From 854f4b3171fb295e5cbec13556694536bc9a7b1f Mon Sep 17 00:00:00 2001 From: tigro Date: Fri, 8 Sep 2023 18:35:00 +0300 Subject: [PATCH] Added SELinux policy --- SPECS/gutenprint.spec | 52 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/SPECS/gutenprint.spec b/SPECS/gutenprint.spec index dcf5e8e..732ceaf 100644 --- a/SPECS/gutenprint.spec +++ b/SPECS/gutenprint.spec @@ -1,15 +1,17 @@ #%%global prever pre2 #%%global ver %%{version}-%%{prever} +%global selinuxtype targeted Name: gutenprint Summary: Printer Drivers Package Version: 5.3.4 -Release: 4%{?dist} +Release: 4%{?dist}.inferit URL: http://gimp-print.sourceforge.net/ Source0: http://downloads.sourceforge.net/gimp-print/%{name}-%{version}.tar.xz # Post-install script to update CUPS native PPDs. Source1: cups-genppdupdate.py.in # ported from old gimp-print package - fix for a menu in gimp gutenprint plugin +Source2: gutenprint.te Patch0: gutenprint-menu.patch Patch3: gutenprint-postscriptdriver.patch Patch4: gutenprint-yyin.patch @@ -47,6 +49,10 @@ BuildRequires: autoconf automake libtool # needed for defining %%{__python3} macro for prep phase BuildRequires: python3-devel +# fix SELinux policy +BuildRequires: selinux-policy-devel +Requires: (%{name}-selinux = %{version}-%{release} if selinux-policy-%{selinuxtype}) + ## NOTE ## # The README file in this package contains suggestions from upstream # on how to package this software. I'd be inclined to follow those @@ -113,6 +119,15 @@ Requires: %{name}%{?_isa} = %{version}-%{release} This package contains native CUPS support for a wide range of Canon, Epson, HP and compatible printers. +%package selinux +Summary: SELinux policy module for gutenprint +Requires: %{name} = %{version}-%{release} +%{?selinux_requires} + +%description selinux +This package contains the SELinux policy module necessary to run +gutenprint from GNOME Control Center + %prep %setup -q -n %{name}-%{version} # Fix menu placement of GIMP plugin. @@ -137,6 +152,10 @@ sed -i -e 's,^#!/usr/bin/python3,#!%{__python3},' src/cups/cups-genppdupdate.in # Python 3.6 invalid escape sequence deprecation fixes, COPYING as license (bug #1448303) %patch6 -p1 -b .python36syntax +# SELinux fixes +mkdir -p SELinux +cp %{SOURCE2} SELinux/ + %build # Don't run the weave test as it takes a very long time. sed -i -e 's,^\(TESTS *=.*\) run-weavetest,\1,' test/Makefile.in @@ -153,6 +172,10 @@ sed -i -e 's,^\(TESTS *=.*\) run-weavetest,\1,' test/Makefile.in %make_build +# Build SELinux policy +cd SELinux +%{__make} NAME=%{selinuxtype} -f /usr/share/selinux/devel/Makefile + # Test suite disabled due to bug #1069274. #%check #make check @@ -167,6 +190,9 @@ rm -f %{buildroot}%{_datadir}/foomatic/kitload.log rm -rf %{buildroot}%{_libdir}/gutenprint/5.2/modules/*.la rm -f %{buildroot}%{_sysconfdir}/cups/command.types +install -d %{buildroot}%{_datadir}/selinux/%{selinuxtype} +install -p -m 644 SELinux/%{name}.pp %{buildroot}%{_datadir}/selinux/%{selinuxtype}/%{name}.pp + %find_lang %{name} sed 's!%{_datadir}/locale/\([^/]*\)/LC_MESSAGES/gutenprint.mo!%{_datadir}/locale/\1/gutenprint_\1.po!g' %{name}.lang >%{name}-po.lang rm -f %{name}.lang @@ -202,6 +228,23 @@ done %{_bindir}/systemctl restart cups >/dev/null 2>&1 || : exit 0 +%pre selinux +%selinux_relabel_pre -s %{selinuxtype} + +%post selinux +%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/%{selinuxtype}/%{name}.pp +%selinux_relabel_post -s %{selinuxtype} + +if [ "$1" -le "1" ]; then # First install + # the daemon needs to be restarted for the custom label to be applied + %systemd_postun_with_restart waydroid-container.service +fi + +%postun selinux +if [ $1 -eq 0 ]; then + %selinux_modules_uninstall -s %{selinuxtype} %{name} + %selinux_relabel_post -s %{selinuxtype} +fi %files -f %{name}.lang %license COPYING @@ -254,7 +297,14 @@ exit 0 %{_mandir}/man8/cups-calibrate.8* %{_mandir}/man8/cups-genppd*8*.gz +%files selinux +%doc SELinux/%{name}.te +%{_datadir}/selinux/%{selinuxtype}/%{name}.pp + %changelog +* Fri Sep 8 2023 Arkady L. Shane - 5.3.4-4 - Rebuilt for MSVSphere 9.1.