93 lines
3.5 KiB
Diff
93 lines
3.5 KiB
Diff
diff --git a/checkpolicy/checkmodule.8 b/checkpolicy/checkmodule.8
|
|
index 40f73c5..2a7ab5c 100644
|
|
--- a/checkpolicy/checkmodule.8
|
|
+++ b/checkpolicy/checkmodule.8
|
|
@@ -3,7 +3,7 @@
|
|
checkmodule \- SELinux policy module compiler
|
|
.SH SYNOPSIS
|
|
.B checkmodule
|
|
-.I "[-h] [-b] [-m] [-M] [-U handle_unknown ] [-V] [-o output_file] [input_file]"
|
|
+.I "[\-h] [\-b] [\-m] [\-M] [\-U handle_unknown ] [\-V] [\-o output_file] [input_file]"
|
|
.SH "DESCRIPTION"
|
|
This manual page describes the
|
|
.BR checkmodule
|
|
@@ -12,7 +12,7 @@ command.
|
|
.B checkmodule
|
|
is a program that checks and compiles a SELinux security policy module
|
|
into a binary representation. It can generate either a base policy
|
|
-module (default) or a non-base policy module (-m option); typically,
|
|
+module (default) or a non-base policy module (\-m option); typically,
|
|
you would build a non-base policy module to add to an existing module
|
|
store that already has a base module provided by the base policy. Use
|
|
semodule_package to combine this module with its optional file
|
|
@@ -48,7 +48,7 @@ Specify how the kernel should handle unknown classes or permissions (deny, allow
|
|
.SH EXAMPLE
|
|
.nf
|
|
# Build a MLS/MCS-enabled non-base policy module.
|
|
-$ checkmodule -M -m httpd.te -o httpd.mod
|
|
+$ checkmodule \-M \-m httpd.te \-o httpd.mod
|
|
.fi
|
|
|
|
.SH "SEE ALSO"
|
|
diff --git a/checkpolicy/checkpolicy.8 b/checkpolicy/checkpolicy.8
|
|
index 6826938..0086bdc 100644
|
|
--- a/checkpolicy/checkpolicy.8
|
|
+++ b/checkpolicy/checkpolicy.8
|
|
@@ -3,7 +3,7 @@
|
|
checkpolicy \- SELinux policy compiler
|
|
.SH SYNOPSIS
|
|
.B checkpolicy
|
|
-.I "[-b] [-d] [-M] [-c policyvers] [-o output_file] [input_file]"
|
|
+.I "[\-b] [\-d] [\-M] [\-c policyvers] [\-o output_file] [input_file]"
|
|
.br
|
|
.SH "DESCRIPTION"
|
|
This manual page describes the
|
|
@@ -14,7 +14,7 @@ command.
|
|
is a program that checks and compiles a SELinux security policy configuration
|
|
into a binary representation that can be loaded into the kernel. If no
|
|
input file name is specified, checkpolicy will attempt to read from
|
|
-policy.conf or policy, depending on whether the -b flag is specified.
|
|
+policy.conf or policy, depending on whether the \-b flag is specified.
|
|
|
|
.SH OPTIONS
|
|
.TP
|
|
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
|
|
index 544f235..292f568 100644
|
|
--- a/checkpolicy/checkpolicy.c
|
|
+++ b/checkpolicy/checkpolicy.c
|
|
@@ -402,7 +402,7 @@ int main(int argc, char **argv)
|
|
{"binary", no_argument, NULL, 'b'},
|
|
{"debug", no_argument, NULL, 'd'},
|
|
{"version", no_argument, NULL, 'V'},
|
|
- {"handle-unknown", optional_argument, NULL, 'U'},
|
|
+ {"handle-unknown", required_argument, NULL, 'U'},
|
|
{"mls", no_argument, NULL, 'M'},
|
|
{"help", no_argument, NULL, 'h'},
|
|
{NULL, 0, NULL, 0}
|
|
diff --git a/checkpolicy/policy_scan.l b/checkpolicy/policy_scan.l
|
|
index bba7667..ab046cc 100644
|
|
--- a/checkpolicy/policy_scan.l
|
|
+++ b/checkpolicy/policy_scan.l
|
|
@@ -240,7 +240,7 @@ HIGH { return(HIGH); }
|
|
low |
|
|
LOW { return(LOW); }
|
|
"/"({alnum}|[_\.\-/])* { return(PATH); }
|
|
-\"({alnum}|[_\.\-\+\~])+\" { return(FILENAME); }
|
|
+\"({alnum}|[_\.\-\+\~\: ])+\" { return(FILENAME); }
|
|
{letter}({alnum}|[_\-])*([\.]?({alnum}|[_\-]))* { return(IDENTIFIER); }
|
|
{alnum}*{letter}{alnum}* { return(FILESYSTEM); }
|
|
{digit}+|0x{hexval}+ { return(NUMBER); }
|
|
diff --git a/checkpolicy/test/Makefile b/checkpolicy/test/Makefile
|
|
index 0731e89..63b4d24 100644
|
|
--- a/checkpolicy/test/Makefile
|
|
+++ b/checkpolicy/test/Makefile
|
|
@@ -3,7 +3,7 @@
|
|
#
|
|
PREFIX ?= $(DESTDIR)/usr
|
|
BINDIR=$(PREFIX)/bin
|
|
-LIBDIR=$(PREFIX)/lib
|
|
+LIBDIR ?= $(PREFIX)/lib
|
|
INCLUDEDIR ?= $(PREFIX)/include
|
|
|
|
CFLAGS ?= -g -Wall -W -Werror -O2 -pipe
|