%define _vpp_build_dir build-tool-native
%define _unitdir /lib/systemd/system
%define _builddir %{_topdir}
-%define _tmp_build_dir %{name}-%{_version}.0
-%define _mu_build_dir %{_topdir}/%{_tmp_build_dir}/build-root
+%define _mu_build_dir %{_topdir}/%{name}-%{_version}/build-root
%define _vpp_tag %{getenv:TAG}
%if "%{_vpp_tag}" == ""
%define _vpp_tag vpp
%{?systemd_requires}
+
+# SELinux Related definitions
+%global selinuxtype targeted
+%global moduletype services
+%global modulenames vpp-custom
+
+# Usage: _format var format
+# Expand 'modulenames' into various formats as needed
+# Format must contain '$x' somewhere to do anything useful
+%global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
+
+# Relabel files
+%global relabel_files() \ # ADD files in *.fc file
+
+# Version of distribution SELinux policy package
+%global selinux_policyver 3.13.1-128.6.fc22
+
+
Name: vpp
Summary: Vector Packet Processing
License: ASL 2.0
Version: %{_version}
Release: %{_release}
-Requires: vpp-lib = %{_version}-%{_release}, net-tools, pciutils, python
BuildRequires: systemd, chrpath
BuildRequires: check, check-devel
+BuildRequires: mbedtls-devel mbedtls
+%if 0%{?fedora}
+Requires: vpp-lib = %{_version}-%{_release}, vpp-selinux-policy = %{_version}-%{_release}, net-tools, pciutils
+Requires: compat-openssl10
+Requires: boost-filesystem mbedtls libffi-devel
BuildRequires: subunit, subunit-devel
-%if 0%{?fedora} >= 26
BuildRequires: compat-openssl10-devel
-BuildRequires: python2-devel, python2-virtualenv
-%else
-%if 0%{?fedora} == 25
-BuildRequires: openssl-devel
-BuildRequires: python-devel, python2-virtualenv
+BuildRequires: python, python-devel, python-virtualenv, python-ply
+BuildRequires: python3, python36-devel, python3-virtualenv
+BuildRequires: cmake
%else
+%if 0%{rhel} == 7
+Requires: epel-release
+Requires: vpp-lib = %{_version}-%{_release}, vpp-selinux-policy = %{_version}-%{_release}, net-tools, pciutils, python36
+Requires: boost-filesystem mbedtls libffi-devel
+BuildRequires: epel-release
+BuildRequires: mbedtls-devel mbedtls
+BuildRequires: devtoolset-7-toolchain
BuildREquires: openssl-devel
-BuildRequires: python-devel, python-virtualenv
+BuildRequires: python36-devel
+BuildRequires: cmake3
%endif
%endif
BuildRequires: libffi-devel
-BuildRequires: glibc-static, java-1.8.0-openjdk, java-1.8.0-openjdk-devel yum-utils, redhat-lsb
+BuildRequires: glibc-static, yum-utils, redhat-lsb
BuildRequires: apr-devel
BuildRequires: numactl-devel
BuildRequires: autoconf automake libtool byacc bison flex
BuildRequires: boost boost-devel
+BuildRequires: selinux-policy selinux-policy-devel
Source: %{name}-%{_version}-%{_release}.tar.xz
# Source: vpp-latest.tar.xz
%package lib
Summary: VPP libraries
Group: System Environment/Libraries
+Requires: vpp-selinux-policy = %{_version}-%{_release}
%description lib
This package contains the VPP shared libraries, including:
%description api-lua
This package contains the lua bindings for the vpp api
-%package api-java
-Summary: VPP api java bindings
-Group: Development/Libraries
-Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}
-
-%description api-java
-This package contains the java bindings for the vpp api
-
%package api-python
Summary: VPP api python bindings
Group: Development/Libraries
-Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, python-setuptools libffi-devel
+Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, libffi-devel
+Requires: python-setuptools
%description api-python
This package contains the python bindings for the vpp api
+%package api-python3
+Summary: VPP api python3 bindings
+Group: Development/Libraries
+Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, libffi-devel
