X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=extras%2Frpm%2Fvpp.spec;h=e20bf1f8fad520e2d1fd48b755a95cda2fcdec4c;hb=dc20371f83ed81462c0b24eb750b76f7819df64a;hp=439e6bdaf41ea69bf68e16b828eb5365c26ccb23;hpb=bd8e242024fcc2daffa77bdd6e2da1296ace5c69;p=vpp.git diff --git a/extras/rpm/vpp.spec b/extras/rpm/vpp.spec index 439e6bdaf41..e20bf1f8fad 100644 --- a/extras/rpm/vpp.spec +++ b/extras/rpm/vpp.spec @@ -1,6 +1,7 @@ +%bcond_without aesni +%{!?_topdir:%define _topdir %(pwd)} %define _vpp_build_dir build-tool-native %define _unitdir /lib/systemd/system -%define _topdir %(pwd) %define _builddir %{_topdir} %define _mu_build_dir %{_topdir}/%{name}-%{_version}/build-root %define _vpp_tag %{getenv:TAG} @@ -22,28 +23,61 @@ %{?systemd_requires} + +# SELinux Related definitions +%global selinuxtype targeted +%global moduletype services +%global modulenames vpp-custom + +# Usage: _format var format +# Expand 'modulenames' into various formats as needed +# Format must contain '$x' somewhere to do anything useful +%global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done; + +# Relabel files +%global relabel_files() \ # ADD files in *.fc file + +# Version of distribution SELinux policy package +%global selinux_policyver 3.13.1-128.6.fc22 + + Name: vpp Summary: Vector Packet Processing License: ASL 2.0 Version: %{_version} Release: %{_release} -Requires: vpp-lib = %{_version}-%{_release}, net-tools, pciutils, python BuildRequires: systemd, chrpath -BuildRequires: libffi-devel, openssl-devel -%if 0%{?fedora} >= 26 -BuildRequires: python2-devel, python2-virtualenv -%else -%if 0%{?fedora} == 25 -BuildRequires: python-devel, python2-virtualenv +BuildRequires: check, check-devel +BuildRequires: mbedtls-devel mbedtls +%if 0%{?fedora} +Requires: vpp-lib = %{_version}-%{_release}, vpp-selinux-policy = %{_version}-%{_release}, net-tools, pciutils +Requires: compat-openssl10 +Requires: boost-filesystem mbedtls libffi-devel +BuildRequires: subunit, subunit-devel +BuildRequires: compat-openssl10-devel +BuildRequires: python, python-devel, python-virtualenv, python-ply +BuildRequires: python3, python36-devel, python3-virtualenv +BuildRequires: cmake %else -BuildRequires: python-devel, python-virtualenv +%if 0%{rhel} == 7 +Requires: epel-release +Requires: vpp-lib = %{_version}-%{_release}, vpp-selinux-policy = %{_version}-%{_release}, net-tools, pciutils, python36 +Requires: boost-filesystem mbedtls libffi-devel +BuildRequires: epel-release +BuildRequires: mbedtls-devel mbedtls +BuildRequires: devtoolset-7-toolchain +BuildREquires: openssl-devel +BuildRequires: python36-devel +BuildRequires: cmake3 %endif %endif -BuildRequires: glibc-static, java-1.8.0-openjdk, java-1.8.0-openjdk-devel yum-utils, redhat-lsb +BuildRequires: libffi-devel +BuildRequires: glibc-static, yum-utils, redhat-lsb BuildRequires: apr-devel -BuildRequires: nasm BuildRequires: numactl-devel BuildRequires: autoconf automake libtool byacc bison flex +BuildRequires: boost boost-devel +BuildRequires: selinux-policy selinux-policy-devel Source: %{name}-%{_version}-%{_release}.tar.xz # Source: vpp-latest.tar.xz @@ -57,6 +91,7 @@ vpp_json_test - vector packet engine JSON test tool %package lib Summary: VPP libraries Group: System Environment/Libraries +Requires: vpp-selinux-policy = %{_version}-%{_release} %description lib This package contains the VPP shared libraries, including: @@ -84,7 +119,7 @@ vppinfra %package plugins Summary: Vector Packet Processing--runtime plugins Group: System Environment/Libraries -Requires: vpp = %{_version}-%{_release} +Requires: vpp = %{_version}-%{_release} numactl-libs %description plugins This package contains VPP plugins @@ -96,22 +131,32 @@ Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release} %description api-lua This package contains the lua bindings for the vpp api -%package api-java -Summary: VPP api java bindings -Group: Development/Libraries -Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release} - -%description api-java -This package contains the java bindings for the vpp api - %package