diff options
| author | Pavel Raiskup <praiskup@redhat.com> | 2014-07-07 23:24:37 +0200 |
|---|---|---|
| committer | Pavel Raiskup <praiskup@redhat.com> | 2014-07-08 10:34:34 +0200 |
| commit | a9267ec22bb0b1d6917696f3c2451e98fa72bb37 (patch) | |
| tree | 41db4a356af29f4c6f5dd1d12d6764eab4ab63c9 | |
| parent | f017a6c30af36a5c155db379c5e51d09c5625937 (diff) | |
| download | cgit_EL6-a9267ec22bb0b1d6917696f3c2451e98fa72bb37.tar.gz | |
docs: install README.SELinux again
Instruct user to set the same fcontext as is set to /var/www/git
on particular distribution.
Related: #1036123
Version: 0.10.2-2
| -rw-r--r-- | README.SELinux | 5 | ||||
| -rw-r--r-- | cgit.spec | 25 |
2 files changed, 26 insertions, 4 deletions
diff --git a/README.SELinux b/README.SELinux index 95c690c..1f63c62 100644 --- a/README.SELinux +++ b/README.SELinux @@ -11,11 +11,10 @@ handled automatically for repositories in the default path, /var/lib/git. If your repositories are in a different path, /srv/git, for example, you can set the proper context using semanage: - # semanage fcontext -a -t httpd_sys_content_t "/srv/git(/.*)?" + # semanage fcontext -a -t @CGIT_CONTEXT@ "/srv/git(/.*)?" If you have other confined daemons that need to access the git repositories, -you may want to use public_content_t, or public_content_rw_t instead of -httpd_sys_content_t. +you may want to use public_content_t, or public_content_rw_t instead. Then use restorecon to update the contexts: @@ -22,7 +22,7 @@ make V=1 %{?_smp_mflags} \\\ Name: cgit Version: 0.10.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A fast web interface for git Group: Development/Tools @@ -32,6 +32,7 @@ Source0: http://git.zx2c4.com/cgit/snapshot/%{name}-%{version}.tar.xz Source1: http://www.kernel.org/pub/software/scm/git//git-%{gitver}.tar.xz Source2: cgitrc Source3: cgit.httpd +Source4: README.SELinux # On all but RHEL5 highlight is version 3. %if 0%{?fedora} || 0%{?rhel} >= 6 Patch1: cgit-0.9.1-highlightv3.patch @@ -67,6 +68,25 @@ rm -rf git mv git-%{gitver} git sed -i 's/^\(CFLAGS = \).*/\1%{optflags}/' git/Makefile +# I tried to use matchpathcon, but we would need to require +# selinux-policy-targeted probably. + +build_dist=%{?fedora:fedora}%{?rhel:rhel} +build_ver=%{?fedora}%{?rhel} + +cgit_context=git_content_t +case "$build_dist-$build_ver" in + fedora-19|fedora-20|rhel-6|rhel-7) + cgit_context=httpd_git_content_t + ;; + rhel-5|-) + cgit_context=httpd_sys_content_t + ;; +esac + +sed -e "s|@CGIT_CONTEXT@|$cgit_context|g" \ + %{SOURCE4} > README.SELinux + %build %{make_cgit} @@ -105,6 +125,9 @@ rm -rf %{buildroot} %changelog +* Mon Jul 07 2014 Pavel Raiskup <praiskup@redhat.com> - 0.10.2-2 +- install README.SELinux documentation again (#1036123) + * Tue Jul 01 2014 Kevin Fenzi <kevin@scrye.com> 0.10.2-1 - Update to 0.10.2. Fixes bug #1114970 |