selinux-policy/support/Makefile.devel


# helper tools
AWK ?= gawk
INSTALL ?= install
M4 ?= m4
SED ?= sed
EINFO ?= echo
PYTHON ?= python
CUT ?= cut

NAME ?= $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config)
SHAREDIR ?= /usr/share/selinux
HEADERDIR ?= $(SHAREDIR)/$(NAME)/include

include $(HEADERDIR)/build.conf

# executables
PREFIX := /usr
BINDIR := $(PREFIX)/bin
SBINDIR := $(PREFIX)/sbin
CHECKMODULE := $(BINDIR)/checkmodule
SEMODULE := $(SBINDIR)/semodule
SEMOD_PKG := $(BINDIR)/semodule_package
XMLLINT := $(BINDIR)/xmllint

# set default build options if missing
TYPE ?= strict
DIRECT_INITRC ?= n
POLY ?= n
QUIET ?= y

genxml := $(PYTHON) $(HEADERDIR)/support/segenxml.py

docs = doc
polxml = $(docs)/policy.xml
xmldtd = $(HEADERDIR)/support/policy.dtd
metaxml = metadata.xml

globaltun = $(HEADERDIR)/global_tunables.xml
globalbool = $(HEADERDIR)/global_booleans.xml

# compile strict policy if requested.
ifneq ($(findstring strict,$(TYPE)),)
	M4PARAM += -D strict_policy
endif

# compile targeted policy if requested.
ifneq ($(findstring targeted,$(TYPE)),)
	M4PARAM += -D targeted_policy
endif

# enable MLS if requested.
ifneq ($(findstring -mls,$(TYPE)),)
	M4PARAM += -D enable_mls
	CHECKPOLICY += -M
	CHECKMODULE += -M
endif

# enable MLS if MCS requested.
ifneq ($(findstring -mcs,$(TYPE)),)
	M4PARAM += -D enable_mcs
	CHECKPOLICY += -M
	CHECKMODULE += -M
endif

# enable distribution-specific policy
ifneq ($(DISTRO),)
	M4PARAM += -D distro_$(DISTRO)
endif

ifeq ($(DIRECT_INITRC),y)
	M4PARAM += -D direct_sysadm_daemon
endif

# default MLS/MCS sensitivity and category settings.
MLS_SENS ?= 16
MLS_CATS ?= 256
MCS_CATS ?= 256

ifeq ($(QUIET),y)
	verbose := @
endif

M4PARAM += -D hide_broken_symptoms -D mls_num_sens=$(MLS_SENS) -D mls_num_cats=$(MLS_CATS) -D mcs_num_cats=$(MCS_CATS)

# policy headers
m4support = $(wildcard $(HEADERDIR)/support/*.spt)

all_layers = $(filter-out $(HEADERDIR)/support,$(shell find $(wildcard $(HEADERDIR)/*) -maxdepth 0 -type d))
all_interfaces = $(foreach layer,$(all_layers),$(wildcard $(layer)/*.if))
rolemap = $(HEADERDIR)/rolemap

detected_layers =  $(filter-out CVS tmp $(docs),$(shell find $(wildcard *) -maxdepth 0 -type d))

clayers = $(addprefix $(CURDIR)/, $(filter $(notdir $(detected_layers)), $(notdir $(all_layers))))
all_layers_subset = $(addprefix $(HEADERDIR)/, $(filter-out $(notdir $(detected_layers)), $(notdir $(all_layers))))
detected_layers_subset = $(addprefix $(CURDIR)/, $(filter-out $(notdir $(clayers)), $(notdir $(detected_layers))))

