add info on build options
This commit is contained in:
parent
b0bdcba0e8
commit
75c1c261c1
@ -73,7 +73,52 @@ checklabels Check the labels on the filesystem, and report when
|
|||||||
restorelabels Relabel the filesystem and report each file that is
|
restorelabels Relabel the filesystem and report each file that is
|
||||||
relabeled.
|
relabeled.
|
||||||
|
|
||||||
2) Reference Policy Files and Directories
|
|
||||||
|
2) Reference Policy Build Options (build.conf)
|
||||||
|
|
||||||
|
TYPE String. Available options are strict, targeted,
|
||||||
|
strict-mls, targeted-mls, strict-mcs, and targeted-mcs.
|
||||||
|
This sets the policy type as strict or targeted, and
|
||||||
|
optionally enables multi-leve security (MLS) or
|
||||||
|
multi-category security (MCS) features. This option
|
||||||
|
controls strict_policy, targeted_policy, enable_mls,
|
||||||
|
and enable_mcs policy blocks.
|
||||||
|
|
||||||
|
NAME String (optional). Sets the name of the policy; the
|
||||||
|
NAME is used when installing files to e.g.,
|
||||||
|
/etc/selinux/NAME and /usr/share/selinux/NAME. If not
|
||||||
|
set, the policy type (TYPE) is used.
|
||||||
|
|
||||||
|
DISTRO String (optional). Enable distribution-specific policy.
|
||||||
|
Available options are redhat, rhel4, gentoo, debian,
|
||||||
|
and suse. This option controls distro_redhat,
|
||||||
|
distro_rhel4, distro_gentoo, distro_debian, and
|
||||||
|
distro_suse policy blocks.
|
||||||
|
|
||||||
|
MONOLITHIC Boolean. If set, a monolithic policy is built,
|
||||||
|
otherwise a modular policy is built.
|
||||||
|
|
||||||
|
DIRECT_INITRC Boolean. If set, sysadm will be allowed to directly
|
||||||
|
run init scripts, instead of requiring the run_init
|
||||||
|
tool. This is a build option instead of a tunable since
|
||||||
|
role transitions do not work in conditional policy.
|
||||||
|
This option controls direct_sysadm_daemon policy
|
||||||
|
blocks.
|
||||||
|
|
||||||
|
POLY Boolean. If set, policy for polyinstantiated
|
||||||
|
directories will be enabled. This option controls
|
||||||
|
enable_polyinstantiation policy blocks.
|
||||||
|
|
||||||
|
OUTPUT_POLICY Integer. Set the version of the policy created when
|
||||||
|
building a monolithic policy. This option has no effect
|
||||||
|
on modular policy.
|
||||||
|
|
||||||
|
QUIET Boolean. If set, the build system will only display
|
||||||
|
status messages and error messages. This option has no
|
||||||
|
effect on policy.
|
||||||
|
|
||||||
|
|
||||||
|
3) Reference Policy Files and Directories
|
||||||
All directories relative to the root of the Reference Policy sources directory.
|
All directories relative to the root of the Reference Policy sources directory.
|
||||||
|
|
||||||
Makefile General rules for building the policy.
|
Makefile General rules for building the policy.
|
||||||
@ -161,4 +206,4 @@ policy/support/* Support macros.
|
|||||||
|
|
||||||
policy/users This file defines the users included in the policy.
|
policy/users This file defines the users included in the policy.
|
||||||
|
|
||||||
support/* Scripts and other tools used to help build the policy.
|
support/* Tools used in the build process.
|
||||||
|
Loading…
Reference in New Issue
Block a user