2 files changed, 168 insertions, 0 deletions
diff --git a/pki/dogtag/selinux/build_dogtag b/pki/dogtag/selinux/build_dogtag
new file mode 100755
index 000000000..3bdc65efb
--- /dev/null
+++ b/pki/dogtag/selinux/build_dogtag
@@ -0,0 +1,82 @@
+#!/bin/bash
+# BEGIN COPYRIGHT BLOCK
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+
+# Always switch into the base directory of this
+# shell script prior to executing it so that all
+# of its output is written to this directory
+cd `dirname $0`
+
+# Retrieve the directory name housing this component
+PWD=`pwd`
+
+# Set Dogtag component-specific environment variables
+DOGTAG_BUILD_SCRIPT=`basename $0`
+export DOGTAG_BUILD_SCRIPT
+DOGTAG_COMPONENT=`basename ${PWD}`
+export DOGTAG_COMPONENT
+DOGTAG_SPECFILE="pki-selinux.spec"
+export DOGTAG_SPECFILE
+
+# Set PKI 'ant' environment variables (originally obtained from specfile)
+PKI_PRODUCT_UI_FLAVOR_PREFIX=""
+export PKI_PRODUCT_UI_FLAVOR_PREFIX
+PKI_PRODUCT_PREFIX="pki"
+export PKI_PRODUCT_PREFIX
+PKI_PRODUCT="selinux"
+export PKI_PRODUCT
+PKI_VERSION="9.0.0"
+export PKI_VERSION
+
+# Set Dogtag helper variables
+DOGTAG_COMPONENT_NAME=${PKI_PRODUCT}
+export DOGTAG_COMPONENT_NAME
+DOGTAG_WGET_URL=http://cvs.fedora.redhat.com/viewvc
+export DOGTAG_WGET_URL
+
+# Obtain '${DOGTAG_SPECFILE}' as necessary
+if [ "$1" = "refresh" ]; then
+	if [ -f "${DOGTAG_SPECFILE}" ]; then
+		printf "Removing '${DOGTAG_SPECFILE}' . . . "
+		rm -rf ${DOGTAG_SPECFILE}
+		printf "done.\n"
+	fi
+	shift
+fi
+if [ ! -f "${DOGTAG_SPECFILE}" ]; then
+	# Check for Fedora Operating System
+	if [ ! -f /etc/fedora-release ]; then
+		printf "'${DOGTAG_COMPONENT_NAME}' ONLY builds on Fedora!\n"
+		exit 255
+	fi
+	# Obtain Fedora Operating System Version
+	FEDORA_VERSION="F-`cat /etc/fedora-release | awk '{print $3}'`"
+	export FEDORA_VERSION
+	# Retrieve '${DOGTAG_SPECFILE}' from Koji
+	printf "Fetching '${DOGTAG_SPECFILE}' for '${FEDORA_VERSION}' . . .\n"
+	wget -O ${DOGTAG_SPECFILE} ${DOGTAG_WGET_URL}/${FEDORA_VERSION}/${DOGTAG_COMPONENT_NAME}/${DOGTAG_SPECFILE}?view=co
+	if [ ! -s "${DOGTAG_SPECFILE}" ]; then
+		printf "Failed to fetch '${DOGTAG_SPECFILE}' for '${FEDORA_VERSION}'!\n"
+		rm -rf ${DOGTAG_SPECFILE}
+		exit 255
+	fi
+fi
+
+# Invoke the shared Dogtag PKI build script
+config-ext/build_dogtag_pki $@
+
diff --git a/pki/dogtag/selinux/pki-selinux.spec b/pki/dogtag/selinux/pki-selinux.spec
new file mode 100644
index 000000000..a1d50a1ba
--- /dev/null
+++ b/pki/dogtag/selinux/pki-selinux.spec
@@ -0,0 +1,86 @@
+Name:           pki-selinux
+Version:        9.0.0
+Release:        1%{?dist}
+Summary:        Dogtag Certificate System - PKI Selinux Policies
+URL:            https://pki.fedoraproject.org/
+License:        GPLv2
+Group:          System Environment/Base
+
+BuildArch:      noarch
+
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildRequires: ant
+BuildRequires: m4
+BuildRequires: make
+BuildRequires: policycoreutils
+BuildRequires: selinux-policy-devel
+
+Requires: policycoreutils
+Requires: selinux-policy-targeted
+
+Source0:        http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}.tar.gz
+
+%description
+Selinux policies for the Pubic Key Infrastructure (PKI) components.
+
+%prep
+
+%setup -q -n %{name}-%{version}
+
+%build
+cd src
+make
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}%{_datadir}/selinux/modules
+cp -p src/pki.pp %{buildroot}%{_datadir}/selinux/modules
+
+%clean
+rm -rf %{buildroot}
+
+%define saveFileContext() \
+if [ -s /etc/selinux/config ]; then \
+     . %{_sysconfdir}/selinux/config; \
+     FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
+     if [ "${SELINUXTYPE}" == %1 -a -f ${FILE_CONTEXT} ]; then \
+          cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.%{name}; \
+     fi \
+fi;
+
+%define relabel() \
+. %{_sysconfdir}/selinux/config; \
+FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
+selinuxenabled; \
+if [ $? == 0  -a "${SELINUXTYPE}" == %1 -a -f ${FILE_CONTEXT}.%{name} ]; then \
+     fixfiles -C ${FILE_CONTEXT}.%{name} restore; \
+     rm -f ${FILE_CONTEXT}.%name; \
+fi;
+
+%pre
+%saveFileContext targeted
+
+%post
+semodule -s targeted -i %{_datadir}/selinux/modules/pki.pp
+%relabel targeted
+
+%preun
+if [ $1 = 0 ]; then
+     %saveFileContext targeted
+fi
+
+%postun
+if [ $1 = 0 ]; then
+     semodule -s targeted -r pki
+     %relabel targeted
+fi
+
+%files
+%defattr(-,root,root,-)
+%doc LICENSE
+%{_datadir}/selinux/modules/pki.pp
+
+%changelog
+* Fri Nov 19 2010 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-1
+- Updated Dogtag 1.3.x --> Dogtag 2.0.0 --> Dogtag 9.0.0.