RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Rules.modular: add pure-load target 

Add a target for modular polices to load all built modules while
simultaneously removing all non Reference Policy ones.  This will remove
dropped Reference Policy modules and user installed ones.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
This commit is contained in:
Christian Göttsche 2022-03-22 18:21:23 +01:00
parent 53cc1714cb
commit 448be4bd31
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Rules.modular
View File

@ -58,6 +58,17 @@ load: $(instpkg) $(appfiles)
@$(INSTALL) -d -m 0755 $(policypath) $(dir $(fcpath))
$(verbose) $(SEMODULE) -s $(NAME) -i $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod))
########################################
#
# Load all configured modules and remove foreign ones
#
pure-load: $(instpkg) $(appfiles)
# make sure two directories exist since they are not
# created by semanage
@echo "Loading configured modules."
@$(INSTALL) -d -m 0755 $(policypath) $(dir $(fcpath))
$(verbose) $(SEMODULE) -s $(NAME) -i $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod)) $(foreach omod,$(filter-out base $(notdir $(mod_mods:.te=)),$(shell $(SEMODULE) -l)),-r $(omod))
########################################
#
# Install policy packages
@ -226,4 +237,4 @@ clean:
$(verbose) rm -f $(net_contexts) $(net_contexts_nft)
$(verbose) rm -fR $(tmpdir)
.PHONY: default all policy base modules install load clean validate
.PHONY: default all policy base modules install load pure-load clean validate