Fix makefiles to install files with the correct DAC permissions if the umask is not 022.
trac ticket #50
This commit is contained in:
Chris PeBenito
parent
a8ad9ba250
commit
458ab7d2ba
|
|
@ -1,3 +1,5 @@
|
||||||
|
- Fix makefiles to install files with the correct DAC permissions if the
|
||||||
|
umask is not 022.
|
||||||
- Remove deprecated support macros.
|
- Remove deprecated support macros.
|
||||||
- Remove rolemap and per-role template support.
|
- Remove rolemap and per-role template support.
|
||||||
- Change corenetwork port declaration to apply the reserved port type
|
- Change corenetwork port declaration to apply the reserved port type
|
||||||
|
|
|
||||||
30
Makefile
30
Makefile
|
|
@ -74,6 +74,7 @@ M4 ?= m4
|
||||||
PYTHON ?= python
|
PYTHON ?= python
|
||||||
SED ?= sed
|
SED ?= sed
|
||||||
SORT ?= LC_ALL=C sort
|
SORT ?= LC_ALL=C sort
|
||||||
|
UMASK ?= umask
|
||||||
|
|
||||||
CFLAGS += -Wall
|
CFLAGS += -Wall
|
||||||
|
|
||||||
|
|
@ -448,7 +449,6 @@ html $(tmpdir)/html: $(polxml)
|
||||||
#
|
#
|
||||||
$(userpath)/system.users: $(m4support) $(tmpdir)/generated_definitions.conf $(user_files)
|
$(userpath)/system.users: $(m4support) $(tmpdir)/generated_definitions.conf $(user_files)
|
||||||
@mkdir -p $(tmpdir)
|
@mkdir -p $(tmpdir)
|
||||||
@mkdir -p $(userpath)
|
|
||||||
@echo "Installing system.users"
|
@echo "Installing system.users"
|
||||||
@echo "# " > $(tmpdir)/system.users
|
@echo "# " > $(tmpdir)/system.users
|
||||||
@echo "# Do not edit this file. " >> $(tmpdir)/system.users
|
@echo "# Do not edit this file. " >> $(tmpdir)/system.users
|
||||||
|
|
@ -457,12 +457,13 @@ $(userpath)/system.users: $(m4support) $(tmpdir)/generated_definitions.conf $(us
|
||||||
@echo "#" >> $(tmpdir)/system.users
|
@echo "#" >> $(tmpdir)/system.users
|
||||||
$(verbose) $(M4) -D self_contained_policy $(M4PARAM) $^ | $(SED) -r -e 's/^[[:blank:]]+//' \
|
$(verbose) $(M4) -D self_contained_policy $(M4PARAM) $^ | $(SED) -r -e 's/^[[:blank:]]+//' \
|
||||||
-e '/^[[:blank:]]*($$|#)/d' >> $(tmpdir)/system.users
|
-e '/^[[:blank:]]*($$|#)/d' >> $(tmpdir)/system.users
|
||||||
$(verbose) $(INSTALL) -m 644 $(tmpdir)/system.users $@
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
|
$(verbose) $(INSTALL) -m 0644 $(tmpdir)/system.users $@
|
||||||
|
|
||||||
$(userpath)/local.users: config/local.users
|
$(userpath)/local.users: config/local.users
|
||||||
@mkdir -p $(userpath)
|
|
||||||
@echo "Installing local.users"
|
@echo "Installing local.users"
|
||||||
$(verbose) $(INSTALL) -b -m 644 $< $@
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
|
$(verbose) $(INSTALL) -b -m 0644 $< $@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
@ -480,26 +481,27 @@ install-appconfig: $(appfiles)
|
||||||
|
|
||||||
$(installdir)/booleans: $(booleans)
|
$(installdir)/booleans: $(booleans)
|
||||||
@mkdir -p $(tmpdir)
|
@mkdir -p $(tmpdir)
|
||||||
@mkdir -p $(installdir)
|
|
||||||
$(verbose) $(SED) -r -e 's/false/0/g' -e 's/true/1/g' \
|
$(verbose) $(SED) -r -e 's/false/0/g' -e 's/true/1/g' \
|
||||||
-e '/^[[:blank:]]*($$|#)/d' $(booleans) | $(SORT) > $(tmpdir)/booleans
|
-e '/^[[:blank:]]*($$|#)/d' $(booleans) | $(SORT) > $(tmpdir)/booleans
|
||||||
$(verbose) $(INSTALL) -m 644 $(tmpdir)/booleans $@
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
|
$(verbose) $(INSTALL) -m 0644 $(tmpdir)/booleans $@
|
||||||
|
|
||||||
$(contextpath)/files/media: $(appconf)/media
|
$(contextpath)/files/media: $(appconf)/media
|
||||||
@mkdir -p $(contextpath)/files/
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
$(verbose) $(INSTALL) -m 644 $< $@
|
