%global selinux_variants mls strict targeted
%global debug_package %{nil}

Name:           xl2tpd-selinux
Version:        1.0.0
Release:        1%{?dist}
Summary:        SELinux policy files for xl2tpd server

Group:          System Environment/Daemons
License:        GPLv2+
URL:            http://
Source0:        xl2tpd.te
Source1:        xl2tpd.if
Source2:        xl2tpd.fc
BuildRoot:      %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)

BuildRequires:  checkpolicy selinux-policy-devel hardlink
Requires:       selinux-policy
BuildArch:      noarch

%description
SELinux policy files for xl2tpd server.


%prep
%setup -c -T
cp %{SOURCE0} %{SOURCE1} %{SOURCE2} .


%build
for variant in %{selinux_variants}
do
    make NAME=${variant} -f %{_datadir}/selinux/devel/Makefile
    mv xl2tpd.pp xl2tpd.pp.${variant}
    make NAME=${variant} -f %{_datadir}/selinux/devel/Makefile clean
done


%install
for variant in %{selinux_variants}
do
    install -d %{buildroot}%{_datadir}/selinux/${variant}
    install -p -m 644 xl2tpd.pp.${variant} \
           %{buildroot}%{_datadir}/selinux/${variant}/xl2tpd.pp
done
# Hardlink identical policy module packages together
/usr/sbin/hardlink -cv %{buildroot}%{_datadir}/selinux


%clean
rm -rf $RPM_BUILD_ROOT


%post
for selinuxvariant in %{selinux_variants}
do
  /usr/sbin/semodule -s ${selinuxvariant} -i \
    %{_datadir}/selinux/${selinuxvariant}/xl2tpd.pp &> /dev/null || :
done
/usr/sbin/semanage port -a -t xl2tpd_port_t -p udp 1701 &> /dev/null || :
/sbin/fixfiles -R xl2tpd restore || :
/sbin/service xl2tpd condrestart > /dev/null 2>&1 || :

%preun
if [ "$1" -lt "1" ] ; then
    # Disable the policy and restart the daemon
    /usr/sbin/setsebool xl2tpd_disable_trans 1 &> /dev/null || :
    /sbin/service xl2tpd condrestart > /dev/null 2>&1 || :
    # Unload the module
    /usr/sbin/semanage port -d -t xl2tpd_port_t -p udp 1701 &> /dev/null || :
    for variant in %{selinux_variants} ; do
        /usr/sbin/semodule -s ${variant} -r xl2tpd &> /dev/null || :
    done
    # Set the context back
    /sbin/fixfiles -R xl2tpd restore || :
fi

%postun
if [ "$1" -ge "1" ] ; then
    # Replace the module if it is already loaded. semodule -u also
    # checks the module version
    for variant in %{selinux_variants} ; do
        /usr/sbin/semodule -u %{_datadir}/selinux/${variant}/xl2tpd.pp || :
    done
fi


%files
%defattr(-,root,root,-)
%doc *.??
%{_datadir}/selinux/*/xl2tpd.pp


%changelog
* Mon Jan 17 2011 Alexey Torkhov <atorkhov@gmail.com> - 1.0.0-1
- Initial package