2023-04-21 10:21:40 +08:00
|
|
|
%global selinuxtype targeted
|
|
|
|
|
%global moduletype contrib
|
|
|
|
|
%define semodule_version 0.0.4
|
2020-06-19 17:33:50 +08:00
|
|
|
|
|
|
|
|
Name: usbguard
|
2023-04-21 10:21:40 +08:00
|
|
|
Version: 1.1.2
|
|
|
|
|
Release: 1
|
2020-06-19 17:33:50 +08:00
|
|
|
Summary: A tool for computer usb guard
|
|
|
|
|
License: GPLv2+
|
|
|
|
|
URL: https://usbguard.github.io/
|
|
|
|
|
Source0: https://github.com/USBGuard/usbguard/releases/download/usbguard-%{version}/usbguard-%{version}.tar.gz
|
2023-04-21 10:21:40 +08:00
|
|
|
Source1: https://github.com/USBGuard/usbguard-selinux/archive/refs/tags/v%{semodule_version}.tar.gz
|
|
|
|
|
Source2: usbguard-daemon.conf
|
|
|
|
|
Patch0000: usbguard-revert-catch.patch
|
|
|
|
|
Patch0001: policykit-dbus-chat-selinux.patch
|
|
|
|
|
|
|
|
|
|
BuildRequires: libqb-devel libgcrypt-devel libstdc++-devel protobuf-devel protobuf-compiler PEGTL-static gcc gcc-c++
|
|
|
|
|
BuildRequires: catch1-devel autoconf automake libtool bash-completion asciidoc audit-libs-devel systemd make
|
2020-06-19 17:33:50 +08:00
|
|
|
Requires: systemd
|
2023-04-21 10:21:40 +08:00
|
|
|
Requires: (%{name}-selinux if selinux-policy-%{selinuxtype})
|
|
|
|
|
Obsoletes: %{name}-applet-qt < 0.7.6
|
|
|
|
|
Requires(post): systemd
|
|
|
|
|
Requires(preun): systemd
|
|
|
|
|
Requires(postun): systemd
|
|
|
|
|
Requires(post): /sbin/ldconfig
|
|
|
|
|
Requires(postun): /sbin/ldconfig
|
2020-06-19 17:33:50 +08:00
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
USBGuard helps to protect your computer against rogue USB devices.
|
|
|
|
|
|
|
|
|
|
%package devel
|
|
|
|
|
Summary: Development files for usbguard
|
|
|
|
|
Requires: usbguard = %{version}-%{release} pkgconfig libstdc++-devel
|
|
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
|
Development libraries and header files for usbguard.
|
|
|
|
|
|
|
|
|
|
%package tools
|
|
|
|
|
Summary: USBGuard Tools
|
|
|
|
|
Requires: usbguard = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
%description tools
|
|
|
|
|
Optional tools from the USBGuard software framework.
|
|
|
|
|
|
|
|
|
|
%package dbus
|
|
|
|
|
Summary: USBGuard D-Bus Service
|
2023-04-21 10:21:40 +08:00
|
|
|
BuildRequires: dbus-glib-devel dbus-devel glib2-devel
|
|
|
|
|
BuildRequires: polkit-devel libxslt libxml2
|
2020-06-19 17:33:50 +08:00
|
|
|
Requires: usbguard = %{version}-%{release} dbus polkit
|
|
|
|
|
|
|
|
|
|
%description dbus
|
|
|
|
|
Optional component that provides a D-Bus interface to the USBGuard daemon component.
|
|
|
|
|
|
2023-04-21 10:21:40 +08:00
|
|
|
%package selinux
|
|
|
|
|
Summary: USBGuard selinux
|
|
|
|
|
Group: Applications/System
|
|
|
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
|
|
BuildRequires: selinux-policy-devel
|
|
|
|
|
Requires: selinux-policy-%{selinuxtype}
|
|
|
|
|
Requires(post): selinux-policy-%{selinuxtype}
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
%{?selinux_requires}
|
|
|
|
|
|
|
|
|
|
%description selinux
|
|
|
|
|
The %{name}-selinux package contains selinux policy for the USBGuard daemon.
