Fix fixfiles to use exclude_dirs on fixfiles restore

2013-02-28 15:31:20 -05:00 · 2013-02-28 15:31:20 -05:00 · 5324d20ca0
commit 5324d20ca0
parent 10913b779d 1dd3bee373
1 changed files with 53 additions and 63 deletions
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -1,8 +1,8 @@
-%define	libauditver	2.1.3-4
-%define libsepolver 	2.1.9-1
-%define	libsemanagever	2.1.10-1
-%define	libselinuxver	2.1.13-1
-%define	sepolgenver	1.1.9
+%global	libauditver	2.1.3-4
+%global libsepolver	2.1.9-1
+%global	libsemanagever	2.1.10-1
+%global	libselinuxver	2.1.13-1
+%global	sepolgenver	1.1.9

 Summary: SELinux policy core utilities
 Name:	 policycoreutils
@ -11,8 +11,8 @@ Release: 15%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
-Source:  git://oss.tresys.com/git/selinux/policycoreutils-%{version}.tgz
-Source1: git://oss.tresys.com/git/selinux/sepolgen-%{sepolgenver}.tgz
+Source:	git://oss.tresys.com/git/selinux/policycoreutils-%{version}.tgz
+Source1:git://oss.tresys.com/git/selinux/sepolgen-%{sepolgenver}.tgz
 URL:	 http://www.selinuxproject.org
 Source2: policycoreutils_man_ru2.tar.bz2
 Source3: system-config-selinux.png
@ -23,20 +23,15 @@ Conflicts: filesystem < 3
 Provides: /sbin/fixfiles
 Provides: /sbin/restorecon

-%global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")
-
-%global pkgpythondir  %{python_sitelib}/%{name}
-
-BuildRequires: pam-devel libcgroup-devel libsepol-static >= %{libsepolver} libsemanage-static >= %{libsemanagever} libselinux-devel >= %{libselinuxver}  libcap-devel audit-libs-devel >=  %{libauditver} gettext
+BuildRequires:	pam-devel libcgroup-devel libsepol-static >= %{libsepolver} libsemanage-static >= %{libsemanagever} libselinux-devel >= %{libselinuxver}  libcap-devel audit-libs-devel >=  %{libauditver} gettext
 BuildRequires: desktop-file-utils dbus-devel dbus-glib-devel
 BuildRequires: python-devel setools-devel >= 3.3.7-14
-Requires: /bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
-BuildRequires:  systemd-units
+Requires:	/bin/mount /bin/egrep /bin/awk /usr/bin/diff rpm /bin/sed
+BuildRequires:	systemd-units
 Requires: libsepol >= %{libsepolver} coreutils libselinux-utils >=  %{libselinuxver}
 Requires(post): systemd-units systemd-sysv
 Requires(preun): systemd-units
 Requires(postun): systemd-units
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

 %description
 Security-enhanced Linux is a feature of the Linux® kernel and a number
@ -65,7 +60,6 @@ make LSPP_PRIV=y SBINDIR="%{_sbindir}" LIBDIR="%{_libdir}" CFLAGS="%{optflags} -
 make -C sepolgen-%{sepolgenver} SBINDIR="%{_sbindir}" LSPP_PRIV=y LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fPIE" LDFLAGS="-pie -Wl,-z,relro" all 

 %install
-rm -rf %{buildroot}
 mkdir -p %{buildroot}/var/lib/selinux
 mkdir -p %{buildroot}%{_bindir}
 mkdir -p %{buildroot}%{_sbindir}
@ -90,14 +84,13 @@ rm -f %{buildroot}/usr/sbin/open_init_pty

 ln -sf /usr/share/system-config-selinux/polgengui.py %{buildroot}%{_bindir}/selinux-polgengui

-desktop-file-install	--vendor fedora \
-			--dir ${RPM_BUILD_ROOT}%{_datadir}/applications	\
+desktop-file-install --dir ${RPM_BUILD_ROOT}%{_datadir}/applications	\
 			--add-category Settings				\
-                        %{buildroot}%{_datadir}/system-config-selinux/system-config-selinux.desktop
+%{buildroot}%{_datadir}/system-config-selinux/system-config-selinux.desktop
+
+desktop-file-install --dir ${RPM_BUILD_ROOT}%{_datadir}/applications	\
+%{buildroot}%{_datadir}/system-config-selinux/selinux-polgengui.desktop

