[Rpm-maint] [PATCH 0/6] Add SELinux support to RPM
Steve Lawrence
slawrence at tresys.com
Wed Jul 14 20:40:42 UTC 2010
This patchset replaces the existing %policy tag in the
%files section with a more flexible and configurable %sepolicy section.
This section is used to describe various aspects of SELinux policy
modules, such as names, types, and flags.
This also adds a new sepolicy plugin that uses the new collection plugin
architecture recently added [1]. This plugin contains all the actions
necessary to install and remove policy and ensure files are labeled
correctly.
Additionally, this replaces the use of the matchpathcon interfaces with
the newer selabel interfaces.
[1] http://lists.rpm.org/pipermail/rpm-maint/2010-June/002784.html
Steve Lawrence (6):
Remove the existing %policy directive
Add new %sepolicy section to the spec file format
Use selabel interfaces instead of matchpathcon
Create a new publicly accessible function, rpmteHeaderOpen
Add SELinux policy plugin
Add files for testing SELinux collection/plugin
Makefile.am | 1 +
build/Makefile.am | 3 +-
build/build.c | 4 +
build/files.c | 14 +-
build/parsePolicies.c | 90 ++++
build/parseSpec.c | 5 +
build/policies.c | 521 +++++++++++++++++++
build/rpmbuild.h | 18 +-
build/rpmspec.h | 1 +
build/spec.c | 2 +
configure.ac | 62 +++-
lib/fsm.c | 8 +-
lib/rpmfi.h | 1 -
lib/rpmpol.h | 24 +
lib/rpmtag.h | 4 +
lib/rpmte.c | 17 +
lib/rpmte.h | 8 +
lib/rpmts.c | 44 ++
lib/rpmts.h | 21 +
lib/rpmts_internal.h | 2 +
lib/transaction.c | 8 +-
macros.in | 3 +
plugins/Makefile.am | 5 +-
plugins/sepolicy.c | 668 +++++++++++++++++++++++++
preinstall.am | 4 +
system.h | 4 +
tests/data/SOURCES/poltest-1.0.tar.bz2 | Bin 0 -> 409 bytes
tests/data/SOURCES/poltest-policy-1.0.tar.bz2 | Bin 0 -> 553 bytes
tests/data/SPECS/poltest.spec | 56 ++
tests/rpmgeneral.at | 4 +
30 files changed, 1573 insertions(+), 29 deletions(-)
create mode 100644 build/parsePolicies.c
create mode 100644 build/policies.c
create mode 100644 lib/rpmpol.h
create mode 100644 plugins/sepolicy.c
create mode 100644 tests/data/SOURCES/poltest-1.0.tar.bz2
create mode 100644 tests/data/SOURCES/poltest-policy-1.0.tar.bz2
create mode 100644 tests/data/SPECS/poltest.spec
More information about the Rpm-maint
mailing list