From e79e840607adff6f2e55d4c889ae055d07bdabf5 Mon Sep 17 00:00:00 2001
From: Sergei Golubchik <serg@mariadb.org>
Date: Tue, 17 Jan 2017 14:09:38 +0100
Subject: [PATCH] selinux fixes for 10.0->10.1 merge

1. don't put generated files into ${CMAKE_CURRENT_SOURCE_DIR}
2. policy file name must match the module name (Fedora 24 requirement)
---
 support-files/CMakeLists.txt                  | 36 +++++++++----------
 .../selinux/{mysqld-safe.te => mariadb.te}    |  0
 support-files/rpm/server-postin.sh            |  2 +-
 3 files changed, 19 insertions(+), 19 deletions(-)
 rename support-files/policy/selinux/{mysqld-safe.te => mariadb.te} (100%)

diff --git a/support-files/CMakeLists.txt b/support-files/CMakeLists.txt
index 40a28e6762548..c80de04d06927 100644
--- a/support-files/CMakeLists.txt
+++ b/support-files/CMakeLists.txt
@@ -57,27 +57,27 @@ IF(UNIX)
       DESTINATION ${inst_location} COMPONENT Server_Scripts)
   ENDFOREACH()
 
-  FIND_PROGRAM(CHECKMODULE checkmodule)
-  FIND_PROGRAM(SEMODULE_PACKAGE semodule_package)
-  MARK_AS_ADVANCED(CHECKMODULE SEMODULE_PACKAGE)
-
-  # Build pp files in policy/selinux
-  IF(CHECKMODULE AND SEMODULE_PACKAGE)
-    FOREACH(pol mysqld-safe)
-      SET(src ${CMAKE_CURRENT_SOURCE_DIR}/policy/selinux/${pol}.te)
-      SET(mod ${CMAKE_CURRENT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${pol}-pp.dir/${pol}.mod)
-      SET(out ${CMAKE_CURRENT_SOURCE_DIR}/policy/selinux/${pol}.pp)
-      ADD_CUSTOM_COMMAND(OUTPUT ${out}
-        COMMAND ${CHECKMODULE} -M -m ${src} -o ${mod}
-        COMMAND ${SEMODULE_PACKAGE} -m ${mod} -o ${out}
-        DEPENDS ${src})
-      ADD_CUSTOM_TARGET(${pol}-pp ALL DEPENDS ${out})
-    ENDFOREACH()
-  ENDIF()
-
   IF(INSTALL_SUPPORTFILESDIR)
     INSTALL(FILES magic DESTINATION ${inst_location} COMPONENT SupportFiles)
     INSTALL(DIRECTORY policy DESTINATION ${inst_location} COMPONENT SupportFiles)
+    FIND_PROGRAM(CHECKMODULE checkmodule)
+    FIND_PROGRAM(SEMODULE_PACKAGE semodule_package)
+    MARK_AS_ADVANCED(CHECKMODULE SEMODULE_PACKAGE)
+
+    # Build pp files in policy/selinux
+    IF(CHECKMODULE AND SEMODULE_PACKAGE)
+      FOREACH(pol mariadb)
+        SET(src ${CMAKE_CURRENT_SOURCE_DIR}/policy/selinux/${pol}.te)
+        SET(tmp ${CMAKE_CURRENT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${pol}-pp.dir/${pol}.mod)
+        SET(out ${CMAKE_CURRENT_BINARY_DIR}/${pol}.pp)
+        ADD_CUSTOM_COMMAND(OUTPUT ${out}
+          COMMAND ${CHECKMODULE} -M -m ${src} -o ${tmp}
+          COMMAND ${SEMODULE_PACKAGE} -m ${tmp} -o ${out}
+        DEPENDS ${src})
+        ADD_CUSTOM_TARGET(${pol}-pp ALL DEPENDS ${out})
+        INSTALL(FILES ${out} DESTINATION ${inst_location}/policy/selinux COMPONENT SupportFiles)
+      ENDFOREACH()
+    ENDIF()
   ENDIF()
 
   CONFIGURE_FILE(mariadb.pc.in ${CMAKE_CURRENT_BINARY_DIR}/mariadb.pc @ONLY)
diff --git a/support-files/policy/selinux/mysqld-safe.te b/support-files/policy/selinux/mariadb.te
similarity index 100%
rename from support-files/policy/selinux/mysqld-safe.te
rename to support-files/policy/selinux/mariadb.te
diff --git a/support-files/rpm/server-postin.sh b/support-files/rpm/server-postin.sh
index bdce35b1d0edd..9ef9bec3e0d85 100644
--- a/support-files/rpm/server-postin.sh
+++ b/support-files/rpm/server-postin.sh
@@ -96,7 +96,7 @@ if [ -f /etc/redhat-release ] ; then
    fi
    if grep 'CentOS release 6' /etc/redhat-release >/dev/null 2>&1; then
      if [ -x /usr/sbin/semodule ] ; then
-       /usr/sbin/semodule -i /usr/share/mysql/policy/selinux/mysqld-safe.pp
+       /usr/sbin/semodule -i /usr/share/mysql/policy/selinux/mariadb.pp
      fi
    fi
 fi