|
|
|
@ -5,9 +5,11 @@ |
|
|
|
|
%define debug_package %{nil} |
|
|
|
|
%define anviluser admin |
|
|
|
|
%define anvilgroup admin |
|
|
|
|
%define selinuxtype targeted |
|
|
|
|
%define suiapi striker-ui-api |
|
|
|
|
|
|
|
|
|
# selinux |
|
|
|
|
%define selinuxtype targeted |
|
|
|
|
%define selinuxsubnodemodule anvil-subnode |
|
|
|
|
%define selinuxdir %{_datadir}/selinux/packages/%{selinuxtype} |
|
|
|
|
|
|
|
|
|
Name: anvil |
|
|
|
@ -237,6 +239,8 @@ rm -rf %{buildroot} |
|
|
|
|
make install DESTDIR=%{buildroot} |
|
|
|
|
|
|
|
|
|
%pre core |
|
|
|
|
%selinux_relabel_pre -s %{selinuxtype} |
|
|
|
|
|
|
|
|
|
if [ ! -d /usr/share/anvil ]; |
|
|
|
|
then |
|
|
|
|
mkdir /usr/share/anvil |
|
|
|
@ -252,9 +256,8 @@ getent passwd %{anviluser} >/dev/null || useradd --create-home \ |
|
|
|
|
# sed -i.anvil 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config |
|
|
|
|
# setenforce 0 |
|
|
|
|
# |
|
|
|
|
if [ $1 == 1 ]; then |
|
|
|
|
%selinux_modules_install -s %{selinuxtype} -p 200 ${selinuxdir}/anvil-subnode.pp |
|
|
|
|
fi |
|
|
|
|
# Always try to install in-case of update |
|
|
|
|
%selinux_modules_install -s %{selinuxtype} -p 200 %{selinuxdir}/%{selinuxsubnodemodule}.pp |
|
|
|
|
|
|
|
|
|
# Enable and start the anvil-daemon |
|
|
|
|
### TODO: check it if was disabled (if it existed before) and, if so, leave it disabled. |
|
|
|
@ -365,8 +368,9 @@ touch /etc/anvil/type.dr |
|
|
|
|
# echo "NOTE: Re-enabling SELinux." |
|
|
|
|
# sed -i.anvil 's/SELINUX=permissive/SELINUX=enforcing/' /etc/selinux/config |
|
|
|
|
# setenforce 1 |
|
|
|
|
# Only uninstall the policy when the package is actually being removed |
|
|
|
|
if [ $1 == 0 ]; then |
|
|
|
|
%selinux_modules_uninstall -s %{selinuxtype} -p 200 ${selinuxdir}/anvil-subnode.pp |
|
|
|
|
%selinux_modules_uninstall -s %{selinuxtype} -p 200 %{selinuxsubnodemodule} |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
%preun striker |
|
|
|
@ -413,6 +417,11 @@ then |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%posttrans core |
|
|
|
|
# Relabel in posttrans makes sure files are in-place |
|
|
|
|
%selinux_relabel_post -s %{selinuxtype} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files core |
|
|
|
|
%doc README.md |
|
|
|
|
%config(noreplace) %{_sysconfdir}/anvil/anvil.conf |
|
|
|
@ -424,7 +433,10 @@ fi |
|
|
|
|
%{_sysconfdir}/anvil/anvil.version |
|
|
|
|
%{_datadir}/perl5/* |
|
|
|
|
%{_mandir}/* |
|
|
|
|
%{selinuxdir}/*.pp |
|
|
|
|
|
|
|
|
|
# selinux |
|
|
|
|
%attr(0644, root, root) %{selinuxdir}/%{selinuxsubnodemodule}.pp |
|
|
|
|
%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{selinuxsubnodemodule} |
|
|
|
|
|
|
|
|
|
%files striker |
|
|
|
|
%{_localstatedir}/www/*/* |
|
|
|
|