From 34c801e670534f76d0b451df80827a543bcdcbfc Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Wed, 21 Sep 2022 15:39:50 +0000
Subject: [PATCH] selinux: Update based on latest packaging guide

https://fedoraproject.org/wiki/SELinux/IndependentPolicy

- Add dependency on selinux-policy-targeted
- Move %selinux_relabel_pre to osbuild-selinux
- Start shipping osbuild interface file
- Exclude installed policy module file from RPM verification

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
---
 osbuild.spec | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/osbuild.spec b/osbuild.spec
index e4092004..b3d7eba3 100644
--- a/osbuild.spec
+++ b/osbuild.spec
@@ -100,7 +100,8 @@ to build OSTree based images.
 %package        selinux
 Summary:        SELinux policies
 Requires:       %{name} = %{version}-%{release}
-BuildRequires:  selinux-policy
+Requires:       selinux-policy-%{selinuxtype}
+Requires(post): selinux-policy-%{selinuxtype}
 BuildRequires:  selinux-policy-devel
 %{?selinux_requires}
 
@@ -129,7 +130,7 @@ make man
 make -f /usr/share/selinux/devel/Makefile osbuild.pp
 bzip2 -9 osbuild.pp
 
-%pre
+%pre selinux
 %selinux_relabel_pre -s %{selinuxtype}
 
 %install
@@ -173,6 +174,7 @@ install -p -m 0644 -t %{buildroot}%{_mandir}/man5/ docs/*.5
 # SELinux
 install -D -m 0644 -t %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype} %{name}.pp.bz2
 install -D -m 0644 -t %{buildroot}%{_mandir}/man8 selinux/%{name}_selinux.8
+install -D -p -m 0644 selinux/osbuild.if %{buildroot}%{_datadir}/selinux/devel/include/distributed/%{name}.if
 
 # Udev rules
 mkdir -p %{buildroot}%{_udevrulesdir}
@@ -230,7 +232,8 @@ exit 0
 %files selinux
 %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
 %{_mandir}/man8/%{name}_selinux.8.*
-%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}
+%{_datadir}/selinux/devel/include/distributed/%{name}.if
+%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}
 
 %post selinux
 %selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2