rpms / xguest

Clone
Source Code
GIT

Blame xguest.spec

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f8 f9 main rawhide
  1.   44fff49970ebf0a125a3a3f870a93f50f4c5db4a
  2.   xguest.spec
Blob History Raw
b94f200 
Summary: Creates xguest user as a locked down user
b94f200 
Name: xguest
93ef0ce 
Version: 1.0.10
44fff49 
Release: 36%{?dist}
b94f200 
License: GPLv2+
b94f200 
Group: System Environment/Base
b94f200 
BuildArch: noarch
b94f200 
Source: http://people.fedoraproject.org/~dwalsh/xguest/%{name}-%{version}.tar.bz2
b94f200 
URL: http://people.fedoraproject.org/~dwalsh/xguest/
b94f200
b94f200 
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
5714d0e 
Requires(pre): pam >= 0.99.8.1-17 selinux-policy-targeted > 3.6.3-12
7e922be 
Requires(pre): policycoreutils-sandbox
b94f200
b94f200 
%description
b94f200 
Installing this package sets up the xguest user to be used as a temporary
b94f200 
account to switch to or as a kiosk user account. The account is disabled unless
27db6e1 
SELinux is in enforcing mode. The user is only allowed to log in via graphical login program.
b94f200 
The home and temporary directories of the user will be polyinstantiated and
b94f200 
mounted on tmpfs.
b94f200
b94f200 
%prep
b94f200 
%setup -q
b94f200
b94f200 
%build
b94f200
b94f200 
%clean
b94f200 
%{__rm} -fR %{buildroot}
b94f200
b94f200 
%install
b94f200 
%{__rm} -fR %{buildroot}
01f2fc0 
%{__mkdir} -p %{buildroot}/%{_sysconfdir}/security/namespace.d/
93ef0ce 
%{__mkdir} -p %{buildroot}/var/lib/xguest/home
ac8f3ce 
install -m0644 xguest.conf %{buildroot}/%{_sysconfdir}/security/namespace.d/
b94f200
afcc033 
%post
164a047 
if [ $1 -eq 1 ]; then
f0c268c 
semanage user -a  -S targeted -P xguest -R xguest_r xguest_u  2> /dev/null  || :
afcc033 
(useradd -c "Guest" -Z xguest_u -d /var/lib/xguest/home/xguest xguest || semanage login -a -S targeted -s xguest_u xguest || semanage login -m -S targeted -s xguest_u xguest) 2>/dev/null || exit 1
06b8600 
head -c 32  /dev/urandom | passwd xguest --stdin
b94f200
78ac101 
echo "xguest:exclusive" >> /etc/security/sepermit.conf
b94f200
e522175 
semanage -S targeted -i - << _EOF
e522175 
boolean -m --on allow_polyinstantiation
e522175 
boolean -m --on xguest_connect_network
e522175 
boolean -m --on xguest_mount_media
e522175 
boolean -m --on xguest_use_bluetooth
f0c268c 
_EOF
b94f200 
fi
b94f200
b94f200 
%files
b94f200 
%defattr(-,root,root)
402b78f 
%{_sysconfdir}/security/namespace.d/xguest.conf
b94f200 
%doc README LICENSE
afcc033 
%dir /var/lib/xguest/home
afcc033 
%dir /var/lib/xguest
b94f200
b94f200 
%preun
164a047 
if [ $1 -eq 0 ]; then
164a047 
sed -i '/^xguest/d' /etc/security/sepermit.conf
b94f200
b94f200 
fi
b94f200
b94f200 
%changelog
44fff49 
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.10-36
44fff49 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
44fff49
1c97c34 
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.10-35
1c97c34 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
1c97c34
06b8600 
* Thu Jun 16 2016 Lukas Vrabec <lvrabec@redhat.com> - 1.0.10-34
06b8600 
- Security fix for CVE-2016-4980
06b8600
18bd42c 
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.10-33
18bd42c 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
18bd42c
462992a 
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.10-32
462992a 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
462992a
a2d1cc0 
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.10-31
a2d1cc0 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
a2d1cc0
86e1667 
* Mon Aug 26 2013 Dan Walsh <dwalsh@redhat.com> - 1.0.10-30
86e1667 
- Add random password so xguest will show up in gdm.
86e1667
c47e00a 
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.10-29
c47e00a 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
c47e00a
e2f2be2 
* Mon May 13 2013 Dan Walsh <dwalsh@redhat.com> - 1.0.10-28
b21e6d4 
- Remove sabayon support from xguest, no longer supported.
b21e6d4 
- Remove /etc/skel directories
b21e6d4
f7451af 
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.10-7
f7451af 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
f7451af
402b78f 
* Mon Jan 14 2013 Dan Walsh <dwalsh@redhat.com> - 1.0.10-26
402b78f 
- Remove /etc/security/namespace.d from payload
402b78f
82f0b95 
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.10-5
82f0b95 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
82f0b95
edbdcd6 
* Mon Jul 2 2012 Dan Walsh <dwalsh@redhat.com> - 1.0.10-4
27db6e1 
- Remove Requirement for gdm
412ac5c 
- Fix xguest entry in /etc/shadow so gdm lists it
412ac5c
661b8d4 
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.10-3
