2005-06-01 19:17:13 +00:00
|
|
|
|
|
|
|
########################################
|
|
|
|
#
|
|
|
|
# Helper macros
|
|
|
|
#
|
|
|
|
|
|
|
|
#
|
|
|
|
# shiftn(num,list...)
|
|
|
|
#
|
|
|
|
# shift the list num times
|
|
|
|
#
|
|
|
|
define(`shiftn',`ifelse($1,0,`shift($*)',`shiftn(decr($1),shift(shift($*)))')')
|
2006-06-12 15:49:48 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# ifndef(expr,true_block,false_block)
|
|
|
|
#
|
|
|
|
# m4 does not have this.
|
|
|
|
#
|
|
|
|
define(`ifndef',`ifdef(`$1',`$3',`$2')')
|
2005-06-01 19:17:13 +00:00
|
|
|
|
2005-11-15 18:47:20 +00:00
|
|
|
#
|
|
|
|
# __endline__
|
|
|
|
#
|
|
|
|
# dummy macro to insert a newline. used for
|
|
|
|
# errprint, so the close parentheses can be
|
|
|
|
# indented correctly.
|
|
|
|
#
|
|
|
|
define(`__endline__',`
|
|
|
|
')
|
|
|
|
|
2006-09-21 15:48:15 +00:00
|
|
|
########################################
|
2006-07-25 17:27:00 +00:00
|
|
|
#
|
|
|
|
# refpolwarn(message)
|
|
|
|
#
|
|
|
|
# print a warning message
|
|
|
|
#
|
|
|
|
define(`refpolicywarn',`errprint(__file__:__line__: Warning: `$1'__endline__)')
|
|
|
|
|
2006-09-21 15:48:15 +00:00
|
|
|
########################################
|
2006-07-25 17:27:00 +00:00
|
|
|
#
|
|
|
|
# refpolerr(message)
|
|
|
|
#
|
|
|
|
# print an error message. does not
|
|
|
|
# make anything fail.
|
|
|
|
#
|
|
|
|
define(`refpolicyerr',`errprint(__file__:__line__: Error: `$1'__endline__)')
|
|
|
|
|
2005-09-12 15:17:39 +00:00
|
|
|
########################################
|
|
|
|
#
|
2006-02-15 19:46:20 +00:00
|
|
|
# gen_user(username, prefix, role_set, mls_defaultlevel, mls_range, [mcs_categories])
|
|
|
|
#
|
|
|
|
define(`gen_user',`dnl
|
|
|
|
ifdef(`users_extra',`dnl
|
|
|
|
ifelse(`$2',,,`user $1 prefix $2;')
|
|
|
|
',`dnl
|
|
|
|
user $1 roles { $3 }`'ifdef(`enable_mls', ` level $4 range $5')`'ifdef(`enable_mcs',` level s0 range s0`'ifelse(`$6',,,` - s0:$6')');
|
|
|
|
')dnl
|
|
|
|
')
|
2005-09-12 15:17:39 +00:00
|
|
|
|
2005-06-01 19:17:13 +00:00
|
|
|
########################################
|
|
|
|
#
|
2005-10-06 19:33:06 +00:00
|
|
|
# gen_context(context,mls_sensitivity,[mcs_categories])
|
2005-06-01 19:17:13 +00:00
|
|
|
#
|
2006-05-19 14:06:18 +00:00
|
|
|
define(`gen_context',`$1`'ifdef(`enable_mls',`:$2')`'ifdef(`enable_mcs',`:s0`'ifelse(`$3',,,`:$3')')')dnl
|
2005-06-09 23:06:07 +00:00
|
|
|
|
2005-06-21 17:01:45 +00:00
|
|
|
########################################
|
|
|
|
#
|
|
|
|
# can_exec(domain,executable)
|
|
|
|
#
|
2006-03-28 18:14:24 +00:00
|
|
|
define(`can_exec',`allow $1 $2:file { rx_file_perms execute_no_trans };')
|
2005-06-21 17:01:45 +00:00
|
|
|
|
|
|
|
########################################
|
|
|
|
#
|
|
|
|
# gen_bool(name,default_value)
|
|
|
|
#
|
|
|
|
define(`gen_bool',`
|
|
|
|
bool $1 dflt_or_overr(`$1'_conf,$2);
|
|
|
|
')
|
2006-09-21 15:48:15 +00:00
|
|
|
|
|
|
|
########################################
|
|
|
|
#
|
|
|
|
# gen_cats(N)
|
|
|
|
#
|
|
|
|
# declares categores c0 to c(N-1)
|
|
|
|
#
|
|
|
|
define(`decl_cats',`dnl
|
|
|
|
category c$1;
|
|
|
|
ifelse(`$1',`$2',,`decl_cats(incr($1),$2)')dnl
|
|
|
|
')
|
|
|
|
|
|
|
|
define(`gen_cats',`decl_cats(0,decr($1))')
|