github.com/jiasir/docker@v1.3.3-0.20170609024000-252e610103e7/hack/make/.build-rpm/docker-engine-selinux.spec (about) 1 # Some bits borrowed from the openstack-selinux package 2 Name: docker-engine-selinux 3 Version: %{_version} 4 Release: %{_release}%{?dist} 5 Summary: SELinux Policies for the open-source application container engine 6 BuildArch: noarch 7 Group: Tools/Docker 8 9 License: GPLv2 10 Source: %{name}.tar.gz 11 12 URL: https://dockerproject.org 13 Vendor: Docker 14 Packager: Docker <support@docker.com> 15 16 %global selinux_policyver 3.13.1-102 17 %if 0%{?oraclelinux} >= 7 18 %global selinux_policyver 3.13.1-102.0.3.el7_3.15 19 %endif # oraclelinux 7 20 %global selinuxtype targeted 21 %global moduletype services 22 %global modulenames docker 23 24 Requires(post): selinux-policy-base >= %{selinux_policyver}, selinux-policy-targeted >= %{selinux_policyver}, policycoreutils, policycoreutils-python libselinux-utils 25 BuildRequires: selinux-policy selinux-policy-devel 26 27 # conflicting packages 28 Conflicts: docker-selinux 29 30 # Usage: _format var format 31 # Expand 'modulenames' into various formats as needed 32 # Format must contain '$x' somewhere to do anything useful 33 %global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done; 34 35 # Relabel files 36 %global relabel_files() \ 37 /sbin/restorecon -R %{_bindir}/docker %{_localstatedir}/run/docker.sock %{_localstatedir}/run/docker.pid %{_sysconfdir}/docker %{_localstatedir}/log/docker %{_localstatedir}/log/lxc %{_localstatedir}/lock/lxc %{_usr}/lib/systemd/system/docker.service /root/.docker &> /dev/null || : \ 38 39 %description 40 SELinux policy modules for use with Docker 41 42 %prep 43 %if 0%{?centos} <= 6 44 %setup -n %{name} 45 %else 46 %autosetup -n %{name} 47 %endif 48 49 %build 50 make SHARE="%{_datadir}" TARGETS="%{modulenames}" 51 52 %install 53 54 # Install SELinux interfaces 55 %_format INTERFACES $x.if 56 install -d %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype} 57 install -p -m 644 $INTERFACES %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype} 58 59 # Install policy modules 60 %_format MODULES $x.pp.bz2 61 install -d %{buildroot}%{_datadir}/selinux/packages 62 install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages 63 64 %post 65 # 66 # Install all modules in a single transaction 67 # 68 if [ $1 -eq 1 ]; then 69 %{_sbindir}/setsebool -P -N virt_use_nfs=1 virt_sandbox_use_all_caps=1 70 fi 71 %_format MODULES %{_datadir}/selinux/packages/$x.pp.bz2 72 %{_sbindir}/semodule -n -s %{selinuxtype} -i $MODULES 73 if %{_sbindir}/selinuxenabled ; then 74 %{_sbindir}/load_policy 75 %relabel_files 76 if [ $1 -eq 1 ]; then 77 restorecon -R %{_sharedstatedir}/docker 78 fi 79 fi 80 81 %postun 82 if [ $1 -eq 0 ]; then 83 %{_sbindir}/semodule -n -r %{modulenames} &> /dev/null || : 84 if %{_sbindir}/selinuxenabled ; then 85 %{_sbindir}/load_policy 86 %relabel_files 87 fi 88 fi 89 90 %files 91 %doc LICENSE 92 %defattr(-,root,root,0755) 93 %attr(0644,root,root) %{_datadir}/selinux/packages/*.pp.bz2 94 %attr(0644,root,root) %{_datadir}/selinux/devel/include/%{moduletype}/*.if 95 96 %changelog 97 * Tue Dec 1 2015 Jessica Frazelle <acidburn@docker.com> 1.9.1-1 98 - add licence to rpm 99 - add selinux-policy and docker-engine-selinux rpm