diff options
Diffstat (limited to 'SELinux/Makefile')
-rw-r--r-- | SELinux/Makefile | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/SELinux/Makefile b/SELinux/Makefile index 57aec51..c810efb 100644 --- a/SELinux/Makefile +++ b/SELinux/Makefile @@ -1,29 +1,25 @@ - # Since qarshd.te is generated, set an explicit dep on qarshd.pp all: qarshd.pp -vpath qarshd.% /usr/share/selinux/packages/qarsh selinux_devel := /usr/share/selinux/devel -interfaces := services/aisexec.if \ - services/ccs.if \ - services/rgmanager.if \ - services/rhcs.if \ - system/lvm.if \ - system/logging.if - - -interfaces_full := $(addprefix $(selinux_devel)/include/, $(interfaces)) -# Wouldn't it be nice to do them all? -#interfaces_full := $(wildcard $(selinux_devel)/include/services/*.if) - include $(selinux_devel)/Makefile qarshd.te: qarshd.te.in qarshd.te.trans cat $^ > $@ -qarshd.te.trans: qarshd.te.m4 $(interfaces_full) - $(M4) $^ | grep qarshd_t > $@ +# Pull all interfaces listed in policy.xml from the services or apps layer +# which have one parameter named domains and whose name contains domtrans +allinterfaces := $(shell gxpp '//layer[@name = "services" or @name = "apps"]//interface[param/@name="domain" and count(param) = 1 and contains(@name, "domtrans")]/@name' $(selinux_devel)/policy.xml) +badinterfaces := $(shell cat qarshd.bad-interfaces) + +# Filter out interfaces which break policy building or loading. +interfaces = $(filter-out $(badinterfaces), $(allinterfaces)) + +qarshd.te.trans: $(selinux_devel)/policy.xml qarshd.bad-interfaces + for d in $(interfaces); do \ + echo "$$d(qarshd_t)"; \ + done > $@ # Add a cleanup step for our generated files clean: clean-qarsh |