From 9a78919dfb410efee6b5567d94f4054953df3c5a Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Sep 04 2013 19:02:29 +0000 Subject: Add a rpm macro /usr/lib/rpm/macros.d/selinux-policy.macros To indicate the version of selinux-policy installed Fix remove of sandbox.pp file on uninstall Restorecon -R /home on upgrades --- diff --git a/selinux-policy.spec b/selinux-policy.spec index ff52e16..bc6bfaf 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -69,6 +69,7 @@ SELinux Base package %ghost %config(noreplace) %{_sysconfdir}/selinux/config %ghost %{_sysconfdir}/sysconfig/selinux %{_usr}/lib/tmpfiles.d/selinux-policy.conf +%{_rpmconfigdir}/macros.d/selinux-policy.macros %package sandbox Summary: SELinux policy sandbox @@ -90,9 +91,11 @@ if /usr/sbin/selinuxenabled ; then fi; exit 0 -%postun sandbox -semodule -d sandbox 2>/dev/null -exit 0 +%preun sandbox +semodule -n -r sandbox 2>/dev/null +if /usr/sbin/selinuxenabled ; then + /usr/sbin/load_policy +fi;exit 0 %package devel Summary: SELinux policy devel @@ -260,7 +263,7 @@ fi; \ if /sbin/restorecon -e /run/media -R /root /var/log /var/run /etc/passwd* /etc/group* /etc/*shadow* 2> /dev/null;then \ continue; \ fi; \ -if /sbin/restorecon -R /home/*/.cache /home/*/.config 2> /dev/null;then \ +if /sbin/restorecon -R /home/*/.config 2> /dev/null;then \ continue; \ fi; @@ -383,6 +386,10 @@ htmldir=`compgen -d %{buildroot}%{_usr}/share/man/man8/` mv ${htmldir}/* %{buildroot}%{_usr}/share/selinux/devel/html rm -rf ${htmldir} +mkdir -p %{buildroot}%{_rpmconfigdir}/macros.d +echo '%%_selinux_policy_version %{version}' > %{buildroot}%{_rpmconfigdir}/macros.d/selinux-policy.macros + + rm -rf selinux_config %clean %{__rm} -fR %{buildroot} @@ -463,7 +470,7 @@ exit 0 rm -f /etc/selinux/*/modules/active/modules/sandbox.pp.disabled 2>/dev/null exit 0 -%triggerpostun targeted -- selinux-policy-targeted < 3.12.1-7 +%triggerpostun targeted -- selinux-policy-targeted < 3.12.1-75 restorecon -R -p /home exit 0