selinux/policycoreutils/sepolicy/sepolicy/templates/spec.py - nest-cam/4320010/selinux - Git at Google

 header_comment_section="""\
 # vim: sw=4:ts=4:et
 """

 base_section="""\

 %define selinux_policyver VERSION

 Name:   MODULENAME_selinux
 Version:	1.0
 Release:	1%{?dist}
 Summary:	SELinux policy module for MODULENAME

 Group:	System Environment/Base
 License:	GPLv2+
 # This is an example. You will need to change it.
 URL:		http://HOSTNAME
 Source0:	MODULENAME.pp
 Source1:	MODULENAME.if
 Source2:	DOMAINNAME_selinux.8
 Source3:	DOMAINNAME_u

 Requires: policycoreutils, libselinux-utils
 Requires(post): selinux-policy-base >= %{selinux_policyver}, policycoreutils
 Requires(postun): policycoreutils
 """

 mid_section="""\
 BuildArch: noarch

 %description
 This package installs and sets up the  SELinux policy security module for MODULENAME.

 %install
 install -d %{buildroot}%{_datadir}/selinux/packages
 install -m 644 %{SOURCE0} %{buildroot}%{_datadir}/selinux/packages
 install -d %{buildroot}%{_datadir}/selinux/devel/include/contrib
 install -m 644 %{SOURCE1} %{buildroot}%{_datadir}/selinux/devel/include/contrib/
 install -d %{buildroot}%{_mandir}/man8/
 install -m 644 %{SOURCE2} %{buildroot}%{_mandir}/man8/DOMAINNAME_selinux.8
 install -d %{buildroot}/etc/selinux/targeted/contexts/users/
 install -m 644 %{SOURCE3} %{buildroot}/etc/selinux/targeted/contexts/users/DOMAINNAME_u

 %post
 semodule -n -i %{_datadir}/selinux/packages/MODULENAME.pp
 if /usr/sbin/selinuxenabled ; then
     /usr/sbin/load_policy
     %relabel_files
     /usr/sbin/semanage user -a -R DOMAINNAME_r DOMAINNAME_u
 fi;
 exit 0

 %postun
 if [ $1 -eq 0 ]; then
     semodule -n -r MODULENAME
     if /usr/sbin/selinuxenabled ; then
        /usr/sbin/load_policy
        %relabel_files
        /usr/sbin/semanage user -d DOMAINNAME_u
     fi;
 fi;
 exit 0

 %files
 %attr(0600,root,root) %{_datadir}/selinux/packages/MODULENAME.pp
 %{_datadir}/selinux/devel/include/contrib/MODULENAME.if
 %{_mandir}/man8/DOMAINNAME_selinux.8.*
 /etc/selinux/targeted/contexts/users/DOMAINNAME_u

 %changelog
 * TODAYSDATE YOUR NAME <YOUR@EMAILADDRESS> 1.0-1
 - Initial version

 """

 define_relabel_files_begin ="""\
 \n
 %define relabel_files() \\
 """

 define_relabel_files_end ="""\
 restorecon -R FILENAME; \\
 """
	header_comment_section="""\
	# vim: sw=4:ts=4:et
	"""

	base_section="""\

	%define selinux_policyver VERSION

	Name: MODULENAME_selinux
	Version: 1.0
	Release: 1%{?dist}
	Summary: SELinux policy module for MODULENAME

	Group: System Environment/Base
	License: GPLv2+
	# This is an example. You will need to change it.
	URL: http://HOSTNAME
	Source0: MODULENAME.pp
	Source1: MODULENAME.if
	Source2: DOMAINNAME_selinux.8
	Source3: DOMAINNAME_u

	Requires: policycoreutils, libselinux-utils
	Requires(post): selinux-policy-base >= %{selinux_policyver}, policycoreutils
	Requires(postun): policycoreutils
	"""

	mid_section="""\
	BuildArch: noarch

	%description
	This package installs and sets up the SELinux policy security module for MODULENAME.

	%install
	install -d %{buildroot}%{_datadir}/selinux/packages
	install -m 644 %{SOURCE0} %{buildroot}%{_datadir}/selinux/packages
	install -d %{buildroot}%{_datadir}/selinux/devel/include/contrib
	install -m 644 %{SOURCE1} %{buildroot}%{_datadir}/selinux/devel/include/contrib/
	install -d %{buildroot}%{_mandir}/man8/
	install -m 644 %{SOURCE2} %{buildroot}%{_mandir}/man8/DOMAINNAME_selinux.8
	install -d %{buildroot}/etc/selinux/targeted/contexts/users/
	install -m 644 %{SOURCE3} %{buildroot}/etc/selinux/targeted/contexts/users/DOMAINNAME_u

	%post
	semodule -n -i %{_datadir}/selinux/packages/MODULENAME.pp
	if /usr/sbin/selinuxenabled ; then
	/usr/sbin/load_policy
	%relabel_files
	/usr/sbin/semanage user -a -R DOMAINNAME_r DOMAINNAME_u
	fi;
	exit 0

	%postun
	if [ $1 -eq 0 ]; then
	semodule -n -r MODULENAME
	if /usr/sbin/selinuxenabled ; then
	/usr/sbin/load_policy
	%relabel_files
	/usr/sbin/semanage user -d DOMAINNAME_u
	fi;
	fi;
	exit 0

	%files
	%attr(0600,root,root) %{_datadir}/selinux/packages/MODULENAME.pp
	%{_datadir}/selinux/devel/include/contrib/MODULENAME.if
	%{_mandir}/man8/DOMAINNAME_selinux.8.*
	/etc/selinux/targeted/contexts/users/DOMAINNAME_u

	%changelog
	* TODAYSDATE YOUR NAME <YOUR@EMAILADDRESS> 1.0-1
	- Initial version

	"""

	define_relabel_files_begin ="""\
	\n
	%define relabel_files() \\
	"""

	define_relabel_files_end ="""\
	restorecon -R FILENAME; \\
	"""