+Requires: python-setuptools
+
+%description api-python3
+This package contains the python3 bindings for the vpp api
+
+%package selinux-policy
+Summary: VPP Security-Enhanced Linux (SELinux) policy
+Group: System Environment/Base
+Requires(post): selinux-policy-base >= %{selinux_policyver}, selinux-policy-targeted >= %{selinux_policyver}, policycoreutils, policycoreutils-python libselinux-utils
+
+%description selinux-policy
+This package contains a tailored VPP SELinux policy
+
%prep
-# Unpack into dir with longer name as work around of debugedit bug in in rpm-build 4.13
-rm -rf %{name}-%{_version}
-rm -rf %{_tmp_build_dir}
-/usr/bin/xz -dc '%{_sourcedir}/%{name}-%{_version}-%{_release}.tar.xz' | /usr/bin/tar -xf -
-mv %{name}-%{_version} %{_tmp_build_dir}
-cd '%{_tmp_build_dir}'
-/usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+%setup -q -n %{name}-%{_version}
%pre
# Add the vpp group
groupadd -f -r vpp
%build
-cd '%{_tmp_build_dir}'
+%if 0%{?rhel}
+. /opt/rh/devtoolset-7/enable
+%endif
%if %{with aesni}
make bootstrap
make -C build-root PLATFORM=vpp TAG=%{_vpp_tag} install-packages
make -C build-root PLATFORM=vpp AESNI=n TAG=%{_vpp_tag} install-packages
%endif
cd %{_mu_build_dir}/../src/vpp-api/python && %py2_build
+cd %{_mu_build_dir}/../src/vpp-api/python && %py3_build
+cd %{_mu_build_dir}/../extras/selinux && make -f %{_datadir}/selinux/devel/Makefile
%install
#
mkdir -p -m755 %{buildroot}%{_libdir}
mkdir -p -m755 %{buildroot}/etc/bash_completion.d
mkdir -p -m755 %{buildroot}/usr/share/vpp
-for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/lib* -type f -name '*.so.*.*.*' -print )
+for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/lib* -type f -name '*.so.*.*' -print )
do
install -p -m 755 $file %{buildroot}%{_libdir}
done
do
install -p -m 644 $file %{buildroot}/usr/share/vpp/api
done
-install -p -m 644 %{_mu_build_dir}/../src/scripts/vppctl_completion %{buildroot}/etc/bash_completion.d
-install -p -m 644 %{_mu_build_dir}/../src/scripts/vppctl-cmd-list %{buildroot}/usr/share/vpp
# Lua bindings
mkdir -p -m755 %{buildroot}/usr/share/doc/vpp/examples/lua/examples/cli
%{buildroot}/usr/share/doc/vpp/examples/lua/$file )
done
-# Java bindings
-mkdir -p -m755 %{buildroot}/usr/share/java
-for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/vpp/share/java -type f -name '*.jar' -print )
-do
- install -p -m 644 $file %{buildroot}/usr/share/java
-done
-
# Python bindings
cd %{_mu_build_dir}/../src/vpp-api/python && %py2_install
+cd %{_mu_build_dir}/../src/vpp-api/python && %py3_install
+
+# SELinux Policy
+# Install SELinux interfaces
+%_format INTERFACES %{_mu_build_dir}/../extras/selinux/$x.if
+install -d %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
+install -p -m 644 $INTERFACES \
+ %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype}
+
+# Install policy modules
+%_format MODULES %{_mu_build_dir}/../extras/selinux/$x.pp
+install -d %{buildroot}%{_datadir}/selinux/packages
+install -m 0644 $MODULES \
+ %{buildroot}%{_datadir}/selinux/packages
#
# devel
#
-for dir in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/include/ -maxdepth 0 -type d -print | grep -v dpdk)
+for dir in %{_mu_build_dir}/%{_vpp_install_dir}/{vom,vpp}/include/
do
for subdir in $(cd ${dir} && find . -type d -print)
do
done
done
-mkdir -p -m755 %{buildroot}%{python2_sitelib}/jvppgen
-install -p -m755 %{_mu_build_dir}/../src/vpp-api/java/jvpp/gen/jvpp_gen.py %{buildroot}/usr/bin
-for i in $(ls %{_mu_build_dir}/../src/vpp-api/java/jvpp/gen/jvppgen/*.py); do
- install -p -m666 ${i} %{buildroot}%{python2_sitelib}/jvppgen
-done;
