setools/setools.spec

456 lines
14 KiB
RPMSpec
Raw Normal View History

Summary: SELinux tools for managing policy
Name: setools
2006-05-03 17:54:10 +00:00
Version: 2.4
2006-05-23 22:10:45 +00:00
Release: 2
License: GPL
Group: System Environment/Base
URL: http://www.tresys.com/
2005-03-02 20:06:30 +00:00
Source: http://www.tresys.com/Downloads/selinux-tools/setools-%{version}.tar.bz2
Source1: setools.pam
Source4: seaudit.console
Source5: apol.desktop
Source7: seaudit.desktop
2005-03-02 20:06:30 +00:00
Source9: sediffx.desktop
2006-04-11 13:34:08 +00:00
Source10: seaudit.png
Source11: apol.png
Source12: sediffx.png
Prefix: %{_prefix}
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
2005-04-20 15:14:24 +00:00
Requires: checkpolicy, policycoreutils, tcl >= 8.3
Buildrequires: tk-devel >= 8.3, tcl-devel >= 8.3
2005-04-05 13:53:20 +00:00
BuildRequires: gtk2-devel, libglade2-devel
BuildRequires: libselinux-devel, libxml2-devel
2005-04-05 13:53:20 +00:00
BuildRequires: libcap-devel
BuildPrereq: bison, flex, pkgconfig
Patch0: setools-rhat.patch
%description
Security-enhanced Linux is a patch of the Linux kernel and a number of
utilities with enhanced security functionality designed to add
mandatory access
controls to Linux. The Security-enhanced Linux kernel contains new
architectural components originally developed to improve the security
of the Flask
operating system. These architectural components provide general
support for the
enforcement of many kinds of mandatory access control policies, including
those
based on the concepts of Type Enforcement, Role-based Access Control, and
Multi-level Security.
The tools and libraries in this release include:
2005-11-03 21:51:53 +00:00
1. libapol: The main policy.conf analysis library, which is the core
library for all our tools.
2005-11-03 21:53:20 +00:00
See the help files for apol for help on using the
tools.
%package gui
Summary: Graphical tools for handling SETools
Group: System Environment/Base
2005-04-05 13:53:20 +00:00
Requires: %{name} = %{version}-%{release}
Requires: tk >= 8.3, libglade2 > 2, usermode
%description gui
Security-enhanced Linux is a patch of the Linux kernel and a number of
utilities with enhanced security functionality designed to add
mandatory access
controls to Linux. The Security-enhanced Linux kernel contains new
architectural components originally developed to improve
the security of the Flask
operating system. These architectural components provide
general support for the
enforcement of many kinds of mandatory access control policies,
including those
based on the concepts of Type Enforcement, Role-based Access Control, and
Multi-level Security.
The tools and libraries in this release include:
1. apol: The GUI-based policy analysis tool.
2005-11-03 21:53:20 +00:00
2. awish: A version of the TCL/TK wish interpreter that includes the
setools libraries. We use this to test our GUIs (apol have the
interpreter compiled within them). One could conceivably write one's own
GUI tools using TCL/TK as extended via awish.
2005-11-03 21:53:20 +00:00
See the help files for apol for help on using the
tools.
