[selinux-policy: 344/3172] start making genhomedircon work

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 19:34:38 UTC 2010 

commit 92e928e1bdf165d60b090c95dfd7b26f6a35b5e1
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon Jun 13 21:16:05 2005 +0000

    start making genhomedircon work

 refpolicy/Makefile                   |   13 ++++++++-----
 refpolicy/policy/modules/apps/gpg.fc |    2 +-
 2 files changed, 9 insertions(+), 6 deletions(-)
---
diff --git a/refpolicy/Makefile b/refpolicy/Makefile
index db8c84e..c4613c6 100644
--- a/refpolicy/Makefile
+++ b/refpolicy/Makefile
@@ -141,6 +141,7 @@ ALL_TE_FILES := $(ALL_MODULES)
 POST_TE_FILES := $(POLDIR)/users $(POLDIR)/constraints
 
 ALL_FC_FILES := $(ALL_MODULES:.te=.fc)
+HOMEDIR_TEMPLATE = tmp/homedir_template
 
 POLICY_SECTIONS := tmp/pre_te_files.conf tmp/generated_definitions.conf tmp/all_interfaces.conf tmp/all_attrs_types.conf $(GLOBALTUN) tmp/only_te_rules.conf tmp/all_post.conf
 
@@ -290,9 +291,12 @@ enableaudit: policy.conf
 #
 # Construct file_contexts
 #
-$(FC): $(M4SUPPORT) $(ALL_FC_FILES)
+$(FC): $(M4SUPPORT) tmp/generated_definitions.conf $(ALL_FC_FILES) $(FCSORT)
 	@test -d tmp || mkdir -p tmp
-	$(QUIET) m4 $(M4PARAM) $^ > $@
+	$(QUIET) m4 $(M4PARAM) $(M4SUPPORT) tmp/generated_definitions.conf $(ALL_FC_FILES) > tmp/$@.tmp
+	$(QUIET) grep -e HOME -e ROLE tmp/$@.tmp > $(HOMEDIR_TEMPLATE)
+	$(QUIET) sed -i -e /HOME/d -e /ROLE/d tmp/$@.tmp
+	$(QUIET) $(FCSORT) tmp/$@.tmp $@
 
 ########################################
 #
@@ -301,9 +305,8 @@ $(FC): $(M4SUPPORT) $(ALL_FC_FILES)
 $(FCPATH): $(FC) $(USERPATH)/system.users
 	@mkdir -p $(CONTEXTPATH)/files
 	$(QUIET) install -m 644 $(FC) $(FCPATH)
-#	$(QUIET) install -m 644 $(HOMEDIR_TEMPLATE) $(HOMEDIRPATH)
-#	$(QUIET) $(GENHOMEDIRCON) -d $(TOPDIR) -t $(TYPE) $(USEPWD)
-	$(QUIET) $(FCSORT) $(FCPATH) $(FCPATH)
+	$(QUIET) install -m 644 $(HOMEDIR_TEMPLATE) $(HOMEDIRPATH)
+	$(QUIET) $(GENHOMEDIRCON) -d $(TOPDIR) -t $(NAME) $(USEPWD)
 
 ########################################
 #
diff --git a/refpolicy/policy/modules/apps/gpg.fc b/refpolicy/policy/modules/apps/gpg.fc
index b7ef0df..03d0676 100644
--- a/refpolicy/policy/modules/apps/gpg.fc
+++ b/refpolicy/policy/modules/apps/gpg.fc
@@ -6,4 +6,4 @@
 
 /usr/lib/gnupg/gpgkeys.* --	context_template(system_u:object_r:gpg_helper_exec_t,s0)
 
-#HOME_DIR/\.gnupg(/.+)?		context_template(system_u:object_r:ROLE_gpg_secret_t,s0)
+HOME_DIR/\.gnupg(/.+)?		context_template(system_u:object_r:ROLE_gpg_secret_t,s0)

More information about the scm-commits mailing list