3rd_party_mods = $(wildcard *.te)
detected_mods = $(3rd_party_mods) $(foreach layer,$(detected_layers),$(wildcard $(layer)/*.te))
detected_mods_subset = $(3rd_party_mods) $(foreach layer,$(detected_layers_subset),$(wildcard $(layer)/*.te))

detected_ifs = $(detected_mods:.te=.if)
detected_fcs = $(detected_mods:.te=.fc)
all_packages = $(notdir $(detected_mods:.te=.pp))

modxml = $(addprefix $(CURDIR)/, $(detected_mods_subset:.te=.xml))
layerxml = $(addprefix tmp/, $(notdir $(addsuffix .xml, $(detected_layers_subset) $(CURDIR))))

hmodxml = $(all_interfaces:.if=.xml)
hlayerxml = $(addsuffix .xml, $(addprefix tmp/, $(notdir $(all_layers_subset))))
hmetaxml = $(foreach layer, $(all_layers_subset), $(layer)/$(metaxml))

cmods = $(foreach layer, $(clayers), $(wildcard $(layer)/*.te))
cmodxml = $(cmods:.te=.xml)
clayerxml= $(addsuffix .xml, $(addprefix tmp/, $(notdir $(clayers))))
cmetaxml = $(foreach layer, $(notdir $(clayers)), $(HEADERDIR)/$(layer)/$(metaxml))

# figure out what modules we may want to reload
loaded_mods = $(addsuffix .pp,$(shell $(SEMODULE) -l | $(CUT) -f1))
sys_mods = $(wildcard $(SHAREDIR)/$(NAME)/*.pp)
match_sys = $(filter $(addprefix $(SHAREDIR)/$(NAME)/,$(loaded_mods)),$(sys_mods))
match_loc = $(filter $(all_packages),$(loaded_mods))

vpath %.te $(detected_layers)
vpath %.if $(detected_layers)
vpath %.fc $(detected_layers)

########################################
#
# Functions
#

# parse-rolemap-compat modulename,outputfile
define parse-rolemap-compat
	$(verbose) $(M4) $(M4PARAM) $(rolemap) | \
		$(AWK) '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_userdomain_template(" $$2 "," $$3 "," $$1 ")" }' >> $2
endef

# parse-rolemap modulename,outputfile
define parse-rolemap
	$(verbose) $(M4) $(M4PARAM) $(rolemap) | \
		$(AWK) '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_role_template(" $$2 "," $$3 "," $$1 ")" }' >> $2
endef

# peruser-expansion modulename,outputfile
define peruser-expansion
	$(verbose) echo "ifdef(\`""$1""_per_role_template',\`" > $2
	$(call parse-rolemap,$1,$2)
	$(verbose) echo "')" >> $2

	$(verbose) echo "ifdef(\`""$1""_per_userdomain_template',\`" >> $2
	$(verbose) echo "errprint(\`Warning: per_userdomain_templates have been renamed to per_role_templates (""$1""_per_userdomain_template)'__endline__)" >> $2
	$(call parse-rolemap-compat,$1,$2)
	$(verbose) echo "')" >> $2
endef

.PHONY: clean all xml load reload
.SUFFIXES:
.SUFFIXES: .pp
# broken in make 3.81:
#.SECONDARY:

########################################
#
# Main targets
#

all: $(all_packages)

xml: $(polxml)

########################################
#
# Attempt to reinstall all installed packages
#
refresh:
	@$(EINFO) "Refreshing $(NAME) modules"
	$(verbose) $(SEMODULE) -b $(SHAREDIR)/$(NAME)/base.pp $(foreach mod,$(match_sys) $(match_loc),-i $(mod))

########################################
#
# Load module packages
#

load: tmp/loaded
tmp/loaded: $(all_packages)
	@$(EINFO) "Loading $(NAME) modules: $(basename $(notdir $?))"
	$(verbose) $(SEMODULE) $(foreach mod,$?,-i $(mod))
	@mkdir -p tmp
	@touch tmp/loaded

reload: $(all_packages)
	@$(EINFO) "Loading $(NAME) modules: $(basename $(notdir $^))"
	$(verbose) $(SEMODULE) $(foreach mod,$^,-i $(mod))
	@mkdir -p tmp
	@touch tmp/loaded

