*** empty log message ***

2006-02-22 22:46:02 +00:00 · 2006-02-22 22:46:02 +00:00 · 585f827b55
commit 585f827b55
parent d4d1f2b10a
4 changed files with 29 additions and 199 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -44,3 +44,4 @@ serefpolicy-2.2.16.tgz
 serefpolicy-2.2.17.tgz
 serefpolicy-2.2.18.tgz
 serefpolicy-2.2.19.tgz
+serefpolicy-2.2.20.tgz
--- a/Makefile.devel
+++ b/Makefile.devel
@ -1,192 +1,17 @@
 # installation paths
-SHAREDIR := $(PREFIX)/share/selinux
-HEADERDIR := $(SHAREDIR)/refpolicy/include
+SHAREDIR := /usr/share/selinux
+HEADERDIR := $(SHAREDIR)/devel/include

-include $(HEADERDIR)/build.conf
-
-# executables
-PREFIX := /usr
-BINDIR := $(PREFIX)/bin
-SBINDIR := $(PREFIX)/sbin
-CHECKMODULE := $(BINDIR)/checkmodule
-SEMODULE := $(SBINDIR)/semodule
-SEMOD_PKG := $(BINDIR)/semodule_package
-XMLLINT := $(BINDIR)/xmllint
-
-# helper tools
 AWK ?= gawk
-INSTALL ?= install
-M4 ?= m4
-SED ?= sed
-EINFO ?= echo
-PYTHON ?= python
+NAME ?= $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config)

-# set default build options if missing
-NAME ?= $(shell . /etc/selinux/config; echo $$SELINUXTYPE)
 MLSENABLED := $(shell cat /selinux/mls)
 ifeq ($(MLSENABLED),1)
 MCSFLAG=-mcs
 endif

 TYPE ?= $(NAME)${MCSFLAG}
-DIRECT_INITRC ?= n
-POLY ?= n
-QUIET ?= y

-genxml := $(PYTHON) $(HEADERDIR)/support/segenxml.py
-
-docs = doc
-polxml = $(docs)/policy.xml
-xmldtd = $(HEADERDIR)/support/policy.dtd
-layerxml = metadata.xml
-
-globaltun = $(HEADERDIR)/global_tunables.xml
-globalbool = $(HEADERDIR)/global_booleans.xml
-
-# compile strict policy if requested.
-ifneq ($(findstring strict,$(TYPE)),)
-	M4PARAM += -D strict_policy
-endif
-
-# compile targeted policy if requested.
-ifneq ($(findstring targeted,$(TYPE)),)
-	M4PARAM += -D targeted_policy
-endif
-
-# enable MLS if requested.
-ifneq ($(findstring -mls,$(TYPE)),)
-	M4PARAM += -D enable_mls
-	CHECKPOLICY += -M
-	CHECKMODULE += -M
-endif
-
-# enable MLS if MCS requested.
-ifneq ($(findstring -mcs,$(TYPE)),)
-	M4PARAM += -D enable_mcs
-	CHECKPOLICY += -M
-	CHECKMODULE += -M
-endif
-
-# enable distribution-specific policy
-ifneq ($(DISTRO),)
-	M4PARAM += -D distro_$(DISTRO)
-endif
-
-# enable polyinstantiation
-ifeq ($(POLY),y)
-	M4PARAM += -D enable_polyinstantiation
-endif
-
-ifeq ($(DIRECT_INITRC),y)
-	M4PARAM += -D direct_sysadm_daemon
-endif
-
-ifeq ($(QUIET),y)
-	verbose := @
-endif
-
-M4PARAM += -D hide_broken_symptoms
-
-# policy headers
-m4support = $(wildcard $(HEADERDIR)/support/*.spt)
-all_layers = $(filter-out $(HEADERDIR)/support,$(shell find $(wildcard $(HEADERDIR)/*) -maxdepth 0 -type d))
-all_interfaces = $(foreach layer,$(all_layers),$(wildcard $(layer)/*.if))
-rolemap = $(HEADERDIR)/rolemap
-
-detected_layers =  $(filter-out CVS tmp $(docs),$(shell find $(wildcard *) -maxdepth 0 -type d))
-3rd_party_mods = $(wildcard *.te)
-3rd_party_ifs = $(3rd_party_mods:.te=.if)
-detected_mods = $(3rd_party_mods) $(foreach layer,$(detected_layers),$(wildcard $(layer)/*.te))
-detected_ifs = $(3rd_party_ifs) $(foreach layer,$(detected_layers),$(wildcard $(layer)/*.if))
-all_packages = $(notdir $(detected_mods:.te=.pp))
-
-vpath %.te $(detected_layers)
-vpath %.if $(detected_layers)
-vpath %.fc $(detected_layers)
-
-# if there are modules in the current directory, add them into the third party layer
-ifneq "$(3rd_party_ifs)" ""
-        genxml += -3 .
-endif
-
-########################################
-#
-# Functions
-#
-
-# parse-rolemap modulename,outputfile
-define parse-rolemap
-	$(verbose) $(M4) $(M4PARAM) $(rolemap) | \
-		$(AWK) '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_userdomain_template(" $$2 "," $$3 "," $$1 ")" }' >> $2
-endef
-
-# peruser-expansion modulename,outputfile
-define peruser-expansion
-	$(verbose) echo "ifdef(\`""$1""_per_userdomain_template',\`" > $2
-	$(call parse-rolemap,$1,$2)
-	$(verbose) echo "')" >> $2
-endef
-
-.PHONY: clean all xml
-.SUFFIXES:
-.SUFFIXES: .pp
-
-########################################
-#
-# Main targets
-#
-
-all: $(all_packages)
-
-xml: $(polxml)
-
-########################################
-#
-# Build module packages
-#
-tmp/%.mod: $(m4support) tmp/all_interfaces.conf %.te
-	@$(EINFO) "Compliling $(NAME) $(basename $(@F)) module"
-	@test -d tmp || mkdir -p tmp
-	$(call peruser-expansion,$(basename $(@F)),$@.role)
-	$(verbose) $(M4) $(M4PARAM) -s $^ $@.role > $(@:.mod=.tmp)
-	$(verbose) $(CHECKMODULE) -m $(@:.mod=.tmp) -o $@
-
-tmp/%.mod.fc: $(m4support) %.fc
-	$(verbose) $(M4) $(M4PARAM) $^ > $@
-
-%.pp: tmp/%.mod tmp/%.mod.fc
-	@echo "Creating $(NAME) $(@F) policy package"
-	$(verbose) $(SEMOD_PKG) -o $@ -m $< -f $<.fc
-
-tmp/all_interfaces.conf: $(m4support) $(all_interfaces) $(detected_ifs)
-	@test -d tmp || mkdir -p tmp
-	$(verbose) m4 $^ | sed -e s/dollarsstar/\$$\*/g > $@
+include $(HEADERDIR)/Makefile


