[selinux-policy: 1789/3172] trunk: add some info to the readme about building from headers

Thu Oct 7 21:39:36 UTC 2010

commit f65ca5f9b63b0e6df7aa87f596971df6c9c128a0
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Wed Aug 22 15:34:23 2007 +0000

    trunk: add some info to the readme about building from headers

 README |   50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 50 insertions(+), 0 deletions(-)
---

diff --git a/README b/README
index 9b43465..6901c33 100644
--- a/README
+++ b/README
@@ -53,6 +53,13 @@ load			Compile, package, and install the base module and
 validate		Validate if the configured modules can successfully
 			link and expand.
 
+install-headers		Install the policy headers into /usr/share/selinux/NAME.
+			The headers are sufficient for building a policy
+			module locally, without requiring the complete
+			Reference Policy sources.  The build.conf settings
+			for this policy configuration should be set before
+			using this target.
+
 Make targets specific to monolithic policies:
 
 policy			Compile a policy locally for development and testing.
@@ -207,3 +214,46 @@ policy/support/*	Support macros.
 policy/users		This file defines the users included in the policy.
 
 support/*		Tools used in the build process.
+
+
+4) Building policy modules using Reference Policy headers:
+
+The system must first have the Reference Policy headers installed, typically
+by the distribution.  Otherwise, the headers can be installed using the
+install-headers target from the full Reference Policy sources.
+
+To set up a directory to build a local module, one must simply place a .te
+file in a directory.  A sample Makefile to use in the directory is the
+Makefile.example in the doc directory.  This may be installed in
+/usr/share/doc, under the directory for the distribution's policy. 
+Alternatively, the primary Makefile in the headers directory (typically
+/usr/share/selinux/NAME/Makefile) can be called directly, using make's -f
+option.
+
+Larger projects can set up a structure of layers, just as in Reference
+Policy, by creating policy/modules/LAYERNAME directories.  Each layer also
+must have a metadata.xml file which is an XML file with a summary tag and
+optional desc (long description) tag.  This should describe the purpose of
+the layer.
+
+Metadata.xml example:
+
+<summary>ABC modules for the XYZ components.</summary>
+
+Make targets for modules built from headers:
+
+MODULENAME.pp		Compile and package the MODULENAME local module.
+
+all			Compile and package the modules in the current
+			directory.
+
+load			Compile and package the modules in the current
+			directory, then insert them into the module store.
+
+refresh			Attempts to reinsert all modules that are currently
+			in the module store from the local and system module
+			packages.
+
+xml			Build a policy.xml from the XML included with the
+			base policy headers and any XML in the modules in
+			the current directory.