-desktop-file-install	--vendor fedora \
-			--dir ${RPM_BUILD_ROOT}%{_datadir}/applications	\
-                        %{buildroot}%{_datadir}/system-config-selinux/selinux-polgengui.desktop
 rm -f %{buildroot}%{_datadir}/system-config-selinux/selinux-polgengui.desktop
 rm -f %{buildroot}%{_datadir}/system-config-selinux/system-config-selinux.desktop

@ -106,28 +99,28 @@ rm -f %{buildroot}%{_datadir}/system-config-selinux/system-config-selinux.deskto
 %package python
 Summary: SELinux policy core python utilities
 Group:	 System Environment/Base
-Requires: policycoreutils = %{version}-%{release} 
-Requires: libsemanage-python >= %{libsemanagever} libselinux-python libcgroup
-Requires: audit-libs-python >=  %{libauditver} 
+Requires:policycoreutils = %{version}-%{release} 
+Requires:libsemanage-python >= %{libsemanagever} libselinux-python libcgroup
+Requires:audit-libs-python >=  %{libauditver} 
 Requires(pre): python >= 2.6
 Obsoletes: policycoreutils < 2.0.61-2
 Requires: python-IPy yum

 %description python
-The policycoreutils-python package contains the management tools use to manage an SELinux environment.
+The policycoreutils-python package contains the management tools use to manage 
+an SELinux environment.

 %files python
-%defattr(-,root,root,-)
 %{_sbindir}/semanage
 %{_bindir}/chcat
 %{_bindir}/sandbox
 %{_bindir}/sepolicy
-%{python_sitelib}/seobject.py*
-%{python_sitelib}/sepolgen
-%{python_sitelib}/sepolicy
-%{python_sitelib}/%{name}*.egg-info
-%{python_sitelib}/sepolicy*.egg-info
-%{pkgpythondir}
+%{python_sitearch}/seobject.py*
+%{python_sitearch}/sepolgen
+%{python_sitearch}/sepolicy
+%{python_sitearch}/%{name}*.egg-info
+%{python_sitearch}/sepolicy*.egg-info
+%{python_sitearch}/%{name}
 %dir  /var/lib/selinux
 %{_mandir}/man8/chcat.8*
 %{_mandir}/ru/man8/chcat.8*
@ -153,7 +146,6 @@ Requires: selinux-policy-devel selinux-policy-doc
 The policycoreutils-devel package contains the management tools use to develop policy in an SELinux environment.

 %files devel
-%defattr(-,root,root,-)
 %{_bindir}/audit2allow
 %{_bindir}/audit2why
 %{_bindir}/sepolgen
@ -182,10 +174,10 @@ Requires: openbox
 BuildRequires: libcap-ng-devel

 %description sandbox
-The policycoreutils-sandbox package contains the scripts to create graphical sandboxes
+The policycoreutils-sandbox package contains the scripts to create graphical 
+sandboxes

 %files sandbox
-%defattr(-,root,root,-)
 %config(noreplace) %{_sysconfdir}/sysconfig/sandbox
 %{_datadir}/sandbox/sandboxX.sh
 %{_datadir}/sandbox/start
@ -203,7 +195,6 @@ RBAC/MLS policy machines require newrole as a way of changing the role
 or level of a logged in user.

