From 1134fab731a6103c58e53f35d50c48fc10342d2b Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 2 Oct 2018 21:28:56 +0200 Subject: [PATCH] Update to mctrans-2.8 - systemctl commands are replaced by systemd rpm macros - mcstransd.service is an alias for mcstrans.service now - use global ld and c flags --- .gitignore | 1 + mcstrans.spec | 42 ++++++------ secolor.conf.8 | 180 +++++++++++++++++++++++++++++++++++++++++++++++++ sources | 2 +- 4 files changed, 201 insertions(+), 24 deletions(-) create mode 100644 secolor.conf.8 diff --git a/.gitignore b/.gitignore index b73c065..9b805df 100644 --- a/.gitignore +++ b/.gitignore @@ -23,3 +23,4 @@ mcstrans-0.3.0.6.tgz mcstrans-0.3.1.tgz /mcstrans-0.3.2.tgz /mcstrans-0.3.4.tgz +/mcstrans-2.8.tar.gz diff --git a/mcstrans.spec b/mcstrans.spec index 8e8bdb5..98b0eba 100644 --- a/mcstrans.spec +++ b/mcstrans.spec @@ -1,18 +1,17 @@ Summary: SELinux Translation Daemon Name: mcstrans -Version: 0.3.4 -Release: 13%{?dist} +Version: 2.8 +Release: 1%{?dist} License: GPL+ -Group: System Environment/Daemons -Source: http://fedora.redhat.com/projects/%{name}-%{version}.tgz -Source1: mcstransd.service +Url: https://github.com/SELinuxProject/selinux/wiki +Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/mcstrans-2.8.tar.gz +Source2: secolor.conf.8 BuildRequires: gcc -BuildRequires: libselinux-devel >= 1.30.3-1 +BuildRequires: libselinux-devel >= %{version} BuildRequires: libcap-devel pcre-devel libsepol-devel libsepol-static -BuildRequires: systemd-units +BuildRequires: systemd Requires: pcre -Requires(pre): systemd-units -Requires(post):systemd-units +%{?systemd_requires} Provides: setransd Provides: libsetrans Obsoletes: libsetrans @@ -36,7 +35,7 @@ from internal representations to user defined representation. %build make clean -make LIBDIR="%{_libdir}" LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now" CFLAGS="%{optflags} -fPIE" %{?_smp_mflags} +make LIBDIR="%{_libdir}" LDFLAGS="%{?__global_ldflags}" CFLAGS="%{__global_cflags}" %{?_smp_mflags} %install rm -rf %{buildroot} @@ -45,30 +44,23 @@ mkdir -p %{buildroot}/%{_libdir} mkdir -p %{buildroot}%{_usr}/share/mcstrans mkdir -p %{buildroot}%{_sysconfdir}/selinux/mls/setrans.d -make DESTDIR="%{buildroot}" LIBDIR="%{buildroot}%{_libdir}" SHLIBDIR="%{buildroot}/%{_lib}" SBINDIR="%{buildroot}%{_sbindir}" install +make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_lib}" SBINDIR="%{_sbindir}" install rm -f %{buildroot}%{_libdir}/*.a cp -r share/* %{buildroot}%{_usr}/share/mcstrans/ # Systemd mkdir -p %{buildroot}%{_unitdir} -install -m644 %{SOURCE1} %{buildroot}%{_unitdir} +ln -s %{_unitdir}/mcstrans.service %{buildroot}/%{_unitdir}/mcstransd.service rm -rf %{buildroot}/%{_sysconfdir}/rc.d/init.d/mcstrans +install -m644 %{SOURCE2} %{buildroot}%{_mandir}/man8/ %post -if [ $1 -eq 1 ] ; then - /usr/bin/systemctl daemon-reload >/dev/null 2>&1 || : -fi +%systemd_post mcstransd.service %preun -if [ $1 -eq 0 ]; then - /usr/bin/systemctl --no-reload mcstransd.service >/dev/null 2>&1 || : - /usr/bin/systemctl stop mcstransd.service > /dev/null 2>&1 || : -fi +%systemd_preun mcstransd.service %postun -/usr/bin/systemctl daemon-reload >/dev/null 2>&1 || : -if [ $1 -ge 1 ]; then - /usr/bin/systemctl try-restart mcstransd.service >/dev/null 2>&1 || : -fi +%systemd_postun mcstransd.service %files %{_mandir}/man8/mcs.8.gz @@ -76,6 +68,7 @@ fi %{_mandir}/man8/setrans.conf.8.gz %{_mandir}/man8/secolor.conf.8.gz /usr/sbin/mcstransd +%{_unitdir}/mcstrans.service %{_unitdir}/mcstransd.service %dir %{_sysconfdir}/selinux/mls/setrans.d @@ -90,6 +83,9 @@ fi %{_usr}/share/mcstrans/util/* %changelog +* Tue Oct 2 2018 Petr Lautrbach - 2.8-1 +- Update to mcstrans-2.8 + * Fri Jul 13 2018 Fedora Release Engineering - 0.3.4-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild diff --git a/secolor.conf.8 