%define libsepol_version 3.5-1 %define libselinux_version 3.5-1 Name: libsemanage Version: 3.5 Release: 7 License: LGPLv2+ Summary: SELinux binary policy manipulation library URL: https://github.com/SELinuxProject/selinux/wiki Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libsemanage-%{version}.tar.gz Source1: semanage.conf Patch6000: backport-libsemanage-direct_api-INTEGER_OVERFLOW-read_len-rea.patch Patch6001: backport-libsemanage-open-lock_file-with-O_RDWR.patch Patch6002: backport-libsemanage-check-memory-allocations.patch Patch6003: backport-libsemanage-free-resources-on-failed-connect-attempt.patch Patch6004: backport-libsemanage-fix-asprintf-error-branch.patch Patch6005: backport-libsemanage-avoid-leak-on-realloc-failure.patch Patch6006: backport-libsemanage-free-ibdev-names-in-semanage_ibendport_v.patch Patch6007: backport-libsemanage-check-for-path-formatting-failures.patch Patch6008: backport-libsemanage-set-O_CLOEXEC-flag-for-file-descriptors.patch Patch6009: backport-libsemanage-check-closing-written-files.patch Patch6010: backport-libsemanage-handle-cil_set_handle_unknown-failure.patch Patch6011: backport-libsemanage-handle-shell-allocation-failure.patch Patch6012: backport-libsemanage-drop-duplicate-newlines-and-error-descriptions-in-error-messages.patch Patch6013: backport-libsemanage-simplify-file-deletion.patch Patch6014: backport-libsemanage-optimize-policy-by-default.patch Patch9000: fix-test-failure-with-secilc.patch BuildRequires: gcc python3-devel bison flex bzip2-devel audit-libs-devel BuildRequires: libselinux-devel >= %{libselinux_version} swig libsepol-devel >= %{libsepol_version} BuildRequires: CUnit-devel gdb-headless Requires: bzip2-libs audit-libs Requires: libselinux >= %{libselinux_version} %description libsemanage is the policy management library. Using libsepol and libselinux to interact with the SELinux system, it also calls helper programs for loading policy and for checking whether the file_contexts configuration is valid. %package devel Summary: Header files and libraries used to build policy manipulation tools Requires: %{name} = %{version}-%{release} Provides: libsemanage-static = %{version}-%{release} Obsoletes: libsemanage-static < %{version}-%{release} %description devel The libsemanage-devel package contains the libraries and header files needed for developing applications that manipulate SELinux policies. %package -n python3-libsemanage Summary: python3 bindings for libsemanage Requires: %{name} = %{version}-%{release} libselinux-python3 Provides: %{name}-python3 = %{version}-%{release} Obsoletes: %{name}-python3 < %{version}-%{release} %description -n python3-libsemanage The python3-libsemanage package contains the python bindings for developing SELinux management applications. %package_help %prep %autosetup -n libsemanage-%{version} -p1 %build export LDFLAGS="%{?__global_ldflags}" make clean %make_build CFLAGS="%{optflags}" swigify %make_build CFLAGS="%{optflags}" LIBDIR="%{_libdir}" SHLIBDIR="%{_lib}" all %make_build %{__python3} LIBDIR="%{_libdir}" CFLAGS="-g %{optflags}" pywrap %install mkdir -p %{buildroot}%{_libdir} mkdir -p %{buildroot}%{_includedir} mkdir -p %{buildroot}%{_sharedstatedir}/selinux mkdir -p %{buildroot}%{_sharedstatedir}/selinux/tmp make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" install make PYTHON=%{__python3} DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_lib}" install-pywrap cp %{SOURCE1} %{buildroot}/etc/selinux/semanage.conf ln -sf %{_libdir}/libsemanage.so.2 %{buildroot}/%{_libdir}/libsemanage.so %ldconfig_scriptlets %check make test %files %license LICENSE %dir %{_sysconfdir}/selinux %config(noreplace) %{_sysconfdir}/selinux/semanage.conf %{_libdir}/libsemanage.so.* %dir %{_libexecdir}/selinux %dir %{_sharedstatedir}/selinux %dir %{_sharedstatedir}/selinux/tmp %files devel %{_libdir}/libsemanage.a %{_libdir}/libsemanage.so %{_libdir}/pkgconfig/libsemanage.pc %dir %{_includedir}/semanage %{_includedir}/semanage/*.h %files -n python3-libsemanage %{python3_sitearch}/*.so %{python3_sitearch}/semanage.py* %{python3_sitearch}/__pycache__/semanage* %{_libexecdir}/selinux/semanage_migrate_store %files help %{_mandir}/man3/* %{_mandir}/man5/* %{_mandir}/ru/man5/* %changelog * Mon Apr 28 2025 changhan - 3.5-7 - Change the author's mailbox * Sun Apr 20 2025 changhan - 3.5-6 - backport libsemanage: optimize policy by default * Sat Apr 19 2025 changhan - 3.5-5 - backport libsemanage: simplify file deletion * Fri Apr 18 2025 changhan - 3.5-4 - backport libsemanage: drop duplicate newlines and error descriptions in error messages * Fri Apr 18 2025 changhan - 3.5-3 - backport libsemanage: handle shell allocation failure * Mon Mar 17 2025 hugel - 3.5-2 - backport patches from upstream * Mon Jul 17 2023 zhangguangzhi - 3.5-1 - update version to 3.5 * Mon Jan 30 2023 zhangguangzhi - 3.4-1 - update version to 3.4 * Fri Mar 18 2022 panxiaohe - 3.3-3 - delete useless old version dynamic library * Tue Mar 15 2022 panxiaohe - 3.3-2 - use new version dynamic library * Tue Dec 14 2021 panxiaohe - 3.3-1 - update to 3.3 * Mon Jul 26 2021 yangzhuangzhuang - 3.1-6 - Remove unnecessary BuildRequires:gdb * Sat Jul 17 2021 luhuaxin <1539327763@qq.com> - 3.1-5 - fix use after free in semanage config parse * Sat May 22 2021 Hugel - 3.1-4 - enabel make test * Thu Oct 29 2020 Hugel - 3.1-3 - remove the dependency on python2 * Mon Aug 17 2020 wangchen - 3.1-2 - remove ustr * Sat Jul 25 2020 openEuler Buildteam - 3.1-1 - update to 3.1 * Thu Mar 19 2020 openEuler Buildteam - 2.9-2 - add BuildRequires: gdb * Thu Sep 5 2019 openEuler Buildteam - 2.9-1 - Package init