| |
@@ -19,6 +19,8 @@
|
| |
# RPM macros for packages installing SELinux modules
|
| |
|
| |
%_selinux_policy_version SELINUXPOLICYVERSION
|
| |
+ # To be updated after major policy changes
|
| |
+ %_selinux_policy_stable_version 38.25
|
| |
|
| |
%_selinux_store_path SELINUXSTOREPATH
|
| |
%_selinux_store_policy_path %{_selinux_store_path}/${_policytype}
|
| |
@@ -31,11 +33,12 @@
|
| |
|
| |
# %selinux_requires
|
| |
%selinux_requires \
|
| |
- Requires: selinux-policy >= %{_selinux_policy_version} \
|
| |
+ Requires: selinux-policy >= %{_selinux_policy_stable_version} \
|
| |
+ Recommends: selinux-policy >= %{_selinux_policy_version} \
|
| |
BuildRequires: pkgconfig(systemd) \
|
| |
BuildRequires: selinux-policy \
|
| |
BuildRequires: selinux-policy-devel \
|
| |
- Requires(post): selinux-policy-base >= %{_selinux_policy_version} \
|
| |
+ Requires(post): selinux-policy-base >= %{_selinux_policy_stable_version} \
|
| |
Requires(post): libselinux-utils \
|
| |
Requires(post): policycoreutils \
|
| |
%if 0%{?fedora} || 0%{?rhel} > 7\
|
| |
selinux_requires macro ensures that each DSP package requires
selinux-policy package in version that was present during build of given
DSP package, or newer. This feature may cause issues if buildroot
contains newer selinux-policy package than what is available in
production - DSP package built in such buildroot would be inpossible to
install in production (because only older selinux-policy is available
there).
selinux-policy version.
"--setopt=install_weak_deps=False" is used, or given selinux-policy
version is not available (as described above)