%prep
%setup -q
%patch0 -p1 -b .rhat
%build
make clean
2006-04-11 13:34:08 +00:00
make INSTALL_HELPDIR=/usr/share/doc/setools-%{version} LIBDIR=%{_libdir} all
%install
rm -rf ${RPM_BUILD_ROOT}
mkdir -p $RPM_BUILD_ROOT/%{_bindir}
mkdir -p $RPM_BUILD_ROOT/%{_sbindir}
mkdir -p $RPM_BUILD_ROOT/%_libdir
mkdir -p $RPM_BUILD_ROOT%{_includedir}/selinux/apol
mkdir -p $RPM_BUILD_ROOT/usr/share/doc/setools-%{version}
2004-11-01 16:00:13 +00:00
mkdir -p $RPM_BUILD_ROOT/usr/share/tcl8.4
2006-04-11 13:34:08 +00:00
mkdir -p $RPM_BUILD_ROOT/usr/share/pixmaps
make DESTDIR="${RPM_BUILD_ROOT}" INSTALL_HELPDIR=$RPM_BUILD_ROOT/usr/share/doc/setools-%{version} LIBDIR=%{_libdir} install install-bwidget
rm -f ${RPM_BUILD_ROOT}/usr/bin/findcon
rm -f ${RPM_BUILD_ROOT}/usr/bin/replcon
2004-11-01 16:00:13 +00:00
rm -f ${RPM_BUILD_ROOT}/usr/bin/searchcon
rm -f ${RPM_BUILD_ROOT}/usr/bin/indexcon
rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/searchcon.1
rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/indexcon.1
rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/replcon.1
rm -f ${RPM_BUILD_ROOT}/usr/share/man/man1/findcon.1
2006-05-23 22:10:45 +00:00
rm -rf ${RPM_BUILD_ROOT}%{_includedir}/libsefs/sqlite
install -d -m 755 ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/pam.d/seaudit
install -d -m 755 ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps
install -m 644 %{SOURCE4} ${RPM_BUILD_ROOT}%{_sysconfdir}/security/console.apps/seaudit
install -d -m 755 ${RPM_BUILD_ROOT}%{_datadir}/applications
install -m 664 %{SOURCE5} ${RPM_BUILD_ROOT}%{_datadir}/applications/apol.desktop
install -m 664 %{SOURCE7} ${RPM_BUILD_ROOT}%{_datadir}/applications/seaudit.desktop
install -m 664 %{SOURCE9} ${RPM_BUILD_ROOT}%{_datadir}/applications/sediffx.desktop
2006-04-11 13:34:08 +00:00
install -m 664 %{SOURCE10} ${RPM_BUILD_ROOT}/usr/share/pixmaps/seaudit.png
install -m 664 %{SOURCE11} ${RPM_BUILD_ROOT}/usr/share/pixmaps/apol.png
install -m 664 %{SOURCE12} ${RPM_BUILD_ROOT}/usr/share/pixmaps/sediffx.png
cd $RPM_BUILD_ROOT/%{_bindir}/
ln -sf consolehelper seaudit
%clean
rm -rf ${RPM_BUILD_ROOT}
%files gui
%defattr(-,root,root)
2005-11-03 22:57:49 +00:00
%dir /usr/share/tcl8.4/BWidget-1.7.0
/usr/share/tcl8.4/BWidget-1.7.0/*
%{_bindir}/apol
%{_bindir}/sediffx
%{_bindir}/awish
%{_bindir}/seaudit
%{_sbindir}/seaudit
%{_sbindir}/seaudit-report
%{_datadir}/applications/apol.desktop
%{_datadir}/applications/seaudit.desktop
2005-03-02 20:06:30 +00:00
%{_datadir}/applications/sediffx.desktop
%config(noreplace) %{_sysconfdir}/pam.d/seaudit
%config(noreplace) %{_sysconfdir}/security/console.apps/seaudit
/usr/share/doc/setools-%{version}/apol*
/usr/share/doc/setools-%{version}/seaudit_help.txt
/usr/share/doc/setools-%{version}/types_relation_help.txt
/usr/share/doc/setools-%{version}/dta_help.txt
/usr/share/doc/setools-%{version}/file_relabel_help.txt
/usr/share/doc/setools-%{version}/flow_assertion_help.txt
/usr/share/doc/setools-%{version}/iflow_help.txt
/usr/share/doc/setools-%{version}/obj_perms_help.txt
2006-05-03 17:54:10 +00:00
/usr/share/doc/setools-%{version}/sechecker_help.txt
/usr/share/doc/setools-%{version}/sediff_help.txt
/usr/share/setools/apol.tcl
/usr/share/setools/apol_perm_mapping
