1 %define script_dir %{_sbindir}
2 # Security Containers Server's user info - it should already exist in the system
3 %define scs_user security-containers
4 %define libvirt_group libvirt
5 # The group that has read and write access to /dev/input/event* devices.
6 # It may vary between platforms.
7 %define input_event_group video
9 Name: security-containers
12 Source0: %{name}-%{version}.tar.gz
15 Summary: Daemon for managing containers
17 BuildRequires: boost-devel
18 BuildRequires: libvirt-devel
19 BuildRequires: libjson-devel >= 0.10
20 BuildRequires: libcap-ng-devel
21 BuildRequires: pkgconfig(libConfig)
22 BuildRequires: pkgconfig(libLogger)
23 BuildRequires: pkgconfig(libSimpleDbus)
24 BuildRequires: pkgconfig(glib-2.0)
25 BuildRequires: pkgconfig(libsystemd-journal)
26 BuildRequires: pkgconfig(libvirt-glib-1.0)
27 BuildRequires: pkgconfig(sqlite3)
28 Requires: libvirt-daemon >= 1.2.4
29 Requires(post): libcap-tools
32 This package provides a daemon used to manage containers - start, stop and switch
33 between them. A process from inside a container can request a switch of context
34 (display, input devices) to the other container.
37 %manifest packaging/security-containers.manifest
38 %defattr(644,root,root,755)
39 %attr(755,root,root) %{_bindir}/security-containers-server
40 %dir /etc/security-containers
41 %dir /etc/security-containers/containers
42 %dir /etc/security-containers/libvirt-config
43 %config /etc/security-containers/daemon.conf
44 %config /etc/security-containers/containers/*.conf
45 %config /etc/security-containers/libvirt-config/*.xml
46 %{_unitdir}/security-containers.service
47 %{_unitdir}/multi-user.target.wants/security-containers.service
48 /etc/dbus-1/system.d/org.tizen.containers.host.conf
54 %{!?build_type:%define build_type "RELEASE"}
56 %if %{build_type} == "DEBUG" || %{build_type} == "PROFILING"
57 CFLAGS="$CFLAGS -Wp,-U_FORTIFY_SOURCE"
58 CXXFLAGS="$CXXFLAGS -Wp,-U_FORTIFY_SOURCE"
61 %cmake . -DVERSION=%{version} \
62 -DCMAKE_BUILD_TYPE=%{build_type} \
63 -DSCRIPT_INSTALL_DIR=%{script_dir} \
64 -DSYSTEMD_UNIT_DIR=%{_unitdir} \
65 -DPYTHON_SITELIB=%{python_sitelib} \
66 -DSECURITY_CONTAINERS_USER=%{scs_user} \
67 -DLIBVIRT_GROUP=%{libvirt_group} \
68 -DINPUT_EVENT_GROUP=%{input_event_group}
69 make -k %{?jobs:-j%jobs}
73 mkdir -p %{buildroot}/%{_unitdir}/multi-user.target.wants
74 ln -s ../security-containers.service %{buildroot}/%{_unitdir}/multi-user.target.wants/security-containers.service
80 # Refresh systemd services list after installation
82 systemctl daemon-reload || :
84 # set needed caps on the binary to allow restart without loosing them
85 setcap CAP_SYS_ADMIN,CAP_MAC_OVERRIDE+ei %{_bindir}/security-containers-server
88 # Stop the service before uninstall
90 systemctl stop security-containers.service || :
94 # Refresh systemd services list after uninstall/upgrade
95 systemctl daemon-reload || :
97 # TODO: at this point an appropriate notification should show up
98 eval `systemctl show security-containers --property=MainPID`
99 if [ -n "$MainPID" -a "$MainPID" != "0" ]; then
102 echo "Security Containers updated. Reboot is required for the changes to take effect..."
104 echo "Security Containers removed. Reboot is required for the changes to take effect..."
107 ## Client Package ##############################################################
109 Summary: Security Containers Client
110 Group: Development/Libraries
111 Requires: security-containers = %{version}-%{release}
112 Requires(post): /sbin/ldconfig
113 Requires(postun): /sbin/ldconfig
116 Library interface to the security-containers daemon
119 %manifest packaging/libsecurity-containers-client.manifest
120 %defattr(644,root,root,755)
121 %attr(755,root,root) %{_libdir}/libsecurity-containers.so.0.0.1
122 %{_libdir}/libsecurity-containers.so.0
124 %post client -p /sbin/ldconfig
126 %postun client -p /sbin/ldconfig
129 ## Devel Package ###############################################################
131 Summary: Security Containers Client Devel
132 Group: Development/Libraries
133 Requires: security-containers = %{version}-%{release}
134 Requires: security-containers-client = %{version}-%{release}
137 Development package including the header files for the client library
140 %manifest packaging/security-containers.manifest
141 %defattr(644,root,root,755)
142 %{_libdir}/libsecurity-containers.so
143 %{_includedir}/security-containers
144 %{_libdir}/pkgconfig/*.pc
147 ## Container Support Package ###################################################
148 # TODO move to a separate repository
149 %package container-support
150 Summary: Security Containers Support
151 Group: Security/Other
152 Conflicts: security-containers
154 %description container-support
155 Containers support installed inside every container.
157 %files container-support
158 %manifest packaging/security-containers-container-support.manifest
159 %defattr(644,root,root,755)
160 /etc/dbus-1/system.d/org.tizen.containers.domain.conf
163 ## Container Daemon Package ####################################################
164 # TODO move to a separate repository
165 %package container-daemon
166 Summary: Security Containers Containers Daemon
167 Group: Security/Other
168 Requires: security-containers-container-support = %{version}-%{release}
170 %description container-daemon
171 Daemon running inside every container.
173 %files container-daemon
174 %manifest packaging/security-containers-container-daemon.manifest
175 %defattr(644,root,root,755)
176 %attr(755,root,root) %{_bindir}/security-containers-container-daemon
177 /etc/dbus-1/system.d/org.tizen.containers.domain.daemon.conf
180 ## Test Package ################################################################
182 Summary: Security Containers Tests
183 Group: Development/Libraries
184 Requires: security-containers = %{version}-%{release}
185 Requires: security-containers-client = %{version}-%{release}
190 Unit tests for both: server and client and integration tests.
193 %manifest packaging/security-containers-server-tests.manifest
194 %defattr(644,root,root,755)
195 %attr(755,root,root) %{_bindir}/security-containers-server-unit-tests
196 %attr(755,root,root) %{script_dir}/sc_all_tests.py
197 %attr(755,root,root) %{script_dir}/sc_int_tests.py
198 %attr(755,root,root) %{script_dir}/sc_launch_test.py
199 %{script_dir}/sc_test_parser.py
200 %{_datadir}/security-containers
201 %{python_sitelib}/sc_integration_tests
202 /etc/dbus-1/system.d/org.tizen.containers.tests.conf