From 46acfdd4550559fe10fe7473ba492f9425bdc2d9 Mon Sep 17 00:00:00 2001 From: Harry Ciao Date: Wed, 29 Feb 2012 16:16:47 +0800 Subject: [PATCH] Move role declarations to the top of base.conf system_r is required by the policy_module macro, which however will be expanded as empty if the module is built into base.pp. system_r is defined in the kernel.te, its definition should be moved to the top of base.conf so that other modules copied earlier into base.conf than kernel.te could reference system_r in their unconditional block properly. Signed-off-by: Harry Ciao --- support/comment_move_decl.sed | 1 + support/get_type_attr_decl.sed | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/support/comment_move_decl.sed b/support/comment_move_decl.sed index 601c4f7e9..00b94b6ad 100644 --- a/support/comment_move_decl.sed +++ b/support/comment_move_decl.sed @@ -10,5 +10,6 @@ /^[[:blank:]]*fs_use_(xattr|task|trans) /s/^/# this line was moved by the build process: &/ /^[[:blank:]]*sid /s/^/# this line was moved by the build process: &/ /^[[:blank:]]*bool /s/^/# this line was moved by the build process: &/ +/^[[:blank:]]*role[[:blank:]]+[a-zA-Z_]+[[:blank:]]*;/s/^/# this line was moved by the build process: &/ :nextline diff --git a/support/get_type_attr_decl.sed b/support/get_type_attr_decl.sed index 69c6ccd41..5c7a6a808 100644 --- a/support/get_type_attr_decl.sed +++ b/support/get_type_attr_decl.sed @@ -1,5 +1,5 @@ #n -# print out type and attribute declarations that +# print out type, role and attribute declarations that # are not inside require and optional blocks. /require \{/,/} # end require/b nextline @@ -10,4 +10,9 @@ p } +/^[[:blank:]]*role[[:blank:]]+[a-zA-Z_]+[[:blank:]]*;/{ + s/^[[:blank:]]+// + p +} + :nextline