/usr/share/setools/apol_perm_mapping_ver12
/usr/share/setools/apol_perm_mapping_ver15
/usr/share/setools/apol_perm_mapping_ver16
/usr/share/setools/apol_perm_mapping_ver17
/usr/share/setools/apol_perm_mapping_ver18
/usr/share/setools/apol_perm_mapping_ver19
/usr/share/setools/apol_perm_mapping_ver20
/usr/share/setools/customize_filter_window.glade
/usr/share/setools/dot_seaudit
/usr/share/setools/filter_window.glade
/usr/share/setools/multifilter_window.glade
/usr/share/setools/prefer_window.glade
/usr/share/setools/query_window.glade
/usr/share/setools/report_window.glade
/usr/share/setools/seaudit-report.conf
/usr/share/setools/seaudit-report.css
/usr/share/setools/seaudit.glade
/usr/share/setools/sediff.glade
%{_mandir}/man1/apol.1.gz
%{_mandir}/man1/sediffx.1.gz
%{_mandir}/man8/seaudit.8.gz
%{_mandir}/man8/seaudit-report.8.gz
2006-04-11 13:34:08 +00:00
%attr(0644,root,root) /usr/share/pixmaps/seaudit.png
%attr(0644,root,root) /usr/share/pixmaps/apol.png
%attr(0644,root,root) /usr/share/pixmaps/sediffx.png
2005-03-02 20:06:30 +00:00
%package devel
Summary: Development environment for SETools
Group: System Environment/Base
2006-05-23 22:10:45 +00:00
Requires: %{name} = %{version}-%{release} sqlite-devel
2005-03-02 20:06:30 +00:00
%description devel
Headers, static libraries and API docs for SETools.
%files devel
2005-05-23 19:01:39 +00:00
%defattr(-,root,root)
%{_includedir}/libapol
%{_includedir}/libseaudit
%{_includedir}/selinux/apol
2006-05-23 22:10:45 +00:00
%{_includedir}/libsefs
%{_libdir}/libsefs.a
%{_libdir}/libapol.a
%{_libdir}/libseaudit.a
%post devel -p /sbin/ldconfig
%postun devel -p /sbin/ldconfig
%files
%defattr(-,root,root)
%{_bindir}/seinfo
%{_bindir}/sesearch
2005-11-03 23:12:13 +00:00
%{_bindir}/sechecker
2005-11-29 17:03:19 +00:00
%{_bindir}/sediff
2004-10-04 19:26:07 +00:00
%dir /usr/share/doc/setools-%{version}
/usr/share/doc/setools-%{version}/KNOWN-BUGS
/usr/share/doc/setools-%{version}/README
%{_mandir}/man1/sechecker.1.gz
%{_mandir}/man1/seinfo.1.gz
%{_mandir}/man1/sediff.1.gz
%{_mandir}/man1/sesearch.1.gz
2006-05-03 17:54:10 +00:00
%attr(755,root,root) %dir /usr/share/setools
%attr(755,root,root) %dir /usr/share/setools/sechecker
%attr(755,root,root) %dir /usr/share/setools/sechecker/profiles
2006-05-03 17:54:10 +00:00
/usr/share/setools/sechecker/profiles/*
%{_libdir}/libapol.so*
%{_libdir}/libseaudit.so*
%{_libdir}/libsefs.so*
%changelog
2006-05-23 22:10:45 +00:00
* Tue May 23 2006 Dan Walsh <dwalsh@redhat.com> 2.4-2
- Remove sqlite include directory
2006-05-03 17:54:10 +00:00
* Wed May 3 2006 Dan Walsh <dwalsh@redhat.com> 2.4-1
- Update from upstream
2006-04-11 13:34:08 +00:00
* Mon Apr 10 2006 Dan Walsh <dwalsh@redhat.com> 2.3-3
- Fix help
- Add icons
* Tue Mar 21 2006 Dan Walsh <dwalsh@redhat.com> 2.3-2
- Remove console apps for sediff, sediffx and apol
2006-02-11 05:41:11 +00:00
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.3-1.2
- bump again for double-long bug on ppc(64)
2006-02-07 13:49:02 +00:00
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.3-1.1
- rebuilt for new gcc4.1 snapshot and glibc changes
* Tue Jan 31 2006 Dan Walsh <dwalsh@redhat.com> 2.3-1
- Update from upstream
* apol:
added new MLS components tab for sensitivities,
levels, and categories.
