Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: /
Date: Thu, 31 Mar 2022 03:31:32
Message-Id: 1648694453.f920d4616e262d68762efb6f842afed0448beda0.perfinion@gentoo
1 commit: f920d4616e262d68762efb6f842afed0448beda0
2 Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com>
3 AuthorDate: Tue Mar 22 17:21:23 2022 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Thu Mar 31 02:40:53 2022 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f920d461
7
8 Rules.modular: add pure-load target
9
10 Add a target for modular polices to load all built modules while
11 simultaneously removing all non Reference Policy ones. This will remove
12 dropped Reference Policy modules and user installed ones.
13
14 Signed-off-by: Christian Göttsche <cgzones <AT> googlemail.com>
15 Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
16
17 Rules.modular | 13 ++++++++++++-
18 1 file changed, 12 insertions(+), 1 deletion(-)
19
20 diff --git a/Rules.modular b/Rules.modular
21 index 63a10e7f..f7ee2c11 100644
22 --- a/Rules.modular
23 +++ b/Rules.modular
24 @@ -58,6 +58,17 @@ load: $(instpkg) $(appfiles)
25 @$(INSTALL) -d -m 0755 $(policypath) $(dir $(fcpath))
26 $(verbose) $(SEMODULE) -s $(NAME) -i $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod))
27
28 +########################################
29 +#
30 +# Load all configured modules and remove foreign ones
31 +#
32 +pure-load: $(instpkg) $(appfiles)
33 +# make sure two directories exist since they are not
34 +# created by semanage
35 + @echo "Loading configured modules."
36 + @$(INSTALL) -d -m 0755 $(policypath) $(dir $(fcpath))
37 + $(verbose) $(SEMODULE) -s $(NAME) -i $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod)) $(foreach omod,$(filter-out base $(notdir $(mod_mods:.te=)),$(shell $(SEMODULE) -l)),-r $(omod))
38 +
39 ########################################
40 #
41 # Install policy packages
42 @@ -226,4 +237,4 @@ clean:
43 $(verbose) rm -f $(net_contexts) $(net_contexts_nft)
44 $(verbose) rm -fR $(tmpdir)
45
46 -.PHONY: default all policy base modules install load clean validate
47 +.PHONY: default all policy base modules install load pure-load clean validate
Report Message
Find on MARC Find on Google Groups