This shouldn't work.
Since -agent-libs requires -selinux, I would expect that yum would install -selinux first. At which point the restorecon command would fail or have no effect since %{_localstatedir}/lib/%{name} wont exist yet.
Something needs to change
On Tue, Aug 16, 2011 at 1:58 AM, Adam Stokes astokes@fedoraproject.org wrote:
- Gives necessary file context permissions to @localstatedir@/lib/matahari
Signed-off-by: Adam Stokes astokes@fedoraproject.org
matahari.spec.in | 27 +++++++++++++++++++++++++-- 1 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/matahari.spec.in b/matahari.spec.in index aae23c0..9973a75 100644 --- a/matahari.spec.in +++ b/matahari.spec.in @@ -93,6 +93,7 @@ Summary: C++ library used by Matahari agents Group: Applications/System Requires: %{name}-lib = %{version}-%{release} Requires: qpid-cpp-client-ssl > 0.7 +Requires: %{name}-selinux
%description agent-lib C++ library containing the base class for Matahari agents @@ -162,6 +163,16 @@ Requires: %{name}-agent-lib = %{version}-%{release} %description consoles QMF console for monitoring various agents
+%package selinux +Summary: SElinux support for Matahari +Requires: %{name} = %{version}-%{release} +Requires: policycoreutils +Requires: selinux-policy-targeted +BuildRequires: selinux-policy-devel
+%description selinux +Configures Matahari to run in SELinux enabled environments.
%prep %setup -q -n matahari-matahari-%{upstream_version}
@@ -183,8 +194,8 @@ make DESTDIR=%{buildroot} install %{__install} matahari-broker.sysconf $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/matahari-broker %{__ln_s} qpidd $RPM_BUILD_ROOT/%{_sbindir}/matahari-brokerd
-%{__install} -d -m0755 %{buildroot}%{_localstatedir}/lib/%{name} -%{__install} -d -m0755 %{buildroot}%{_localstatedir}/run/%{name} +%{__install} -d -m0755 $RPM_BUILD_ROOT/%{_localstatedir}/lib/%{name} +%{__install} -d -m0755 $RPM_BUILD_ROOT/%{_localstatedir}/run/%{name} %endif
%post -n matahari-lib -p /sbin/ldconfig @@ -195,6 +206,15 @@ make DESTDIR=%{buildroot} install # Can't use -p, gives: '/sbin/ldconfig: relative path `0' used to build cache' error /sbin/ldconfig
+%post selinux +semanage fcontext -a -t qpidd_var_lib_t '%{_localstatedir}/lib/%{name}(/.*)?' >/dev/null 2>&1 || : +restorecon -R '%{_localstatedir}/lib/%{name}' || :
+%postun selinux +if [ $1 -eq 0 ]; then
- semanage fcontext -d -t qpidd_var_lib_t '%{_localstatedir}/lib/%{name}(/.*)?' >/dev/null 2>&1 || :
+fi
%if %{with qmf} #== Host
@@ -406,6 +426,9 @@ test "x%{buildroot}" != "x" && rm -rf %{buildroot} %exclude %{_sysconfdir}/matahari-broker.conf %endif
+%files selinux +%defattr(-,root,root,-)
%files devel %defattr(644, root, root, 755) %doc AUTHORS COPYING -- 1.7.6
Matahari mailing list Matahari@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/matahari