/usr/lib/python2.7/dist-packages/sepolicy/templates/spec.py is in python-sepolicy 2.3-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 | header_comment_section="""\
# vim: sw=4:ts=4:et
"""
base_section="""\
%define selinux_policyver VERSION
Name: MODULENAME_selinux
Version: 1.0
Release: 1%{?dist}
Summary: SELinux policy module for MODULENAME
Group: System Environment/Base
License: GPLv2+
# This is an example. You will need to change it.
URL: http://HOSTNAME
Source0: MODULENAME.pp
Source1: MODULENAME.if
Source2: DOMAINNAME_selinux.8
Source3: DOMAINNAME_u
Requires: policycoreutils, libselinux-utils
Requires(post): selinux-policy-base >= %{selinux_policyver}, policycoreutils
Requires(postun): policycoreutils
"""
mid_section="""\
BuildArch: noarch
%description
This package installs and sets up the SELinux policy security module for MODULENAME.
%install
install -d %{buildroot}%{_datadir}/selinux/packages
install -m 644 %{SOURCE0} %{buildroot}%{_datadir}/selinux/packages
install -d %{buildroot}%{_datadir}/selinux/devel/include/contrib
install -m 644 %{SOURCE1} %{buildroot}%{_datadir}/selinux/devel/include/contrib/
install -d %{buildroot}%{_mandir}/man8/
install -m 644 %{SOURCE2} %{buildroot}%{_mandir}/man8/DOMAINNAME_selinux.8
install -d %{buildroot}/etc/selinux/targeted/contexts/users/
install -m 644 %{SOURCE3} %{buildroot}/etc/selinux/targeted/contexts/users/DOMAINNAME_u
%post
semodule -n -i %{_datadir}/selinux/packages/MODULENAME.pp
if /usr/sbin/selinuxenabled ; then
/usr/sbin/load_policy
%relabel_files
/usr/sbin/semanage user -a -R DOMAINNAME_r DOMAINNAME_u
fi;
exit 0
%postun
if [ $1 -eq 0 ]; then
semodule -n -r MODULENAME
if /usr/sbin/selinuxenabled ; then
/usr/sbin/load_policy
%relabel_files
/usr/sbin/semanage user -d DOMAINNAME_u
fi;
fi;
exit 0
%files
%attr(0600,root,root) %{_datadir}/selinux/packages/MODULENAME.pp
%{_datadir}/selinux/devel/include/contrib/MODULENAME.if
%{_mandir}/man8/DOMAINNAME_selinux.8.*
/etc/selinux/targeted/contexts/users/DOMAINNAME_u
%changelog
* TODAYSDATE YOUR NAME <YOUR@EMAILADDRESS> 1.0-1
- Initial version
"""
define_relabel_files_begin ="""\
\n
%define relabel_files() \\
"""
define_relabel_files_end ="""\
restorecon -R FILENAME; \\
"""
|