173 lines
6.1 KiB
RPMSpec
173 lines
6.1 KiB
RPMSpec
%global ruby_inc %(pkg-config --cflags ruby)
|
|
%global libsepol_version 3.1
|
|
|
|
Name: libselinux
|
|
Version: 3.1
|
|
Release: 5
|
|
License: Public Domain
|
|
Summary: SELinux library and simple utilities
|
|
Url: https://github.com/SELinuxProject/selinux/wiki
|
|
Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/libselinux-3.1.tar.gz
|
|
|
|
#Patch0: libselinux-Use-Python-distutils-to-install-SELinux-p.patch
|
|
|
|
Patch6000: backport-libselinux-fix-segfault-in-add_xattr_entry.patch
|
|
Patch6001: backport-libselinux-selinux_check_passwd_access_internal-resp.patch
|
|
Patch6002: backport-libselinux-selabel_get_digests_all_partial_matches-f.patch
|
|
Patch6003: backport-libselinux-getconlist-free-memory-on-multiple-level-.patch
|
|
Patch6004: backport-libselinux-getdefaultcon-free-memory-on-multiple-sam.patch
|
|
Patch6005: backport-libselinux-store_stem-do-not-free-possible-non-heap-.patch
|
|
Patch6006: backport-libselinux-matchmediacon-close-file-on-error.patch
|
|
Patch6007: backport-libselinux-init_selinux_config-free-resources-on-err.patch
|
|
Patch6008: backport-libselinux-label_file-init-do-not-pass-NULL-to-strdu.patch
|
|
Patch6009: backport-libselinux-matchpathcon-free-memory-on-realloc-failu.patch
|
|
Patch6010: backport-libselinux-label_db-db_init-open-file-with-CLOEXEC-m.patch
|
|
Patch6011: backport-libselinux-make-selinux_status_open-3-reentrant.patch
|
|
Patch6012: backport-libselinux-selinux_status_open-return-1-in-fallback-.patch
|
|
Patch6013: backport-libselinux-Fix-potential-undefined-shifts.patch
|
|
|
|
Patch9000: do-malloc-trim-after-load-policy.patch
|
|
|
|
BuildRequires: gcc python3-devel systemd swig pcre2-devel xz-devel
|
|
BuildRequires: ruby-devel libsepol-static
|
|
|
|
Requires: libsepol >= %{libsepol_version} pcre2
|
|
Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138
|
|
|
|
Provides: %{name}-utils = %{version}-%{release}
|
|
Obsoletes: %{name}-utils < %{version}-%{release}
|
|
|
|
%description
|
|
libselinux provides an interface to get and set process and file
|
|
security contexts and to obtain security policy decisions.
|
|
|
|
%package devel
|
|
Summary: Header files and libraries used to build SELinux
|
|
Requires: %{name} = %{version}-%{release}
|
|
Requires: libsepol-devel >= %{libsepol_version}
|
|
|
|
Provides: %{name}-static = %{version}-%{release}
|
|
Obsoletes: %{name}-static < %{version}-%{release}
|
|
|
|
%description devel
|
|
libselinux provides an interface to get and set process and file
|
|
security contexts and to obtain security policy decisions.
|
|
|
|
%package -n python3-libselinux
|
|
Summary: SELinux python3 bindings for libselinux
|
|
Requires: %{name} = %{version}-%{release}
|
|
Provides: %{name}-python3 = %{version}-%{release}
|
|
Obsoletes: %{name}-python3 < %{version}-%{release}
|
|
|
|
%description -n python3-libselinux
|
|
The libselinux-python3 package contains the python bindings for developing
|
|
SELinux applications.
|
|
|
|
%package ruby
|
|
Summary: SELinux ruby bindings for libselinux
|
|
Requires: %{name} = %{version}-%{release}
|
|
Provides: ruby(selinux)
|
|
|
|
%description ruby
|
|
The libselinux-ruby package contains the ruby bindings for developing
|
|
SELinux applications.
