blob: 87f7e5810212ad3030d79ffe72f41fb527d544bc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
# Since qarshd.te is generated, set an explicit dep on qarshd.pp
all: qarshd.pp
selinux_devel := /usr/share/selinux/devel
include $(selinux_devel)/Makefile
qarshd.te: qarshd.te.in qarshd.te.trans
cat $^ > $@
# Pull all interfaces listed in policy.xml from the services or apps layer
# which have one parameter named domains and whose name contains domtrans
interfacecond := param/@name="domain" and count(param)=1 and contains(@name, "domtrans") and not(contains(@name, "_spec"))
allinterfaces := $(shell gxpp '//layer[@name = "services" or @name = "apps"]//interface[$(interfacecond)]/@name' $(selinux_devel)/policy.xml)
allinterfaces += $(shell gxpp '//layer[@name = "system"]//module[@name="lvm" or @name="logging"]/interface[$(interfacecond)]/@name' $(selinux_devel)/policy.xml)
badinterfaces := $(shell cat qarshd.bad-interfaces)
# Filter out interfaces which break policy building or loading.
interfaces := $(filter-out $(badinterfaces), $(allinterfaces))
qarshd.te.trans: $(selinux_devel)/policy.xml qarshd.bad-interfaces Makefile
@for d in $(interfaces); do \
echo "optional_policy(\`$$d(qarshd_t)')"; \
done > $@
# Helpful target to see what is not needed in bad-interfaces
notbad := $(filter-out $(filter $(badinterfaces), $(allinterfaces)), $(badinterfaces))
qarshd.notbad:
@echo $(notbad) | sort
# Add a cleanup step for our generated files
clean: clean-qarsh
clean-qarsh:
$(RM) qarshd.te qarshd.te.trans
|
