diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..3ba4171
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+icecream-manpages.tar.bz2
+/icecc-0.9.7.tar.bz2
diff --git a/dead.package b/dead.package
deleted file mode 100644
index 6fc53e3..0000000
--- a/dead.package
+++ /dev/null
@@ -1 +0,0 @@
-Retired on 2013-08-25, because it failed to build for two releases.
diff --git a/icecc-scheduler-wrapper b/icecc-scheduler-wrapper
new file mode 100644
index 0000000..2ac7370
--- /dev/null
+++ b/icecc-scheduler-wrapper
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+logfile="$1"
+
+config=/etc/sysconfig/icecream
+[ -e $config ] && . $config
+
+netname=
+if [ -n "$ICECREAM_NETNAME" ] ; then
+ netname="-n $ICECREAM_NETNAME"
+fi
+
+touch "$logfile"
+chown icecream:icecream "$logfile"
+chmod 0640 "$logfile"
+[ -x /sbin/restorecon ] && /sbin/restorecon "$logfile"
+
+exec /sbin/runuser -s /bin/sh icecream --session-command="/usr/sbin/icecc-scheduler -d -l \"$logfile\" $netname"
diff --git a/icecc-scheduler.service b/icecc-scheduler.service
new file mode 100644
index 0000000..fc66bb3
--- /dev/null
+++ b/icecc-scheduler.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Icecream distributed compiler scheduler
+
+[Service]
+Type=forking
+ExecStart=/usr/lib/icecream/icecc-scheduler-wrapper /var/log/icecc-scheduler
+
+[Install]
+WantedBy=multi-user.target
diff --git a/iceccd-wrapper b/iceccd-wrapper
new file mode 100644
index 0000000..9b89470
--- /dev/null
+++ b/iceccd-wrapper
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+config=/etc/sysconfig/icecream
+[ -e $config ] && . $config
+
+params=""
+if [ -n "$ICECREAM_NETNAME" ] ; then
+ params="$params -n $ICECREAM_NETNAME"
+fi
+if [ -n "$ICECREAM_SCHEDULER_HOST" ] ; then
+ params="$params -s $ICECREAM_SCHEDULER_HOST"
+fi
+if [ "$ICECREAM_ALLOW_REMOTE" = "no" ] ; then
+ params="$params --no-remote"
+fi
+if [ -n "$ICECREAM_MAX_JOBS" ] ; then
+ if [ "$ICECREAM_MAX_JOBS" -eq 0 ] ; then
+ params="$params -m 1"
+ params="$params --no-remote"
+ else
+ params="$params -m $ICECREAM_MAX_JOBS"
+ fi
+fi
+exec /usr/sbin/iceccd "$@" $params
diff --git a/iceccd.service b/iceccd.service
new file mode 100644
index 0000000..bf4049d
--- /dev/null
+++ b/iceccd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Icecream Distributed Compiler
+After=network.target nss-lookup.target
+
+[Service]
+Type=forking
+PIDFile=/var/run/iceccd.pid
+ExecStart=/usr/lib/icecream/iceccd-wrapper -d -u icecream -b /var/cache/icecream -l /var/log/iceccd
+Nice=5
+
+[Install]
+WantedBy=multi-user.target
diff --git a/icecream-cleanup-conffile.patch b/icecream-cleanup-conffile.patch
new file mode 100644
index 0000000..7aacedd
--- /dev/null
+++ b/icecream-cleanup-conffile.patch
@@ -0,0 +1,100 @@
+Index: suse/sysconfig.icecream
+===================================================================
+--- suse/sysconfig.icecream.orig
++++ suse/sysconfig.icecream
+@@ -1,69 +1,19 @@
+ #
+-## Type: integer(0:19)
+-## Path: Applications/icecream
+-## Description: Icecream settings
+-## ServiceRestart: icecream
+-## Default: 5
+-#
+-# Nice level of running compilers
+-#
+-ICECREAM_NICE_LEVEL="5"
+-
+-#
+-## Type: string
+-## Path: Applications/icecream
+-## Defaut: /var/log/iceccd
+-#
+-# icecream daemon log file
+-#
+-ICECREAM_LOG_FILE="/var/log/iceccd"
+-
+-#
+-## Type: string
+-## Path: Applications/icecream
+-## Defaut: no
+-#
+-# Start also the scheduler?
+-#
+-ICECREAM_RUN_SCHEDULER="no"
+-
+-#
+-## Type: string
+-## Path: Applications/icecream
+-## Defaut: /var/log/icecc_scheduler
+-#
+-# icecream scheduler log file
+-#
+-ICECREAM_SCHEDULER_LOG_FILE="/var/log/icecc_scheduler"
+-
+-#
+-## Type: string
+-## Path: Applications/icecream
+-## Defaut: ""
+-#
+-# Identification for the network the scheduler and daemon run on.
++# Identification for the network the scheduler and daemon run on.
+ # You can have several distinct icecream networks in the same LAN
+ # for whatever reason.
+ #
+ ICECREAM_NETNAME=""
+
+ #
+-## Type: string
+-## Path: Applications/icecream
+-## Defaut: ""
+-#
+-# If the daemon can't find the scheduler by broadcast (e.g. because
++# If the daemon can't find the scheduler by broadcast (e.g. because
+ # of a firewall) you can specify it.
+ #
+ ICECREAM_SCHEDULER_HOST=""
+
+ #
+-## Type: integer
+-## Path: Applications/icecream
+-## Defaut: ""
+-#
+ # You can overwrite here the number of jobs to run in parallel. Per
+-# default this depends on the number of (virtual) CPUs installed.