 %files newrole
-%defattr(-,root,root)
 %attr(0755,root,root) %caps(cap_dac_read_search,cap_setpcap,cap_audit_write,cap_sys_admin,cap_fowner,cap_chown,cap_dac_override=pe) %{_bindir}/newrole

 %{_mandir}/man1/newrole.1.gz
@ -222,11 +213,10 @@ BuildRequires: desktop-file-utils
 system-config-selinux is a utility for managing the SELinux environment

 %files gui
-%defattr(-,root,root)
 %{_bindir}/system-config-selinux
 %{_bindir}/selinux-polgengui
-%{_datadir}/applications/fedora-system-config-selinux.desktop
-%{_datadir}/applications/fedora-selinux-polgengui.desktop
+%{_datadir}/applications/system-config-selinux.desktop
+%{_datadir}/applications/selinux-polgengui.desktop
 %{_datadir}/icons/hicolor/24x24/apps/system-config-selinux.png
 %{_datadir}/pixmaps/system-config-selinux.png
 %{_datadir}/polkit-1/actions/org.fedoraproject.config.selinux.policy
@ -235,11 +225,8 @@ system-config-selinux is a utility for managing the SELinux environment
 %{_datadir}/system-config-selinux/*.py*
 %{_datadir}/system-config-selinux/*.glade

-%clean
-rm -rf %{buildroot}

 %files -f %{name}.lang
-%defattr(-,root,root)
 %{_sbindir}/restorecon
 %{_sbindir}/fixfiles
 %{_sbindir}/setfiles
@ -298,7 +285,6 @@ Group:	 System Environment/Base
 The policycoreutils-restorecond package contains the restorecond service.

 %files restorecond
-%defattr(-,root,root,-)
 %{_sbindir}/restorecond
 %{_unitdir}/restorecond.service
 %config(noreplace) %{_sysconfdir}/selinux/restorecond.conf
@ -335,6 +321,10 @@ The policycoreutils-restorecond package contains the restorecond service.
 - Update trans
 - Fix sepolicy reorganization of helper functions.

+* Sun Feb 24 2013 Rahul Sundaram <sundaram@fedoraproject.org> - 2.1.14-13
+- remove vendor tag from desktop file. https://fedorahosted.org/fpc/ticket/247
+- clean up spec to follow current guidelines
+
 * Fri Feb 22 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-12
 - Do not load interface file by default when sepolicy is called, mov get_all_methods to the sepolicy package

@ -1344,7 +1334,7 @@ the bounding set will be dropped.
 - Move seunshare to sandbox package

 * Mon Nov 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.84-3
- Fix sandbox to show correct types in  usage statement
+- Fix sandbox to show correct types in usage statement

 * Mon Nov 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.84-2
 - Stop fixfiles from complaining about missing dirs
@ -1367,7 +1357,7 @@ the bounding set will be dropped.

 * Fri Oct 29 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-33
 - Move /etc/pam.d/newrole in to polcicycoreutils-newrole
- Additiona capability  checking in sepolgen
+- Additional capability checking in sepolgen

 * Mon Oct 25 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-32
 - Remove setuid flag and replace with file capabilities
@ -1407,7 +1397,7 @@ the bounding set will be dropped.
 - Update po

 * Tue Aug 24 2010 Dan Walsh <dwalsh@redhat.com> 2.0.83-20
- Tighten down seunshare to create /tmp dir with sticky bit and  MS_NODEV | MS_NOSUID | MS_NOEXEC;
+- Tighten down seunshare to create /tmp dir with sticky bit and MS_NODEV | MS_NOSUID | MS_NOEXEC;
 - Remove setsid on seunshare so ^c on sandbox will cause apps to exit
 - Add dbus-launch --exit-with-session so all processes launched within the sandbox exit with the sandbox
 - Clean up error handling so error will get sent back to sandbox tool
@ -1792,9 +1782,9 @@ Resolves: 555835

