packages/tpm2-abrmd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!14 master: fix the SELinux label missing issue

Browse Source 
From: @hugel
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
This commit is contained in:
openeuler-ci-bot 2021-05-25 18:39:25 +08:00 committed by Gitee
commit 079c068cb2
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
tpm2-abrmd.spec
View File

@ -2,7 +2,7 @@
Name: tpm2-abrmd Name: tpm2-abrmd
Version: 2.3.3 Version: 2.3.3
Release: 1 Release: 2
Summary: A system daemon implementing the TPM2 access broker (TAB) & Resource Manager (RM) spec from the TCG Summary: A system daemon implementing the TPM2 access broker (TAB) & Resource Manager (RM) spec from the TCG
License: BSD License: BSD
URL: https://github.com/tpm2-software/tpm2-abrmd URL: https://github.com/tpm2-software/tpm2-abrmd
@ -14,7 +14,7 @@ BuildRequires: chrpath
BuildRequires: selinux-policy-devel pkgconfig(systemd) BuildRequires: selinux-policy-devel pkgconfig(systemd)
# tpm2-abrmd depends on the package that contains itsSELinux policy module # tpm2-abrmd depends on the package that contains itsSELinux policy module
Requires: (%{name}-selinux >= 2.0.0-1 if selinux-policy-%{selinuxtype}) Requires: (%{name}-selinux >= 2.3.3-2 if selinux-policy)
%description %description
This is a system daemon implementing the TPM2 access broker (TAB) & Resource Manager (RM) spec from the TCG. This is a system daemon implementing the TPM2 access broker (TAB) & Resource Manager (RM) spec from the TCG.
@ -35,7 +35,7 @@ This package contains development library files, headers and config files of tpm
BuildArch: noarch BuildArch: noarch
Summary: SELinux policies for tpm2-abrmd Summary: SELinux policies for tpm2-abrmd
Requires: selinux-policy >= 0.0.1 Requires: selinux-policy >= 0.0.1
Requires(post): selinux-policy-base >= 0.0.1 Requires(post): selinux-policy-%{selinuxtype}
Requires(post): libselinux-utils Requires(post): libselinux-utils
Requires(post): policycoreutils Requires(post): policycoreutils
Requires(post): policycoreutils-python-utils Requires(post): policycoreutils-python-utils
@ -75,8 +75,6 @@ echo "/usr/lib64/" > $RPM_BUILD_ROOT/etc/ld.so.conf.d/%{name}-%{_arch}.conf
make test make test
%pre %pre
%selinux_relabel_pre -s targeted
#add a user to sandbox the tpm2-abrmd daemon #add a user to sandbox the tpm2-abrmd daemon
getent group tss >/dev/null || groupadd -g 59 -r tss getent group tss >/dev/null || groupadd -g 59 -r tss
getent passwd tss >/dev/null || \ getent passwd tss >/dev/null || \
@ -84,23 +82,29 @@ useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \
-c "Account used by the tpm2-abrmd package to sandbox the tpm2-abrmd daemon" tss -c "Account used by the tpm2-abrmd package to sandbox the tpm2-abrmd daemon" tss
exit 0 exit 0
%pre selinux
%selinux_relabel_pre -s targeted
%preun %preun
%systemd_preun tpm2-abrmd.service %systemd_preun tpm2-abrmd.service
%post %post
/sbin/ldconfig /sbin/ldconfig
%systemd_post tpm2-abrmd.service %systemd_post tpm2-abrmd.service
%post selinux
%selinux_modules_install -s targeted %{_datadir}/selinux/packages/tabrmd.pp.bz2 %selinux_modules_install -s targeted %{_datadir}/selinux/packages/tabrmd.pp.bz2
%postun %postun
/sbin/ldconfig /sbin/ldconfig
%systemd_postun tpm2-abrmd.service %systemd_postun tpm2-abrmd.service
%postun selinux
if [ $1 -eq 0 ]; then if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s targeted tabrmd %selinux_modules_uninstall -s targeted tabrmd
fi fi
%posttrans %posttrans selinux
%selinux_relabel_post -s targeted %selinux_relabel_post -s targeted
%files %files
@ -133,6 +137,12 @@ fi
%{_datadir}/selinux/packages/tabrmd.pp.bz2 %{_datadir}/selinux/packages/tabrmd.pp.bz2
%changelog %changelog
* Tue May 25 2021 Hugel<gengqihu1@huawei.com> - 2.3.3-2
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix the SELinux label missing issue
* Mon Aug 31 2020 Hugel<gengqihu1@huawei.com> - 2.3.3-1 * Mon Aug 31 2020 Hugel<gengqihu1@huawei.com> - 2.3.3-1
- Type:enhancement - Type:enhancement
- ID:NA - ID:NA