++# default this depends on the number of (virtual) CPUs installed.
+ #
+ # Note: a value of "0" is actually interpreted as "1", however it
+ # also sets ICECREAM_ALLOW_REMOTE="no".
+@@ -71,22 +21,7 @@ ICECREAM_SCHEDULER_HOST=""
+ ICECREAM_MAX_JOBS=""
+
+ #
+-## Type: yesno
+-## Path: Applications/icecream
+-## Defaut: "yes"
+-#
+ # Specifies whether jobs submitted by other nodes are allowed to run on
+ # this one.
+ #
+ ICECREAM_ALLOW_REMOTE="yes"
+-
+-#
+-## Type: string
+-## Path: Applications/icecream
+-## Default: "/var/cache/icecream"
+-#
+-# This is the directory where the icecream daemon stores the environments
+-# it compiles in. In a big network this can grow quite a bit, so use some
+-# path if your /tmp is small - but the user icecream has to write to it.
+-#
+-ICECREAM_BASEDIR="/var/cache/icecream"
diff --git a/icecream-rename-scheduler.patch b/icecream-rename-scheduler.patch
new file mode 100644
index 0000000..5de7738
--- /dev/null
+++ b/icecream-rename-scheduler.patch
@@ -0,0 +1,107 @@
+Index: icecc-0.9.6/doc/man-scheduler.1.docbook
+===================================================================
+--- icecc-0.9.6.orig/doc/man-scheduler.1.docbook
++++ icecc-0.9.6/doc/man-scheduler.1.docbook
+@@ -23,13 +23,13 @@
+
+
+
+- scheduler
++ icecc-scheduler
+ Icecream scheduler
+
+
+
+
+-scheduler
++icecc-scheduler
+
+
+
+@@ -151,7 +151,7 @@ need to run the scheduler with root righ
+
+
+ See Also
+-icecream, scheduler, iceccd, icemon
++icecream, icecc-scheduler, iceccd, icemon
+
+
+
+Index: icecc-0.9.6/services/Makefile.am
+===================================================================
+--- icecc-0.9.6.orig/services/Makefile.am
++++ icecc-0.9.6/services/Makefile.am
+@@ -11,9 +11,9 @@ ice_HEADERS = job.h comm.h
+ noinst_HEADERS = bench.h exitcode.h getifaddrs.h logging.h tempfile.h platform.h
+ icedir = $(includedir)/icecc
+
+-sbin_PROGRAMS = scheduler
+-scheduler_SOURCES = scheduler.cpp
+-scheduler_LDADD = libicecc.la
++sbin_PROGRAMS = icecc-scheduler
++icecc_scheduler_SOURCES = scheduler.cpp
++icecc_scheduler_LDADD = libicecc.la
+
+ pkgconfigdir = $(libdir)/pkgconfig
+ pkgconfig_DATA = icecc.pc
+Index: icecc-0.9.6/services/Makefile.in
+===================================================================
+--- icecc-0.9.6.orig/services/Makefile.in
++++ icecc-0.9.6/services/Makefile.in
+@@ -37,7 +37,7 @@ PRE_UNINSTALL = :
+ POST_UNINSTALL = :
+ build_triplet = @build@
+ host_triplet = @host@
+-sbin_PROGRAMS = scheduler$(EXEEXT)
++sbin_PROGRAMS = icecc-scheduler$(EXEEXT)
+ subdir = services
+ DIST_COMMON = $(ice_HEADERS) $(noinst_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in $(srcdir)/icecc.pc.in
+@@ -82,9 +82,9 @@ libicecc_la_LINK = $(LIBTOOL) --tag=CXX
+ $(LIBTOOLFLAGS) --mode=link $(CXXLD) $(libicecc_la_CXXFLAGS) \
+ $(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+ PROGRAMS = $(sbin_PROGRAMS)
+-am_scheduler_OBJECTS = scheduler.$(OBJEXT)
+-scheduler_OBJECTS = $(am_scheduler_OBJECTS)
+-scheduler_DEPENDENCIES = libicecc.la
++am_icecc_scheduler_OBJECTS = scheduler.$(OBJEXT)
++icecc_scheduler_OBJECTS = $(am_icecc_scheduler_OBJECTS)
++icecc_scheduler_DEPENDENCIES = libicecc.la
+ DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+ depcomp = $(SHELL) $(top_srcdir)/depcomp
+ am__depfiles_maybe = depfiles
+@@ -107,8 +107,8 @@ CXXLD = $(CXX)
+ CXXLINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CXXLD) $(AM_CXXFLAGS) $(CXXFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+-SOURCES = $(libicecc_la_SOURCES) $(scheduler_SOURCES)
+-DIST_SOURCES = $(libicecc_la_SOURCES) $(scheduler_SOURCES)
++SOURCES = $(libicecc_la_SOURCES) $(icecc_scheduler_SOURCES)
++DIST_SOURCES = $(libicecc_la_SOURCES) $(icecc_scheduler_SOURCES)
+ DATA = $(pkgconfig_DATA)
+ HEADERS = $(ice_HEADERS) $(noinst_HEADERS)
+ ETAGS = etags
+@@ -242,8 +242,8 @@ libicecc_la_CXXFLAGS = -fPIC -DPIC
+ ice_HEADERS = job.h comm.h
+ noinst_HEADERS = bench.h exitcode.h getifaddrs.h logging.h tempfile.h platform.h
+ icedir = $(includedir)/icecc
+-scheduler_SOURCES = scheduler.cpp
+-scheduler_LDADD = libicecc.la
++icecc_scheduler_SOURCES = scheduler.cpp
++icecc_scheduler_LDADD = libicecc.la
+ pkgconfigdir = $(libdir)/pkgconfig
+ pkgconfig_DATA = icecc.pc
+ all: all-am
+@@ -358,9 +358,9 @@ clean-sbinPROGRAMS:
+ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f" $$list; \
+ rm -f $$list
+-scheduler$(EXEEXT): $(scheduler_OBJECTS) $(scheduler_DEPENDENCIES)
+- @rm -f scheduler$(EXEEXT)
+- $(CXXLINK) $(scheduler_OBJECTS) $(scheduler_LDADD) $(LIBS)
++icecc-scheduler$(EXEEXT): $(icecc_scheduler_OBJECTS) $(icecc_scheduler_DEPENDENCIES)
++ @rm -f icecc-scheduler$(EXEEXT)
++ $(CXXLINK) $(icecc_scheduler_OBJECTS) $(icecc_scheduler_LDADD) $(LIBS)
+
+ mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
diff --git a/icecream.csh.in b/icecream.csh.in
new file mode 100644
index 0000000..e861e92
--- /dev/null
+++ b/icecream.csh.in
@@ -0,0 +1,21 @@
+# Leaves path unchanged if icecc is already there.
