[selinux-policy: 1447/3172] add info on build options
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:10:25 UTC 2010
commit 75c1c261c169dc9e18f1e03b468837d634ca4484
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Tue May 16 15:05:40 2006 +0000
add info on build options
refpolicy/README | 49 +++++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 47 insertions(+), 2 deletions(-)
---
diff --git a/refpolicy/README b/refpolicy/README
index 3bf21ff..9b43465 100644
--- a/refpolicy/README
+++ b/refpolicy/README
@@ -73,7 +73,52 @@ checklabels Check the labels on the filesystem, and report when
restorelabels Relabel the filesystem and report each file that is
relabeled.
-2) Reference Policy Files and Directories
+
+2) Reference Policy Build Options (build.conf)
+
+TYPE String. Available options are strict, targeted,
+ strict-mls, targeted-mls, strict-mcs, and targeted-mcs.
+ This sets the policy type as strict or targeted, and
+ optionally enables multi-leve security (MLS) or
+ multi-category security (MCS) features. This option
+ controls strict_policy, targeted_policy, enable_mls,
+ and enable_mcs policy blocks.
+
+NAME String (optional). Sets the name of the policy; the
+ NAME is used when installing files to e.g.,
+ /etc/selinux/NAME and /usr/share/selinux/NAME. If not
+ set, the policy type (TYPE) is used.
+
+DISTRO String (optional). Enable distribution-specific policy.
+ Available options are redhat, rhel4, gentoo, debian,
+ and suse. This option controls distro_redhat,
+ distro_rhel4, distro_gentoo, distro_debian, and
+ distro_suse policy blocks.
+
+MONOLITHIC Boolean. If set, a monolithic policy is built,
+ otherwise a modular policy is built.
+
+DIRECT_INITRC Boolean. If set, sysadm will be allowed to directly
+ run init scripts, instead of requiring the run_init
+ tool. This is a build option instead of a tunable since
+ role transitions do not work in conditional policy.
+ This option controls direct_sysadm_daemon policy
+ blocks.
+
+POLY Boolean. If set, policy for polyinstantiated
+ directories will be enabled. This option controls
+ enable_polyinstantiation policy blocks.
+
+OUTPUT_POLICY Integer. Set the version of the policy created when
+ building a monolithic policy. This option has no effect
+ on modular policy.
+
+QUIET Boolean. If set, the build system will only display
+ status messages and error messages. This option has no
+ effect on policy.
+
+
+3) Reference Policy Files and Directories
All directories relative to the root of the Reference Policy sources directory.
Makefile General rules for building the policy.
@@ -161,4 +206,4 @@ policy/support/* Support macros.
policy/users This file defines the users included in the policy.
-support/* Scripts and other tools used to help build the policy.
+support/* Tools used in the build process.
More information about the scm-commits
mailing list