########################################
#
# Build module packages
#
tmp/%.mod: $(m4support) tmp/all_interfaces.conf %.te
	@$(EINFO) "Compiling $(NAME) $(basename $(@F)) module"
	@test -d tmp || mkdir -p tmp
	$(call peruser-expansion,$(basename $(@F)),$@.role)
	$(verbose) $(M4) $(M4PARAM) -s $^ $@.role > $(@:.mod=.tmp)
	$(verbose) $(CHECKMODULE) -m $(@:.mod=.tmp) -o $@

tmp/%.mod.fc: $(m4support) %.fc
	$(verbose) $(M4) $(M4PARAM) $^ > $@

%.pp: tmp/%.mod tmp/%.mod.fc
	@echo "Creating $(NAME) $(@F) policy package"
	$(verbose) $(SEMOD_PKG) -o $@ -m $< -f $<.fc

tmp/all_interfaces.conf: $(m4support) $(all_interfaces) $(detected_ifs)
	@test -d tmp || mkdir -p tmp
	$(verbose) m4 $^ | sed -e s/dollarsstar/\$$\*/g > $@

# so users dont have to make empty .fc and .if files
$(detected_ifs) $(detected_fcs):
	@touch $@

########################################
#
# Documentation generation
#

$(clayerxml): %.xml: $(cmodxml) $(hmodxml) $(cmetaxml)
	@test -d tmp || mkdir -p tmp
	$(verbose) echo '<layer name="$(*F)">' > $@
	$(verbose) cat $(addprefix $(HEADERDIR)/, $(notdir $*)/$(metaxml)) >> $@;
	$(verbose) cat $(filter $(addprefix $(CURDIR)/, $(notdir $*))/%, $(cmodxml)) >> $@
	$(verbose) cat $(filter-out $(addprefix $(HEADERDIR)/, $(notdir $*))/$(metaxml), $(filter $(addprefix $(HEADERDIR)/, $(notdir $*))/%, $(hmodxml))) >> $@
	$(verbose) echo '</layer>' >> $@

$(hlayerxml): %.xml: $(hmodxml) $(hmetaxml)
	@test -d tmp || mkdir -p tmp
	$(verbose) echo '<layer name="$(*F)">' > $@
	$(verbose) cat $(addprefix $(HEADERDIR)/, $(notdir $*)/$(metaxml)) >> $@;
	$(verbose) cat $(filter-out $(addprefix $(HEADERDIR)/, $(notdir $*))/$(metaxml), $(filter $(addprefix $(HEADERDIR)/, $(notdir $*))/%, $(hmodxml))) >> $@
	$(verbose) echo '</layer>' >> $@

$(cmodxml) $(modxml): %.xml: %.if %.te
	$(verbose) $(genxml) -w -m $* > $@

$(layerxml): %.xml: $(modxml)
	@test -d tmp || mkdir -p tmp
	$(verbose) echo '<layer name="$(*F)">' > $@
	$(verbose) if test -f '$(metaxml)'; then \
		cat $(metaxml) >> $@; \
	else \
		echo '<summary>This is all third-party generated modules.</summary>' >> $@; \
	fi
	$(verbose) cat $(filter-out %/$(metaxml), $^) >> $@
	$(verbose) echo '</layer>' >> $@

$(polxml): $(clayerxml) $(hlayerxml) $(layerxml) $(globaltun) $(globalbool)
	@echo "Creating $(@F)"
	@test -d $(dir $(polxml)) || mkdir -p $(dir $(polxml))
	$(verbose) echo '<?xml version="1.0" encoding="ISO-8859-1" standalone="no"?>' > $@
	$(verbose) echo '<!DOCTYPE policy SYSTEM "$(notdir $(xmldtd))">' >> $@
	$(verbose) echo '<policy>' >> $@
	$(verbose) cat $(sort $(clayerxml) $(hlayerxml) $(layerxml)) $(globaltun) $(globalbool) >> $@
	$(verbose) echo '</policy>' >> $@
	$(verbose) if test -x $(XMLLINT) && test -f $(xmldtd); then \
		$(XMLLINT) --noout --path $(dir $(xmldtd)) --dtdvalid $(xmldtd) $@ ;\
	fi