$(verbose) $(INSTALL) -m 0644 $< $@
|
||||||
|
|
||||||
$(fcsubspath): config/file_contexts.subs_dist
|
$(fcsubspath): config/file_contexts.subs_dist
|
||||||
@mkdir -p $(contextpath)/files/
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
$(verbose) $(INSTALL) -m 644 $< $@
|
$(verbose) $(INSTALL) -m 0644 $< $@
|
||||||
|
|
||||||
$(contextpath)/users/%: $(appconf)/%_default_contexts
|
$(contextpath)/users/%: $(appconf)/%_default_contexts
|
||||||
@mkdir -p $(appdir)/users
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
$(verbose) $(INSTALL) -m 644 $^ $@
|
$(verbose) $(INSTALL) -m 0644 $^ $@
|
||||||
|
|
||||||
$(appdir)/%: $(appconf)/%
|
$(appdir)/%: $(appconf)/%
|
||||||
@mkdir -p $(appdir)
|
$(verbose) $(M4) $(M4PARAM) $(m4support) $< > $(tmpdir)/$(@F)
|
||||||
$(verbose) $(M4) $(M4PARAM) $(m4support) $< > $@
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
|
$(verbose) $(INSTALL) -m 0644 $(tmpdir)/$(@F) $@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
|
||||||
|
|
@ -53,8 +53,8 @@ install: $(instpkg) $(appfiles)
|
||||||
load: $(instpkg) $(appfiles)
|
load: $(instpkg) $(appfiles)
|
||||||
# make sure two directories exist since they are not
|
# make sure two directories exist since they are not
|
||||||
# created by semanage
|
# created by semanage
|
||||||
@mkdir -p $(policypath) $(dir $(fcpath))
|
|
||||||
@echo "Loading configured modules."
|
@echo "Loading configured modules."
|
||||||
|
@$(INSTALL) -d -m 0755 $(policypath) $(dir $(fcpath))
|
||||||
$(verbose) $(SEMODULE) -s $(NAME) -b $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod))
|
$(verbose) $(SEMODULE) -s $(NAME) -b $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod))
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
|
@ -62,8 +62,8 @@ load: $(instpkg) $(appfiles)
|
||||||
# Install policy packages
|
# Install policy packages
|
||||||
#
|
#
|
||||||
$(modpkgdir)/%.pp: $(builddir)%.pp
|
$(modpkgdir)/%.pp: $(builddir)%.pp
|
||||||
@mkdir -p $(modpkgdir)
|
|
||||||
@echo "Installing $(NAME) $(@F) policy package."
|
@echo "Installing $(NAME) $(@F) policy package."
|
||||||
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
$(verbose) $(INSTALL) -m 0644 $^ $(modpkgdir)
|
$(verbose) $(INSTALL) -m 0644 $^ $(modpkgdir)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
|
@ -189,9 +189,9 @@ endif
|
||||||
# Appconfig files
|
# Appconfig files
|
||||||
#
|
#
|
||||||
$(appdir)/customizable_types: $(base_conf)
|
$(appdir)/customizable_types: $(base_conf)
|
||||||
@mkdir -p $(appdir)
|
|
||||||
$(verbose) $(GREP) '^[[:blank:]]*type .*customizable' $< | cut -d';' -f1 | cut -d',' -f1 | cut -d' ' -f2 | $(SORT) -u > $(tmpdir)/customizable_types
|
$(verbose) $(GREP) '^[[:blank:]]*type .*customizable' $< | cut -d';' -f1 | cut -d',' -f1 | cut -d' ' -f2 | $(SORT) -u > $(tmpdir)/customizable_types
|
||||||
$(verbose) $(INSTALL) -m 644 $(tmpdir)/customizable_types $@
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
|
$(verbose) $(INSTALL) -m 0644 $(tmpdir)/customizable_types $@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
|
||||||
|
|
@ -83,13 +83,13 @@ ifneq "$(UNK_PERMS)" ""
|
||||||
$(loadpath): CHECKPOLICY += -U $(UNK_PERMS)
|
$(loadpath): CHECKPOLICY += -U $(UNK_PERMS)
|
||||||
endif
|
endif
|
||||||
$(loadpath): $(policy_conf)
|
$(loadpath): $(policy_conf)
|
||||||
@mkdir -p $(policypath)
|
|
||||||
@echo "Compiling and installing $(NAME) $(loadpath)"
|
@echo "Compiling and installing $(NAME) $(loadpath)"
|
||||||
ifneq ($(pv),$(kv))
|
ifneq ($(pv),$(kv))
|
||||||
@echo
|
@echo
|
||||||
@echo "WARNING: Policy version mismatch! Is your OUTPUT_POLICY set correctly?"
