Overview

File certification-sles-eal4.spec of Package certification-sles-eal4.36549

#
# spec file for package cc-config
#
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           certification-sles-eal4
Version:        15.2+git20241127.462985a
Release:        0
Summary:        EAL4+ Certified Configuration
License:        MIT
Group:          System/Base
Url:            https://gitlab.suse.de/lnussel/common-criteria-sle15sp2
Source:         %{name}-%{version}.tar.xz
# for tmp.mount
BuildRequires:  systemd
# for /etc/sudoers.d
BuildRequires:  sudo

%description
This package contains utilities and documentation for the Common
Criteria evaluated configuration of the SUSE Linux Enterprise
Server 15.

%prep
%setup -q

%build
mkdir -p etc/permissions.d
mv config/permissions-commoncriteria etc/permissions.d
mkdir -p etc/profile.d
mv config/cc-configuration.* etc/profile.d
install -c -m 755 doc/disable-arm-ce.sh etc/profile.d
mkdir -p etc/sudoers.d
mv config/sudo etc/sudoers.d/common-criteria
mkdir -p usr/lib/sysctl.d
mv config/sysctl.conf usr/lib/sysctl.d/55-common-criteria.conf
mkdir -p lib/modprobe.d
mv config/cc-modules-blacklist.conf lib/modprobe.d/cc-modules-blacklist.conf
mkdir -p usr/lib/systemd/system/libvirtd.socket.d
cp config/systemd-libvirtd-socket-mode-cc.conf usr/lib/systemd/system/libvirtd.socket.d
mkdir -p usr/lib/systemd/system/libvirtd-ro.socket.d
mv config/systemd-libvirtd-socket-mode-cc.conf usr/lib/systemd/system/libvirtd-ro.socket.d
mkdir -p usr/lib/systemd/system-preset
mv config/cc.preset usr/lib/systemd/system-preset/85-common-criteria.preset

%install
mkdir -p %{buildroot}/usr/lib/common-criteria
cp -a run scripts config %{buildroot}/usr/lib/common-criteria
cp -a etc lib usr %{buildroot}
# for CC we need tmpfs (FIXME: reference) so use systemd's
# template. Note in Tumblweed tmpfs is used by default already
mkdir -p %{buildroot}/usr/lib/systemd/system
cp /usr/share/systemd/tmp.mount %{buildroot}/usr/lib/systemd/system/tmp.mount
sed -e 's,/tmp,/var/tmp,g;s/tmpfs/bind/;s,^What=.*,What=/tmp,;s,^Options=.*,Options=bind,' \
	/usr/share/systemd/tmp.mount > %{buildroot}/usr/lib/systemd/system/var-tmp.mount

%files
%defattr(-,root,root)
%doc doc/screen-script-screensaver
/etc/sudoers.d/common-criteria
/etc/profile.d/*
/etc/permissions.d/*
/usr/lib/common-criteria
/usr/lib/systemd/system/tmp.mount
/usr/lib/systemd/system/var-tmp.mount
/usr/lib/systemd/system/libvirtd.socket.d
/usr/lib/systemd/system/libvirtd-ro.socket.d
/usr/lib/sysctl.d/55-common-criteria.conf
%dir /lib/modprobe.d
/lib/modprobe.d/cc-modules-blacklist.conf
/usr/lib/systemd/system-preset/85-common-criteria.preset

%changelog
openSUSE Build Service is sponsored by
Places