661b8d4 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
661b8d4
afcc033 
* Wed Dec 7 2011 Dan Walsh <dwalsh@redhat.com> - 1.0.10-2
afcc033 
- Change xguest homedir to be /var/lib/xguest/home/xguest
afcc033
93ef0ce 
* Fri Sep 23 2011 Dan Walsh <dwalsh@redhat.com> - 1.0.10-1
93ef0ce 
- Make sure none of the gpk apps start on the desktop
93ef0ce
93ef0ce 
* Tue Aug 2 2011 Dan Walsh <dwalsh@redhat.com> - 1.0.9-6
93ef0ce 
- Change location of xguest home dir to /var/lib/xguest/home
93ef0ce
20e5d5b 
* Wed Jun 15 2011 Dan Walsh <dwalsh@redhat.com> - 1.0.9-5
5714d0e 
- Add requires for selinux-policy-targeted
5714d0e
4ac751c 
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.9-4
4ac751c 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
4ac751c
e522175 
* Tue Feb 1 2011 Dan Walsh <dwalsh@redhat.com> - 1.0.9-3
e522175 
- Fix boolean handling in the post install
e522175
8a02e28 
* Wed Jan 5 2011 Dan Walsh <dwalsh@redhat.com> - 1.0.9-2
8a02e28 
- Fix semanage boolean line to use -i -
8a02e28
402b78f 
* Wed Oct 6 2010 Dan Walsh <dwalsh@redhat.com> - 1.0.9-1
8a02e28 
- Fix placement of xguest.zip file
8a02e28
62ca8f3 
* Tue Feb 9 2010 Dan Walsh <dwalsh@redhat.com> - 1.0.8-3
62ca8f3 
- Fix sabayon remove
62ca8f3
832b06f 
* Mon Jan 25 2010 Dan Walsh <dwalsh@redhat.com> - 1.0.8-2
3b64f01 
- Fix sabayon installation
3b64f01
0e44b0c 
* Wed Nov 25 2009 Dan Walsh <dwalsh@redhat.com> - 1.0.8-1
0e44b0c 
- Fix sabayon file
0e44b0c
7e922be 
* Wed Aug 26 2009 Dan Walsh <dwalsh@redhat.com> - 1.0.7-7
7e922be 
- Switch to use policycoreutils-sandbox init script
7e922be
527841c 
* Mon Jul 27 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.7-6
527841c 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
527841c
b0e3dae 
* Tue Jun 23 2009 Dan Walsh <dwalsh@redhat.com> - 1.0.7-5
b0e3dae 
- Changed to require policycoreutils-python
b0e3dae
99c25d6 
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.7-3
99c25d6 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
99c25d6
e5bab28 
* Fri Jan 30 2009 Dan Walsh <dwalsh@redhat.com> - 1.0.7-1
e5bab28 
- Change xguest init script to have proper summary
e5bab28
f0c268c 
* Thu Jan 22 2009 Dan Walsh <dwalsh@redhat.com> - 1.0.6-8
f0c268c 
- Modify xguest to be able to be installed in a livecd
f0c268c
537ade5 
* Fri Apr 4 2008 Dan Walsh <dwalsh@redhat.com> - 1.0.6-7
537ade5 
- Require newer version of policy
537ade5
705a9e9 
* Wed Mar 19 2008 Dan Walsh <dwalsh@redhat.com> - 1.0.6-6
705a9e9 
- Change gecos field to say "Guest"
705a9e9
164a047 
* Wed Feb 27 2008 Dan Walsh <dwalsh@redhat.com> - 1.0.6-5
164a047 
- Leave xguest_u assignment on preun and always set the user to xguest_u on install
164a047
Florian La Roche 29e8a96 
* Mon Feb 11 2008 Florian La Roche <laroche@redhat.com> - 1.0.6-4
Florian La Roche 29e8a96 
- fix post requires on pam
Florian La Roche 29e8a96
d69a969 
* Thu Jan 31 2008 Dan Walsh <dwalsh@redhat.com> - 1.0.6-3
78ac101 
- Add support for exclusive login for xguest
78ac101
b94f200 
* Tue Dec 18 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.6-2
b94f200 
- Remove lines from namespace.init on package removal
b94f200
b94f200 
* Mon Dec 17 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.6-1
b94f200 
- Remove xguest init.d script on uninstall
b94f200 
- Fix description
b94f200
b94f200
b94f200 
* Fri Dec 7 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.5-2
b94f200 
- Turn on the xguest booleans
b94f200
b94f200 
* Fri Dec 7 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.5-1
b94f200 
- Allow xguest to run nm-applet
b94f200
b94f200 
* Tue Nov 27 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.4-2
b94f200 
- Fix permissions on /etc/init.d/xguest
b94f200
b94f200 
* Wed Nov 21 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.4-1
b94f200 
- Add mount code to allow sharing of file system so hal and automount will work.
b94f200 
- I have added an initscript to set the / as shared and /tmp, /var/tmp and /home/xguest as private
b94f200
b94f200 
* Fri Oct 26 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.3-1
b94f200 
- Remove exit lines
b94f200 
- Add LICENSE
b94f200
b94f200 
* Mon Oct 22 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.2-1
b94f200 
- Cleanup spec file
b94f200
b94f200 
* Mon Oct 22 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.1-2
b94f200 
- Turn on allow_polyinstantiation boolean
b94f200
b94f200 
* Fri Oct 12 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.1-1
b94f200 
- Add sabayon support
b94f200
b94f200 
* Thu Sep 13 2007 Dan Walsh <dwalsh@redhat.com> - 1.0.0-1
b94f200 
- Initial version
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.