+# If ccache is there, adds icecc _after_ it.
+# Otherwise adds icecc to the beginning.
+
+if ( "$path" !~ *@LIBDIR@/icecc/bin* ) then
+ if ( "$path" !~ *@LIBDIR@/ccache* ) then
+ set path = ( @LIBDIR@/icecc/bin $path )
+ else
+ @ pos = 0
+ foreach item ( $path )
+ @ pos = $pos + 1
+ if ( $item == @LIBDIR@/ccache ) break
+ end
+ @ next_pos = $pos + 1
+ set path = ( $path[1-$pos] @LIBDIR@/icecc/bin \
+ $path[$next_pos-])
+ unset next_pos
+ unset pos
+ unset item
+ endif
+endif
diff --git a/icecream.fc b/icecream.fc
new file mode 100644
index 0000000..808cfcc
--- /dev/null
+++ b/icecream.fc
@@ -0,0 +1,6 @@
+/usr/sbin/iceccd -- gen_context(system_u:object_r:iceccd_exec_t,s0)
+/usr/lib(64)?/icecc/icecc-create-env -- gen_context(system_u:object_r:iceccd_createenv_exec_t,s0)
+/var/cache/icecream(/.*)? gen_context(system_u:object_r:iceccd_cache_t,s0)
+/var/log/iceccd -- gen_context(system_u:object_r:iceccd_log_t,s0)
+/usr/sbin/icecc-scheduler -- gen_context(system_u:object_r:icecc_scheduler_exec_t,s0)
+/var/log/icecc[-_]scheduler -- gen_context(system_u:object_r:icecc_scheduler_log_t,s0)
diff --git a/icecream.if b/icecream.if
new file mode 100644
index 0000000..485f685
--- /dev/null
+++ b/icecream.if
@@ -0,0 +1 @@
+## Icecream distributed compiler daemon
diff --git a/icecream.sh.in b/icecream.sh.in
new file mode 100644
index 0000000..d637a6a
--- /dev/null
+++ b/icecream.sh.in
@@ -0,0 +1,9 @@
+# Leaves PATH unchanged if icecc is already there.
+# If ccache is there, adds icecc _after_ it.
+# Otherwise adds icecc to the beginning.
+
+PATH=`echo $PATH | /bin/sed -e \
+ '\%@LIBDIR@/icecc/bin% b
+ s%@LIBDIR@/ccache%&:@LIBDIR@/icecc/bin%
+ t
+ s%^%@LIBDIR@/icecc/bin:%'`
diff --git a/icecream.spec b/icecream.spec
new file mode 100644
index 0000000..879d6ad
--- /dev/null
+++ b/icecream.spec
@@ -0,0 +1,444 @@
+%if 0%{?el5}
+# I'd need to modify the policy a bit to make it work on RHEL 5.
+%bcond_with selinux
+%else
+%bcond_without selinux
+%endif
+
+Name: icecream
+Version: 0.9.7
+Release: 6%{?dist}
+Summary: Distributed compiler
+
+Group: Development/Tools
+License: GPLv2+
+URL: http://en.opensuse.org/Icecream
+Source0: http://ftp.suse.com/pub/projects/icecream/icecc-%{version}.tar.bz2
+Source1: icecream.sh.in
+Source2: icecream.csh.in
+Source3: icecream.fc
+Source4: icecream.te
+Source5: icecream.if
+Source6: iceccd.service
+Source7: icecc-scheduler.service
+# tarball extracted from http://download.opensuse.org/repositories/home:/coolo/openSUSE_Factory/src/icecream-0.9.5-3.1.src.rpm:
+Source8: %{name}-manpages.tar.bz2
+Source9: iceccd-wrapper
+Source10: icecc-scheduler-wrapper
+Patch0: %{name}-rename-scheduler.patch
+Patch1: %{name}-cleanup-conffile.patch
+
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildRequires: symlinks systemd-units
+
+Requires(pre): shadow-utils
+Requires(post): systemd-units systemd-sysv
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+
+%if %{with selinux}
+# For SELinux protection:
+BuildRequires: checkpolicy selinux-policy-devel hardlink
+# semanage is in policycoreutils (EL-5) or policycoreutils-python (Fedora). File dep will work in both.