+install -p -m 644 %{_mu_build_dir}/../src/tools/vppapigen/vppapigen_c.py %{buildroot}/usr/share/vpp
+install -p -m 644 %{_mu_build_dir}/../src/tools/vppapigen/vppapigen_json.py %{buildroot}/usr/share/vpp
# sample plugin
mkdir -p -m755 %{buildroot}/usr/share/doc/vpp/examples/sample-plugin/sample
%{buildroot}/usr/share/doc/vpp/examples/sample-plugin/$file )
done
+# vppctl sockfile directory
+mkdir -p -m755 %{buildroot}%{_localstatedir}/run/vpp
+# vpp.log directory
+mkdir -p -m755 %{buildroot}%{_localstatedir}/log/vpp
#
# vpp-plugins
-#
+#
mkdir -p -m755 %{buildroot}/usr/lib/vpp_plugins
mkdir -p -m755 %{buildroot}/usr/lib/vpp_api_test_plugins
-for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_plugins && find -type f -print)
+for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_plugins && find -type f -print)
do
- install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_plugins/$file \
+ install -p -m 755 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_plugins/$file \
%{buildroot}/usr/lib/vpp_plugins/$file
done
-for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_api_test_plugins && find -type f -print)
+for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_api_test_plugins && find -type f -print)
do
- install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_api_test_plugins/$file \
+ install -p -m 755 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_api_test_plugins/$file \
%{buildroot}/usr/lib/vpp_api_test_plugins/$file
done
-for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/plugins -type f -name '*.api.json' -print )
+for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/vpp/share/vpp/api/plugins -type f -name '*.api.json' -print )
do
- install -p -m 644 $file %{buildroot}/usr/share/vpp/api
+ install -p -m 755 $file %{buildroot}/usr/share/vpp/api
done
#
%preun
%systemd_preun vpp.service
+%post selinux-policy
+%_format MODULES %{_datadir}/selinux/packages/$x.pp
+if %{_sbindir}/selinuxenabled ; then
+ %{_sbindir}/semodule -n -X 400 -s %{selinuxtype} -i $MODULES
+ %{_sbindir}/load_policy
+ %relabel_files
+fi
+
+
%postun
%systemd_postun
if [ $1 -eq 0 ] ; then
echo "Upgrading package, dont' unbind interfaces"
fi
+%postun selinux-policy
+if [ $1 -eq 0 ]; then
+ %{_sbindir}/semodule -n -r %{modulenames}
+ if %{_sbindir}/selinuxenabled ; then
+ %{_sbindir}/load_policy
+ %relabel_files
+ fi
+fi
+
%files
%defattr(-,bin,bin)
%{_unitdir}/vpp.service
%config(noreplace) /etc/vpp/startup.conf
/usr/share/vpp/api/*
+%defattr(-,root,vpp)
+%{_localstatedir}/run/vpp*
+
+%defattr(-,root,root)
+%{_localstatedir}/log/vpp*
+
%files lib
%defattr(-,bin,bin)
+%global __requires_exclude_from %{_libdir}/librte_pmd_mlx[45]_glue\\.so.*$
%exclude %{_libdir}/vpp_plugins
%exclude %{_libdir}/vpp_api_test_plugins
%{_libdir}/*
/usr/share/vpp/api/*
-/etc/bash_completion.d/vppctl_completion
-/usr/share/vpp/vppctl-cmd-list
%files api-lua
%defattr(644,root,root,644)
/usr/share/doc/vpp/examples/lua
-%files api-java
-%defattr(644,root,root)
-/usr/share/java/*
-
%files api-python
-%defattr(644,root,root)
-%{python2_sitelib}/vpp_papi*
+%defattr(644,root,root,755)
+%{python2_sitelib}/vpp_*
+
+%files api-python3
+%defattr(644,root,root,755)
+%{python3_sitelib}/vpp_*
+
+%files selinux-policy
+%defattr(-,root,root,0755)
+%attr(0644,root,root) %{_datadir}/selinux/packages/*.pp
+%attr(0644,root,root) %{_datadir}/selinux/devel/include/%{moduletype}/*.if
%files devel
%defattr(-,bin,bin)
/usr/bin/vppapigen
-/usr/bin/jvpp_gen.py
+/usr/bin/vapi_c_gen.py
+/usr/bin/vapi_cpp_gen.py
+/usr/bin/vapi_json_parser.py
%{_includedir}/*
-%{python2_sitelib}/jvppgen/*
/usr/share/doc/vpp/examples/sample-plugin
/usr/share/vpp
Code Review / vpp.git / blobdiff