api-python Summary: VPP api python bindings Group: Development/Libraries -Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, python-setuptools libffi-devel +Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, libffi-devel +Requires: python-setuptools %description api-python This package contains the python bindings for the vpp api +%package api-python3 +Summary: VPP api python3 bindings +Group: Development/Libraries +Requires: vpp = %{_version}-%{_release}, vpp-lib = %{_version}-%{_release}, libffi-devel +Requires: python-setuptools + +%description api-python3 +This package contains the python3 bindings for the vpp api + +%package selinux-policy +Summary: VPP Security-Enhanced Linux (SELinux) policy +Group: System Environment/Base +Requires(post): selinux-policy-base >= %{selinux_policyver}, selinux-policy-targeted >= %{selinux_policyver}, policycoreutils, policycoreutils-python libselinux-utils + +%description selinux-policy +This package contains a tailored VPP SELinux policy + %prep %setup -q -n %{name}-%{_version} @@ -120,9 +165,19 @@ This package contains the python bindings for the vpp api groupadd -f -r vpp %build -make bootstrap -make -C build-root PLATFORM=vpp TAG=%{_vpp_tag} install-packages +%if 0%{?rhel} +. /opt/rh/devtoolset-7/enable +%endif +%if %{with aesni} + make bootstrap + make -C build-root PLATFORM=vpp TAG=%{_vpp_tag} install-packages +%else + make bootstrap AESNI=n + make -C build-root PLATFORM=vpp AESNI=n TAG=%{_vpp_tag} install-packages +%endif cd %{_mu_build_dir}/../src/vpp-api/python && %py2_build +cd %{_mu_build_dir}/../src/vpp-api/python && %py3_build +cd %{_mu_build_dir}/../extras/selinux && make -f %{_datadir}/selinux/devel/Makefile %install # @@ -149,7 +204,7 @@ install -p -m 644 %{_mu_build_dir}/../src/vpp/conf/80-vpp.conf %{buildroot}/etc/ mkdir -p -m755 %{buildroot}%{_libdir} mkdir -p -m755 %{buildroot}/etc/bash_completion.d mkdir -p -m755 %{buildroot}/usr/share/vpp -for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/lib* -type f -name '*.so.*.*.*' -print ) +for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/lib* -type f -name '*.so.*.*' -print ) do install -p -m 755 $file %{buildroot}%{_libdir} done @@ -165,8 +220,6 @@ for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/vpp/share/vpp/api -type do install -p -m 644 $file %{buildroot}/usr/share/vpp/api done -install -p -m 644 %{_mu_build_dir}/../src/scripts/vppctl_completion %{buildroot}/etc/bash_completion.d -install -p -m 644 %{_mu_build_dir}/../src/scripts/vppctl-cmd-list %{buildroot}/usr/share/vpp # Lua bindings mkdir -p -m755 %{buildroot}/usr/share/doc/vpp/examples/lua/examples/cli @@ -178,20 +231,27 @@ do %{buildroot}/usr/share/doc/vpp/examples/lua/$file ) done -# Java bindings -mkdir -p -m755 %{buildroot}/usr/share/java -for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/vpp/share/java -type f -name '*.jar' -print ) -do - install -p -m 644 $file %{buildroot}/usr/share/java -done - # Python bindings cd %{_mu_build_dir}/../src/vpp-api/python && %py2_install +cd %{_mu_build_dir}/../src/vpp-api/python && %py3_install + +# SELinux Policy +# Install SELinux interfaces +%_format INTERFACES %{_mu_build_dir}/../extras/selinux/$x.if +install -d %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype} +install -p -m 644 $INTERFACES \ + %{buildroot}%{_datadir}/selinux/devel/include/%{moduletype} + +# Install policy modules +%_format MODULES %{_mu_build_dir}/../extras/selinux/$x.pp +install -d %{buildroot}%{_datadir}/selinux/packages +install -m 0644 $MODULES \ + %{buildroot}%{_datadir}/selinux/packages # # devel # -for dir in $(find %{_mu_build_dir}/%{_vpp_install_dir}/*/include/ -maxdepth 0 -type d -print | grep -v dpdk) +for dir in %{_mu_build_dir}/%{_vpp_install_dir}/{vom,vpp}/include/ do for subdir in $(cd ${dir} && find . -type d -print) do @@ -203,11 +263,8 @@ do done done -mkdir -p -m755 %{buildroot}%{python2_sitelib}/jvppgen -install -p -m755 %{_mu_build_dir}/../src/vpp-api/java/jvpp/gen/jvpp_gen.py %{buildroot}/usr/bin -for i in $(ls %{_mu_build_dir}/../src/vpp-api/java/jvpp/gen/jvppgen/*.py); do - install -p -m666 ${i} %{buildroot}%{python2_sitelib}/jvppgen -done; +install -p -m 644 %{_mu_build_dir}/../src/tools/vppapigen/vppapigen_c.py %{buildroot}/usr/share/vpp +install -p -m 644 %{_mu_build_dir}/../src/tools/vppapigen/vppapigen_json.py %{buildroot}/usr/share/vpp # sample plugin mkdir -p -m755 %{buildroot}/usr/share/doc/vpp/examples/sample-plugin/sample @@ -218,27 +275,31 @@ do %{buildroot}/usr/share/doc/vpp/examples/sample-plugin/$file ) done +# vppctl sockfile directory +mkdir -p -m755 %{buildroot}%{_localstatedir}/run/vpp +# vpp.log directory +mkdir -p -m755 %{buildroot}%{_localstatedir}/log/vpp # # vpp-plugins -# +# mkdir -p -m755 %{buildroot}/usr/lib/vpp_plugins mkdir -p -m755 %{buildroot}/usr/lib/vpp_api_test_plugins -for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_plugins && find -type f -print) +for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_plugins && find -type f -print) do - install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_plugins/$file \ + install -p -m 755 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_plugins/$file \ %{buildroot}/usr/lib/vpp_plugins/$file done -for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_api_test_plugins && find -type f -print) +for file in $(cd %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_api_test_plugins && find -type f -print) do - install -p -m 644 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib64/vpp_api_test_plugins/$file \ + install -p -m 755 %{_mu_build_dir}/%{_vpp_install_dir}/vpp/lib/vpp_api_test_plugins/$file \ %{buildroot}/usr/lib/vpp_api_test_plugins/$file done -for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/plugins -type f -name '*.api.json' -print ) +for file in $(find %{_mu_build_dir}/%{_vpp_install_dir}/vpp/share/vpp/api/plugins -type f -name '*.api.json' -print ) do - install -p -m 644 $file %{buildroot}/usr/share/vpp/api + install -p -m 755 $file %{buildroot}/usr/share/vpp/api done # @@ -255,6 +316,15 @@ fi %preun %systemd_preun vpp.service +%post selinux-policy +%_format MODULES %{_datadir}/selinux/packages/$x.pp +if %{_sbindir}/selinuxenabled ; then + %{_sbindir}/semodule -n -X 400 -s %{selinuxtype} -i $MODULES + %{_sbindir}/load_policy + %relabel_files +fi + + %postun %systemd_postun if [ $1 -eq 0 ] ; then @@ -280,44 +350,65 @@ else echo "Upgrading package, dont' unbind interfaces" fi +%postun selinux-policy +if [ $1 -eq 0 ]; then + %{_sbindir}/semodule -n -r %{modulenames} + if %{_sbindir}/selinuxenabled ; then + %{_sbindir}/load_policy + %relabel_files + fi +fi + %files %defattr(-,bin,bin) %{_unitdir}/vpp.service /usr/bin/vpp* /usr/bin/svm* /usr/bin/elftool -%config /etc/sysctl.d/80-vpp.conf -%config /etc/vpp/startup.conf +%config(noreplace) /etc/sysctl.d/80-vpp.conf +%config(noreplace) /etc/vpp/startup.conf /usr/share/vpp/api/* +%defattr(-,root,vpp) +%{_localstatedir}/run/vpp* + +%defattr(-,root,root) +%{_localstatedir}/log/vpp* + %files lib %defattr(-,bin,bin) +%global __requires_exclude_from %{_libdir}/librte_pmd_mlx[45]_glue\\.so.*$ %exclude %{_libdir}/vpp_plugins %exclude %{_libdir}/vpp_api_test_plugins %{_libdir}/* /usr/share/vpp/api/* -/etc/bash_completion.d/vppctl_completion -/usr/share/vpp/vppctl-cmd-list %files api-lua %defattr(644,root,root,644) /usr/share/doc/vpp/examples/lua -%files api-java -%defattr(644,root,root) -/usr/share/java/* - %files api-python -%defattr(644,root,root) -%{python2_sitelib}/vpp_papi* +%defattr(644,root,root,755) +%{python2_sitelib}/vpp_* + +%files api-python3 +%defattr(644,root,root,755) +%{python3_sitelib}/vpp_* + +%files selinux-policy +%defattr(-,root,root,0755) +%attr(0644,root,root) %{_datadir}/selinux/packages/*.pp +%attr(0644,root,root) %{_datadir}/selinux/devel/include/%{moduletype}/*.if %files devel %defattr(-,bin,bin) /usr/bin/vppapigen -/usr/bin/jvpp_gen.py +/usr/bin/vapi_c_gen.py +/usr/bin/vapi_cpp_gen.py +/usr/bin/vapi_json_parser.py %{_includedir}/* -%{python2_sitelib}/jvppgen/* /usr/share/doc/vpp/examples/sample-plugin +/usr/share/vpp %files plugins %defattr(-,bin,bin)