From bd3f0ea36806e6d5dc4e7fccd32323a7360abd35 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mar 24 2006 16:44:06 +0000 Subject: - Fix policyhelp --- diff --git a/.cvsignore b/.cvsignore index 5b4bd25..ea6ac72 100644 --- a/.cvsignore +++ b/.cvsignore @@ -50,3 +50,4 @@ serefpolicy-2.2.22.tgz serefpolicy-2.2.23.tgz serefpolicy-2.2.24.tgz serefpolicy-2.2.25.tgz +serefpolicy-2.2.26.tgz diff --git a/modules-strict.conf b/modules-strict.conf index ce69eda..ccc4e57 100644 --- a/modules-strict.conf +++ b/modules-strict.conf @@ -1142,3 +1142,10 @@ ipsec = module # mrtg = module +# Layer: system +# Module: xen +# +# TCP/IP encryption +# +xen = base + diff --git a/modules-targeted.conf b/modules-targeted.conf index 80bda30..05d66a2 100644 --- a/modules-targeted.conf +++ b/modules-targeted.conf @@ -987,14 +987,12 @@ miscfiles = base # ipsec = off - # Layer: system -# Module: xend +# Module: xen # # TCP/IP encryption # -xend = base - +xen = base # Layer: apps # Module: java diff --git a/selinux-policy.spec b/selinux-policy.spec index e6838b6..6c790e3 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,20 +1,26 @@ %define distro redhat %define polyinstatiate n %define monolithic n -%define BUILD_STRICT 0 -%define BUILD_TARGETED 0 +%if %{?BUILD_STRICT:0}%{!?BUILD_STRICT:1} +%define BUILD_STRICT 1 +%endif +%if %{?BUILD_TARGETED:0}%{!?BUILD_TARGETED:1} +%define BUILD_TARGETED 1 +%endif +%if %{?BUILD_MLS:0}%{!?BUILD_MLS:1} %define BUILD_MLS 1 +%endif %define POLICYVER 20 %define POLICYCOREUTILSVER 1.30-1 -%define CHECKPOLICYVER 1.30-1 +%define CHECKPOLICYVER 1.30.1-1 Summary: SELinux policy configuration Name: selinux-policy -Version: 2.2.25 -Release: 2 +Version: 2.2.26 +Release: 1 License: GPL Group: System Environment/Base Source: serefpolicy-%{version}.tgz -patch: policy-20060207.patch +patch: policy-20060323.patch Source1: modules-targeted.conf Source2: booleans-targeted.conf Source3: Makefile.devel @@ -143,7 +149,10 @@ SELinux Reference Policy - modular. %prep %setup -q -n serefpolicy-%{version} %patch -p1 - +echo BUILD_MLS = %{BUILD_MLS} +echo BUILD_TARGETED = %{BUILD_TARGETED} +echo BUILD_STRICT = %{BUILD_STRICT} + %install # Build targeted policy %{__rm} -fR $RPM_BUILD_ROOT @@ -163,46 +172,33 @@ rm -f ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/include/include install -m 755 ${RPM_SOURCE_DIR}/policygentool ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/ install -m 644 ${RPM_SOURCE_DIR}/Makefile.devel ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/Makefile install -m 644 doc/example.* ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/ -echo "htmlview file:///usr/share/doc/selinux-policy-%{version}/html/index.html" -> ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/policyhelp +echo "htmlview file:///usr/share/doc/selinux-policy-%{version}/html/index.html"> ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/policyhelp chmod +x ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/policyhelp +%if %{BUILD_TARGETED} # Build targeted policy # Commented out because only targeted ref policy currently builds %setupCmds targeted targeted-mcs y n %installCmds targeted targeted-mcs y n +%endif +%if %{BUILD_STRICT} # Build strict policy # Commented out because only targeted ref policy currently builds make NAME=strict TYPE=strict-mcs DISTRO=%{distro} DIRECT_INITRC=y MONOLITHIC=%{monolithic} POLY=n bare make NAME=strict TYPE=strict-mcs DISTRO=%{distro} DIRECT_INITRC=y MONOLITHIC=%{monolithic} POLY=n conf %installCmds strict strict-mcs y n +%endif +%if %{BUILD_MLS} # Build mls policy %setupCmds mls strict-mls n y %installCmds mls strict-mls n y +%endif %clean %{__rm} -fR $RPM_BUILD_ROOT -%package targeted -Summary: SELinux targeted base policy -Group: System Environment/Base -Provides: selinux-policy-base -Obsoletes: selinux-policy-targeted-sources -Prereq: policycoreutils >= %{POLICYCOREUTILSVER} -Prereq: coreutils -Prereq: selinux-policy = %{version}-%{release} - -%description targeted -SELinux Reference policy targeted base module. - -%files targeted -%fileList targeted - -%pre targeted -%saveFileContext targeted - %post if [ ! -s /etc/selinux/config ]; then # @@ -238,6 +234,22 @@ SETLOCALDEFS=0 ">> /etc/selinux/config fi +%if %{BUILD_TARGETED} +%package targeted +Summary: SELinux targeted base policy +Group: System Environment/Base +Provides: selinux-policy-base +Obsoletes: selinux-policy-targeted-sources +Prereq: policycoreutils >= %{POLICYCOREUTILSVER} +Prereq: coreutils +Prereq: selinux-policy = %{version}-%{release} + +%description targeted +SELinux Reference policy targeted base module. + +%pre targeted +%saveFileContext targeted + %post targeted %rebuildpolicy targeted %relabel targeted @@ -245,6 +257,12 @@ fi %triggerpostun targeted -- selinux-policy-targeted <= 2.0.7 %rebuildpolicy targeted +%files targeted +%fileList targeted + +%endif + +%if %{BUILD_MLS} %package mls Summary: SELinux mls base policy Group: System Environment/Base @@ -271,6 +289,10 @@ ln -sf ../devel/include /usr/share/selinux/mls/include %files mls %fileList mls +%endif + +%if %{BUILD_STRICT} + %package strict Summary: SELinux strict base policy Group: System Environment/Base @@ -297,7 +319,12 @@ ln -sf ../devel/include /usr/share/selinux/strict/include %files strict %fileList strict +%endif + %changelog +* Wed Mar 22 2006 Dan Walsh 2.2.25-3 +- Fix policyhelp + * Wed Mar 22 2006 Dan Walsh 2.2.25-2 - Fix pam_console handling of usb_device - dontaudit logwatch reading /mnt dir diff --git a/sources b/sources index dd1987b..a466d29 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -efdb10103ce8e6d7c86d1b3153a6f04a serefpolicy-2.2.25.tgz +23bfdd40375a86dfb7cb58a84f0f2e3c serefpolicy-2.2.26.tgz