Changed users tab to support ranges and default
levels.
added range transition tab for searching range
Transition rules.
added new tab for network context components.
added new tab for file system context components.
* libapol:
added binpol support for MLS, network contexts,
and file system contexts.
* seinfo:
added command line options for MLS components.
added command line options for network contexts
and file system contexts.
* sesearch:
added command line option for searching for rules
by conditional boolean name.
* seaudit:
added new column in the log view for the 'comm'
field found in auditd log files.
added filters for the 'comm' field and 'message'
field.
* manpages:
added manpages for all tools.
2005-12-16 23:25:03 +00:00
* Fri Dec 16 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt for new gcj
* Wed Dec 14 2005 Dan Walsh <dwalsh@redhat.com> 2.2-4
- Fix dessktop files
- Apply fixes from bkyoung
2005-12-09 22:43:12 +00:00
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Thu Nov 3 2005 Dan Walsh <dwalsh@redhat.com> 2.2-3
- Move more gui files out of base into gui
2005-11-29 17:03:19 +00:00
* Thu Nov 3 2005 Dan Walsh <dwalsh@redhat.com> 2.2-2
- Move sediff from gui to main package
* Thu Nov 3 2005 Dan Walsh <dwalsh@redhat.com> 2.2-1
2005-11-03 21:51:53 +00:00
- Upgrade to upstream version
2005-10-27 02:33:11 +00:00
* Thu Oct 13 2005 Dan Walsh <dwalsh@redhat.com> 2.1.3-1
- Upgrade to upstream version
* Mon Oct 10 2005 Tomas Mraz <tmraz@redhat.com> 2.1.2-3
- use include instead of pam_stack in pam config
* Thu Sep 1 2005 Dan Walsh <dwalsh@redhat.com> 2.1.2-2
- Fix spec file
* Thu Sep 1 2005 Dan Walsh <dwalsh@redhat.com> 2.1.2-1
- Upgrade to upstream version
2005-08-18 12:23:42 +00:00
* Thu Aug 18 2005 Florian La Roche <laroche@redhat.com>
- do not package debug files into the -devel package
2005-08-18 02:49:21 +00:00
* Wed Aug 17 2005 Jeremy Katz <katzj@redhat.com> - 2.1.1-3
2005-08-18 02:47:52 +00:00
- rebuild against new cairo
2005-05-25 18:56:16 +00:00
* Wed May 25 2005 Dan Walsh <dwalsh@redhat.com> 2.1.1-0
- Upgrade to upstream version
* Mon May 23 2005 Bill Nottingham <notting@redhat.com> 2.1.0-5
- put libraries in the right place (also puts debuginfo in the right
package)
2005-05-23 19:01:39 +00:00
- add %%defattr for -devel too
2005-05-12 16:25:20 +00:00
* Thu May 12 2005 Dan Walsh <dwalsh@redhat.com> 2.1.0-4
- Move sepcut to gui apps.
2005-05-06 12:26:00 +00:00
* Fri May 6 2005 Dan Walsh <dwalsh@redhat.com> 2.1.0-3
- Fix Missing return code.
2005-04-20 15:14:24 +00:00
* Wed Apr 20 2005 Dan Walsh <dwalsh@redhat.com> 2.1.0-2
- Fix requires line
2005-04-19 17:33:10 +00:00
* Tue Apr 19 2005 Dan Walsh <dwalsh@redhat.com> 2.1.0-1
- Update to latest from tresys
2005-04-05 13:53:20 +00:00
* Tue Apr 5 2005 Dan Walsh <dwalsh@redhat.com> 2.0.0-2
- Fix buildrequires lines in spec file
* Tue Mar 2 2005 Dan Walsh <dwalsh@redhat.com> 2.0.0-1
2005-03-02 20:06:30 +00:00
- Update to latest from tresys
* Mon Nov 29 2004 Dan Walsh <dwalsh@redhat.com> 1.5.1-6
- add FALLBACK=true to /etc/security/console.apps/apol
2004-11-10 19:53:31 +00:00
* Wed Nov 10 2004 Dan Walsh <dwalsh@redhat.com> 1.5.1-3
- Add badtcl patch from Tresys.
