Name: security-manager
Summary: Security manager and utilities
-Version: 0.1.0
+Version: 0.2.0
Release: 1
Group: Security/Service
License: Apache-2.0
Source0: %{name}-%{version}.tar.gz
Source1: security-manager.manifest
Source3: libsecurity-manager-client.manifest
+Requires: security-manager-policy
Requires(post): smack
BuildRequires: cmake
BuildRequires: zip
-# BuildRequires: pkgconfig(dlog)
BuildRequires: libattr-devel
-BuildRequires: libcap-devel
BuildRequires: pkgconfig(libsmack)
+BuildRequires: pkgconfig(libcap)
BuildRequires: pkgconfig(libsystemd-daemon)
BuildRequires: pkgconfig(libsystemd-journal)
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: pkgconfig(sqlite3)
BuildRequires: pkgconfig(db-util)
BuildRequires: pkgconfig(cynara-admin)
+BuildRequires: pkgconfig(cynara-client)
BuildRequires: boost-devel
%{?systemd_requires}
%description -n libsecurity-manager-client-devel
Development files needed for using the security manager client
+%package policy
+Summary: Security manager policy
+Group: Security/Access Control
+Requires(post): security-manager = %{version}-%{release}
+Requires(post): cyad
+
+%description policy
+Set of security rules that constitute security policy in the system
+
%prep
%setup -q
cp %{SOURCE1} .
%install
rm -rf %{buildroot}
-mkdir -p %{buildroot}/usr/share/license
-cp LICENSE %{buildroot}/usr/share/license/%{name}
-cp LICENSE %{buildroot}/usr/share/license/libsecurity-manager-client
+mkdir -p %{buildroot}%{_datadir}/license
+cp LICENSE %{buildroot}%{_datadir}/license/%{name}
+cp LICENSE %{buildroot}%{_datadir}/license/libsecurity-manager-client
mkdir -p %{buildroot}/%{TZ_SYS_SMACK}
cp app-rules-template.smack %{buildroot}/%{TZ_SYS_SMACK}
%make_install
-mkdir -p %{buildroot}/%{_unitdir}/multi-user.target.wants
mkdir -p %{buildroot}/%{_unitdir}/sockets.target.wants
-ln -s ../security-manager.service %{buildroot}/%{_unitdir}/multi-user.target.wants/security-manager.service
-ln -s ../security-manager-installer.socket %{buildroot}/%{_unitdir}/sockets.target.wants/security-manager-installer.socket
+ln -s ../security-manager.socket %{buildroot}/%{_unitdir}/sockets.target.wants/security-manager.socket
%clean
rm -rf %{buildroot}
%postun -n libsecurity-manager-client -p /sbin/ldconfig
+%post policy
+%{_bindir}/security-manager-policy-reload
+
%files -n security-manager
%manifest security-manager.manifest
%defattr(-,root,root,-)
%attr(755,root,root) %{_bindir}/security-manager
+%attr(755,root,root) %{_bindir}/security-manager-cmd
+%attr(755,root,root) %{_sysconfdir}/gumd/useradd.d/50_security-manager-add.post
+%attr(755,root,root) %{_sysconfdir}/gumd/userdel.d/50_security-manager-remove.pre
+
%{_libdir}/libsecurity-manager-commons.so.*
-%attr(-,root,root) %{_unitdir}/multi-user.target.wants/security-manager.service
-%attr(-,root,root) %{_unitdir}/security-manager.service
-%attr(-,root,root) %{_unitdir}/security-manager.target
-%attr(-,root,root) %{_unitdir}/sockets.target.wants/security-manager-installer.socket
-%attr(-,root,root) %{_unitdir}/security-manager-installer.socket
+%attr(-,root,root) %{_unitdir}/security-manager.*
+%attr(-,root,root) %{_unitdir}/sockets.target.wants/security-manager.*
%attr(-,root,root) %{TZ_SYS_SMACK}/app-rules-template.smack
%config(noreplace) %attr(0600,root,root) %{TZ_SYS_DB}/.security-manager.db
%config(noreplace) %attr(0600,root,root) %{TZ_SYS_DB}/.security-manager.db-journal
%{_libdir}/libsecurity-manager-commons.so
%{_includedir}/security-manager/security-manager.h
%{_libdir}/pkgconfig/security-manager.pc
+
+%files -n security-manager-policy
+%manifest %{name}.manifest
+%{_datadir}/security-manager/policy
+%attr(755,root,root) %{_bindir}/security-manager-policy-reload