diff options
| author | Joe Stringer <joe@ovn.org> | 2016-07-25 14:09:26 -0700 |
|---|---|---|
| committer | Joe Stringer <joe@ovn.org> | 2016-07-26 12:37:44 -0700 |
| commit | d8bfab5336b971c16d7c6d831029ba07cb13dcda (patch) | |
| tree | f4afd01b697fa75b661bb358ae3ff121a655d726 /rhel | |
| parent | 5e2e3ada0f6fbfb01aae350b254353d628a655b6 (diff) | |
| download | openvswitch-d8bfab5336b971c16d7c6d831029ba07cb13dcda.tar.gz | |
rhel/openvswitch.spec: Add SELinux policy.
Commit 9b897c9125ef ("rhel: provide our own SELinux custom policy
package") added the SELinux policy to the fedora packaging as a
subpackage. This patch makes the corresponding change to
openvswitch.spec, so that users of that specfile can generate the
selinux policy package without having to build all of the fedora
packages.
VMware-BZ: #1692972
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Diffstat (limited to 'rhel')
| -rw-r--r-- | rhel/openvswitch.spec.in | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/rhel/openvswitch.spec.in b/rhel/openvswitch.spec.in index ec555a74a..fbca1efcd 100644 --- a/rhel/openvswitch.spec.in +++ b/rhel/openvswitch.spec.in @@ -24,6 +24,7 @@ Source: openvswitch-%{version}.tar.gz Buildroot: /tmp/openvswitch-rpm Requires: logrotate, python >= 2.7, python-six BuildRequires: openssl-devel +BuildRequires: checkpolicy, selinux-policy-devel %bcond_without check @@ -39,6 +40,15 @@ Group: Development/Libraries %description devel This package provides openvswitch headers and libopenvswitch for developers. +%package selinux-policy +Summary: Open vSwitch SELinux policy +License: ASL 2.0 +BuildArch: noarch +Requires: selinux-policy-targeted + +%description selinux-policy +Tailored Open vSwitch SELinux policy + %prep %setup -q @@ -46,6 +56,8 @@ This package provides openvswitch headers and libopenvswitch for developers. ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=%{_localstatedir} \ --libdir=%{_libdir} --enable-ssl --enable-shared make %{_smp_mflags} +cd selinux +make -f %{_datadir}/selinux/devel/Makefile %install rm -rf $RPM_BUILD_ROOT @@ -63,6 +75,9 @@ rhel_cp etc_sysconfig_network-scripts_ifup-ovs 0755 rhel_cp etc_sysconfig_network-scripts_ifdown-ovs 0755 rhel_cp usr_share_openvswitch_scripts_sysconfig.template 0644 +install -p -m 644 -D selinux/openvswitch-custom.pp \ + $RPM_BUILD_ROOT%{_datadir}/selinux/packages/%{name}/openvswitch-custom.pp + # Get rid of stuff we don't want to make RPM happy. rm \ $RPM_BUILD_ROOT/usr/bin/ovs-testcontroller \ @@ -132,6 +147,9 @@ fi /sbin/chkconfig --add openvswitch /sbin/chkconfig openvswitch on +%post selinux-policy +/usr/sbin/semodule -i %{_datadir}/selinux/packages/%{name}/openvswitch-custom.pp &> /dev/null || : + %preun if [ "$1" = "0" ]; then # $1 = 0 for uninstall /sbin/service openvswitch stop @@ -145,6 +163,11 @@ if [ "$1" = "0" ]; then # $1 = 0 for uninstall rm -f /etc/openvswitch/vswitchd.cacert fi +%postun selinux-policy +if [ $1 -eq 0 ] ; then + /usr/sbin/semodule -r openvswitch-custom &> /dev/null || : +fi + exit 0 %files @@ -216,3 +239,7 @@ exit 0 %{_libdir}/lib*.a %{_libdir}/pkgconfig %{_includedir}/openvswitch/* + +%files selinux-policy +%defattr(-,root,root) +%{_datadir}/selinux/packages/%{name}/openvswitch-custom.pp |