diff options
| author |   Christian Göttsche <cgzones@googlemail.com> | 2022-03-22 18:21:23 +0100 |
|---|---|---|
| committer |   Jason Zaman <perfinion@gentoo.org> | 2022-03-30 19:40:53 -0700 |
| commit | f920d4616e262d68762efb6f842afed0448beda0 (patch) | |
| tree | 5ea9c79e8fd21a9114e7636a456861fea4b527e9 | |
| parent | Makefile: use override for adding options (diff) | |
| download | hardened-refpolicy-f920d4616e262d68762efb6f842afed0448beda0.tar.gz hardened-refpolicy-f920d4616e262d68762efb6f842afed0448beda0.tar.bz2 hardened-refpolicy-f920d4616e262d68762efb6f842afed0448beda0.zip | |
Rules.modular: add pure-load target
Add a target for modular polices to load all built modules while
simultaneously removing all non Reference Policy ones. This will remove
dropped Reference Policy modules and user installed ones.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
| -rw-r--r-- | Rules.modular | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/Rules.modular b/Rules.modular index 63a10e7f..f7ee2c11 100644 --- a/Rules.modular +++ b/Rules.modular @@ -60,6 +60,17 @@ load: $(instpkg) $(appfiles) ######################################## # +# Load all configured modules and remove foreign ones +# +pure-load: $(instpkg) $(appfiles) +# make sure two directories exist since they are not +# created by semanage + @echo "Loading configured modules." + @$(INSTALL) -d -m 0755 $(policypath) $(dir $(fcpath)) + $(verbose) $(SEMODULE) -s $(NAME) -i $(modpkgdir)/$(notdir $(base_pkg)) $(foreach mod,$(mod_pkgs),-i $(modpkgdir)/$(mod)) $(foreach omod,$(filter-out base $(notdir $(mod_mods:.te=)),$(shell $(SEMODULE) -l)),-r $(omod)) + +######################################## +# # Install policy packages # $(modpkgdir)/%.pp: $(builddir)%.pp @@ -226,4 +237,4 @@ clean: $(verbose) rm -f $(net_contexts) $(net_contexts_nft) $(verbose) rm -fR $(tmpdir) -.PHONY: default all policy base modules install load clean validate +.PHONY: default all policy base modules install load pure-load clean validate |