nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

move build options out of Makefile into build.conf

This commit is contained in:
Chris PeBenito 2005-12-01 19:04:57 +00:00
parent 4093c293f6
commit 8e0ef1f941
5 changed files with 63 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
refpolicy/Changelog
View File

@ -1,3 +1,4 @@
- Move policy build options out of Makefile into build.conf.
- Add yppasswd to nis module.
- Change optional_policy() to refer to the module name
rather than modulename.te.

3
refpolicy/INSTALL
View File

@ -9,7 +9,8 @@ If you do not have a modules.conf, one can be generated:
make conf
This will create a default modules.conf. After installing the policy sources,
This will create a default modules.conf. Options for the policy
build process can be found in build.conf. After installing the policy sources,
the old Make targets have been maintained for the monolithic policy:
Local policy development:

48
refpolicy/Makefile
View File

@ -14,59 +14,17 @@
#
# The default target is 'policy'.
#
########################################
#
# Configurable portions of the Makefile
# Please see build.conf for policy build options.
#
# Policy version
# By default, checkpolicy will create the highest
# version policy it supports. Setting this will
# override the version. This only affects
# monolithic policies.
#OUTPUT_POLICY = 18
# Policy Type
# strict, targeted,
# strict-mls, targeted-mls,
# strict-mcs, targeted-mcs
TYPE = targeted-mcs
# Policy Name
# If set, this will be used as the policy
# name. Otherwise the policy type will be
# used for the name.
NAME = refpolicy
# Distribution
# Some distributions have portions of policy
# for programs or configurations specific to the
# distribution. Setting this will enable options
# for the distribution.
# redhat, gentoo, debian, and suse are current options.
# Fedora users should enable redhat.
DISTRO = redhat
# Direct admin init
# Setting this will allow sysadm to directly
# run init scripts, instead of requring run_init.
# This is a build option, as role transitions do
# not work in conditional policy.
DIRECT_INITRC=y
# Build monolithic policy. Putting n here
# will build a loadable module policy.
MONOLITHIC=y
# Uncomment this to disable command echoing
#QUIET:=@
########################################
#
# NO OPTIONS BELOW HERE
#
include build.conf
# executable paths
PREFIX := /usr
BINDIR := $(PREFIX)/bin

12
refpolicy/README
View File

@ -70,9 +70,19 @@ checklabels Check the labels on the filesystem, and report when
restorelabels Relabel the filesystem and report each file that is
relabeled.
2) Reference Policy Directories
2) Reference Policy Files and Directories
All directories relative to the root of the Reference Policy sources directory.
Makefile General rules for building the policy.
Rules.modular Rules specific to building loadable module policies.
Rules.monolithic Rules specific to building monolithic policies.
build.conf Options which influence the building of the policy,
such as the policy type (strict, targeted, etc.)
and distribution.
config/appconfig-* Application configuration files for all configurations
of the Reference Policy (targeted/strict with or without
MLS or MCS). These are used by SELinux-aware programs.

46
refpolicy/build.conf Normal file
View File

@ -0,0 +1,46 @@
########################################
#
# Policy build options
#
# Policy version
# By default, checkpolicy will create the highest
# version policy it supports. Setting this will
# override the version. This only has an
# effect for monolithic policies.
#OUTPUT_POLICY = 18
# Policy Type
# strict, targeted,
# strict-mls, targeted-mls,
# strict-mcs, targeted-mcs
TYPE = targeted-mcs
# Policy Name
# If set, this will be used as the policy
# name. Otherwise the policy type will be
# used for the name.
NAME = refpolicy
# Distribution
# Some distributions have portions of policy
# for programs or configurations specific to the
# distribution. Setting this will enable options
# for the distribution.
# redhat, gentoo, debian, and suse are current options.
# Fedora users should enable redhat.
DISTRO = redhat
# Direct admin init
# Setting this will allow sysadm to directly
# run init scripts, instead of requring run_init.
# This is a build option, as role transitions do
# not work in conditional policy.
DIRECT_INITRC=y
# Build monolithic policy. Putting n here
# will build a loadable module policy.
MONOLITHIC=y
# Uncomment this to disable command echoing
#QUIET:=@