update container-selinux.tgz

selinux-policy.spec

@@ -12,36 +12,42 @@
 Summary: SELinux policy configuration
 Name:    selinux-policy
 Version: 3.14.2
-Release: 44
+Release: 45
 License: GPLv2+
 URL:     https://github.com/fedora-selinux/selinux-policy/
 
 Source0: https://github.com/fedora-selinux/selinux-policy/archive/38fa84dc715893cab1cc76aa9c43ba325b153e10/selinux-policy-38fa84d.tar.gz
-Source1: modules-targeted-base.conf
+Source1: https://github.com/fedora-selinux/selinux-policy-contrib/archive/f9b7466780b5250bf94b5d40764277bc9c5b5f62/selinux-policy-contrib-f9b7466.tar.gz
-Source2: booleans-targeted.conf
+
-Source3: Makefile.devel
+# We obtain Source2~Source24 from https://src.fedoraproject.org/rpms/selinux-policy/tree/master
-Source4: setrans-targeted.conf
+Source2: modules-targeted-base.conf
-Source5: modules-mls-base.conf
+Source3: booleans-targeted.conf
-Source6: booleans-mls.conf
+Source4: Makefile.devel
+Source5: setrans-targeted.conf
+Source6: modules-mls-base.conf
+Source7: booleans-mls.conf
 Source8: setrans-mls.conf
-Source14: securetty_types-targeted
+Source9: securetty_types-targeted
-Source15: securetty_types-mls
+Source10: securetty_types-mls
-Source17: booleans-minimum.conf
+Source11: booleans-minimum.conf
-Source18: setrans-minimum.conf
+Source12: setrans-minimum.conf
-Source19: securetty_types-minimum
+Source13: securetty_types-minimum
-Source20: customizable_types
+Source14: customizable_types
-Source22: users-mls
+Source15: users-mls
-Source23: users-targeted
+Source16: users-targeted
-Source25: users-minimum
+Source17: users-minimum
-Source26: file_contexts.subs_dist
+Source18: file_contexts.subs_dist
-Source27: selinux-policy.conf
+Source19: modules-targeted-contrib.conf
-Source28: permissivedomains.cil
+Source20: modules-mls-contrib.conf
-Source29: https://github.com/fedora-selinux/selinux-policy-contrib/archive/f9b7466780b5250bf94b5d40764277bc9c5b5f62/selinux-policy-contrib-f9b7466.tar.gz
+Source21: selinux-policy.conf
-Source30: booleans.subs_dist
+Source22: permissivedomains.cil
-Source31: modules-targeted-contrib.conf
+Source23: booleans.subs_dist
-Source32: modules-mls-contrib.conf
+Source24: rpm.macros
+
+# We obtain container.fc, container.if and container.te from https://github.com/containers/container-selinux.
+# Then run the command:
+# tar czvf container-selinux.tgz container.fc container.if container.te
 Source35: container-selinux.tgz
-Source102: rpm.macros
 
 Patch9000: add_userman_access_run_dir.patch
 Patch9001: add_syslogd_t_domtrans_logrotate.patch
@@ -91,7 +97,7 @@ install -m0644 selinux_config/customizable_types %{buildroot}%{_sysconfdir}/seli
 touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.bin \
 touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local \
 touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local.bin \
-cp %{SOURCE30} %{buildroot}%{_sysconfdir}/selinux/%1 \
+cp %{SOURCE23} %{buildroot}%{_sysconfdir}/selinux/%1 \
 rm -f %{buildroot}/%{_usr}/share/selinux/%1/*pp*  \
 /usr/bin/sha512sum %{buildroot}%{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} | cut -d' ' -f 1 > %{buildroot}%{_sysconfdir}/selinux/%1/.policy.sha512; \
 rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/contexts/netfilter_contexts  \
@@ -231,7 +237,7 @@ find %{buildroot}%{_datadir}/selinux/%1/default/ -name lang_ext | xargs sed -i '
 mkdir -p %{buildroot}/%{_libexecdir}/selinux/ \
 
 %prep 
-%setup -n %{name}-contrib-f9b7466780b5250bf94b5d40764277bc9c5b5f62 -q -b 29
+%setup -n %{name}-contrib-f9b7466780b5250bf94b5d40764277bc9c5b5f62 -q -b 1
 tar -xf %{SOURCE35}
 contrib_path=`pwd`
 %autosetup -n %{name}-38fa84dc715893cab1cc76aa9c43ba325b153e10 -p1
@@ -240,7 +246,7 @@ refpolicy_path=`pwd`
 cp $contrib_path/* $refpolicy_path/policy/modules/contrib
 
 mkdir selinux_config
-for i in %{SOURCE1} %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE5} %{SOURCE6} %{SOURCE8} %{SOURCE14} %{SOURCE15} %{SOURCE17} %{SOURCE18} %{SOURCE19} %{SOURCE20} %{SOURCE22} %{SOURCE23} %{SOURCE25} %{SOURCE26} %{SOURCE31} %{SOURCE32}; do
+for i in %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE5} %{SOURCE6} %{SOURCE7} %{SOURCE8} %{SOURCE9} %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15} %{SOURCE16} %{SOURCE17} %{SOURCE18} %{SOURCE19} %{SOURCE20}; do
 cp $i selinux_config
 done
 
@@ -251,7 +257,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
 touch %{buildroot}%{_sysconfdir}/selinux/config
 touch %{buildroot}%{_sysconfdir}/sysconfig/selinux
 mkdir -p %{buildroot}%{_usr}/lib/tmpfiles.d/
-cp %{SOURCE27} %{buildroot}%{_usr}/lib/tmpfiles.d/
+cp %{SOURCE21} %{buildroot}%{_usr}/lib/tmpfiles.d/
 
 mkdir -p %{buildroot}%{_usr}/share/selinux/{targeted,mls,minimum,modules}/
 mkdir -p %{buildroot}%{_sharedstatedir}/selinux/{targeted,mls,minimum,modules}/
@@ -259,7 +265,7 @@ mkdir -p %{buildroot}%{_usr}/share/selinux/packages
 
 make clean
 %if %{BUILD_TARGETED}
-cp %{SOURCE28} %{buildroot}/
+cp %{SOURCE22} %{buildroot}/
 %makeCmds targeted mcs n allow
 %makeModulesConf targeted base contrib
 %installCmds targeted mcs n allow
@@ -309,7 +315,7 @@ mv %{buildroot}%{_usr}/share/man/man8/*.html %{buildroot}%{_usr}/share/selinux/d
 mv %{buildroot}%{_usr}/share/man/man8/style.css %{buildroot}%{_usr}/share/selinux/devel/html
 
 mkdir -p %{buildroot}%{_rpmconfigdir}/macros.d
-install -m 644 %{SOURCE102} %{buildroot}%{_rpmconfigdir}/macros.d/macros.selinux-policy
+install -m 644 %{SOURCE24} %{buildroot}%{_rpmconfigdir}/macros.d/macros.selinux-policy
 sed -i 's/SELINUXPOLICYVERSION/%{version}-%{release}/' %{buildroot}%{_rpmconfigdir}/macros.d/macros.selinux-policy
 sed -i 's@SELINUXSTOREPATH@%{_sharedstatedir}/selinux@' %{buildroot}%{_rpmconfigdir}/macros.d/macros.selinux-policy
 rm -rf selinux_config
@@ -654,6 +660,9 @@ exit 0
 %endif
 
 %changelog
+* Fri Jan 10 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.14.2-45
+- update container-selinux.tgz
+
 * Mon Dec 23 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.14.2-44
 - add URL