- Start building MLS Policy

.cvsignore

@@ -1,3 +1,4 @@
 serefpolicy-2.0.0.tgz
 serefpolicy-2.0.1.tgz
 serefpolicy-2.0.2.tgz
+serefpolicy-2.0.3.tgz

modules-mls.conf

@@ -139,7 +139,7 @@ netutils = base
 #
 # Virtual Private Networking client
 # 
-vpn = off
+vpn = base
 
 # Layer: admin
 # Module: su
@@ -174,14 +174,14 @@ amanda = base
 #
 # Rotate and archive system logs
 # 
-logrotate = off
+logrotate = base
 
 # Layer: admin
 # Module: quota
 #
 # File system quota management
 # 
-quota = off
+quota = base
 
 # Layer: admin
 # Module: consoletype
@@ -195,7 +195,7 @@ consoletype = base
 #
 # Execute a command with a substitute user
 # 
-sudo = off
+sudo = base
 
 # Layer: admin
 # Module: firstboot
@@ -203,14 +203,14 @@ sudo = off
 # Final system configuration run during the first boot
 # after installation of Red Hat/Fedora systems.
 # 
-firstboot = off
+firstboot = base
 
 # Layer: admin
 # Module: tmpreaper
 #
 # Manage temporary directory sizes and file ages
 # 
-tmpreaper = off
+tmpreaper = base
 
 # Layer: admin
 # Module: dmidecode
@@ -224,7 +224,7 @@ dmidecode = base
 #
 # Policy for GNU Privacy Guard and related programs.
 # 
-gpg = off
+gpg = base
 
 # Layer: apps
 # Module: loadkeys
@@ -534,7 +534,7 @@ ftp = base
 #
 # General Purpose Mouse driver
 # 
-gpm = off
+gpm = base
 
 # Layer: services
 # Module: mta
@@ -562,7 +562,7 @@ ntp = base
 #
 # Bluetooth tools and system services.
 # 
-bluetooth = off
+bluetooth = base
 
 # Layer: services
 # Module: hal
@@ -681,7 +681,7 @@ apm = base
 #
 # Policy for TCP daemon.
 # 
-tcpd = off
+tcpd = base
 
 # Layer: services
 # Module: stunnel
@@ -744,7 +744,7 @@ getty = base
 #
 # Policy for logical volume management programs.
 # 
-lvm = off
+lvm = base
 
 # Layer: system
 # Module: sysnetwork
@@ -800,7 +800,7 @@ libraries = base
 #
 # RAID array management tools
 # 
-raid = off
+raid = base
 
 # Layer: system
 # Module: userdomain
@@ -843,7 +843,7 @@ locallogin = base
 #
 # Policy for iptables.
 # 
-iptables = off
+iptables = base
 
 # Layer: system
 # Module: mount
@@ -871,5 +871,5 @@ miscfiles = base
 #
 # TCP/IP encryption
 # 
-ipsec = off
+ipsec = base
 

selinux-policy.spec

@@ -2,22 +2,27 @@
 %define direct_initrc y
 %define monolithic n
 %define polname1 targeted
-%define type1 targeted-mcs
-%define polname2 strict
-%define type2 strict-mcs
-%define polname3 mls
-%define type3 mls
+%define polname2 mls
+%define polname3 strict
 %define POLICYVER 20
 %define POLICYCOREUTILSVER 1.27.27-3
 %define CHECKPOLICYVER 1.27.17-5
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 2.0.2
-Release: 2
+Version: 2.0.3
+Release: 1
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
 patch: policy-20051114.patch
+Source1: modules-%{polname1}.conf
+Source2: booleans-%{polname1}.conf
+Source3: seusers-%{polname1}
+Source4: setrans-%{polname1}.conf
+Source5: modules-%{polname2}.conf
+Source6: booleans-%{polname2}.conf
+Source7: seusers-%{polname2}
+Source8: setrans-%{polname2}.conf
 
 Url: http://serefpolicy.sourceforge.net
 BuildRoot: %{_tmppath}/serefpolicy-buildroot
@@ -45,7 +50,7 @@ make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=%{monolithic}
 %{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%1/policy \
 %{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%1/modules/active \
 %{__mkdir} -p $RPM_BUILD_ROOT/%{_sysconfdir}/selinux/%1/contexts/files \
-make NAME=%1 TYPE=%{type1} DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=y DESTDIR=$RPM_BUILD_ROOT install-appconfig \
+make NAME=%1 TYPE=%2 DISTRO=%{distro} DIRECT_INITRC=%3 MONOLITHIC=y DESTDIR=$RPM_BUILD_ROOT install-appconfig \
 rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%1/booleans \
 touch $RPM_BUILD_ROOT%{_sysconfdir}/selinux/config \
 touch $RPM_BUILD_ROOT%{_sysconfdir}/selinux/%1/seusers \
@@ -121,19 +126,19 @@ SELinux Reference Policy - modular.
 # Build targeted policy
 make conf
 %{__rm} -fR $RPM_BUILD_ROOT
-%installCmds %{polname1} %{type1} %{direct_initrc}
+%installCmds %{polname1} targeted-mcs %{direct_initrc}
+
+# Build mls policy
+make clean
+make conf
+%installCmds %{polname2} strict-mls n
+
 
 # Build strict policy
 # Commented out because only targeted ref policy currently builds
 # make clean
 # make conf
-#%#installCmds %{polname2} %{type2} %{direct_initrc}
-
-# Build mls policy
-make clean
-make conf
-%installCmds %{polname3} %{type3} n
-
+#%#installCmds %{polname3} strict-mcs %{direct_initrc}
 
 %clean
 %{__rm} -fR $RPM_BUILD_ROOT
@@ -183,7 +188,6 @@ fi
 %triggerpostun %{polname1} -- selinux-policy-%{polname1} <= 2.0.0
 %rebuildpolicy %{polname1}
 
-%if 0
 %package %{polname2} 
 Summary: SELinux %{polname2} base policy
 Group: System Environment/Base
@@ -198,15 +202,15 @@ SELinux Reference policy %{polname2} base module.
 
 %post %{polname2} 
 %rebuildpolicy %{polname2} 
-%relabel %{polname1}
+%relabel %{polname2}
 
 %triggerpostun %{polname2} -- %{polname2} <= 2.0.0
 %{rebuildpolicy} %{polname2} 
 
 %files %{polname2}
-#%#fileList %{polname2}
-%endif
+%fileList %{polname2}
 
+%if 0
 %package %{polname3} 
 Summary: SELinux %{polname3} base policy
 Group: System Environment/Base
@@ -221,13 +225,14 @@ SELinux Reference policy %{polname3} base module.
 
 %post %{polname3} 
 %rebuildpolicy %{polname3} 
-%relabel %{polname1}
+%relabel %{polname3}
 
 %triggerpostun %{polname3} -- %{polname3} <= 2.0.0
 %{rebuildpolicy} %{polname3} 
 
 %files %{polname3}
-%fileList %{polname3}
+#%#fileList %{polname3}
+%endif
 
 
 %changelog

sources

@@ -1 +1 @@
-da78f8ca6c94cefa0ed70900755e0a53  serefpolicy-2.0.2.tgz
+241de88813906d089788e9d2fe0a4991  serefpolicy-2.0.3.tgz