fix for new new modules.conf behavior
This commit is contained in:
parent
f0cc1acd4a
commit
e8b3e30abe
@ -139,8 +139,19 @@ GENERATED_FC := $(basename $(foreach dir,$(ALL_LAYERS),$(wildcard $(dir)/*.fc.in
|
|||||||
# when a generated file is already generated
|
# when a generated file is already generated
|
||||||
DETECTED_MODS := $(sort $(foreach dir,$(ALL_LAYERS),$(wildcard $(dir)/*.te)) $(GENERATED_TE))
|
DETECTED_MODS := $(sort $(foreach dir,$(ALL_LAYERS),$(wildcard $(dir)/*.te)) $(GENERATED_TE))
|
||||||
|
|
||||||
MODON = on
|
MODBASE := base
|
||||||
ENABLEMOD := $(foreach mod,$(shell awk '/^[[:blank:]]*[[:alpha:]]/{ if ($$3 == "$(MODON)") print $$1 }' $(MOD_CONF)),$(subst ./,,$(shell find -iname $(mod).te)))
|
MODMOD := module
|
||||||
|
BASE_MODS := $(foreach mod,$(shell awk '/^[[:blank:]]*[[:alpha:]]/{ if ($$3 == "$(MODBASE)") print $$1 }' $(MOD_CONF)),$(subst ./,,$(shell find -iname $(mod).te)))
|
||||||
|
MOD_MODS := $(foreach mod,$(shell awk '/^[[:blank:]]*[[:alpha:]]/{ if ($$3 == "$(MODMOD)") print $$1 }' $(MOD_CONF)),$(subst ./,,$(shell find -iname $(mod).te)))
|
||||||
|
|
||||||
|
# for monolithic policy use all base and module to create policy
|
||||||
|
# for modular policy, use only base
|
||||||
|
ifeq ($(MONOLITHIC),y)
|
||||||
|
ENABLEMOD := $(BASE_MODS) $(MOD_MODS)
|
||||||
|
else
|
||||||
|
ENABLEMOD := $(BASE_MODS)
|
||||||
|
endif
|
||||||
|
|
||||||
ALL_MODULES := $(filter $(ENABLEMOD),$(DETECTED_MODS))
|
ALL_MODULES := $(filter $(ENABLEMOD),$(DETECTED_MODS))
|
||||||
|
|
||||||
PRE_TE_FILES := $(addprefix $(FLASKDIR)/,security_classes initial_sids access_vectors) $(M4SUPPORT) $(POLDIR)/mls
|
PRE_TE_FILES := $(addprefix $(FLASKDIR)/,security_classes initial_sids access_vectors) $(M4SUPPORT) $(POLDIR)/mls
|
||||||
|
Loading…
Reference in New Issue
Block a user