That was meant to be an example, and I just dropped it in the
previous commit -- passt.if should be more than enough as a possible
example.
Reported-by: Carl G. <carlg@fedoraproject.org>
Link: https://bugzilla.redhat.com/show_bug.cgi?id=2182145
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Instead of:
https://fedoraproject.org/wiki/SELinux_Policy_Modules_Packaging_Draft
follow this:
https://fedoraproject.org/wiki/PackagingDrafts/SELinux_Independent_Policy
which seems to make more sense and fixes the issue that, on a fresh
install, without a reboot, the file contexts for the binaries are not
actually updated.
In detail:
- labels are refreshed using the selinux_relabel_pre and
selinux_relabel_post on install, upgrade, and uninstall
- use the selinux_modules_install and selinux_modules_uninstall
macros, instead of calling 'semodule' directly (no functional
changes in our case)
- require the -selinux package on SELinux-enabled environments and if
the current system policy is "targeted"
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fedora-review says:
Note: Directories without known owners:
/usr/share/selinux/packages/passt, /usr/share/doc/passt,
/usr/share/selinux, /usr/share/selinux/packages
and selinux-policy owns those two last ones.
While at it, split Requires: tags also for post and preun actions
onto different lines, for consistency.
Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
fedora-review says:
Note: No known owner of /usr/share/selinux/packages/passt,
/usr/share/doc/passt
While at it, replace "passt" by "%{name}" in a few places for
consistency.
Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Fedora's parameters currently match the ones from the Makefile (which
is based on GNU recommendations), but that's not necessarily
guaranteed.
This should make the OpenSUSE Tumbleweed override for docdir
unnecessary: drop it.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
...as it's used twice. The short version, however, appears hardcoded
only once in the output, and it comes straight from the rpkg macro
building the version string -- leave that macro as it is.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
...which makes it fall under MIT licensing terms. Daniel reports that
it's very unusual for spec files to contain explicit licensing terms
and might cause minor inconveniences later on, on mass changes to
spec files.
I originally added licensing information using SPDX identifiers to
make the project fully compliant with the REUSE Specification 3.0
(https://reuse.software/spec/), but there are anyway a few more files
not including explicit licensing information. It might be worth to
fix that later on, in any case.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
It turns out that, while on most distributions "docdir" would be
/usr/share/doc, it's /usr/share/doc/packages/ on OpenSUSE Tumbleweed.
Use an explicit docdir as shown in:
https://en.opensuse.org/openSUSE:Build_Service_cross_distribution_howto
and don't unnecessarily hardcode directory variables in the Makefile.
Otherwise, RPM builds for OpenSUSE will fail now that we have a README
there.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
If the man pages are not compressed, the current wildcards wouldn't
match them. Drop the trailing '.' from them.
Reported-by: Artur Frenszek-Iwicki <fedora@svgames.pl>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This will also set any distribution-specific LDFLAGS. It's not needed
anymore starting from Fedora 36, but the package might be built on
other versions and distributions too (including e.g. CentOS Stream 8).
Reported-by: Artur Frenszek-Iwicki <fedora@svgames.pl>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Otherwise, passt-selinux will be built separately for each supported
architecture.
Suggested-by: Artur Frenszek-Iwicki <fedora@svgames.pl>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This is required as Fedora doesn't accept a temporary pointer to
a source URL.
Reported-by: Ralf Corsepius <rc040203@freenet.de>
Reported-by: Artur Frenszek-Iwicki <fedora@svgames.pl>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
It seems to be exposed by Koji (https://pagure.io/koji/issue/2541),
but it's not actually in use, so we have to drop that. The website
the URL tag points to reports all the needed information anyway.
Reported-by: Artur Frenszek-Iwicki <fedora@svgames.pl>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
git_dir_changelog is useful in theory, but it requires pairs of
annotated tags, which should be generated by rpkg itself to make any
sense, implying a relatively heavyweight interaction whenever I want
to push a new package version.
Also, the default content of the changelog entries include the full
list of changes, but the Fedora Packaging Guidelines specifically
mention that:
[t]hey must never simply contain an entire copy of the source
CHANGELOG entries.
We don't have a CHANGELOG file, but the full git history is
conceptually equivalent for this purpose, I guess.
Introduce our own passt_git_changelog() rpkg macro, building
changelog entries, using tags in the form DATE-SHA, where DATE
is an ISO 8601 date representation, and SHA is a short (7-digits)
form of the head commit at a given moment (git push).
These changelog entries mention, specifically, changes to the
packaging information itself (entries under contrib/fedora), and
simply report a link to cgit for the ranges between tags.
Reported-by: Benson Muite <benson_muite@emailplus.org>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>