########################################
#
# Clean the environment
#

clean:
	rm -fR tmp
	rm -f *.pp
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00
try to be smarter about NAME 2006-02-22 18:30:15 +00:00			`# helper tools`
			`AWK ?= gawk`
			`INSTALL ?= install`
			`M4 ?= m4`
			`SED ?= sed`
			`EINFO ?= echo`
			`PYTHON ?= python`
add refresh target to devel makefile which tries to reload all of the modules currently in the store. 2007-03-29 12:08:00 +00:00			`CUT ?= cut`
try to be smarter about NAME 2006-02-22 18:30:15 +00:00
			`NAME ?= $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config)`
			`SHAREDIR ?= /usr/share/selinux`
			`HEADERDIR ?= $(SHAREDIR)/$(NAME)/include`

xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`include $(HEADERDIR)/build.conf`

			`# executables`
			`PREFIX := /usr`
			`BINDIR := $(PREFIX)/bin`
			`SBINDIR := $(PREFIX)/sbin`
			`CHECKMODULE := $(BINDIR)/checkmodule`
			`SEMODULE := $(SBINDIR)/semodule`
			`SEMOD_PKG := $(BINDIR)/semodule_package`
			`XMLLINT := $(BINDIR)/xmllint`

			`# set default build options if missing`
			`TYPE ?= strict`
			`DIRECT_INITRC ?= n`
			`POLY ?= n`
			`QUIET ?= y`

			`genxml := $(PYTHON) $(HEADERDIR)/support/segenxml.py`

			`docs = doc`
			`polxml = $(docs)/policy.xml`
			`xmldtd = $(HEADERDIR)/support/policy.dtd`
- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00			`metaxml = metadata.xml`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00
			`globaltun = $(HEADERDIR)/global_tunables.xml`
			`globalbool = $(HEADERDIR)/global_booleans.xml`

			`# compile strict policy if requested.`
			`ifneq ($(findstring strict,$(TYPE)),)`
			`M4PARAM += -D strict_policy`
			`endif`

			`# compile targeted policy if requested.`
			`ifneq ($(findstring targeted,$(TYPE)),)`
			`M4PARAM += -D targeted_policy`
			`endif`

			`# enable MLS if requested.`
			`ifneq ($(findstring -mls,$(TYPE)),)`
			`M4PARAM += -D enable_mls`
			`CHECKPOLICY += -M`
			`CHECKMODULE += -M`
			`endif`

			`# enable MLS if MCS requested.`
			`ifneq ($(findstring -mcs,$(TYPE)),)`
			`M4PARAM += -D enable_mcs`
			`CHECKPOLICY += -M`
			`CHECKMODULE += -M`
			`endif`

			`# enable distribution-specific policy`
			`ifneq ($(DISTRO),)`
			`M4PARAM += -D distro_$(DISTRO)`
			`endif`

			`ifeq ($(DIRECT_INITRC),y)`
			`M4PARAM += -D direct_sysadm_daemon`
			`endif`

- Move range transitions to modules. - Make number of MLS sensitivities, and number of MLS and MCS categories configurable as build options. 2006-10-04 17:25:34 +00:00			`# default MLS/MCS sensitivity and category settings.`
			`MLS_SENS ?= 16`
			`MLS_CATS ?= 256`
			`MCS_CATS ?= 256`

xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`ifeq ($(QUIET),y)`
			`verbose := @`
			`endif`

- Move range transitions to modules. - Make number of MLS sensitivities, and number of MLS and MCS categories configurable as build options. 2006-10-04 17:25:34 +00:00			`M4PARAM += -D hide_broken_symptoms -D mls_num_sens=$(MLS_SENS) -D mls_num_cats=$(MLS_CATS) -D mcs_num_cats=$(MCS_CATS)`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00
			`# policy headers`
			`m4support = $(wildcard $(HEADERDIR)/support/*.spt)`
- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`all_layers = $(filter-out $(HEADERDIR)/support,$(shell find $(wildcard $(HEADERDIR)/*) -maxdepth 0 -type d))`
			`all_interfaces = $(foreach layer,$(all_layers),$(wildcard $(layer)/*.if))`
			`rolemap = $(HEADERDIR)/rolemap`

