From 996ab790375e5bf865007a47c4a90ea36c8fd9c0 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Thu, 21 Nov 2013 13:54:02 +0100
Subject: GLPI: fix SELinux context #1032995

---
 glpi.spec | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/glpi.spec b/glpi.spec
index 061070a..1f8db82 100644
--- a/glpi.spec
+++ b/glpi.spec
@@ -6,11 +6,14 @@
 #
 # Please, preserve the changelog entries
 #
+
+# See https://bugzilla.redhat.com/1033025
+# selinux-policy : Please include policy for GLPI
 %global useselinux 1
 
 Name:           glpi
 Version:        0.84.3
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Free IT asset management software
 Summary(fr):    Gestion Libre de Parc Informatique
 
@@ -211,10 +214,11 @@ rm -rf %{buildroot}
 %if %{useselinux}
 (
 # New File context
-semanage fcontext -a -s system_u -t httpd_sys_script_rw_t -r s0 "%{_sysconfdir}/glpi(/.*)?" 
-semanage fcontext -a -s system_u -t httpd_log_t           -r s0 "%{_localstatedir}/log/glpi(/.*)?"
+semanage fcontext -a -s system_u -t httpd_sys_rw_content_t -r s0 "%{_sysconfdir}/%{name}(/.*)?"
+semanage fcontext -a -s system_u -t httpd_sys_content_t    -r s0 "%{_datadir}/%{name}(/.*)?"
+semanage fcontext -a -s system_u -t httpd_log_t            -r s0 "%{_localstatedir}/log/%{name}(/.*)?"
 # keep httpd_sys_script_rw_t (httpd_var_lib_t prevent dir creation)
-semanage fcontext -a -s system_u -t httpd_sys_script_rw_t -r s0 "%{_localstatedir}/lib/glpi(/.*)?"
+semanage fcontext -a -s system_u -t httpd_sys_rw_content_t -r s0 "%{_localstatedir}/lib/%{name}(/.*)?"
 # files created by app
 restorecon -R %{_sysconfdir}/%{name}
 restorecon -R %{_localstatedir}/lib/%{name}
@@ -229,9 +233,10 @@ restorecon -R %{_localstatedir}/log/%{name}
 if [ "$1" -eq "0" ]; then
     # Remove the File Context
     (
-    semanage fcontext -d "%{_sysconfdir}/glpi(/.*)?"
-    semanage fcontext -d "%{_localstatedir}/log/glpi(/.*)?"
-    semanage fcontext -d "%{_localstatedir}/lib/glpi(/.*)?"
+    semanage fcontext -d "%{_sysconfdir}/%{name}(/.*)?"
+    semanage fcontext -d "%{_datadir}/%{name}(/.*)?"
+    semanage fcontext -d "%{_localstatedir}/log/%{name}(/.*)?"
+    semanage fcontext -d "%{_localstatedir}/lib/%{name}(/.*)?"
     ) &>/dev/null
 fi
 %endif
@@ -272,6 +277,10 @@ fi
 
 
 %changelog
+* Thu Nov 21 2013 Remi Collet <remi@fedoraproject.org> - 0.84.3-2
+- fix SELinux context #1032995
+  use httpd_sys_rw_content_t instead of httpd_sys_script_rw_t
+
 * Sun Nov  3 2013 Remi Collet <remi@fedoraproject.org> - 0.84.3-1
 - update to 0.84.3
   https://forge.indepnet.net/projects/glpi/versions/973
-- 
cgit