nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move user definitions to the right place during compilation.

Browse Source 
This will allow user definitions in modules to work for monolithic policies
and base module.

Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
This commit is contained in:
Chris PeBenito 2020-07-10 09:07:52 -04:00
parent c5ac0d52c4
commit d41607c714
3 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Rules.modular
View File

@ -154,9 +154,10 @@ endif
$(verbose) $(M4) $(M4PARAM) -s $^ > $@
$(tmpdir)/post_te_files.conf: M4PARAM += -D self_contained_policy
$(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(base_post_te_files)
$(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(base_post_te_files) $(tmpdir)/all_te_files.conf
@test -d $(tmpdir) || mkdir -p $(tmpdir)
$(verbose) $(M4) $(M4PARAM) $^ > $@
$(verbose) $(GREP) '^[[:blank:]]*user ' $(tmpdir)/all_te_files.conf > $@ || true
$(verbose) $(M4) $(M4PARAM) $(m4support) $(tmpdir)/generated_definitions.conf $(base_post_te_files) >> $@
# extract attributes and put them first. extract post te stuff
# like genfscon and put last.

5
Rules.monolithic
View File

@ -134,9 +134,10 @@ endif
@test -d $(tmpdir) || mkdir -p $(tmpdir)
$(verbose) $(M4) $(M4PARAM) -s $^ > $@
$(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(post_te_files)
$(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(post_te_files) $(tmpdir)/all_te_files.conf
@test -d $(tmpdir) || mkdir -p $(tmpdir)
$(verbose) $(M4) $(M4PARAM) $^ > $@
$(verbose) $(GREP) '^[[:blank:]]*user ' $(tmpdir)/all_te_files.conf > $@ || true
$(verbose) $(M4) $(M4PARAM) $(m4support) $(tmpdir)/generated_definitions.conf $(post_te_files) >> $@
# extract attributes and put them first. extract post te stuff
# like genfscon and put last.

1
support/comment_move_decl.sed
View File

@ -11,5 +11,6 @@
/^[[:blank:]]*sid /s/^/# this line was moved by the build process: &/
/^[[:blank:]]*bool /s/^/# this line was moved by the build process: &/
/^[[:blank:]]*role[[:blank:]]+[a-zA-Z_]+[[:blank:]]*;/s/^/# this line was moved by the build process: &/
/^[[:blank:]]*user [a-zA-Z_]+ roles /s/^/# this line was moved by the build process: &/
:nextline