[selinux-policy: 566/3172] make default for optional modules to module instead of base
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:53:31 UTC 2010
commit a573790b4d3b39a6e6fc752daf2a96092c10bb89
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Mon Aug 15 20:31:37 2005 +0000
make default for optional modules to module instead of base
refpolicy/Changelog | 2 ++
refpolicy/support/sedoctool.py | 13 ++++++++++++-
2 files changed, 14 insertions(+), 1 deletions(-)
---
diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index f91ce4a..f26ac5a 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,5 @@
+ * Change sedoctool to make required modules part of base
+ by default, otherwise make as modules, in modules.conf.
* Fix segenxml to handle modules with no interfaces.
* Rename ipsec connect interface for consistency.
* Add missing parts of unix stream socket connect interface
diff --git a/refpolicy/support/sedoctool.py b/refpolicy/support/sedoctool.py
index 407ab6d..4094e0b 100755
--- a/refpolicy/support/sedoctool.py
+++ b/refpolicy/support/sedoctool.py
@@ -123,12 +123,23 @@ def gen_module_conf(doc, file_name, namevalue_list):
for line in s:
file_name.write("# %s\n" % line)
+ # If the module is set as disabled.
if [mod_name, MOD_DISABLED] in namevalue_list:
file_name.write("%s = %s\n\n" % (mod_name, MOD_DISABLED))
+ # If the module is set as enabled.
elif [mod_name, MOD_ENABLED] in namevalue_list:
file_name.write("%s = %s\n\n" % (mod_name, MOD_ENABLED))
- else:
+ # If the module is set as base.
+ elif [mod_name, MOD_BASE] in namevalue_list:
file_name.write("%s = %s\n\n" % (mod_name, MOD_BASE))
+ # If the module is a new module.
+ else:
+ # Set the module to base if it is marked as required.
+ if mod_req:
+ file_name.write("%s = %s\n\n" % (mod_name, MOD_BASE))
+ # Set the module to enabled if it is not required.
+ else:
+ file_name.write("%s = %s\n\n" % (mod_name, MOD_ENABLED))
def get_conf(conf):
"""
More information about the scm-commits
mailing list