[packages/selinux-mcstrans] - split from policycoreutils - added init patch (PLDify init script)

qboosh qboosh at pld-linux.org
Fri Nov 17 18:09:36 CET 2017 

commit 0871a493e59ed5d51e178df84eb6dac55c6fd067
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Fri Nov 17 18:10:23 2017 +0100

    - split from policycoreutils
    - added init patch (PLDify init script)

 mcstrans-init.patch   | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++
 selinux-mcstrans.spec |  92 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 193 insertions(+)
---
diff --git a/selinux-mcstrans.spec b/selinux-mcstrans.spec
new file mode 100644
index 0000000..13eebea
--- /dev/null
+++ b/selinux-mcstrans.spec
@@ -0,0 +1,92 @@
+Summary:	MCS (Multiple Category System) SELinux service
+Summary(pl.UTF-8):	Usługa SELinuksa MCS (Multiple Category System)
+Name:		selinux-mcstrans
+Version:	2.7
+Release:	1
+License:	GPL v2
+Group:		Daemons
+#Source0Download: https://github.com/SELinuxProject/selinux/wiki/Releases
+Source0:	https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/mcstrans-%{version}.tar.gz
+# Source0-md5:	edba0f72fdf7fdd1ad0a2c6d102e8cfa
+Patch0:		mcstrans-init.patch
+URL:		https://github.com/SELinuxProject/selinux/wiki
+BuildRequires:	gcc >= 6:3.4
+BuildRequires:	libcap-devel
+BuildRequires:	libselinux-devel >= 2.7
+BuildRequires:	libsepol-static >= 2.7
+BuildRequires:	pcre-devel
+Requires(post,preun):	/sbin/chkconfig
+Requires:	libselinux >= 2.7
+Requires:	rc-scripts
+Obsoletes:	policycoreutils-mcstrans < 2.7
+BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+Security-enhanced Linux is a patch of the Linux kernel and a number of
+utilities with enhanced security functionality designed to add
+mandatory access controls to Linux. The Security-enhanced Linux kernel
+contains new architectural components originally developed to improve
+the security of the Flask operating system. These architectural
+components provide general support for the enforcement of many kinds
+of mandatory access control policies, including those based on the
+concepts of Type Enforcement, Role-based Access Control, and
+Multi-level Security.
+
+This package contains MCS (Multiple Category System) SELinux service.
+
+%description -l pl.UTF-8
+Security-enhanced Linux jest prototypem jądra Linuksa i wielu
+aplikacji użytkowych o funkcjach podwyższonego bezpieczeństwa.
+Zaprojektowany jest tak, aby w prosty sposób ukazać znaczenie
+obowiązkowej kontroli dostępu dla społeczności linuksowej. Ukazuje
+również jak taką kontrolę można dodać do istniejącego systemu typu
+Linux. Jądro SELinux zawiera nowe składniki architektury pierwotnie
+opracowane w celu ulepszenia bezpieczeństwa systemu operacyjnego
+Flask. Te elementy zapewniają ogólne wsparcie we wdrażaniu wielu typów
+polityk obowiązkowej kontroli dostępu, włączając te wzorowane na: Type
+Enforcement (TE), kontroli dostępu opartej na rolach (RBAC) i
+zabezpieczeniach wielopoziomowych.
+
+Ten pakiet zawiera usługę SELinuksa MCS (Multiple Category System).
+
+%prep
+%setup -q -n mcstrans-%{version}
+%patch0 -p1
+
+%build