|
@echo "WARNING: Policy version mismatch! Is your OUTPUT_POLICY set correctly?"
|
||||||
@echo
|
@echo
|
||||||
endif
|
endif
|
||||||
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
$(verbose) $(CHECKPOLICY) $^ -o $@
|
$(verbose) $(CHECKPOLICY) $^ -o $@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
|
@ -193,10 +193,10 @@ $(fcpath): $(fc) $(loadpath) $(userpath)/system.users
|
||||||
@echo "Validating $(NAME) file_contexts."
|
@echo "Validating $(NAME) file_contexts."
|
||||||
$(verbose) $(SETFILES) -q -c $(loadpath) $(fc)
|
$(verbose) $(SETFILES) -q -c $(loadpath) $(fc)
|
||||||
@echo "Installing file_contexts."
|
@echo "Installing file_contexts."
|
||||||
@mkdir -p $(contextpath)/files
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
$(verbose) $(INSTALL) -m 644 $(fc) $(fcpath)
|
$(verbose) $(INSTALL) -m 0644 $(fc) $(fcpath)
|
||||||
$(verbose) $(INSTALL) -m 644 $(homedir_template) $(homedirpath)
|
$(verbose) $(INSTALL) -m 0644 $(homedir_template) $(homedirpath)
|
||||||
$(verbose) $(genhomedircon) -d $(topdir) -t $(NAME) $(USEPWD)
|
$(verbose) $(UMASK) 022 ; $(genhomedircon) -d $(topdir) -t $(NAME) $(USEPWD)
|
||||||
ifeq "$(DISTRO)" "rhel4"
|
ifeq "$(DISTRO)" "rhel4"
|
||||||
# Setfiles in RHEL4 does not look at file_contexts.homedirs.
|
# Setfiles in RHEL4 does not look at file_contexts.homedirs.
|
||||||
$(verbose) cat $@.homedirs >> $@
|
$(verbose) cat $@.homedirs >> $@
|
||||||
|
|
@ -211,6 +211,7 @@ endif
|
||||||
#
|
#
|
||||||
$(ncpath): $(net_contexts)
|
$(ncpath): $(net_contexts)
|
||||||
@echo "Installing $(NAME) netfilter_contexts."
|
@echo "Installing $(NAME) netfilter_contexts."
|
||||||
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
$(verbose) $(INSTALL) -m 0644 $^ $@
|
$(verbose) $(INSTALL) -m 0644 $^ $@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
|
@ -230,14 +231,14 @@ $(builddir)longcheck.res: $(policy_conf) $(fc)
|
||||||
# Appconfig files
|
# Appconfig files
|
||||||
#
|
#
|
||||||
$(appdir)/customizable_types: $(policy_conf)
|
$(appdir)/customizable_types: $(policy_conf)
|
||||||
@mkdir -p $(appdir)
|
|
||||||
$(verbose) $(GREP) '^[[:blank:]]*type .*customizable' $< | cut -d';' -f1 | cut -d',' -f1 | cut -d' ' -f2 | $(SORT) -u > $(tmpdir)/customizable_types
|
$(verbose) $(GREP) '^[[:blank:]]*type .*customizable' $< | cut -d';' -f1 | cut -d',' -f1 | cut -d' ' -f2 | $(SORT) -u > $(tmpdir)/customizable_types
|
||||||
$(verbose) $(INSTALL) -m 644 $(tmpdir)/customizable_types $@
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
|
$(verbose) $(INSTALL) -m 0644 $(tmpdir)/customizable_types $@
|
||||||
|
|
||||||
$(installdir)/seusers: $(seusers)
|
$(installdir)/seusers: $(seusers)
|
||||||
@mkdir -p $(installdir)
|
|
||||||
$(verbose) $(M4) $(M4PARAM) $(m4support) $^ | $(GREP) '^[a-z_]' > $(tmpdir)/seusers
|
$(verbose) $(M4) $(M4PARAM) $(m4support) $^ | $(GREP) '^[a-z_]' > $(tmpdir)/seusers
|
||||||
$(verbose) $(INSTALL) -m 644 $(tmpdir)/seusers $@
|
@$(INSTALL) -d -m 0755 $(@D)
|
||||||
|
$(verbose) $(INSTALL) -m 0644 $(tmpdir)/seusers $@
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue