github.com/skf/moby@v1.13.1/hack/make/.build-rpm/docker-engine-selinux.spec

github.com/skf/moby@v1.13.1/hack/make/.build-rpm/docker-engine-selinux.spec (about)

     1  # Some bits borrowed from the openstack-selinux package
     2  Name: docker-engine-selinux
     3  Version: %{_version}
     4  Release: %{_release}%{?dist}
     5  Summary: SELinux Policies for the open-source application container engine
     6  BuildArch: noarch
     7  Group: Tools/Docker
     8  
     9  License: GPLv2
    10  Source: %{name}.tar.gz
    11  
    12  URL: https://dockerproject.org
    13  Vendor: Docker
    14  Packager: Docker <support@docker.com>
    15  
    16  %global selinux_policyver 3.13.1-102
    17  %global selinuxtype targeted
    18  %global moduletype  services
    19  %global modulenames docker
    20  
    21  Requires(post): selinux-policy-base >= %{selinux_policyver}, selinux-policy-targeted >= %{selinux_policyver}, policycoreutils, policycoreutils-python libselinux-utils
    22  BuildRequires: selinux-policy selinux-policy-devel
    23  
    24  # conflicting packages
    25  Conflicts: docker-selinux
    26  
    27  # Usage: _format var format
    28  #   Expand 'modulenames' into various formats as needed
    29  #   Format must contain '$x' somewhere to do anything useful
    30  %global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
    31  
    32  # Relabel files
    33  %global relabel_files() \
    34      /sbin/restorecon -R %{_bindir}/docker %{_localstatedir}/run/docker.sock %{_localstatedir}/run/docker.pid %{_sysconfdir}/docker %{_localstatedir}/log/docker %{_localstatedir}/log/lxc %{_localstatedir}/lock/lxc %{_usr}/lib/systemd/system/docker.service /root/.docker &> /dev/null || : \
    35  
    36  %description
    37  SELinux policy modules for use with Docker
    38  
    39  %prep
    40  %if 0%{?centos} <= 6
    41  %setup -n %{name}
    42  %else
    43  %autosetup -n %{name}
    44  %endif
    45  
    46  %build
    47  make SHARE="%{_datadir}" TARGETS="%{modulenames}"
    48  
    49  %install
    50  
    51  # Install SELinux interfaces
    52  %_format INTERFACES $x.if
    53  install -d %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
    54  install -p -m 644 $INTERFACES %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
    55  
    56  # Install policy modules
    57  %_format MODULES $x.pp.bz2
    58  install -d %{buildroot}%{_datadir}/selinux/packages
    59  install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages
    60  
    61  %post
    62  #
    63  # Install all modules in a single transaction
    64  #
    65  if [ $1 -eq 1 ]; then
    66      %{_sbindir}/setsebool -P -N virt_use_nfs=1 virt_sandbox_use_all_caps=1
    67  fi
    68  %_format MODULES %{_datadir}/selinux/packages/$x.pp.bz2
    69  %{_sbindir}/semodule -n -s %{selinuxtype} -i $MODULES
    70  if %{_sbindir}/selinuxenabled ; then
    71      %{_sbindir}/load_policy
    72      %relabel_files
    73      if [ $1 -eq 1 ]; then
    74        restorecon -R %{_sharedstatedir}/docker
    75      fi
    76  fi
    77  
    78  %postun
    79  if [ $1 -eq 0 ]; then
    80      %{_sbindir}/semodule -n -r %{modulenames} &> /dev/null || :
    81      if %{_sbindir}/selinuxenabled ; then
    82          %{_sbindir}/load_policy
    83          %relabel_files
    84      fi
    85  fi
    86  
    87  %files
    88  %doc LICENSE
    89  %defattr(-,root,root,0755)
    90  %attr(0644,root,root) %{_datadir}/selinux/packages/*.pp.bz2
    91  %attr(0644,root,root) %{_datadir}/selinux/devel/include/%{moduletype}/*.if
    92  
    93  %changelog
    94  * Tue Dec 1 2015 Jessica Frazelle <acidburn@docker.com> 1.9.1-1
    95  - add licence to rpm
    96  - add selinux-policy and docker-engine-selinux rpm