-########################################
-#
-# Documentation generation
-#
-
-# minimal dependencies here, because we don't want to rebuild
-# this and its dependents every time the dependencies
-# change.  Also use all .if files here, rather then just the
-# enabled modules.
-$(polxml): $(detected_ifs) $(foreach dir,$(all_layers),$(dir)/$(layerxml))
-	@echo "Creating $@"
-	@mkdir -p doc
-	$(verbose) echo '<?xml version="1.0" encoding="ISO-8859-1" standalone="no"?>' > $@
-	$(verbose) echo '<!DOCTYPE policy SYSTEM "$(xmldtd)">' >> $@
-	$(verbose) $(genxml) -m $(layerxml) --tunables-xml $(globaltun) --booleans-xml $(globalbool) $(all_layers) $(detected_layers) >> $@
-	$(verbose) if test -x $(XMLLINT) && test -f $(xmldtd); then \
-		$(XMLLINT) --noout --dtdvalid $(xmldtd) $@ ;\
-	fi
-
-########################################
-#
-# Clean the environment
-#
-
-clean:
-	rm -fR tmp
-	rm -f *.pp
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -8,14 +8,15 @@
 %define CHECKPOLICYVER 1.29.4-1
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 2.2.19
-Release: 3
+Version: 2.2.20
+Release: 1
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
 patch: policy-20060207.patch
 Source1: modules-targeted.conf
 Source2: booleans-targeted.conf
+Source3: Makefile.devel
 Source4: setrans-targeted.conf
 Source5: modules-mls.conf
 Source6: booleans-mls.conf	
@ -37,7 +38,11 @@ SELinux Base package

 %files 
 %{_mandir}/man8/*
-%doc /usr/share/doc/%{name}-%{version}
+%doc %{_usr}/share/doc/%{name}-%{version}
+%dir %{_usr}/share/selinux
+%dir %{_sysconfdir}/selinux
+%ghost %config(noreplace) %{_sysconfdir}/selinux/config
+%ghost %{_sysconfdir}/sysconfig/selinux

