[packages/selinux-mcstrans] - split from policycoreutils - added init patch (PLDify init script)
qboosh
qboosh at pld-linux.org
Fri Nov 17 18:09:36 CET 2017
commit 0871a493e59ed5d51e178df84eb6dac55c6fd067
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Fri Nov 17 18:10:23 2017 +0100
- split from policycoreutils
- added init patch (PLDify init script)
mcstrans-init.patch | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++
selinux-mcstrans.spec | 92 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 193 insertions(+)
---
diff --git a/selinux-mcstrans.spec b/selinux-mcstrans.spec
new file mode 100644
index 0000000..13eebea
--- /dev/null
+++ b/selinux-mcstrans.spec
@@ -0,0 +1,92 @@
+Summary: MCS (Multiple Category System) SELinux service
+Summary(pl.UTF-8): Usługa SELinuksa MCS (Multiple Category System)
+Name: selinux-mcstrans
+Version: 2.7
+Release: 1
+License: GPL v2
+Group: Daemons
+#Source0Download: https://github.com/SELinuxProject/selinux/wiki/Releases
+Source0: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/mcstrans-%{version}.tar.gz
+# Source0-md5: edba0f72fdf7fdd1ad0a2c6d102e8cfa
+Patch0: mcstrans-init.patch
+URL: https://github.com/SELinuxProject/selinux/wiki
+BuildRequires: gcc >= 6:3.4
+BuildRequires: libcap-devel
+BuildRequires: libselinux-devel >= 2.7
+BuildRequires: libsepol-static >= 2.7
+BuildRequires: pcre-devel
+Requires(post,preun): /sbin/chkconfig
+Requires: libselinux >= 2.7
+Requires: rc-scripts
+Obsoletes: policycoreutils-mcstrans < 2.7
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+Security-enhanced Linux is a patch of the Linux kernel and a number of
+utilities with enhanced security functionality designed to add
+mandatory access controls to Linux. The Security-enhanced Linux kernel
+contains new architectural components originally developed to improve
+the security of the Flask operating system. These architectural
+components provide general support for the enforcement of many kinds
+of mandatory access control policies, including those based on the
+concepts of Type Enforcement, Role-based Access Control, and
+Multi-level Security.
+
+This package contains MCS (Multiple Category System) SELinux service.
+
+%description -l pl.UTF-8
+Security-enhanced Linux jest prototypem jądra Linuksa i wielu
+aplikacji użytkowych o funkcjach podwyższonego bezpieczeństwa.
+Zaprojektowany jest tak, aby w prosty sposób ukazać znaczenie
+obowiązkowej kontroli dostępu dla społeczności linuksowej. Ukazuje
+również jak taką kontrolę można dodać do istniejącego systemu typu
+Linux. Jądro SELinux zawiera nowe składniki architektury pierwotnie
+opracowane w celu ulepszenia bezpieczeństwa systemu operacyjnego
+Flask. Te elementy zapewniają ogólne wsparcie we wdrażaniu wielu typów
+polityk obowiązkowej kontroli dostępu, włączając te wzorowane na: Type
+Enforcement (TE), kontroli dostępu opartej na rolach (RBAC) i
+zabezpieczeniach wielopoziomowych.
+
+Ten pakiet zawiera usługę SELinuksa MCS (Multiple Category System).
+
+%prep
+%setup -q -n mcstrans-%{version}
+%patch0 -p1
+
+%build
+CFLAGS="%{rpmcflags} %{rpmcppflags} -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute" \
+%{__make} \
+ CC="%{__cc}" \
+ LIBDIR="%{_libdir}"
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%{__make} install \
+ DESTDIR=$RPM_BUILD_ROOT \
+ LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
+ SYSTEMDDIR=$RPM_BUILD_ROOT/lib/systemd \
+ LIBSEPOLA=%{_libdir}/libsepol.a
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+/sbin/chkconfig --add mcstrans
+%service mcstrans restart
+
+%preun
+if [ "$1" = "0" ]; then
+ %service mcstrans stop
+ /sbin/chkconfig --del mcstrans
+fi
+
+%files
+%defattr(644,root,root,755)
+%doc TODO
+%attr(755,root,root) /sbin/mcstransd
+%attr(754,root,root) /etc/rc.d/init.d/mcstrans
+%{systemdunitdir}/mcstrans.service
+%{_mandir}/man8/mcs.8*
+%{_mandir}/man8/mcstransd.8*
+%{_mandir}/man8/setrans.conf.8*
diff --git a/mcstrans-init.patch b/mcstrans-init.patch
new file mode 100644
index 0000000..dfd6dbb
--- /dev/null
+++ b/mcstrans-init.patch
@@ -0,0 +1,101 @@
+--- mcstrans-2.7/src/mcstrans.init.orig 2017-08-04 15:31:00.000000000 +0200
++++ mcstrans-2.7/src/mcstrans.init 2017-11-17 18:05:46.996098451 +0100
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/bin/sh
+ #
+ # mcstransd This starts and stops mcstransd
+ #
+@@ -23,7 +23,9 @@
+ lockfile=/var/lock/subsys/$prog
+
+ # Source function library.
+-. /etc/init.d/functions
++. /etc/rc.d/init.d/functions
++
++[ -f /etc/sysconfig/mcstrans ] && . /etc/sysconfig/mcstrans
+
+ # Allow anyone to run status
+ if [ "$1" = "status" ] ; then
+@@ -41,32 +43,26 @@
+ RETVAL=0
+
+ start(){
+- test -x /sbin/mcstransd || exit 5
+- echo -n $"Starting $prog: "
+- if status $prog > /dev/null; then
+- echo -n $"$prog: already running"
+- failure
+- echo
+- return 1
++ if [ -f $lockfile ]; then
++ msg_already_running "mcstrans"
++ return
+ fi
+-
++ msg_starting "mcstrans"
+ unset HOME MAIL USER USERNAME
+ daemon $prog "$EXTRAOPTIONS"
+ RETVAL=$?
+- echo
+- if test $RETVAL = 0 ; then
+- touch $lockfile
+- fi
+- return $RETVAL
++ [ $RETVAL -eq 0 ] && touch $lockfile
+ }
+
+ stop(){
+- echo -n $"Stopping $prog: "
++ if [ ! -f $lockfile ]; then
++ msg_not_running "mcstrans"
++ return
++ fi
++
++ msg_stopping "mcstrans"
+ killproc $prog
+- RETVAL=$?
+- echo
+ rm -f $lockfile
+- return $RETVAL
+ }
+
+ restart(){
+@@ -75,8 +71,13 @@
+ }
+
+ condrestart(){
+- [ -e $lockfile ] && restart
+- return 0
++ if [ ! -f $lockfile ]; then
++ msg_not_running "mcstrans"
++ RETVAL=$1
++ return
++ fi
++
++ restart
+ }
+
+
+@@ -88,14 +89,17 @@
+ stop)
+ stop
+ ;;
+- restart|force-reload)
++ restart)
+ restart
+ ;;
+- condrestart)
+- condrestart
++ force-reload)
++ condrestart 7
++ ;;
++ try-restart|condrestart)
++ condrestart 0
+ ;;
+ *)
+- echo $"Usage: $0 {start|stop|status|restart|force-reload|condrestart}"
++ msg_usage "$0 {start|stop|restart|try-restart|force-reload|status}"
+ RETVAL=3
+ esac
+
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/selinux-mcstrans.git/commitdiff/0871a493e59ed5d51e178df84eb6dac55c6fd067
More information about the pld-cvs-commit
mailing list