nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rules.monolithic: ignore version mismatch

Browse Source 
Ignore version mismatch when OUTPUT_POLICY is defined and the kernel
supports a higher policy version.
Currently Debian ships SELinux userland tools 3.1, which supports
version 32, and Linux 5.10, which supports version 33.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
This commit is contained in:
Christian Göttsche 2021-01-31 21:50:29 +01:00
parent 627a453910
commit 02f1c1c06b
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Rules.monolithic
View File

@ -13,6 +13,11 @@ ifeq "$(kv)" ""
kv := $(pv)
endif
# dont print version warnings if we specified a lower version than the kernel supports
ifneq "$(OUTPUT_POLICY)" ""
kv := $(shell if test $(kv) -gt $(pv); then echo $(pv); else echo $(kv); fi)
endif
# load_policy(8) loads policy from /etc/selinux/<SELINUXTYPE>/policy/policy.$(pv)
# It does this by reading the /etc/selinux/config file SELINUXTYPE entry to
# form the full path. $(polbinpath) will contain this evaluated path for use as
@ -73,7 +78,7 @@ $(polver): $(policy_conf)
@echo "Compiling $(NAME) $(polver)"
ifneq ($(pv),$(kv))
@echo
@echo "WARNING: Policy version mismatch! Is your OUTPUT_POLICY set correctly?"
@echo "WARNING: Policy version mismatch (policy:$(pv) kernel:$(kv))! Is your OUTPUT_POLICY set correctly?"
@echo
endif
$(verbose) $(CHECKPOLICY) -U $(UNK_PERMS) $^ -o $@
@ -86,7 +91,7 @@ $(loadpath): $(policy_conf)
@echo "Compiling and installing $(NAME) $(loadpath)"
ifneq ($(pv),$(kv))
@echo
@echo "WARNING: Policy version mismatch! Is your OUTPUT_POLICY set correctly?"
@echo "WARNING: Policy version mismatch (policy:$(pv) kernel:$(kv))! Is your OUTPUT_POLICY set correctly?"
@echo
endif
@$(INSTALL) -d -m 0755 $(@D)