From f7c3517d861bd14050ecd4626dad25c71fdcb099 Mon Sep 17 00:00:00 2001 From: Lukas Vrabec Date: Mar 24 2019 10:27:37 +0000 Subject: Add macro-expander to sources during creating rhat patches --- diff --git a/macro-expander b/macro-expander deleted file mode 100755 index 61bd347..0000000 --- a/macro-expander +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash - -function usage { - echo "Usage: $0 [ -c | -t [ -M ] ] " - echo "Options: - -c generate CIL output - -t generate standard policy source format (.te) allow rules - this is default - -M generate complete module .te output -" -} - -function cleanup { - rm -rf $TEMP_STORE -} - -while getopts "chMt" opt; do - case $opt in - c) GENCIL=1 - ;; - t) GENTE=1 - ;; - M) GENTEMODULE=1 - ;; - h) usage - exit 0 - ;; - \?) usage - exit 1 - ;; - esac -done - -shift $((OPTIND-1)) - -SELINUX_MACRO=$1 - -if [ -z "$SELINUX_MACRO" ] -then - exit 1 -fi - -TEMP_STORE="$(mktemp -d)" -cd $TEMP_STORE - -IFS="(" -set $1 -SELINUX_DOMAIN="${2::-1}" - -echo -e "policy_module(expander, 1.0.0) \n" \ - "gen_require(\`\n" \ - "type $SELINUX_DOMAIN ; \n" \ - "')" > expander.te - -echo "$SELINUX_MACRO" >> expander.te - -make -f /usr/share/selinux/devel/Makefile tmp/all_interfaces.conf &> /dev/null - -if [ "x$GENCIL" = "x1" ]; then - - make -f /usr/share/selinux/devel/Makefile expander.pp &> /dev/null - MAKE_RESULT=$? - - if [ $MAKE_RESULT -ne 2 ] - then - /usr/libexec/selinux/hll/pp < $TEMP_STORE/expander.pp > $TEMP_STORE/expander.cil 2> /dev/null - grep -v "cil_gen_require" $TEMP_STORE/expander.cil | sort -u - fi -fi - -if [ "$GENTE" = "1" -o "x$GENCIL" != "x1" ]; then - m4 -D enable_mcs -D distro_redhat -D hide_broken_symptoms -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -s /usr/share/selinux/devel/include/support/file_patterns.spt /usr/share/selinux/devel/include/support/ipc_patterns.spt /usr/share/selinux/devel/include/support/obj_perm_sets.spt /usr/share/selinux/devel/include/support/misc_patterns.spt /usr/share/selinux/devel/include/support/misc_macros.spt /usr/share/selinux/devel/include/support/all_perms.spt /usr/share/selinux/devel/include/support/mls_mcs_macros.spt /usr/share/selinux/devel/include/support/loadable_module.spt tmp/all_interfaces.conf expander.te > expander.tmp 2> /dev/null - if [ "x$GENTEMODULE" = "x1" ]; then - # sed '/^#.*$/d;/^\s*$/d;/^\s*class .*/d;/^\s*category .*/d;s/^\s*//' expander.tmp - sed '/^#.*$/d;/^\s*$/d;/^\s*category .*/d;s/^\s*//' expander.tmp - else - grep '^\s*allow' expander.tmp | sed 's/^\s*//' - fi -fi - -cd - > /dev/null -cleanup diff --git a/make-rhat-patches.sh b/make-rhat-patches.sh index 0430231..0450e32 100755 --- a/make-rhat-patches.sh +++ b/make-rhat-patches.sh @@ -67,7 +67,7 @@ sed -i "s/%global commit0 [^ ]*$/%global commit0 $BASE_HEAD_ID/" selinux-policy. sed -i "s/%global commit1 [^ ]*$/%global commit1 $CONTRIB_HEAD_ID/" selinux-policy.spec # Update sources -sha512sum --tag selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz container-selinux.tgz > sources +sha512sum --tag selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz container-selinux.tgz macro-expander > sources echo -e "\nSELinux policy tarballs and container.tgz with container policy files have been created." echo "Commit ids of selinux-policy and selinux-policy-contrib in spec file were changed to:"