|
|
|
|
|
|
|
|
|
|
|
2020-06-19 17:33:50 +08:00
|
|
|
%package help
|
|
|
|
|
Summary: Documentation for usbguard
|
|
|
|
|
Requires: usbguard = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
%description help
|
|
|
|
|
Documentation for usbguard
|
|
|
|
|
|
|
|
|
|
%prep
|
2023-04-21 10:21:40 +08:00
|
|
|
%setup -q
|
|
|
|
|
|
|
|
|
|
%setup -q -D -T -a 1
|
|
|
|
|
|
|
|
|
|
%patch0000 -p1 -b .catch
|
|
|
|
|
%patch0001 -p1 -b .policykit
|
2020-06-19 17:33:50 +08:00
|
|
|
|
|
|
|
|
%build
|
|
|
|
|
install -d ./m4
|
|
|
|
|
autoreconf -i -v --no-recursive ./
|
|
|
|
|
%configure --disable-silent-rules --without-bundled-catch --without-bundled-pegtl \
|
2023-04-21 10:21:40 +08:00
|
|
|
--enable-systemd --with-dbus --with-polkit \
|
2020-06-19 17:33:50 +08:00
|
|
|
--with-crypto-library=gcrypt
|
|
|
|
|
|
|
|
|
|
%make_build
|
|
|
|
|
|
2023-04-21 10:21:40 +08:00
|
|
|
pushd %{name}-selinux-%{semodule_version}
|
|
|
|
|
make
|
|
|
|
|
popd
|
|
|
|
|
|
2020-06-19 17:33:50 +08:00
|
|
|
%check
|
|
|
|
|
make check
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
|
%make_install
|
|
|
|
|
|
2023-04-21 10:21:40 +08:00
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/usbguard/rules.d
|
2020-06-19 17:33:50 +08:00
|
|
|
install -d %{buildroot}%{_sysconfdir}/usbguard/IPCAccessControl.d
|
2023-04-21 10:21:40 +08:00
|
|
|
cp %{SOURCE2} %{buildroot}%{_sysconfdir}/usbguard/usbguard-daemon.conf
|
2020-06-19 17:33:50 +08:00
|
|
|
chmod 644 %{buildroot}%{_sysconfdir}/usbguard/usbguard-daemon.conf
|
|
|
|
|
|
2023-04-21 10:21:40 +08:00
|
|
|
|
|
|
|
|
install -d %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}
|
|
|
|
|
install -m 0644 %{name}-selinux-%{semodule_version}/%{name}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}
|
|
|
|
|
install -d -p %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
|
|
|
|
|
install -p -m 644 %{name}-selinux-%{semodule_version}/%{name}.if %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}/ipp-%{name}.if
|
|
|
|
|
|
2020-06-19 17:33:50 +08:00
|
|
|
%delete_la
|
|
|
|
|
|
|
|
|
|
%preun
|
|
|
|
|
%systemd_preun usbguard.service
|
|
|
|
|
|
|
|
|
|
%post
|
|
|
|
|
/sbin/ldconfig
|
|
|
|
|
%systemd_post usbguard.service
|
|
|
|
|
|
|
|
|
|
%postun
|
|
|
|
|
/sbin/ldconfig
|
|
|
|
|
%systemd_postun usbguard.service
|
|
|
|
|
|
|
|
|
|
%preun dbus
|
|
|
|
|
%systemd_preun usbguard-dbus.service
|
|
|
|
|
|
|
|
|
|
%post dbus
|
|
|
|
|
%systemd_post usbguard-dbus.service
|
|
|
|
|
|
|
|
|
|
%postun dbus
|
|
|
|
|
%systemd_postun_with_restart usbguard-dbus.service