|
|
|
|
%package_help
|
|
|
|
%prep
|
|
%autosetup -p 1 -n libselinux-%{version}
|
|
|
|
%build
|
|
export LDFLAGS="%{?__global_ldflags}"
|
|
export DISABLE_RPM="y"
|
|
export USE_PCRE2="y"
|
|
|
|
make clean
|
|
%make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" swigify
|
|
%make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" all
|
|
%make_build %{__python3} LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" pywrap
|
|
%make_build RUBYINC="%{ruby_inc}" SHLIBDIR="%{_libdir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" CFLAGS="-g %{optflags}" rubywrap
|
|
|
|
%install
|
|
rm -rf %{buildroot}
|
|
mkdir -p %{buildroot}%{_tmpfilesdir}
|
|
mkdir -p %{buildroot}%{_libdir}
|
|
mkdir -p %{buildroot}%{_includedir}
|
|
mkdir -p %{buildroot}%{_sbindir}
|
|
|
|
install -d -m 0755 %{buildroot}%{_rundir}/setrans
|
|
echo "d %{_rundir}/setrans 0755 root root" > %{buildroot}%{_tmpfilesdir}/libselinux.conf
|
|
|
|
make PYTHON=%{__python3} DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" \
|
|
SHLIBDIR="%{_lib}" BINDIR="%{_bindir}" SBINDIR="%{_sbindir}" LIBSEPOLA="%{_libdir}/libsepol.a" install-pywrap
|
|
|
|
make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" \
|
|
BINDIR="%{_bindir}" SBINDIR="%{_sbindir}" RUBYINSTALL=%{ruby_vendorarchdir} install install-rubywrap
|
|
|
|
rm -f %{buildroot}%{_sbindir}/{deftype,execcon,getenforcemode,getfilecon,getpidcon}
|
|
rm -f %{buildroot}%{_sbindir}/{mkdircon,policyvers,setfilecon,selinuxconfig,getseuser}
|
|
rm -f %{buildroot}%{_sbindir}/{compute_*,selinuxdisable,togglesebool,selinux_check_securetty_context}
|
|
|
|
mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon
|
|
mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist
|
|
|
|
%ldconfig_scriptlets
|
|
|
|
%files
|
|
%license LICENSE
|
|
%{_libdir}/libselinux.so.*
|
|
%{_sbindir}/{selabel_lookup_best_match,selabel_partial_match,selinux_check_access}
|
|
%{_sbindir}/{avcstat,getenforce,getsebool,matchpathcon,sefcontext_compile,selinuxconlist}
|
|
%{_sbindir}/{selinuxdefcon,selinuxexeccon,selinuxenabled,setenforce,selabel_digest,selabel_lookup}
|
|
%{_sbindir}/{selabel_get_digests_all_partial_matches,validatetrans}
|
|
%dir %{_rundir}/setrans/
|
|
%{_tmpfilesdir}/libselinux.conf
|
|
|
|
%files devel
|
|
%{_libdir}/libselinux.a
|
|
%{_libdir}/libselinux.so
|
|
%{_libdir}/pkgconfig/libselinux.pc
|
|
%{_includedir}/selinux/
|
|
|
|
%files -n python3-libselinux
|
|
%{python3_sitearch}/selinux/
|
|
%{python3_sitearch}/selinux-%{version}-*
|
|
%{python3_sitearch}/_selinux.*.so
|
|
|
|
%files ruby
|
|
%{ruby_vendorarchdir}/selinux.so
|
|
|
|
%files help
|
|
%{_mandir}/man3/*
|
|
%{_mandir}/man5/*
|
|
%{_mandir}/man8/*
|
|
%{_mandir}/ru/man5/*
|
|
%{_mandir}/ru/man8/*
|
|
|
|
%changelog
|
|
* Tue Nov 16 2021 luhuaxin <1539327763@qq.com> - 3.1-5
|
|
- backport upstream patches
|
|
|
|
* Mon Nov 15 2021 lujie <lujie42@huawei.com> - 3.1-4
|
|
- fix potential undefined shifts
|
|
|
|
* Wed Jul 2 2021 luhuaxin <1539327763@qq.com> - 3.1-3
|
|
- do malloc trim after load policy
|
|
|
|
* Tue Oct 27 2020 gaoyusong <gaoyusong1@huawei.com> - 3.1-2
|
|
- delete BuildRequires python2-devel
|
|
|
|
* Fri Jul 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.1-1
|
|
- update to 3.1; delete python2-libselinux
|
|
|
|
* Tue Jun 23 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9-3
|
|
- add missing _selniux.so
|
|
|
|
* Mon Jun 22 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.9-2
|
|
- use python distutils to install selinux python bindings
|
|
|
|
* Thu Sep 5 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9-1
|
|
- Package init
|
|
|
|
|