[yocto] [meta-selinux][PATCH 1/2] refpolicy: split do_install to three steps
wenzong.fan at windriver.com
wenzong.fan at windriver.com
Tue Jul 29 00:30:07 PDT 2014
From: Wenzong Fan <wenzong.fan at windriver.com>
Split do_install() to:
+ prepare_policy_store()
+ rebuild_policy()
+ install_misc_files()
This allows to make partial change to do_install() instead of re-write
it totally from specific refpolicy bb file.
Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
recipes-security/refpolicy/refpolicy_common.inc | 39 +++++++++++++++--------
1 file changed, 25 insertions(+), 14 deletions(-)
diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc
index 54a0168..fd205cf 100644
--- a/recipes-security/refpolicy/refpolicy_common.inc
+++ b/recipes-security/refpolicy/refpolicy_common.inc
@@ -60,24 +60,11 @@ do_compile() {
oe_runmake policy
}
-do_install() {
+prepare_policy_store () {
oe_runmake 'DESTDIR=${D}' 'prefix=${D}${prefix}' install
# Prepare to create policy store
mkdir -p ${D}${sysconfdir}/selinux/
- cat <<-EOF > ${D}${sysconfdir}/selinux/semanage.conf
-module-store = direct
-[setfiles]
-path = ${STAGING_DIR_NATIVE}${base_sbindir_native}/setfiles
-args = -q -c \$@ \$<
-[end]
-[sefcontext_compile]
-path = ${STAGING_DIR_NATIVE}${sbindir_native}/sefcontext_compile
-args = \$@
-[end]
-
-policy-version = 28
-EOF
mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/policy
mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules
mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/contexts/files
@@ -100,11 +87,29 @@ EOF
fi
done
fi
+}
+
+rebuild_policy () {
+ cat <<-EOF > ${D}${sysconfdir}/selinux/semanage.conf
+module-store = direct
+[setfiles]
+path = ${STAGING_DIR_NATIVE}${base_sbindir_native}/setfiles
+args = -q -c \$@ \$<
+[end]
+[sefcontext_compile]
+path = ${STAGING_DIR_NATIVE}${sbindir_native}/sefcontext_compile
+args = \$@
+[end]
+
+policy-version = 28
+EOF
# Create policy store and build the policy
semodule -p ${D} -s ${POLICY_NAME} -n -B
rm -f ${D}${sysconfdir}/selinux/semanage.conf
+}
+install_misc_files () {
cat ${WORKDIR}/customizable_types >> \
${D}${sysconfdir}/selinux/${POLICY_NAME}/contexts/customizable_types
@@ -121,3 +126,9 @@ EOF
link_path=`readlink -f ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/policy.kern`
ln -sf ../../policy/`basename $link_path` ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/policy.kern
}
+
+do_install () {
+ prepare_policy_store
+ rebuild_policy
+ install_misc_files
+}
--
1.7.9.5
More information about the yocto
mailing list