|
|
|
|
|
|
2023-04-21 10:21:40 +08:00
|
|
|
%pre selinux
|
|
|
|
|
%selinux_relabel_pre -s %{selinuxtype}
|
|
|
|
|
|
|
|
|
|
%post selinux
|
|
|
|
|
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
|
|
|
|
|
|
|
|
|
|
%postun selinux
|
|
|
|
|
if [ $1 -eq 0 ]; then
|
|
|
|
|
%selinux_modules_uninstall -s %{selinuxtype} %{name}
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
%posttrans selinux
|
|
|
|
|
%selinux_relabel_post -s %{selinuxtype}
|
|
|
|
|
|
2020-06-19 17:33:50 +08:00
|
|
|
%files
|
|
|
|
|
%doc LICENSE
|
|
|
|
|
%exclude %{_libdir}/*.a
|
|
|
|
|
%{_libdir}/*.so.*
|
|
|
|
|
%{_sbindir}/usbguard-daemon
|
|
|
|
|
%{_bindir}/usbguard
|
|
|
|
|
%dir %{_localstatedir}/log/usbguard
|
|
|
|
|
%dir %{_sysconfdir}/usbguard
|
2023-04-21 10:21:40 +08:00
|
|
|
%dir %{_sysconfdir}/usbguard/rules.d/
|
2020-06-19 17:33:50 +08:00
|
|
|
%dir %{_sysconfdir}/usbguard/IPCAccessControl.d
|
|
|
|
|
%config(noreplace) %attr(0600,-,-) %{_sysconfdir}/usbguard/usbguard-daemon.conf
|
|
|
|
|
%config(noreplace) %attr(0600,-,-) %{_sysconfdir}/usbguard/rules.conf
|
|
|
|
|
%{_unitdir}/usbguard.service
|
|
|
|
|
%{_datadir}/bash-completion/completions/usbguard
|
|
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
|
%{_includedir}/*
|
|
|
|
|
%{_libdir}/*.so
|
|
|
|
|
%{_libdir}/pkgconfig/*.pc
|
|
|
|
|
|
|
|
|
|
%files tools
|
|
|
|
|
%{_bindir}/usbguard-rule-parser
|
|
|
|
|
|
|
|
|
|
%files dbus
|
|
|
|
|
%{_sbindir}/usbguard-dbus
|
2023-04-21 10:21:40 +08:00
|
|
|
%{_datadir}/dbus-1/system-services/org.usbguard1.service
|
|
|
|
|
%{_datadir}/dbus-1/system.d/org.usbguard1.conf
|
|
|
|
|
%{_datadir}/polkit-1/actions/org.usbguard1.policy
|
2020-06-19 17:33:50 +08:00
|
|
|
%{_unitdir}/usbguard-dbus.service
|
|
|
|
|
|
2023-04-21 10:21:40 +08:00
|
|
|
%files selinux
|
|
|
|
|
%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
|
|
|
|
|
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}
|
|
|
|
|
%{_datadir}/selinux/devel/include/%{moduletype}/ipp-%{name}.if
|
|
|
|
|
|
2020-06-19 17:33:50 +08:00
|
|
|
%files help
|
|
|
|
|
%doc README.adoc CHANGELOG.md
|
|
|
|
|
%{_mandir}/*/*
|
|
|
|
|
|
|
|
|
|
%changelog
|
2023-04-21 10:21:40 +08:00
|
|
|
* Thu Apr 20 2023 liyanan <thistleslyn@163.com> - 1.1.2-1
|
|
|
|
|
- upgrade 1.1.2
|
|
|
|
|
|
2022-03-07 17:36:22 +08:00
|
|
|
* Mon Mar 07 2022 houyingchao <houyingchao@huawei.com> - 0.7.2-7
|
|
|
|
|
- Fix CVE-2019-25058
|
|
|
|
|
|
2020-06-19 17:33:50 +08:00
|
|
|
* Mon Apr 27 2020 lizhenhua <lizhenhua21@huawei.com> - 0.7.2-6
|
|
|
|
|
- Package init
|