 * Tue Sep 8 2009 Dan Walsh <dwalsh@redhat.com> 2.0.73-1
 - Update to upstream
-        * Add semanage dontaudit to turn off dontaudits from Dan Walsh.
-        * Fix semanage to set correct mode for setrans file from Dan Walsh.
-        * Fix malformed dictionary in portRecord from Dan Walsh.
+	* Add semanage dontaudit to turn off dontaudits from Dan Walsh.
+	* Fix semanage to set correct mode for setrans file from Dan Walsh.
+	* Fix malformed dictionary in portRecord from Dan Walsh.
 	* Restore symlink handling support to restorecon based on a patch by
 	Martin Orr.  This fixes the restorecon /dev/stdin performed by Debian
 	udev scripts that was broken by policycoreutils 2.0.70.
@ -1947,7 +1937,7 @@ Resolves: 555835
 - Update to upstream
 	* Add btrfs to fixfiles from Dan Walsh.
 	* Remove restorecond error for matching globs with multiple hard links
- 	  and fix some error messages from Dan Walsh.
+	and fix some error messages from Dan Walsh.
 	* Make removing a non-existant module a warning rather than an error
 	  from Dan Walsh.
 	* Man page fixes from Dan Walsh.
@ -2179,7 +2169,7 @@ Resolves: 555835
 - Remove /usr/share/locale/sr@Latn/LC_MESSAGES/policycoreutils.mo

 * Wed May 7 2008 Dan Walsh <dwalsh@redhat.com> 2.0.47-2
- Add 	rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* to fixfiles restore
+- Add rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* to fixfiles restore
 - So that mislabeled files will get removed on full relabel

 * Wed May 7 2008 Dan Walsh <dwalsh@redhat.com> 2.0.47-1
@ -2498,7 +2488,7 @@ Resolves: 555835

 * Mon Aug 20 2007 Dan Walsh <dwalsh@redhat.com> 2.0.23-1
 - Update to match NSA
-  	* Disable dontaudits via semodule -D
+	* Disable dontaudits via semodule -D

 * Wed Aug 1 2007 Dan Walsh <dwalsh@redhat.com> 2.0.22-13
 - Speed up genhomedircon by an order of magnitude by compiling regex
@ -3016,13 +3006,13 @@ Resolves: #208838
 * Thu Aug 3 2006 Dan Walsh <dwalsh@redhat.com> 1.30.25-1
 - Update to upstream
 	* Merged patch from Dan Walsh with:
-	  * audit2allow: process MAC_POLICY_LOAD events
-	  * newrole:  run shell with - prefix to start a login shell
-	  * po:  po file updates
-	  * restorecond:  bail if SELinux not enabled
-	  * fixfiles: omit -q 
-	  * genhomedircon:  fix exit code if non-root
-	  * semodule_deps:  install man page
+		* audit2allow: process MAC_POLICY_LOAD events
+		* newrole: run shell with - prefix to start a login shell
+		* po: po file updates
+		* restorecond: bail if SELinux not enabled
+		* fixfiles: omit -q 
+		* genhomedircon:  fix exit code if non-root
+		* semodule_deps:  install man page
 	* Merged secon Makefile fix from Joshua Brindle.
 	* Merged netfilter contexts support patch from Chris PeBenito.

@ -3537,7 +3527,7 @@ Resolves: #208838
 * Thu Oct 20 2005 Dan Walsh <dwalsh@redhat.com> 1.27.18-1
 - Update to match NSA
 	* Cleaned up usage and error messages and releasing of memory by
-   	  semodule_* utilities.
+	semodule utilities.
 	* Corrected error reporting by semodule.
 	* Updated semodule_expand for change to sepol interface.
 	* Merged fixes for make DESTDIR= builds from Joshua Brindle.
@ -3740,7 +3730,7 @@ Resolves: #208838

 * Wed Apr 6 2005 Dan Walsh <dwalsh@redhat.com> 1.23.3-1
 - Update to version from NSA
-        * Merged context validation patch for genhomedircon from Eric Paris.
+	* Merged context validation patch for genhomedircon from Eric Paris.
 - Fix verbose output of restorecon

 * Thu Mar 17 2005 Dan Walsh <dwalsh@redhat.com> 1.23.2-1
@ -3787,7 +3777,7 @@ Resolves: #208838

 * Tue Feb 22 2005 Dan Walsh <dwalsh@redhat.com> 1.21.19-1
 - Update to latest from NSA
-        * Merged several fixes from Ulrich Drepper.
+	* Merged several fixes from Ulrich Drepper.

 * Mon Feb 21 2005 Dan Walsh <dwalsh@redhat.com> 1.21.18-2
 - Apply Uli patch