-
Notifications
You must be signed in to change notification settings - Fork 5
/
fapolicy-analyzer.spec
190 lines (151 loc) · 5.25 KB
/
fapolicy-analyzer.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
%bcond_without check
%bcond_without cli
%bcond_without gui
Summary: File Access Policy Analyzer
Name: fapolicy-analyzer
Version: 1.5.0
Release: 1%{?dist}
SourceLicense: GPL-3.0-or-later
# Apache-2.0
# Apache-2.0 OR MIT
# Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT
# BSD-3-Clause
# ISC
# ISC AND OpenSSL AND MIT
# MIT
# MIT OR Apache-2.0
# MIT OR X11 OR Apache-2.0
# MPL-2.0
# Unlicense OR MIT
License: GPL-3.0-or-later AND Apache-2.0 AND BSD-3-Clause AND ISC AND MIT AND MPL-2.0 AND OpenSSL AND (Apache-2.0 OR MIT) AND (Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT) AND (MIT OR X11 OR Apache-2.0) AND (Unlicense OR MIT)
URL: https://github.com/ctc-oss/fapolicy-analyzer
Source0: %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz
# this tarball contains documentation used to generate help docs
Source1: %{url}/releases/download/v%{version}/vendor-docs-%{version}.tar.gz
BuildRequires: python3-devel
BuildRequires: python3dist(setuptools)
BuildRequires: python3dist(pip)
BuildRequires: python3dist(wheel)
BuildRequires: python3dist(babel)
BuildRequires: dbus-devel
BuildRequires: gettext
BuildRequires: itstool
BuildRequires: desktop-file-utils
BuildRequires: clang
BuildRequires: audit-libs-devel
BuildRequires: cargo-rpm-macros
BuildRequires: python3dist(setuptools-rust)
Requires: %{name}-cli
Requires: %{name}-gui
%description
Tools to assist with the configuration and management of fapolicyd.
%package cli
Summary: File Access Policy Analyzer CLI
%description cli
CLI Tools to assist with the configuration and management of fapolicyd.
%package gui
Summary: File Access Policy Analyzer GUI
Requires: python3
Requires: python3-gobject
Requires: python3-configargparse
Requires: python3-more-itertools
Requires: python3-rx
Requires: python3-importlib-metadata
Requires: python3-toml
Requires: python3-matplotlib-gtk3
Requires: gtk3
Requires: gtksourceview3
Requires: gnome-icon-theme
# runtime required for rendering user guide
Requires: mesa-dri-drivers
%if 0%{?fedora} < 40
Requires: webkit2gtk3
%else
Requires: webkit2gtk4.1
%endif
%global module fapolicy_analyzer
# pep440 versions handle dev and rc differently, so we call them out explicitly here
%global module_version %{lua: v = string.gsub(rpm.expand("%{?version}"), "~dev", ".dev"); \
v = string.gsub(v, "~rc", "rc"); print(v) }
%description gui
GUI Tools to assist with the configuration and management of fapolicyd.
%prep
%autosetup -n %{name}
%cargo_prep
%if %{without cli}
# disable tools crate
sed -i '/tools/d' Cargo.toml
%endif
%if %{without gui}
# disable pyo3 crate
sed -i '/pyo3/d' Cargo.toml
%endif
# extract our doc sourcs
tar xvzf %{SOURCE1}
# our setup.py looks up the version from git describe
# this overrides that check to use the RPM version
echo %{module_version} > VERSION
# capture build info
scripts/build-info.py --os --time
# enable the audit feature for 39 and up
%if 0%{?fedora} >= 39
echo "audit" > FEATURES
%endif
%generate_buildrequires
%cargo_generate_buildrequires -a
%build
%if %{with cli}
cargo build --bin tdb --release
cargo build --bin faprofiler --release
cargo build --bin rulec --release --features pretty
%endif
%if %{with gui}
# ensure standard Rust compiler flags are set
export RUSTFLAGS="%{build_rustflags}"
%{python3} setup.py compile_catalog -f
%{python3} help build
%{python3} setup.py bdist_wheel
%{cargo_license_summary}
%{cargo_license} > LICENSE.dependencies
%endif
%install
%if %{with cli}
install -D target/release/tdb %{buildroot}/%{_sbindir}/%{name}-cli-trust
install -D target/release/faprofiler %{buildroot}/%{_sbindir}/%{name}-cli-profiler
install -D target/release/rulec %{buildroot}/%{_sbindir}/%{name}-cli-rules
%endif
%if %{with gui}
%{py3_install_wheel %{module}-%{module_version}*%{_target_cpu}.whl}
%{python3} help install --dest %{buildroot}/%{_datadir}/help
install -D bin/%{name} %{buildroot}/%{_sbindir}/%{name}
install -D data/%{name}.8 -t %{buildroot}/%{_mandir}/man8/
install -D data/%{name}-cli-*.8 -t %{buildroot}/%{_mandir}/man8/
install -D data/config.toml -t %{buildroot}%{_sysconfdir}/%{name}/
desktop-file-install data/%{name}.desktop
find locale -name %{name}.mo -exec cp --parents -rv {} %{buildroot}/%{_datadir} \;
%find_lang %{name} --with-gnome
%endif
%check
%if %{with gui}
desktop-file-validate %{buildroot}/%{_datadir}/applications/%{name}.desktop
%endif
%files cli
%attr(755,root,root) %{_sbindir}/%{name}-cli-trust
%attr(755,root,root) %{_sbindir}/%{name}-cli-profiler
%attr(755,root,root) %{_sbindir}/%{name}-cli-rules
%files gui
%{python3_sitearch}/%{module}
%{python3_sitearch}/%{module}-%{module_version}*
%attr(755,root,root) %{_sbindir}/%{name}
%attr(644,root,root) %{_mandir}/man8/%{name}.8*
%attr(644,root,root) %{_mandir}/man8/%{name}-cli-*.8*
%attr(755,root,root) %{_datadir}/applications/%{name}.desktop
%config(noreplace) %attr(644,root,root) %{_sysconfdir}/%{name}/config.toml
%ghost %attr(640,root,root) %verify(not md5 size mtime) %{_localstatedir}/log/%{name}/%{name}.log
%files -f %{name}.lang
%doc scripts/srpm/README
%license LICENSE
%license LICENSE.dependencies
%changelog
* Tue Dec 31 2024 John Wass <[email protected]> 1.5.0-1
- New release