* Mon Nov 8 2004 Dan Walsh <dwalsh@redhat.com> 1.5.1-2
- Apply malloc problem patch provided by Sami Farin
2004-11-01 16:00:13 +00:00
* Mon Nov 1 2004 Dan Walsh <dwalsh@redhat.com> 1.5.1-1
- Update to latest from Upstream
2004-10-06 21:03:09 +00:00
* Wed Oct 6 2004 Dan Walsh <dwalsh@redhat.com> 1.4.1-5
- Update tresys patch
2004-10-04 19:26:07 +00:00
* Mon Oct 4 2004 Dan Walsh <dwalsh@redhat.com> 1.4.1-4
2004-10-01 16:17:09 +00:00
- Fix directory ownership
* Thu Jul 8 2004 Dan Walsh <dwalsh@redhat.com> 1.4.1-1
- Latest from Tresys
* Wed Jun 23 2004 Dan Walsh <dwalsh@redhat.com> 1.4-5
- Add build requires libselinux
* Tue Jun 22 2004 Dan Walsh <dwalsh@redhat.com> 1.4-4
- Add support for policy.18
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Thu Jun 10 2004 Dan Walsh <dwalsh@redhat.com> 1.4-2
- Fix install locations of policy_src_dir
* Wed Jun 2 2004 Dan Walsh <dwalsh@redhat.com> 1.4-1
- Update to latest from TRESYS.
* Tue Jun 1 2004 Dan Walsh <dwalsh@redhat.com> 1.3-3
- Make changes to work with targeted/strict policy
* Fri Apr 16 2004 Dan Walsh <dwalsh@redhat.com> 1.3-2
- Take out requirement for policy file
* Fri Apr 16 2004 Dan Walsh <dwalsh@redhat.com> 1.3-1
- Fix doc location
* Fri Apr 16 2004 Dan Walsh <dwalsh@redhat.com> 1.3-1
- Latest from TRESYS
* Tue Apr 13 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-8
- fix location of policy.conf file
* Tue Apr 6 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-7
- Obsolete setools-devel
* Tue Apr 6 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-6
- Fix location of
* Tue Apr 6 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-5
- Remove devel libraries
- Fix installdir for lib64
* Sat Apr 3 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-4
- Add usr_t file read to policy
* Thu Mar 25 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-3
- Use tcl8.4
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Fri Feb 6 2004 Dan Walsh <dwalsh@redhat.com> 1.2.1-1
- New patch
* Fri Feb 6 2004 Dan Walsh <dwalsh@redhat.com> 1.2-1
- Latest upstream version
* Tue Dec 30 2003 Dan Walsh <dwalsh@redhat.com> 1.1.1-1
- New version from upstream
- Remove seuser.te. Now in policy file.
* Tue Dec 30 2003 Dan Walsh <dwalsh@redhat.com> 1.1-2
- Add Defattr to devel
- move libs to base kit
* Fri Dec 19 2003 Dan Walsh <dwalsh@redhat.com> 1.1-1
- Update to latest code from tresys
- Break into three separate packages for cmdline, devel and gui
- Incorporate the tcl patch
* Mon Dec 15 2003 Jens Petersen <petersen@redhat.com> - 1.0.1-3
- apply setools-1.0.1-tcltk.patch to build against tcl/tk 8.4
- buildrequire tk-devel
* Thu Nov 20 2003 Dan Walsh <dwalsh@redhat.com> 1.0.1-2
- Add Bwidgets to this RPM
* Tue Nov 4 2003 Dan Walsh <dwalsh@redhat.com> 1.0.1-1
- Upgrade to 1.0.1
* Wed Oct 15 2003 Dan Walsh <dwalsh@redhat.com> 1.0-6
- Clean up build
* Tue Oct 14 2003 Dan Walsh <dwalsh@redhat.com> 1.0-5
- Update with correct seuser.te
* Wed Oct 1 2003 Dan Walsh <dwalsh@redhat.com> 1.0-4
- Update with final release from Tresys
* Mon Jun 2 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
- Initial version