			`detected_layers = $(filter-out CVS tmp $(docs),$(shell find $(wildcard *) -maxdepth 0 -type d))`
- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00
			`clayers = $(addprefix $(CURDIR)/, $(filter $(notdir $(detected_layers)), $(notdir $(all_layers))))`
			`all_layers_subset = $(addprefix $(HEADERDIR)/, $(filter-out $(notdir $(detected_layers)), $(notdir $(all_layers))))`
			`detected_layers_subset = $(addprefix $(CURDIR)/, $(filter-out $(notdir $(clayers)), $(notdir $(detected_layers))))`

xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`3rd_party_mods = $(wildcard *.te)`
			`detected_mods = $(3rd_party_mods) $(foreach layer,$(detected_layers),$(wildcard $(layer)/*.te))`
- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00			`detected_mods_subset = $(3rd_party_mods) $(foreach layer,$(detected_layers_subset),$(wildcard $(layer)/*.te))`

make .te and .fc files optional by touching them if they are missing. 2006-04-06 19:18:53 +00:00			`detected_ifs = $(detected_mods:.te=.if)`
			`detected_fcs = $(detected_mods:.te=.fc)`
add missing vpath and .pp build dir for modules in local layers 2006-02-16 21:20:55 +00:00			`all_packages = $(notdir $(detected_mods:.te=.pp))`

- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00			`modxml = $(addprefix $(CURDIR)/, $(detected_mods_subset:.te=.xml))`
			`layerxml = $(addprefix tmp/, $(notdir $(addsuffix .xml, $(detected_layers_subset) $(CURDIR))))`

			`hmodxml = $(all_interfaces:.if=.xml)`
			`hlayerxml = $(addsuffix .xml, $(addprefix tmp/, $(notdir $(all_layers_subset))))`
			`hmetaxml = $(foreach layer, $(all_layers_subset), $(layer)/$(metaxml))`

			`cmods = $(foreach layer, $(clayers), $(wildcard $(layer)/*.te))`
			`cmodxml = $(cmods:.te=.xml)`
			`clayerxml= $(addsuffix .xml, $(addprefix tmp/, $(notdir $(clayers))))`
			`cmetaxml = $(foreach layer, $(notdir $(clayers)), $(HEADERDIR)/$(layer)/$(metaxml))`

add refresh target to devel makefile which tries to reload all of the modules currently in the store. 2007-03-29 12:08:00 +00:00			`# figure out what modules we may want to reload`
			`loaded_mods = $(addsuffix .pp,$(shell $(SEMODULE) -l \| $(CUT) -f1))`
			`sys_mods = $(wildcard $(SHAREDIR)/$(NAME)/*.pp)`
			`match_sys = $(filter $(addprefix $(SHAREDIR)/$(NAME)/,$(loaded_mods)),$(sys_mods))`
			`match_loc = $(filter $(all_packages),$(loaded_mods))`

add missing vpath and .pp build dir for modules in local layers 2006-02-16 21:20:55 +00:00			`vpath %.te $(detected_layers)`
			`vpath %.if $(detected_layers)`
			`vpath %.fc $(detected_layers)`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00
			`########################################`
			`#`
			`# Functions`
			`#`

add main part of role-o-matic 2006-09-06 22:07:25 +00:00			`# parse-rolemap-compat modulename,outputfile`
			`define parse-rolemap-compat`
			`$(verbose) $(M4) $(M4PARAM) $(rolemap) \| \`
			`$(AWK) '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_userdomain_template(" $$2 "," $$3 "," $$1 ")" }' >> $2`
			`endef`

xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`# parse-rolemap modulename,outputfile`
			`define parse-rolemap`
			`$(verbose) $(M4) $(M4PARAM) $(rolemap) \| \`
add main part of role-o-matic 2006-09-06 22:07:25 +00:00			`$(AWK) '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_role_template(" $$2 "," $$3 "," $$1 ")" }' >> $2`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`endef`

