06-22 20:41:02 +08:00			`%{python3_sitearch}/selinux-%{version}-*`
add missing _selniux.so 2020-06-23 14:39:48 +08:00			`%{python3_sitearch}/_selinux.*.so`
Package init 2019-09-30 10:58:02 -04:00
			`%files ruby`
			`%{ruby_vendorarchdir}/selinux.so`

			`%files help`
			`%{_mandir}/man3/*`
			`%{_mandir}/man5/*`
			`%{_mandir}/man8/*`
			`%{_mandir}/ru/man5/*`
			`%{_mandir}/ru/man8/*`

			`%changelog`
backport upstream patches 2021-11-16 17:26:16 +08:00			`* Tue Nov 16 2021 luhuaxin <1539327763@qq.com> - 3.1-5`
			`- backport upstream patches`

fix potential undefined shifts 2021-11-15 20:58:55 +08:00			`* Mon Nov 15 2021 lujie <lujie42@huawei.com> - 3.1-4`
			`- fix potential undefined shifts`

do malloc trim after load policy 2021-06-02 16:27:29 +08:00			`* Wed Jul 2 2021 luhuaxin <1539327763@qq.com> - 3.1-3`
			`- do malloc trim after load policy`

delete BuildRequires python2-devel 2020-10-27 11:17:33 +08:00			`* Tue Oct 27 2020 gaoyusong <gaoyusong1@huawei.com> - 3.1-2`
			`- delete BuildRequires python2-devel`

update to 3.1 2020-07-22 20:48:26 +08:00			`* Fri Jul 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.1-1`
			`- update to 3.1; delete python2-libselinux`

add missing _selniux.so 2020-06-23 14:39:48 +08:00			`* Tue Jun 23 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9-3`
			`- add missing _selniux.so`

use python disturils to install selinux python bindings 2020-06-22 20:41:02 +08:00			`* Mon Jun 22 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9-2`
			`- use python distutils to install selinux python bindings`

Package init 2019-09-30 10:58:02 -04:00			`* Thu Sep 5 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9-1`
			`- Package init`