+Requires(post): policycoreutils /usr/sbin/semanage
+Requires(preun): policycoreutils /usr/sbin/semanage
+Requires(postun): policycoreutils
+%define selinux_policyver %(sed -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp)
+%if "%{selinux_policyver}" != ""
+Requires: selinux-policy >= %{selinux_policyver}
+%endif
+%define selinux_variants mls strict targeted
+%endif
+
+
+# description copied from Debian icecc package
+%description
+Icecream is a distributed compile system. It allows parallel compiling by
+distributing the compile jobs to several nodes of a compile network running the
+icecc daemon. The icecc scheduler routes the jobs and provides status and
+statistics information to the icecc monitor. Each compile node can accept one
+or more compile jobs depending on the number of processors and the settings of
+the daemon. Link jobs and other jobs which cannot be distributed are executed
+locally on the node where the compilation is started.
+
+%package devel
+Summary: Development files for %{name}
+Group: Development/Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description devel
+This package contains development files for %{name}.
+
+%prep
+%setup -q -a 8 -n icecc-%{version}
+%patch0 -p1
+%patch1 -p0
+sed -e 's|@LIBDIR@|%{_libdir}|g' %{SOURCE1} > icecream.sh
+sed -e 's|@LIBDIR@|%{_libdir}|g' %{SOURCE2} > icecream.csh
+mkdir SELinux
+cp -p %{SOURCE3} %{SOURCE4} %{SOURCE5} SELinux
+mkdir fedora
+cp -p %{SOURCE6} %{SOURCE7} %{SOURCE9} %{SOURCE10} fedora
+
+%build
+%configure --disable-static --enable-shared
+# Remove rpath from local libtool copy
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+
+make %{?_smp_mflags}
+
+%if %{with selinux}
+pushd SELinux
+for selinuxvariant in %{selinux_variants}; do
+ make NAME=${selinuxvariant} -f %{_datadir}/selinux/devel/Makefile
+ mv icecream.pp icecream.pp.${selinuxvariant}
+ make NAME=${selinuxvariant} -f %{_datadir}/selinux/devel/Makefile clean
+done
+popd
+%endif
+
+%install
+rm -rf %{buildroot}
+make install DESTDIR=%{buildroot}
+rm -f %{buildroot}/%{_libdir}/libicecc.la
+
+# move the symlinks elsewhere
+mkdir -p %{buildroot}/%{_libdir}/icecc/bin
+for i in cc gcc c++ g++; do
+ ln -s %{buildroot}/%{_bindir}/icecc %{buildroot}/%{_libdir}/icecc/bin/$i
+ rm -f %{buildroot}/%{_bindir}/$i
+done
+
+# relativize the symlinks
+symlinks -cs %{buildroot}/%{_libdir}/icecc/bin
+
+# install manpages
+mkdir -p %{buildroot}/%{_mandir}/man{1,7,8}
+mv mans/scheduler.1 mans/icecc-scheduler.1
+for i in mans/*.1 mans/*.7; do
+ install -m 644 $i %{buildroot}/%{_mandir}/man${i##*.}
+done
+
+# install config file and initscripts
+install -D -m 644 suse/sysconfig.icecream %{buildroot}/%{_sysconfdir}/sysconfig/icecream
+install -d -m 755 %{buildroot}/%{_unitdir}
+install -p -m 644 fedora/*.service %{buildroot}/%{_unitdir}
+install -d -m 755 %{buildroot}/%{_prefix}/lib/icecream
+install -p -m 755 fedora/*-wrapper %{buildroot}/%{_prefix}/lib/icecream
+install -d -m 755 %{buildroot}/%{_sysconfdir}/profile.d
+install -p -m 644 icecream.sh icecream.csh %{buildroot}/%{_sysconfdir}/profile.d
+
+# create default working dir
+mkdir -p %{buildroot}/%{_localstatedir}/cache/icecream
+
+%if %{with selinux}
+for selinuxvariant in %{selinux_variants}; do
+ install -d %{buildroot}/%{_datadir}/selinux/${selinuxvariant}
+ install -p -m 644 -D SELinux/icecream.pp.${selinuxvariant} \
+ %{buildroot}/%{_datadir}/selinux/${selinuxvariant}/icecream.pp
+done
+# Hardlink identical policy module packages together
+/usr/sbin/hardlink -cv %{buildroot}%{_datadir}/selinux
+%endif
+
+
+%define saveFileContext() \
+if [ -s /etc/selinux/config ]; then \
+ . %{_sysconfdir}/selinux/config; \
+ FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
+ if [ "${SELINUXTYPE}" == %1 -a -f ${FILE_CONTEXT} ]; then \
+ cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.%{name}; \
+ fi \
+fi;
+
+%define relabel() \
+. %{_sysconfdir}/selinux/config; \
+FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
+selinuxenabled; \
+if [ $? == 0 -a "${SELINUXTYPE}" == %1 -a -f ${FILE_CONTEXT}.%{name} ]; then \
+ fixfiles -C ${FILE_CONTEXT}.%{name} restore; \
+ rm -f ${FILE_CONTEXT}.%name; \
+fi;
+
+%pre
+%if %{with selinux}
+for selinuxvariant in %{selinux_variants}; do
+ %saveFileContext ${selinuxvariant}
+done
+%endif
+
+getent group icecream >/dev/null || groupadd -r icecream
+getent passwd icecream >/dev/null || \
+ useradd -r -g icecream -d %{_localstatedir}/cache/icecream \
+ -s /sbin/nologin -c "Icecream distributed compiler" icecream
+exit 0
+
+%post
+/sbin/ldconfig
+# if [ "$1" -le 1 ]; then # First install
+%if %{with selinux}
+for selinuxvariant in %{selinux_variants}; do
+ semodule -s ${selinuxvariant} -i \
+ %{_datadir}/selinux/${selinuxvariant}/icecream.pp 2>/dev/null ||:
+ semanage port -a -S ${selinuxvariant} -t iceccd_port_t -p tcp 10245 2>/dev/null ||:
+ semanage port -a -S ${selinuxvariant} -t icecc_scheduler_port_t -p tcp 8766 2>/dev/null ||:
+ # tcp 8765 is taken by LIRC. icecream.te knows it.