			`# peruser-expansion modulename,outputfile`
			`define peruser-expansion`
add main part of role-o-matic 2006-09-06 22:07:25 +00:00			$(verbose) echo "ifdef(\`""$1""_per_role_template',\`" > $2
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`$(call parse-rolemap,$1,$2)`
			`$(verbose) echo "')" >> $2`
add main part of role-o-matic 2006-09-06 22:07:25 +00:00
			$(verbose) echo "ifdef(\`""$1""_per_userdomain_template',\`" >> $2
			$(verbose) echo "errprint(\`Warning: per_userdomain_templates have been renamed to per_role_templates (""$1""_per_userdomain_template)'__endline__)" >> $2
			`$(call parse-rolemap-compat,$1,$2)`
			`$(verbose) echo "')" >> $2`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`endef`

- Add a reload target to Modules.devel and change the load target to only insert modules that were changed. 2006-11-13 03:36:13 +00:00			`.PHONY: clean all xml load reload`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`.SUFFIXES:`
			`.SUFFIXES: .pp`
comment out .SECONDARY since its broken in make 3.81, and rawhide uses this make now 2006-05-26 14:33:44 +00:00			`# broken in make 3.81:`
			`#.SECONDARY:`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00
			`########################################`
			`#`
			`# Main targets`
			`#`

			`all: $(all_packages)`

			`xml: $(polxml)`

add refresh target to devel makefile which tries to reload all of the modules currently in the store. 2007-03-29 12:08:00 +00:00			`########################################`
			`#`
			`# Attempt to reinstall all installed packages`
			`#`
			`refresh:`
			`@$(EINFO) "Refreshing $(NAME) modules"`
			`$(verbose) $(SEMODULE) -b $(SHAREDIR)/$(NAME)/base.pp $(foreach mod,$(match_sys) $(match_loc),-i $(mod))`

add load target to Makefile.devel 2006-10-10 15:23:17 +00:00			`########################################`
			`#`
			`# Load module packages`
			`#`
make load target more friendly and add reload target 2006-10-25 20:38:33 +00:00
			`load: tmp/loaded`
- Add a reload target to Modules.devel and change the load target to only insert modules that were changed. 2006-11-13 03:36:13 +00:00			`tmp/loaded: $(all_packages)`
			`@$(EINFO) "Loading $(NAME) modules: $(basename $(notdir $?))"`
			`$(verbose) $(SEMODULE) $(foreach mod,$?,-i $(mod))`
			`@mkdir -p tmp`
			`@touch tmp/loaded`
make load target more friendly and add reload target 2006-10-25 20:38:33 +00:00
- Add a reload target to Modules.devel and change the load target to only insert modules that were changed. 2006-11-13 03:36:13 +00:00			`reload: $(all_packages)`
			`@$(EINFO) "Loading $(NAME) modules: $(basename $(notdir $^))"`
add load target to Makefile.devel 2006-10-10 15:23:17 +00:00			`$(verbose) $(SEMODULE) $(foreach mod,$^,-i $(mod))`
make load target more friendly and add reload target 2006-10-25 20:38:33 +00:00			`@mkdir -p tmp`
			`@touch tmp/loaded`
add load target to Makefile.devel 2006-10-10 15:23:17 +00:00
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`########################################`
			`#`
			`# Build module packages`
			`#`
			`tmp/%.mod: $(m4support) tmp/all_interfaces.conf %.te`
make .te and .fc files optional by touching them if they are missing. 2006-04-06 19:18:53 +00:00			`@$(EINFO) "Compiling $(NAME) $(basename $(@F)) module"`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`@test -d tmp \|\| mkdir -p tmp`
			`$(call peruser-expansion,$(basename $(@F)),$@.role)`
			`$(verbose) $(M4) $(M4PARAM) -s $^ $@.role > $(@:.mod=.tmp)`
			`$(verbose) $(CHECKMODULE) -m $(@:.mod=.tmp) -o $@`

			`tmp/%.mod.fc: $(m4support) %.fc`
			`$(verbose) $(M4) $(M4PARAM) $^ > $@`

			`%.pp: tmp/%.mod tmp/%.mod.fc`
			`@echo "Creating $(NAME) $(@F) policy package"`
			`$(verbose) $(SEMOD_PKG) -o $@ -m $< -f $<.fc`

