From ec19c2f3d795d8ffe8af75897e3bc2a81f7bdb0f Mon Sep 17 00:00:00 2001 From: Jindrich Novy Date: Mon, 5 May 2008 18:03:04 +0000 Subject: [PATCH] - fix SELinux contexts everywhere possible, don't allow restorecon to fail (#444922) - add missing post/postun scriptlets for subpackages --- texlive.spec | 121 +++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 102 insertions(+), 19 deletions(-) diff --git a/texlive.spec b/texlive.spec index dfe6bb7..1dfa53e 100644 --- a/texlive.spec +++ b/texlive.spec @@ -26,7 +26,7 @@ Name: texlive Version: %{texlive_ver} -Release: 29%{?dist} +Release: 30%{?dist} Summary: Binaries for the TeX formatting system Group: Applications/Publishing @@ -150,6 +150,7 @@ Requires: texlive-texmf-errata = %{version} # make sure fonts package installed before running post - since # fmtutil-sys is symlink to fmtutil Requires(post): %{_bindir}/fmtutil /sbin/restorecon +Requires(preun,postun): /sbin/restorecon Provides: tex(tex) Obsoletes: tetex < 3.0-99 Provides: tetex = 3.0-99 @@ -178,6 +179,7 @@ Obsoletes: tetex-afm < 3.0-99 Provides: tetex-afm = 3.0-99 Requires: texlive-texmf-afm = %{version} Requires: texlive-texmf-errata = %{version} +Requires(post,postun): /sbin/restorecon %description afm texlive-afm provides afm2tfm, a converter for PostScript(TM) font metric @@ -230,6 +232,7 @@ Group: Applications/Publishing Requires: texlive = %{version}-%{release} Requires: texlive-texmf-xetex = %{version} Requires: dvipdfmx xdvipdfmx +Requires(post,postun): /sbin/restorecon %description xetex XeTeX is a TeX typesetting engine using Unicode and supporting modern @@ -249,7 +252,7 @@ Requires: texlive-texmf-dvips = %{version} Requires: texlive-texmf-errata = %{version} Provides: tex(dvips) Requires: psutils -Requires(post): /sbin/restorecon +Requires(post,postun): /sbin/restorecon %description dvips Dvips converts .dvi files, for example those produced by the TeX text @@ -266,6 +269,7 @@ Summary: A collection of utilities for working with dvi files Group: Applications/Publishing # not positive about this requires, pretty sure though Requires: texlive = %{version}-%{release} +Requires(post,postun): /sbin/restorecon # used to be in tetex, but has a separate upstream Requires: dvipng dvipdfm # some dvi utilities used to be in tetex @@ -283,6 +287,7 @@ Requires: netpbm-progs # make sure main and fonts package installed before running post Requires(post): %{_bindir}/fmtutil %{_bindir}/fmtutil-sys Requires(post): %{_bindir}/texconfig-sys /sbin/install-info +Requires(post,preun,postun): /sbin/restorecon BuildRequires: ghostscript netpbm-progs Obsoletes: tetex < 3.0-99 Obsoletes: tetex-latex < 3.0-99 @@ -307,11 +312,12 @@ Requires: texlive = %{version}-%{release} Requires: texlive-latex = %{version}-%{release} Requires: texlive-texmf-dvips = %{version} Requires: texlive-texmf-errata-east-asian = %{version} +Requires(post,postun): /sbin/restorecon +Requires: mendexk Obsoletes: texlive-japanese < 2007-20 Provides: texlive-japanese = %{version}-%{release} Provides: tex(japanese) Provides: tex(east-asian) -Requires: mendexk %description east-asian East Asian support for TeXLive. @@ -322,6 +328,7 @@ Group: Applications/Publishing Requires: texlive = %{version}-%{release} Requires: texlive-texmf-errata-context = %{version} Requires: ruby +Requires(post,postun): /sbin/restorecon Provides: tex(context) %description context @@ -332,6 +339,7 @@ Summary: Shared library needed by kpathsea and info files Group: Development/Libraries Obsoletes: tetex-fonts < 3.0-99 Requires: texlive = %{version}-%{release} +Requires(post,preun,postun): /sbin/restorecon %description -n kpathsea Shared library needed by kpathsea and info files. @@ -353,6 +361,7 @@ wants to link against the kpathsea library. Summary: DVI-to-PNG converter Version: %{dvipng_ver} Group: Applications/Publishing +Requires(post,preun,postun): /sbin/restorecon #Url: http://savannah.nongnu.org/projects/dvipng/ #Source0: http://download.savannah.gnu.org/releases/dvipng/dvipng-%{dvipng_ver}.tar.gz @@ -713,81 +722,150 @@ rm -rf %{buildroot} [ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/web2c.info.gz %{_infodir}/dir %{_bindir}/fmtutil-sys --all &> /dev/null %{_bindir}/updmap-sys --syncwithtrees &> /dev/null -/sbin/restorecon -R %{_texmf_var}/ +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ : %post afm -%{_bindir}/texconfig-sys rehash 2> /dev/null || : +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%post context +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %post dvips [ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/dvips.info.gz %{_infodir}/dir %{_bindir}/texconfig-sys rehash 2> /dev/null -/sbin/restorecon -R %{_texmf_var}/ +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ : %post dviutils -%{_bindir}/texconfig-sys rehash 2> /dev/null || : +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%post east-asian +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %post latex [ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/latex.info.gz %{_infodir}/dir %{_bindir}/texconfig-sys init &> /dev/null %{_bindir}/texconfig-sys rehash 2> /dev/null %{_bindir}/fmtutil-sys --all &> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%post xetex +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ : %post -n kpathsea /sbin/ldconfig -[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/kpathsea.info.gz %{_infodir}/dir || : +[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/kpathsea.info.gz %{_infodir}/dir +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %if %{f8_packaging} %post -n dvipng -[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/dvipng.info.gz %{_infodir}/dir || : +[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/dvipng.info.gz %{_infodir}/dir +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %endif %preun if [ "$1" = 0 ]; then - [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/web2c.info.gz %{_infodir}/dir || : + [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/web2c.info.gz %{_infodir}/dir fi +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %preun dvips if [ "$1" = 0 ]; then - [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/dvips.info.gz %{_infodir}/dir || : + [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/dvips.info.gz %{_infodir}/dir fi +: %if %{f8_packaging} %preun -n dvipng if [ "$1" = 0 ]; then - [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/dvipng.info.gz %{_infodir}/dir || : + [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/dvipng.info.gz %{_infodir}/dir fi +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %endif %preun latex if [ "$1" = 0 ]; then - [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/latex.info.gz %{_infodir}/dir || : + [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/latex.info.gz %{_infodir}/dir fi +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %preun -n kpathsea /sbin/ldconfig if [ "$1" = 0 ]; then - [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/kpathsea.info.gz %{_infodir}/dir || : + [ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/kpathsea.info.gz %{_infodir}/dir fi +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %postun -%{_bindir}/texconfig-sys rehash 2> /dev/null || : +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %postun afm -%{_bindir}/texconfig-sys rehash 2> /dev/null || : +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%postun context +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%postun east-asian +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%postun dviutils +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %postun dvips -%{_bindir}/texconfig-sys rehash 2> /dev/null || : +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %postun latex -%{_bindir}/texconfig-sys rehash 2> /dev/null || : +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%postun xetex +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: + +%if %{f8_packaging} +%postun -n dvipng +%{_bindir}/texconfig-sys rehash 2> /dev/null +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: +%endif %postun -n kpathsea /sbin/ldconfig - +[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/ +: %files %defattr(-,root,root,-) @@ -1200,6 +1278,11 @@ fi %{_mandir}/man1/texutil.1* %changelog +* Mon May 05 2008 Jindrich Novy - 2007-30 +- fix SELinux contexts everywhere possible, don't allow restorecon + to fail (#444922) +- add missing post/postun scriptlets for subpackages + * Mon Apr 21 2008 Jindrich Novy - 2007-29 - run restorecon on /var/lib/texmf to avoid access denials if SELinux is in enforcing mode (#443286, #442161)