From f1aed68ac3ba74ded7038cbebbe203a037938273 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Thu, 28 Jul 2011 13:12:28 -0400 Subject: [PATCH] Support for file context path substitutions (file_contexts.subs). Install file_contexts.subs_dist out of Refpolicy. This is TYPE-agnostic so the file goes in config/. Populate the file with current substitutions. --- Changelog | 2 ++ Makefile | 7 ++++++- config/file_contexts.subs_dist | 7 +++++++ 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 config/file_contexts.subs_dist diff --git a/Changelog b/Changelog index 4b53b1c44..6197ce37b 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,5 @@ +- Support for file context path substitutions (file_contexts.subs). + * Tue Jul 26 2011 Chris PeBenito - 2.20110726 - Fix role declarations to handle role attribute compilers. - Rename audioentropy module to entropyd due to haveged support. diff --git a/Makefile b/Makefile index b8486a02c..c18ec66b7 100644 --- a/Makefile +++ b/Makefile @@ -156,6 +156,7 @@ policypath = $(installdir)/policy contextpath = $(installdir)/contexts homedirpath = $(contextpath)/files/homedir_template fcpath = $(contextpath)/files/file_contexts +fcsubspath = $(contextpath)/files/file_contexts.subs_dist ncpath = $(contextpath)/netfilter_contexts sharedir = $(prefix)/share/selinux modpkgdir = $(sharedir)/$(strip $(NAME)) @@ -248,7 +249,7 @@ seusers := $(appconf)/seusers appdir := $(contextpath) user_default_contexts := $(wildcard config/appconfig-$(TYPE)/*_default_contexts) user_default_contexts_names := $(addprefix $(contextpath)/users/,$(subst _default_contexts,,$(notdir $(user_default_contexts)))) -appfiles := $(addprefix $(appdir)/,default_contexts default_type initrc_context failsafe_context userhelper_context removable_context dbus_contexts sepgsql_contexts x_contexts customizable_types securetty_types) $(contextpath)/files/media $(user_default_contexts_names) +appfiles := $(addprefix $(appdir)/,default_contexts default_type initrc_context failsafe_context userhelper_context removable_context dbus_contexts sepgsql_contexts x_contexts customizable_types securetty_types) $(contextpath)/files/media $(fcsubspath) $(user_default_contexts_names) net_contexts := $(builddir)net_contexts all_layers := $(shell find $(wildcard $(moddir)/*) -maxdepth 0 -type d) @@ -531,6 +532,10 @@ $(contextpath)/files/media: $(appconf)/media @mkdir -p $(contextpath)/files/ $(verbose) $(INSTALL) -m 644 $< $@ +$(fcsubspath): config/file_contexts.subs_dist + @mkdir -p $(contextpath)/files/ + $(verbose) $(INSTALL) -m 644 $< $@ + $(contextpath)/users/%: $(appconf)/%_default_contexts @mkdir -p $(appdir)/users $(verbose) $(INSTALL) -m 644 $^ $@ diff --git a/config/file_contexts.subs_dist b/config/file_contexts.subs_dist new file mode 100644 index 000000000..32b87a4fd --- /dev/null +++ b/config/file_contexts.subs_dist @@ -0,0 +1,7 @@ +/lib32 /lib +/lib64 /lib +/run /var/run +/run/lock /var/lock +/usr/lib32 /usr/lib +/usr/lib64 /usr/lib +/var/run/lock /var/lock