+ #semanage port -a -S ${selinuxvariant} -t icecc_scheduler_port_t -p tcp 8765 2>/dev/null ||:
+ semanage port -a -S ${selinuxvariant} -t icecc_scheduler_port_t -p udp 8765 2>/dev/null ||:
+ %relabel ${selinuxvariant}
+done
+restorecon -R %{_localstatedir}/cache/icecream 2>/dev/null ||:
+restorecon %{_localstatedir}/log/iceccd 2>/dev/null ||:
+%endif
+# fi
+
+if [ $1 -eq 1 ] ; then # Initial installation
+ /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+fi
+exit 0
+
+%preun
+if [ $1 -eq 0 ]; then # Final removal
+ /bin/systemctl --no-reload disable iceccd.service icecc-scheduler.service > /dev/null 2>&1 || :
+ /bin/systemctl stop iceccd.service icecc-scheduler.service > /dev/null 2>&1 || :
+# rm -rf %{_localstatedir}/cache/icecream
+
+%if %{with selinux}
+ for selinuxvariant in %{selinux_variants}; do
+ %saveFileContext ${selinuxvariant}
+ semanage port -d -S ${selinuxvariant} -t iceccd_port_t -p tcp 10245 2>/dev/null ||:
+ semanage port -d -S ${selinuxvariant} -t icecc_scheduler_port_t -p tcp 8765 2>/dev/null ||:
+ semanage port -d -S ${selinuxvariant} -t icecc_scheduler_port_t -p tcp 8766 2>/dev/null ||:
+ semanage port -d -S ${selinuxvariant} -t icecc_scheduler_port_t -p udp 8765 2>/dev/null ||:
+ done
+%endif
+
+fi
+exit 0
+
+%postun
+/sbin/ldconfig
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ]; then # Upgrade
+ /bin/systemctl try-restart iceccd.service icecc-scheduler.service >/dev/null 2>&1 || :
+fi
+%if %{with selinux}
+if [ $1 -eq 0 ]; then # Final removal
+ for selinuxvariant in %{selinux_variants}; do
+ semodule -s ${selinuxvariant} -r icecream 2>/dev/null ||:
+ %relabel ${selinuxvariant}
+ done
+fi
+%endif
+exit 0
+
+%triggerun -- icecream < 0.9.7-2
+/usr/bin/systemd-sysv-convert --save iceccd >/dev/null 2>&1 ||:
+/usr/bin/systemd-sysv-convert --save icecc-scheduler >/dev/null 2>&1 ||:
+/sbin/chkconfig --del iceccd >/dev/null 2>&1 || :
+/sbin/chkconfig --del icecc-scheduler >/dev/null 2>&1 || :
+/bin/systemctl try-restart iceccd.service icecc-scheduler.service >/dev/null 2>&1 || :
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%doc COPYING README NEWS TODO
+%{_bindir}/icecc
+%{_bindir}/icerun
+%dir %{_libdir}/icecc/
+%dir %{_libdir}/icecc/bin/
+%{_libdir}/icecc/bin/cc
+%{_libdir}/icecc/bin/gcc
+%{_libdir}/icecc/bin/c++
+%{_libdir}/icecc/bin/g++
+%{_libdir}/icecc/icecc-create-env
+%{_libdir}/libicecc.so.*
+%{_sbindir}/iceccd
+%{_sbindir}/icecc-scheduler
+%config(noreplace) %{_sysconfdir}/sysconfig/icecream
+%config(noreplace) %{_sysconfdir}/profile.d/icecream.*sh
+%{_unitdir}/icecc*.service
+%{_prefix}/lib/icecream
+%{_localstatedir}/cache/icecream
+%{_mandir}/man*/*
+%{?with_selinux:%{_datadir}/selinux/*/icecream.pp}
+
+%files devel
+%defattr(-,root,root,-)
+%dir %{_includedir}/icecc/
+%{_includedir}/icecc/*.h
+%{_libdir}/libicecc.so
+%{_libdir}/pkgconfig/icecc.pc
+
+%changelog
+* Sat Aug 03 2013 Fedora Release Engineering - 0.9.7-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Thu Feb 14 2013 Fedora Release Engineering - 0.9.7-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Thu Jul 19 2012 Fedora Release Engineering - 0.9.7-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Tue Feb 28 2012 Fedora Release Engineering - 0.9.7-3
+- Rebuilt for c++ ABI breakage
+
+* Tue Feb 07 2012 Michal Schmidt - 0.9.7-2
+- systemd conversion
+
+* Mon Feb 06 2012 Michal Schmidt - 0.9.7-1
+- Upstream release 0.9.7.
+
+* Fri Jan 13 2012 Fedora Release Engineering - 0.9.6-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue May 03 2011 Michal Schmidt - 0.9.6-4
+- Add lto plugin for -fuse-linker-plugin (patch from dtardon)
+- Fixes: BZ#675663
+
+* Wed Feb 09 2011 Fedora Release Engineering - 0.9.6-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Mon Aug 16 2010 Michal Schmidt 0.9.6-2
+- Fix spaces instead of ':' separator for $PATH in icecream.csh.
+
+* Tue Aug 03 2010 Michal Schmidt 0.9.6-1
+- New upstream release. With an official tarball this time.
+- Dropped icecream-fix-createenv-when-ldconfig-fails.patch
+ It was never accepted upstream and it is not necessary with working ldconfig.
+- Refreshed icecream-rename-scheduler.patch
+
+* Thu Jul 08 2010 Michal Schmidt 0.9.5-7
+- Build without SELinux only on RHEL 5.
+
+* Thu Jul 08 2010 Michal Schmidt 0.9.5-6
+- Moved away from fedora-usermgmt in favor of plain shadow-utils.
+
+* Sun Jun 13 2010 Michal Schmidt 0.9.5-5
+- Mark UDP port 8765 as icecc_scheduler_port_t.
+
+* Sat Jun 12 2010 Michal Schmidt 0.9.5-4
+- Require /usr/sbin/semanage for scriptlets. (BZ#581272)
+
+* Sat Jun 12 2010 Michal Schmidt 0.9.5-3
+- Fix incorrect handling of SELinux in the scriptlets.
+- Avoid recursive rpm invocation (fixfiles -R).
+- Fixes: BZ#581272
+
+* Thu Mar 25 2010 Michal Schmidt 0.9.5-2
+- SELinux policy fix (current selinux-policy assigns port 8765 to LIRC).
+
+* Thu Mar 25 2010 Michal Schmidt 0.9.5-1
+- Upstream release 0.9.5.
+ - new command 'icerun': serialize possibly resource-intensive tasks
+ - minor bugfixes
+- Refreshed icecream-rename-scheduler.patch.
+
+* Mon Oct 12 2009 Michal Schmidt 0.9.4-5
+- Fix failure to build native environment in SELinux enforcing mode.
+- 'cvs rm ...' unused patches.
+
+* Mon Aug 17 2009 Michal Schmidt 0.9.4-4
+- SELinux policy: Allow untrusted binaries to getattr all filesystems.
+ (BSD process accounting does vfs_getattr() to check disk space.)
+
+* Fri Aug 14 2009 Michal Schmidt 0.9.4-3
+- Create the logfile for the scheduler in the initscript.
+- Allow the scheduler to write to the log in the SELinux policy (BZ#517251).
+
+* Fri Jul 24 2009 Fedora Release Engineering - 0.9.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Thu Apr 30 2009 Michal Schmidt - 0.9.4-1
+- Upstream release 0.9.4.
+- Dropped merged patches.
+
+* Mon Apr 06 2009 Michal Schmidt - 0.9.3-6
+- Fix wrong permissions on the cache dir preventing the jobs from being
+ distributed.
+- SELinux policy update based on review comments on refpolicy ML.
+
+* Mon Mar 02 2009 Michal Schmidt - 0.9.3-5
+- Fix a fd leak from iceccd + avoid using system().
+- Allows tighter SELinux policy.
+
+* Tue Feb 24 2009 Fedora Release Engineering - 0.9.3-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Mon Feb 16 2009 Michal Schmidt - 0.9.3-3
+- Do not use --disable-rpath, icecream's configure script does not understand
+ it and warns about it. We still remove rpath using the sed tricks.
+- One more SELinux policy tweak.
+
+* Mon Feb 16 2009 Michal Schmidt - 0.9.3-2
+- Updated and re-enabled the SELinux policy. The scheduler is now confined too.
+
+* Mon Feb 16 2009 Michal Schmidt - 0.9.3-1
+- new upstream release
+- Dropped merged patches.
+- Added an upstream patch to fix compilation with gcc 4.4.
+
+* Sat Feb 07 2009 Michal Schmidt - 0.9.2-4
+- one more fix for gcc 4.4.
+- updated the scheduler renaming patch.
+
+* Sat Feb 07 2009 Michal Schmidt - 0.9.2-3
+- add an upstream patch to fix FTBFS with gcc 4.4
+
+* Wed Jan 28 2009 Michal Schmidt - 0.9.2-2
+- Fix the create-env script not to crash on relative paths in ld.so.conf.
+- No need to build the native environment as root anymore.
+- Disable the SELinux policy for now, it needs more work.
+
+* Thu Nov 13 2008 Michal Schmidt - 0.9.2-1
+- Update to upstream release 0.9.2.
+- The license is GPLv2+.
+- Add manpages from SUSE src package.
+- Add patch to run icecc --build-native as root.
+
+* Tue Sep 2 2008 Michael Schwendt - 0.8.0-12.20080117svn
+- Include unowned icecc directories.
+- Add defattr in devel pkg.
+
+* Thu Mar 13 2008 Michal Schmidt - 0.8.0-11.20080117svn
+- Minor SELinux policy fix.
+
+* Sun Feb 10 2008 Michal Schmidt - 0.8.0-10.20080117svn
+- Compile fix (added missing #includes).
+- Conditional building of SELinux policy and documentation.
+- Fix build on RHEL5.
+
+* Tue Jan 29 2008 Michal Schmidt - 0.8.0-9.20080117svn
+- SELinux policy fixes.
+
+* Thu Jan 17 2008 Michal Schmidt - 0.8.0-8.20080117svn
+- Update to current icecream-make-it-cool branch.
+
+* Tue Jan 8 2008 Michal Schmidt - 0.8.0-7.20071101svn
+- Build fix. meinproc is now in kdelibs3. BuildRequire that instead of kdelibs.
+
+* Thu Nov 29 2007 Michal Schmidt - 0.8.0-6.20071101svn
+- Rewritten the profile scripts to make icecream work together with ccache.
+
+* Tue Nov 27 2007 Michal Schmidt - 0.8.0-5.20071101svn
+- SELinux: Allow iceccd to contact the scheduler via UDP.
+- Don't add icecream to PATH in the profile scripts if ccache is installed
+ to avoid recursive invocations (bz #377761).
+
+* Tue Nov 20 2007 Michal Schmidt - 0.8.0-4.20071101svn
+- Add a SELinux policy for iceccd
+- Initscripts as sources instead of patches in the .spec file
+- Don't touch /var/log/iceccd in the initscript. Let iceccd create it.
+
+* Mon Nov 12 2007 Michal Schmidt - 0.8.0-3.20071101svn
+- Add icecc to $PATH using scripts in profile.d
+
+* Tue Nov 6 2007 Michal Schmidt - 0.8.0-2.20071101svn
+- Use the _datadir macro instead of hardcoded /usr/share
+
+* Thu Nov 01 2007 Michal Schmidt - 0.8.0-1.20071101svn
+- Initial package for Fedora.
diff --git a/icecream.te b/icecream.te
new file mode 100644
index 0000000..137eaa8
--- /dev/null
+++ b/icecream.te
@@ -0,0 +1,220 @@
+
+policy_module(icecream,0.1.5)
+
+########################################
+#
+# iceccd declarations
+#
+
+type iceccd_t;
+type iceccd_exec_t;
+init_daemon_domain(iceccd_t, iceccd_exec_t)
+
+type iceccd_log_t;
+logging_log_file(iceccd_log_t)
+
+type iceccd_tmp_t;
+files_tmp_file(iceccd_tmp_t)
+
+type iceccd_var_run_t;
+files_pid_file(iceccd_var_run_t)
+
+type iceccd_cache_t;
+files_type(iceccd_cache_t)
+
+########################################
+#
+# iceccd_createenv declarations
+#
+
+type iceccd_createenv_t;
+type iceccd_createenv_exec_t;
+application_domain(iceccd_createenv_t, iceccd_createenv_exec_t)
+role system_r types iceccd_createenv_t;
+
+########################################
+#
+# icecc_scheduler declarations
+#
+
+type icecc_scheduler_t;
+type icecc_scheduler_exec_t;
+init_daemon_domain(icecc_scheduler_t, icecc_scheduler_exec_t)
+
+type icecc_scheduler_log_t;
+logging_log_file(icecc_scheduler_log_t)
+
+########################################
+#
+# iceccd_untrusted declarations
+#
+
+type iceccd_untrusted_t;
+domain_type(iceccd_untrusted_t);
+domain_entry_file(iceccd_untrusted_t, iceccd_cache_t)
+role system_r types iceccd_untrusted_t;
+
+# port declarations. for separate module only.
+type iceccd_port_t;
+type icecc_scheduler_port_t;
+corenet_port(iceccd_port_t);
+corenet_port(icecc_scheduler_port_t);
+
+########################################
+#
+# iceccd policy
+#
+
+allow iceccd_t self:capability { chown dac_override fowner fsetid kill
+ setgid setuid sys_chroot };
+allow iceccd_t self:fifo_file rw_fifo_file_perms;
+allow iceccd_t self:netlink_route_socket r_netlink_socket_perms;
+allow iceccd_t self:process { signal_perms setsched setrlimit };
+allow iceccd_t self:tcp_socket create_stream_socket_perms;
+allow iceccd_t self:udp_socket create_socket_perms;
+
+dontaudit iceccd_t iceccd_untrusted_t:process { siginh rlimitinh
+ noatsecure };
+
+allow iceccd_t iceccd_untrusted_t:process signal;
+
+domtrans_pattern(iceccd_t, iceccd_createenv_exec_t, iceccd_createenv_t)
+domtrans_pattern(iceccd_t, iceccd_cache_t, iceccd_untrusted_t)
+
+manage_files_pattern(iceccd_t, iceccd_log_t, iceccd_log_t)
+logging_log_filetrans(iceccd_t, iceccd_log_t, file)
+
+manage_files_pattern(iceccd_t, iceccd_var_run_t, iceccd_var_run_t)
+files_pid_filetrans(iceccd_t, iceccd_var_run_t, file)
+
+manage_dirs_pattern(iceccd_t, iceccd_cache_t, iceccd_cache_t)
+manage_files_pattern(iceccd_t, iceccd_cache_t, iceccd_cache_t)
+files_var_filetrans(iceccd_t, iceccd_cache_t, { dir file })
+
+files_search_tmp(iceccd_t)
+manage_dirs_pattern(iceccd_t, iceccd_tmp_t, iceccd_tmp_t)
+manage_files_pattern(iceccd_t, iceccd_tmp_t, iceccd_tmp_t)
+files_tmp_filetrans(iceccd_t, iceccd_tmp_t, { dir file })
+
+corenet_all_recvfrom_unlabeled(iceccd_t)
+corenet_all_recvfrom_netlabel(iceccd_t)
+corenet_tcp_sendrecv_generic_if(iceccd_t)