+CFLAGS="%{rpmcflags} %{rpmcppflags} -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute" \
+%{__make} \
+	CC="%{__cc}" \
+	LIBDIR="%{_libdir}"
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%{__make} install \
+	DESTDIR=$RPM_BUILD_ROOT \
+	LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
+	SYSTEMDDIR=$RPM_BUILD_ROOT/lib/systemd \
+	LIBSEPOLA=%{_libdir}/libsepol.a
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+/sbin/chkconfig --add mcstrans
+%service mcstrans restart
+
+%preun
+if [ "$1" = "0" ]; then
+	%service mcstrans stop
+	/sbin/chkconfig --del mcstrans
+fi
+
+%files
+%defattr(644,root,root,755)
+%doc TODO
+%attr(755,root,root) /sbin/mcstransd
+%attr(754,root,root) /etc/rc.d/init.d/mcstrans
+%{systemdunitdir}/mcstrans.service
+%{_mandir}/man8/mcs.8*
+%{_mandir}/man8/mcstransd.8*
+%{_mandir}/man8/setrans.conf.8*
diff --git a/mcstrans-init.patch b/mcstrans-init.patch
new file mode 100644
index 0000000..dfd6dbb
--- /dev/null
+++ b/mcstrans-init.patch
@@ -0,0 +1,101 @@
+--- mcstrans-2.7/src/mcstrans.init.orig	2017-08-04 15:31:00.000000000 +0200
++++ mcstrans-2.7/src/mcstrans.init	2017-11-17 18:05:46.996098451 +0100
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/bin/sh
+ #
+ # mcstransd        This starts and stops mcstransd
+ #
+@@ -23,7 +23,9 @@
+ lockfile=/var/lock/subsys/$prog
+ 
+ # Source function library.
+-. /etc/init.d/functions
++. /etc/rc.d/init.d/functions
++
++[ -f /etc/sysconfig/mcstrans ] && . /etc/sysconfig/mcstrans
+ 
+ # Allow anyone to run status
+ if [ "$1" = "status" ] ; then
+@@ -41,32 +43,26 @@
+ RETVAL=0
+ 
+ start(){
+-	test -x /sbin/mcstransd  || exit 5
+-	echo -n $"Starting $prog: "
+-	if status $prog > /dev/null; then
+-		echo -n $"$prog: already running"
+-		failure
+-		echo
+-		return 1
++	if [ -f $lockfile ]; then
++		msg_already_running "mcstrans"
++		return
+ 	fi
+-
++	msg_starting "mcstrans"
+ 	unset HOME MAIL USER USERNAME
+ 	daemon $prog "$EXTRAOPTIONS"
+ 	RETVAL=$?
+-	echo
+-	if test $RETVAL = 0 ; then
+-        	touch $lockfile
+-	fi
+-	return $RETVAL
++	[ $RETVAL -eq 0 ] && touch $lockfile
+ }
+ 
+ stop(){
+-	echo -n $"Stopping $prog: "
++	if [ ! -f $lockfile ]; then
++		msg_not_running "mcstrans"
++		return
++	fi
++
++	msg_stopping "mcstrans"
+ 	killproc $prog
+-	RETVAL=$?
+-	echo
+ 	rm -f $lockfile
+-	return $RETVAL
+ }
+ 
+ restart(){
+@@ -75,8 +71,13 @@
+ }
+ 
+ condrestart(){
+-	[ -e $lockfile ] && restart
+-	return 0
++	if [ ! -f $lockfile ]; then
++		msg_not_running "mcstrans"
++		RETVAL=$1
++		return
++	fi
++
++	restart
+ }
+ 
+ 
+@@ -88,14 +89,17 @@
+     stop)
+ 	stop
+ 	;;
+-    restart|force-reload)
++    restart)
+ 	restart
+ 	;;
+-    condrestart)
+-	condrestart
++    force-reload)
++	condrestart 7
++	;;
++    try-restart|condrestart)
++	condrestart 0
+ 	;;
+     *)
+-	echo $"Usage: $0 {start|stop|status|restart|force-reload|condrestart}"
++	msg_usage "$0 {start|stop|restart|try-restart|force-reload|status}"
+ 	RETVAL=3
+ esac
+ 
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/selinux-mcstrans.git/commitdiff/0871a493e59ed5d51e178df84eb6dac55c6fd067

More information about the pld-cvs-commit mailing list