b/secolor.conf.8 new file mode 100644 index 0000000..2947aca --- /dev/null +++ b/secolor.conf.8 @@ -0,0 +1,180 @@ +.TH "secolor.conf" "8" "08 April 2011" "SELinux API documentation" +.SH "NAME" +secolor.conf \- The SELinux color configuration file +. +.SH "DESCRIPTION" +The +.I /etc/selinux/{SELINUXTYPE}/secolor.conf +configuation file controls the color to be associated to the context components associated to the +.I raw +context passed by +.BR selinux_raw_context_to_color "(3)," +when context related information is to be displayed in color by an SELinux-aware application. +.sp +.BR selinux_raw_context_to_color "(3)" +obtains this color information from the active policy +.B secolor.conf +file as returned by +.BR selinux_colors_path "(3)." +. +.SH "FILE FORMAT" +The file format is as follows: +.RS +.B color +.I color_name +.BI "= #"color_mask +.br +[...] +.sp +.I context_component string +.B = +.I fg_color_name bg_color_name +.br +[...] +.sp +.RE + +Where: +.br +.B color +.RS +The color keyword. Each color entry is on a new line. +.RE +.I color_name +.RS +A single word name for the color (e.g. red). +.RE +.I color_mask +.RS +A color mask starting with a hash (#) that describes the hexadecimal RGB colors with black being #000000 and white being #ffffff. +.RE +.I context_component +.RS +The context component name that must be one of the following: +.br +.RS +user, role, type or range +.RE +Each +.IR context_component " " string " ..." +entry is on a new line. +.RE +.I string +.RS +This is the +.I context_component +string that will be matched with the +.I raw +context component passed by +.BR selinux_raw_context_to_color "(3)." +.br +A wildcard '*' may be used to match any undefined string for the user, role and type +.I context_component +entries only. +.RE + +.I fg_color_name +.RS +The color_name string that will be used as the foreground color. +A +.I color_mask +may also be used. +.RE +.I bg_color_name +.RS +The color_name string that will be used as the background color. +A +.I color_mask +may also be used. +.RE +. +.SH "EXAMPLES" +Example 1 entries are: +.RS +color black = #000000 +.br +color green = #008000 +.br +color yellow = #ffff00 +.br +color blue = #0000ff +.br +color white = #ffffff +.br +color red = #ff0000 +.br +color orange = #ffa500 +.br +color tan = #D2B48C +.sp +user * = black white +.br +role * = white black +.br +type * = tan orange +.br +range s0\-s0:c0.c1023 = black green +.br +range s1\-s1:c0.c1023 = white green +.br +range s3\-s3:c0.c1023 = black tan +.br +range s5\-s5:c0.c1023 = white blue +.br +range s7\-s7:c0.c1023 = black red +.br +range s9\-s9:c0.c1023 = black orange +.br +range s15:c0.c1023 = black yellow +.RE + +.sp +Example 2 entries are: +.RS +color black = #000000 +.br +color green = #008000 +.br +color yellow = #ffff00 +.br +color blue = #0000ff +.br +color white = #ffffff +.br +color red = #ff0000 +.br +color orange = #ffa500 +.br +color tan = #d2b48c +.sp +user unconfined_u = #ff0000 green +.br +role unconfined_r = red #ffffff +.br +type unconfined_t = red orange +.br +user user_u = black green +.br +role user_r = white black +.br +type user_t = tan red +.br +user xguest_u = black yellow +.br +role xguest_r = black red +.br +type xguest_t = black green +.br +user sysadm_u = white black +.br +range s0:c0.c1023 = black white +.br +user * = black white +.br +role * = black white +.br +type * = black white +.RE +. +.SH "SEE ALSO" +.BR mcstransd "(8), " selinux_raw_context_to_color "(3), " selinux_colors_path "(3)" diff --git a/sources b/sources index 482bdb4..d0a596b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -69e85fa2e0e721ca40f0eb2098841da5 mcstrans-0.3.4.tgz +SHA512 (mcstrans-2.8.tar.gz) = b20b369fea926ed55db4e454e82ef842fd39a8194190c9feb063b36126f6334f9d3401ef1c3636c03230a813c69648b5efbcc35b163387495175cde80dd6bd39