+corenet_udp_sendrecv_generic_if(iceccd_t)
+corenet_tcp_sendrecv_generic_node(iceccd_t)
+corenet_udp_sendrecv_generic_node(iceccd_t)
+corenet_tcp_sendrecv_all_ports(iceccd_t)
+corenet_udp_sendrecv_all_ports(iceccd_t)
+corenet_tcp_bind_generic_node(iceccd_t)
+allow iceccd_t iceccd_port_t:tcp_socket { name_bind };
+allow iceccd_t icecc_scheduler_port_t:tcp_socket { name_connect };
+corenet_tcp_connect_lirc_port(iceccd_t)
+
+corecmd_exec_bin(iceccd_t)
+corecmd_read_bin_symlinks(iceccd_t)
+
+#files_getattr_tmp_dirs(iceccd_t)
+files_read_etc_files(iceccd_t)
+
+fs_getattr_all_fs(iceccd_t)
+
+kernel_read_system_state(iceccd_t)
+
+sysnet_read_config(iceccd_t)
+
+libs_use_ld_so(iceccd_t)
+libs_use_shared_libs(iceccd_t)
+
+miscfiles_read_localization(iceccd_t)
+
+########################################
+#
+# iceccd_createenv policy
+#
+
+allow iceccd_createenv_t self:fifo_file rw_fifo_file_perms;
+
+dontaudit iceccd_createenv_t iceccd_tmp_t:file { execute };
+
+allow iceccd_createenv_t iceccd_log_t:file { append };
+
+manage_dirs_pattern(iceccd_createenv_t, iceccd_cache_t, iceccd_cache_t)
+manage_files_pattern(iceccd_createenv_t, iceccd_cache_t, iceccd_cache_t)
+# no files_var_filetrans, createenv does not create the cache dir itself
+
+manage_dirs_pattern(iceccd_createenv_t, iceccd_tmp_t, iceccd_tmp_t)
+manage_files_pattern(iceccd_createenv_t, iceccd_tmp_t, iceccd_tmp_t)
+files_tmp_filetrans(iceccd_createenv_t, iceccd_tmp_t, { dir file })
+
+corecmd_exec_bin(iceccd_createenv_t)
+corecmd_exec_shell(iceccd_createenv_t)
+
+dev_read_urand(iceccd_createenv_t)
+
+files_read_etc_files(iceccd_createenv_t)
+files_read_usr_files(iceccd_createenv_t)
+
+kernel_read_system_state(iceccd_createenv_t)
+
+libs_exec_ld_so(iceccd_createenv_t)
+libs_exec_lib_files(iceccd_createenv_t)
+
+libs_domtrans_ldconfig(iceccd_createenv_t)
+
+libs_use_ld_so(iceccd_createenv_t)
+libs_use_shared_libs(iceccd_createenv_t)
+
+miscfiles_read_localization(iceccd_createenv_t)
+
+userdom_dontaudit_search_user_home_dirs(iceccd_createenv_t)
+
+optional_policy(`
+ nscd_socket_use(iceccd_createenv_t)
+')
+
+########################################
+#
+# iceccd_untrusted policy
+#
+
+allow iceccd_untrusted_t self:fifo_file rw_fifo_file_perms;
+allow iceccd_untrusted_t self:process signal_perms;
+allow iceccd_untrusted_t iceccd_t:unix_stream_socket rw_stream_socket_perms;
+
+manage_files_pattern(iceccd_untrusted_t, iceccd_cache_t, iceccd_cache_t)
+
+can_exec(iceccd_untrusted_t, iceccd_cache_t)
+
+fs_getattr_all_fs(iceccd_untrusted_t)
+
+########################################
+#
+# icecc_scheduler policy
+#
+
+allow icecc_scheduler_t self:tcp_socket create_stream_socket_perms;
+allow icecc_scheduler_t self:udp_socket create_socket_perms;
+
+manage_files_pattern(icecc_scheduler_t, icecc_scheduler_log_t, icecc_scheduler_log_t)
+logging_log_filetrans(icecc_scheduler_t, icecc_scheduler_log_t, file)
+
+corenet_all_recvfrom_unlabeled(icecc_scheduler_t)
+corenet_all_recvfrom_netlabel(icecc_scheduler_t)
+corenet_tcp_sendrecv_generic_if(icecc_scheduler_t)
+corenet_udp_sendrecv_generic_if(icecc_scheduler_t)
+corenet_tcp_sendrecv_generic_node(icecc_scheduler_t)
+corenet_udp_sendrecv_generic_node(icecc_scheduler_t)
+corenet_tcp_sendrecv_all_ports(icecc_scheduler_t)
+corenet_udp_sendrecv_all_ports(icecc_scheduler_t)
+corenet_tcp_bind_generic_node(icecc_scheduler_t)
+corenet_udp_bind_generic_node(icecc_scheduler_t)
+allow icecc_scheduler_t icecc_scheduler_port_t:tcp_socket { name_bind };
+corenet_tcp_bind_lirc_port(icecc_scheduler_t)
+allow icecc_scheduler_t icecc_scheduler_port_t:udp_socket { name_bind };
+corenet_udp_bind_lirc_port(icecc_scheduler_t)
+
+files_read_etc_files(icecc_scheduler_t)
+
+libs_use_ld_so(icecc_scheduler_t)
+libs_use_shared_libs(icecc_scheduler_t)
+
+miscfiles_read_localization(icecc_scheduler_t)
diff --git a/sources b/sources
new file mode 100644
index 0000000..397ccf5
--- /dev/null
+++ b/sources
@@ -0,0 +1,2 @@
+c06900c2f4011428d0d48826a04f74fb icecc-0.9.7.tar.bz2
+a3829775870d5b2b60b750a88ee835b7 icecream-manpages.tar.bz2