			`tmp/all_interfaces.conf: $(m4support) $(all_interfaces) $(detected_ifs)`
			`@test -d tmp \|\| mkdir -p tmp`
			`$(verbose) m4 $^ \| sed -e s/dollarsstar/\$$\*/g > $@`

make .te and .fc files optional by touching them if they are missing. 2006-04-06 19:18:53 +00:00			`# so users dont have to make empty .fc and .if files`
			`$(detected_ifs) $(detected_fcs):`
			`@touch $@`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00
			`########################################`
			`#`
			`# Documentation generation`
			`#`

- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00			`$(clayerxml): %.xml: $(cmodxml) $(hmodxml) $(cmetaxml)`
			`@test -d tmp \|\| mkdir -p tmp`
			`$(verbose) echo '<layer name="$(*F)">' > $@`
			`$(verbose) cat $(addprefix $(HEADERDIR)/, $(notdir $*)/$(metaxml)) >> $@;`
			`$(verbose) cat $(filter $(addprefix $(CURDIR)/, $(notdir $*))/%, $(cmodxml)) >> $@`
			`$(verbose) cat $(filter-out $(addprefix $(HEADERDIR)/, $(notdir $))/$(metaxml), $(filter $(addprefix $(HEADERDIR)/, $(notdir $))/%, $(hmodxml))) >> $@`
			`$(verbose) echo '</layer>' >> $@`

			`$(hlayerxml): %.xml: $(hmodxml) $(hmetaxml)`
			`@test -d tmp \|\| mkdir -p tmp`
			`$(verbose) echo '<layer name="$(*F)">' > $@`
			`$(verbose) cat $(addprefix $(HEADERDIR)/, $(notdir $*)/$(metaxml)) >> $@;`
			`$(verbose) cat $(filter-out $(addprefix $(HEADERDIR)/, $(notdir $))/$(metaxml), $(filter $(addprefix $(HEADERDIR)/, $(notdir $))/%, $(hmodxml))) >> $@`
			`$(verbose) echo '</layer>' >> $@`

			`$(cmodxml) $(modxml): %.xml: %.if %.te`
			`$(verbose) $(genxml) -w -m $* > $@`

			`$(layerxml): %.xml: $(modxml)`
			`@test -d tmp \|\| mkdir -p tmp`
			`$(verbose) echo '<layer name="$(*F)">' > $@`
			`$(verbose) if test -f '$(metaxml)'; then \`
			`cat $(metaxml) >> $@; \`
			`else \`
			`echo '<summary>This is all third-party generated modules.</summary>' >> $@; \`
			`fi`
			`$(verbose) cat $(filter-out %/$(metaxml), $^) >> $@`
			`$(verbose) echo '</layer>' >> $@`

			`$(polxml): $(clayerxml) $(hlayerxml) $(layerxml) $(globaltun) $(globalbool)`
			`@echo "Creating $(@F)"`
			`@test -d $(dir $(polxml)) \|\| mkdir -p $(dir $(polxml))`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`$(verbose) echo '<?xml version="1.0" encoding="ISO-8859-1" standalone="no"?>' > $@`
- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00			`$(verbose) echo '<!DOCTYPE policy SYSTEM "$(notdir $(xmldtd))">' >> $@`
			`$(verbose) echo '<policy>' >> $@`
			`$(verbose) cat $(sort $(clayerxml) $(hlayerxml) $(layerxml)) $(globaltun) $(globalbool) >> $@`
			`$(verbose) echo '</policy>' >> $@`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`$(verbose) if test -x $(XMLLINT) && test -f $(xmldtd); then \`
- Move booleans and tunables to modules when it is only used in a single module. - Add support for tunables and booleans local to a module. 2007-03-26 18:41:45 +00:00			`$(XMLLINT) --noout --path $(dir $(xmldtd)) --dtdvalid $(xmldtd) $@ ;\`
xml building changes, add desc tag to booleans, add summary tag to bools 2006-02-10 18:41:53 +00:00			`fi`

			`########################################`
			`#`
			`# Clean the environment`
			`#`

			`clean:`
			`rm -fR tmp`
			`rm -f *.pp`