nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
69cd9b4614
selinux-refpolicy/INSTALL
Christian Göttsche 16af31d5a1 re-implement fc_sort in python 
fc_sort is the only/last build tool that requires a C compiler

Re-implement it in python, so that gcc dependencies can be dropped

The output of the C and the python version differ slightly in the order of equally specific file contexts

old:
    /.*		system_u:object_r:default_t
    /sys(/.*)?		system_u:object_r:sysfs_t
    /mnt(/[^/]*)		-l	system_u:object_r:mnt_t
    /mnt(/[^/]*)?		-d	system_u:object_r:mnt_t
    /opt/.*		system_u:object_r:usr_t
    /var/.*		system_u:object_r:var_t
    /usr/.*		system_u:object_r:usr_t
    /srv/.*		system_u:object_r:var_t
    /tmp/.*		<<none>>
    /run/.*		<<none>>
    /dev/.*		system_u:object_r:device_t
    /etc/.*		system_u:object_r:etc_t

new:
    /.*		system_u:object_r:default_t
    /sys(/.*)?		system_u:object_r:sysfs_t
    /mnt(/[^/]*)		-l	system_u:object_r:mnt_t
    /mnt(/[^/]*)?		-d	system_u:object_r:mnt_t
    /dev/.*		system_u:object_r:device_t
    /etc/.*		system_u:object_r:etc_t
    /opt/.*		system_u:object_r:usr_t
    /run/.*		<<none>>
    /srv/.*		system_u:object_r:var_t
    /tmp/.*		<<none>>
    /usr/.*		system_u:object_r:usr_t
    /var/.*		system_u:object_r:var_t
2019-10-06 00:11:30 +02:00

42 lines
956 B
Plaintext
Raw Blame History

Reference Policy has the following build requirements:
* SELinux userspace 2.8
* Python >= 3.4
When developing a policy, running scripts from directory testing/ requires:
* Python >= 3.6
To install Reference Policy sources into /etc/selinux/refpolicy/src/policy:
make install-src
This will back up a pre-existing source policy to the
/etc/selinux/refpolicy/src/policy.bak directory.
If you do not have a modules.conf, one can be generated:
make conf
This will create a default modules.conf. Options for the policy
build process can be found in build.conf. After installing the policy sources,
the old Make targets have been maintained for the monolithic policy:
Local policy development:
make policy
Compile and install the policy:
make install
Compile, install, and load the policy:
make load
Filesystem labeling:
make relabel
make checklabels
make restorelabels
See the README for more information on available make targets.
Reference in New Issue View Git Blame Copy Permalink