[icinga-checkins] icinga.org: icingaweb2/master: RPM: Add selinux subpackage

git at icinga.org git at icinga.org
Tue Dec 13 13:47:31 CET 2016


Module: icingaweb2
Branch: master
Commit: 0bdf4040c50056a4d7da115dc9cab000a81cb162
URL:    https://git.icinga.org/?p=icingaweb2.git;a=commit;h=0bdf4040c50056a4d7da115dc9cab000a81cb162

Author: Eric Lippmann <eric.lippmann at icinga.com>
Date:   Mon Dec 12 14:26:14 2016 +0100

RPM: Add selinux subpackage

refs #8270

---

 icingaweb2.spec |   79 ++++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 75 insertions(+), 4 deletions(-)

diff --git a/icingaweb2.spec b/icingaweb2.spec
index 3096aaf..692791d 100644
--- a/icingaweb2.spec
+++ b/icingaweb2.spec
@@ -45,10 +45,11 @@ Requires:                       %{name}-vendor-JShrink = 1.1.0-1%{?dist}
 Requires:                       %{name}-vendor-lessphp = 0.4.0-1%{?dist}
 Requires:                       %{name}-vendor-Parsedown = 1.6.0-1%{?dist}
 
-
-%description
-Icinga Web 2
-
+%if "%{_vendor}" == "redhat" && !(0%{?el5} || 0%{?rhel} == 5 || "%{?dist}" == ".el5" || 0%{?el6} || 0%{?rhel} == 6 || "%{?dist}" == ".el6")
+%define selinux 1
+%define selinux_variants mls targeted
+%{!?_selinux_policy_version: %define _selinux_policy_version %(sed -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp 2>/dev/null)}
+%endif
 
 %define basedir         %{_datadir}/%{name}
 %define bindir          %{_bindir}
@@ -59,6 +60,10 @@ Icinga Web 2
 %define docsdir         %{_datadir}/doc/%{name}
 
 
+%description
+Icinga Web 2
+
+
 %package common
 Summary:                        Common files for Icinga Web 2 and the Icinga CLI
 Group:                          Applications/System
@@ -100,6 +105,20 @@ Requires:                   php-Icinga = %{version}-%{release}
 Icinga CLI
 
 
+%if 0%{selinux}
+%package selinux
+Summary:        SELinux policy for Icinga Web 2
+BuildRequires:  checkpolicy, selinux-policy-devel, /usr/share/selinux/devel/policyhelp, hardlink
+%if "%{_selinux_policy_version}" != ""
+Requires:       selinux-policy >= %{_selinux_policy_version}
+%endif
+Requires:       %{name} = %{version}-%{release}
+
+%description selinux
+SELinux policy for Icinga Web 2
+%endif
+
+
 %package vendor-dompdf
 Version:    0.7.0
 Release:    1%{?dist}
@@ -175,8 +194,22 @@ Icinga Web 2's fork of Zend Framework 1
 
 %prep
 %setup -q
+%if 0%{selinux}
+mkdir selinux
+cp -p packages/selinux/icingaweb2.{fc,if,te} selinux
+%endif
 
 %build
+%if 0%{selinux}
+cd selinux
+for selinuxvariant in %{selinux_variants}
+do
+  make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile
+  mv icingaweb2.pp icingaweb2.pp.${selinuxvariant}
+  make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean
+done
+cd -
+%endif
 
 %install
 rm -rf %{buildroot}
@@ -192,6 +225,16 @@ cp -pv packages/files/bin/icingacli %{buildroot}/%{bindir}
 cp -pv packages/files/public/index.php %{buildroot}/%{basedir}/public
 cp -prv etc/schema %{buildroot}/%{docsdir}
 cp -prv packages/files/config/modules/{setup,translation} %{buildroot}/%{configdir}/modules
+%if 0%{selinux}
+cd selinux
+for selinuxvariant in %{selinux_variants}
+do
+  install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
+  install -p -m 644 icingaweb2.pp.${selinuxvariant} %{buildroot}%{_datadir}/selinux/${selinuxvariant}/icingaweb2.pp
+done
+cd -
+/usr/sbin/hardlink -cv %{buildroot}%{_datadir}/selinux
+%endif
 
 %pre
 getent group icingacmd >/dev/null || groupadd -r icingacmd
@@ -250,6 +293,34 @@ exit 0
 %attr(0755,root,root) %{bindir}/icingacli
 
 
+%if 0%{selinux}
+%post selinux
+for selinuxvariant in %{selinux_variants}
+do
+  /usr/sbin/semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/icingaweb2.pp &> /dev/null || :
+done
+/sbin/restorecon -R %{basedir} || :
+/sbin/restorecon -R %{configdir} || :
+/sbin/restorecon -R %{logdir} || :
+
+%postun selinux
+if [ $1 -eq 0 ] ; then
+  for selinuxvariant in %{selinux_variants}
+  do
+     /usr/sbin/semodule -s ${selinuxvariant} -r icingaweb2 &> /dev/null || :
+  done
+  [ -d %{basedir} ] && /sbin/restorecon -R %{basedir} &> /dev/null || :
+  [ -d %{configdir} ] && /sbin/restorecon -R %{configdir} &> /dev/null || :
+  [ -d %{logdir} ] && /sbin/restorecon -R %{logdir} &> /dev/null || :
+fi
+
+%files selinux
+%defattr(-,root,root,0755)
+%doc selinux/*
+%{_datadir}/selinux/*/icingaweb2.pp
+%endif
+
+
 %files vendor-dompdf
 %defattr(-,root,root)
 %{basedir}/library/vendor/dompdf



More information about the icinga-checkins mailing list