Name: ly
Version: v1.0.0
Release: 1
Summary: TUI (ncurses-like) display manager
License: WTFPL
Group: System/Console
URL: https://github.com/fairyglade/ly
BuildRequires: git
BuildRequires: systemd-rpm-macros
BuildRequires: pkgconfig(pam)
BuildRequires: pkgconfig(xcb)
#BuildRequires: xdg-utils
BuildRequires: zig
BuildRequires: wget
BuildRequires: make
BuildRequires: selinux-policy-devel
%description
A lightweight, TUI (ncurses-like) display manager for linux.
%prep
rm -rf %{name}
git clone %{url} %{name}
cd %{name}
git checkout %{version}
wget https://ziglang.org/download/0.12.0/zig-linux-x86_64-0.12.0.tar.xz
tar -xf zig-linux-x86_64-0.12.0.tar.xz
mkdir selinux
cat << 'EOF' > selinux/ly.fc
/usr/bin/ly -- gen_context(system_u:object_r:ly_exec_t,s0)
EOF
cat << 'EOF' > selinux/ly.if
## policy for ly
########################################
##
## Execute ly_exec_t in the ly domain.
##
##
##
## Domain allowed to transition.
##
##
#
interface(`ly_domtrans',`
gen_require(`
type ly_t, ly_exec_t;
')
corecmd_search_bin($1)
domtrans_pattern($1, ly_exec_t, ly_t)
')
######################################
##
## Execute ly in the caller domain.
##
##
##
## Domain allowed access.
##
##
#
interface(`ly_exec',`
gen_require(`
type ly_exec_t;
')
corecmd_search_bin($1)
can_exec($1, ly_exec_t)
')
EOF
cat << 'EOF' > selinux/ly.te
policy_module(ly, 1.0.0)
########################################
#
# Declarations
#
type ly_t;
type ly_exec_t;
init_daemon_domain(ly_t, ly_exec_t)
permissive ly_t;
########################################
#
# ly local policy
#
allow ly_t self:fifo_file rw_fifo_file_perms;
allow ly_t self:unix_stream_socket create_stream_socket_perms;
domain_use_interactive_fds(ly_t)
files_read_etc_files(ly_t)
miscfiles_read_localization(ly_t)
EOF
%build
cd %{name}
make -f /usr/share/selinux/devel/Makefile -C selinux
zig-linux-x86_64-0.12.0/zig build
pushd selinux
bzip2 ly.pp
popd
%install
cd %{name}
#zig make install
#zig-linux-x86_64-0.12.0/zig DESTDIR=%{buildroot} installsystemd
mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}%{_unitdir}
mkdir -p %{buildroot}%{_sysconfdir}/ly
mkdir -p %{buildroot}%{_docdir}/ly
mkdir -p %{buildroot}%{_datadir}/selinux/packages/targeted/
cp ./zig-out/bin/ly %{buildroot}%{_bindir}
cp ./res/ly.service %{buildroot}%{_unitdir}
cp ./res/config.ini %{buildroot}%{_sysconfdir}/ly/
cp ./res/*setup.sh %{buildroot}%{_sysconfdir}/ly/
cp -r ./res/lang %{buildroot}%{_sysconfdir}/ly/
#cp ./readme.md %{buildroot}
cp -r ./res/pam.d %{buildroot}%{_sysconfdir}/
cp ./selinux/ly.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/targeted/ly.pp.bz2
#%pre
#%systemd_pre ly.service
%post
%systemd_post ly.service
# this is very jank
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/ly.pp.bz2
%selinux_relabel_post -s %{selinuxtype}
%preun
%systemd_preun ly.service
%postun
%systemd_postun ly.service
%pre
# SELinux contexts are saved so that only affected files can be
# relabeled after the policy module installation
%selinux_relabel_pre -s %{selinuxtype}
if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s %{selinuxtype} %{name}
%selinux_relabel_post -s %{selinuxtype}
fi
%files
#%doc readme.md
%dir %{_sysconfdir}/ly
%dir %{_sysconfdir}/ly/lang
%config(noreplace) %{_sysconfdir}/ly/config.ini
%config %{_sysconfdir}/ly/lang/*.ini
%config %{_sysconfdir}/pam.d/ly
%{_sysconfdir}/ly/*.sh
%{_bindir}/ly
#%{_sbindir}/rcly
%{_unitdir}/ly.service
%{_datadir}/selinux/packages/targeted/ly.pp.bz2
%changelog
%autochangelog