On Fri, 12 Aug 2011 08:07:38 +1000 Andrew Beekhof andrew@beekhof.net wrote:
Why __mkdir instead of __install ? The former doesn't set permissions. The selinux subpackage probably makes sense, just make sure the main package depends on it.
On Fri, Aug 12, 2011 at 6:58 AM, Adam Stokes astokes@fedoraproject.org wrote:
- set filetype to qpidd in selinux context
Signed-off-by: Adam Stokes astokes@fedoraproject.org
matahari.spec | 26 ++++++++++++++++++++++++-- 1 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/matahari.spec b/matahari.spec index 300bcb8..ff952e8 100644 --- a/matahari.spec +++ b/matahari.spec @@ -172,6 +172,15 @@ Requires: %{name}-agent-lib = %{version}-%{release} %description consoles QMF console for monitoring various agents
+%package selinux +Summary: SElinux support for Matahari +Requires: %{name} = %{version}-%{release} +Requires: policycoreutils +Requires: selinux-policy-targeted +BuildRequires: selinux-policy-devel
+%description selinux +Configures Matahari to run in SELinux enabled environments. %prep %setup -q -n matahari-matahari-%{upstream_version}
@@ -193,8 +202,8 @@ make DESTDIR=%{buildroot} install %{__install} matahari-broker.sysconf $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/matahari-broker %{__ln_s} qpidd $RPM_BUILD_ROOT/%{_sbindir}/matahari-brokerd
-%{__install} -d -m0755 %{buildroot}%{_localstatedir}/lib/%{name} -%{__install} -d -m0755 %{buildroot}%{_localstatedir}/run/%{name} +%{__mkdir} -p $RPM_BUILD_ROOT/%{_localstatedir}/lib/%{name} +%{__mkdir} -p $RPM_BUILD_ROOT/%{_localstatedir}/run/%{name} %endif
%post -n matahari-lib -p /sbin/ldconfig @@ -205,6 +214,15 @@ make DESTDIR=%{buildroot} install # Can't use -p, gives: '/sbin/ldconfig: relative path `0' used to build cache' error /sbin/ldconfig
+%post selinux +semanage fcontext -a -t qpidd_var_lib_t '%{_localstatedir}/lib/%{name}(/.*)?' >/dev/null 2>&1 || : +restorecon -R '%{_localstatedir}/lib/%{name}' || : + +%postun selinux +if [ $1 -eq 0 ]; then
- semanage fcontext -d -t qpidd_var_lib_t
'%{_localstatedir}/lib/%{name}(/.*)?' >/dev/null 2>&1 || : +fi
%if %{with qmf} #== Host
@@ -293,6 +311,7 @@ test "x%{buildroot}" != "x" && rm -rf %{buildroot}
%files %defattr(644, root, root, 755) +%attr(755,root,root) %{_localstatedir}/lib/%{name} %doc AUTHORS COPYING
%files agent-lib @@ -422,6 +441,9 @@ test "x%{buildroot}" != "x" && rm -rf %{buildroot} %{_datadir}/polkit-1/actions/org.matahariproject.Resources.policy %endif
+%files selinux +%defattr(-,root,root,-)
%files devel %defattr(644, root, root, 755) %doc AUTHORS COPYING -- 1.7.6
Matahari mailing list Matahari@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/matahari
Matahari mailing list Matahari@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/matahari
In my testing __install wasn't creating the directores at all? Even /var/run/matahari was not there. I can keep trying but I wasn't having much luck with it