 %define setupCmds() \
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} bare \
@ -60,8 +65,6 @@ make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic}
 make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic} base.pp \
 install -m0644 base.pp ${RPM_BUILD_ROOT}%{_usr}/share/selinux/%1/enableaudit.pp \
 rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%1/booleans \
-touch $RPM_BUILD_ROOT%{_sysconfdir}/selinux/config \
-touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/selinux \
 touch $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%1/seusers \
 touch $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} \
 touch $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%1/contexts/files/file_contexts \
@ -72,12 +75,8 @@ install -m0644 ${RPM_SOURCE_DIR}/setrans-%1.conf ${RPM_BUILD_ROOT}%{_sysconfdir}

 %define fileList() \
 %defattr(-,root,root) \
-%dir %{_usr}/share/selinux \
 %dir %{_usr}/share/selinux/%1 \
 %{_usr}/share/selinux/%1/*.pp \
-%dir %{_sysconfdir}/selinux \
-%ghost %config(noreplace) %{_sysconfdir}/selinux/config \
-%ghost %{_sysconfdir}/sysconfig/selinux \
 %dir %{_sysconfdir}/selinux/%1 \
 %config(noreplace) %{_sysconfdir}/selinux/%1/setrans.conf \
 %ghost %{_sysconfdir}/selinux/%1/seusers \
@ -139,6 +138,11 @@ SELinux Reference Policy - modular.
 %{__rm} -fR $RPM_BUILD_ROOT
 mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8/
 install -m 644 man/man8/*.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
+mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/selinux
+mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig
+mkdir -p %{_usr}/share/selinux
+touch $RPM_BUILD_ROOT%{_sysconfdir}/selinux/config
+touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/selinux

 # Build targeted policy
 # Commented out because only targeted ref policy currently builds
@ -157,10 +161,10 @@ make NAME=strict TYPE=strict-mcs DISTRO=%{distro} DIRECT_INITRC=y MONOLITHIC=%{m

 # Install devel
 make clean
-make 
-make DESTDIR=$RPM_BUILD_ROOT PKGNAME=%{name}-%{version} install-headers install-docs
-install -m 755 ${RPM_SOURCE_DIR}/policygentool ${RPM_BUILD_ROOT}/usr/share/selinux/refpolicy/
-install -m 755 doc/Makefile.example ${RPM_BUILD_ROOT}/usr/share/selinux/refpolicy/Makefile
+make NAME=devel TYPE=targeted-mcs DISTRO=%{distro} DIRECT_INITRC=y MONOLITHIC=%{monolithic} DESTDIR=$RPM_BUILD_ROOT PKGNAME=%{name}-%{version} install-headers install-docs
+install -m 755 ${RPM_SOURCE_DIR}/policygentool ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/
+install -m 755 ${RPM_SOURCE_DIR}/Makefile.devel ${RPM_BUILD_ROOT}%{_usr}/share/selinux/devel/Makefile
+install -m 755 ${RPM_SOURCE_DIR}/Makefile.devel ${RPM_BUILD_ROOT}%{_usr}/share/doc/%{name}-%{version}/Makefile.example


 %clean
@ -284,15 +288,15 @@ SELinux Reference policy development files

 %files devel
 %defattr(-,root,root) 
-%dir %{_usr}/share/selinux/refpolicy
-%dir %{_usr}/share/selinux/refpolicy/include
-%{_usr}/share/selinux/refpolicy/include/*
-%{_usr}/share/selinux/refpolicy/Makefile
-%{_usr}/share/selinux/refpolicy/policygentool
+%dir %{_usr}/share/selinux/devel
+%dir %{_usr}/share/selinux/devel/include
+%{_usr}/share/selinux/devel/include/*
+%{_usr}/share/selinux/devel/Makefile
+%{_usr}/share/selinux/devel/policygentool

 %changelog

-* Wed Feb 22 2006 Dan Walsh <dwalsh@redhat.com> 2.2.19-3
+* Wed Feb 22 2006 Dan Walsh <dwalsh@redhat.com> 2.2.20-1
 - Fix load_policy to work on MLS
 - Fix cron_rw_system_pipes for postfix_postdrop_t
 - Allow audotmount to run showmount
--- a/2
+++ b/2
@ -1 +1 @@
-9799c5001a35b5b3857b3c58931ab515  serefpolicy-2.2.19.tgz
+16bf45c49cbe78b2c977cffc88884de2  serefpolicy-2.2.20.tgz