]> git.ipfire.org Git - people/stevee/selinux-policy.git/blob - refpolicy/Makefile
projects / people / stevee / selinux-policy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix regression; remove unneeded ROOT and make BUILDDIR have a / if its set.
[people/stevee/selinux-policy.git] / refpolicy / Makefile
1 #
2 # Makefile for the security policy.
3 #
4 # Targets:
5 #
6 # install - compile and install the policy configuration, and context files.
7 # load - compile, install, and load the policy configuration.
8 # reload - compile, install, and load/reload the policy configuration.
9 # relabel - relabel filesystems based on the file contexts configuration.
10 # checklabels - check filesystems against the file context configuration
11 # restorelabels - check filesystems against the file context configuration
12 # and restore the label of files with incorrect labels
13 # policy - compile the policy configuration locally for testing/development.
14 #
15 # The default target is 'policy'.
16 #
17 #
18 # Please see build.conf for policy build options.
19 #
20
21 ########################################
22 #
23 # NO OPTIONS BELOW HERE
24 #
25
26 # Include the local build.conf if it exists, otherwise
27 # include the configuration of the root directory.
28 ifndef LOCAL_ROOT
29 include build.conf
30 else
31 include $(LOCAL_ROOT)/build.conf
32 endif
33
34 # refpolicy version
35 VERSION = $(shell cat VERSION)
36
37 ifdef LOCAL_ROOT
38 BUILDDIR := $(LOCAL_ROOT)/
39 TMPDIR := $(LOCAL_ROOT)/tmp
40 TAGS := $(LOCAL_ROOT)/tags
41 else
42 TMPDIR := tmp
43 TAGS := tags
44 endif
45
46 # executable paths
47 BINDIR := /usr/bin
48 SBINDIR := /usr/sbin
49 CHECKPOLICY := $(BINDIR)/checkpolicy
50 CHECKMODULE := $(BINDIR)/checkmodule
51 SEMODULE := $(SBINDIR)/semodule
52 SEMOD_PKG := $(BINDIR)/semodule_package
53 LOADPOLICY := $(SBINDIR)/load_policy
54 SETFILES := $(SBINDIR)/setfiles
55 GENHOMEDIRCON := $(SBINDIR)/genhomedircon
56 XMLLINT := $(BINDIR)/xmllint
57 SECHECK := $(BINDIR)/sechecker
58
59 # interpreters and aux tools
60 AWK ?= gawk
61 GREP ?= egrep
62 M4 ?= m4
63 PYTHON ?= python
64 SED ?= sed
65
66 CFLAGS += -Wall
67
68 # policy source layout
69 POLDIR := policy
70 MODDIR := $(POLDIR)/modules
71 FLASKDIR := $(POLDIR)/flask
72 SECCLASS := $(FLASKDIR)/security_classes
73 ISIDS := $(FLASKDIR)/initial_sids
74 AVS := $(FLASKDIR)/access_vectors
75
76 # local source layout
77 ifdef LOCAL_ROOT
78 LOCAL_POLDIR := $(LOCAL_ROOT)/policy
79 LOCAL_MODDIR := $(LOCAL_POLDIR)/modules
80 endif
81
82 # policy building support tools
83 SUPPORT := support
84 GENXML := $(PYTHON) $(SUPPORT)/segenxml.py
85 GENDOC := $(PYTHON) $(SUPPORT)/sedoctool.py
86 GENPERM := $(PYTHON) $(SUPPORT)/genclassperms.py
87 FCSORT := $(TMPDIR)/fc_sort
88 SETBOOLS := $(AWK) -f $(SUPPORT)/set_bools_tuns.awk
89
90 # documentation paths
91 DOCS := doc
92 XMLDTD = $(DOCS)/policy.dtd
93 LAYERXML = metadata.xml
94 DOCTEMPLATE = $(DOCS)/templates
95 DOCFILES = $(DOCS)/Makefile.example $(addprefix $(DOCS)/,example.te example.if example.fc)
96
97 ifndef LOCAL_ROOT
98 POLXML = $(DOCS)/policy.xml
99 HTMLDIR = $(DOCS)/html
100 else
101 POLXML = $(LOCAL_ROOT)/doc/policy.xml
102 HTMLDIR = $(LOCAL_ROOT)/doc/html
103 endif
104
105 # config file paths
106 GLOBALTUN = $(POLDIR)/global_tunables
107 GLOBALBOOL = $(POLDIR)/global_booleans
108 TUNABLES = $(POLDIR)/tunables.conf
109 ROLEMAP = $(POLDIR)/rolemap
110 USER_FILES := $(POLDIR)/users
111
112 # local config file paths
113 ifndef LOCAL_ROOT
114 MOD_CONF = $(POLDIR)/modules.conf
115 BOOLEANS = $(POLDIR)/booleans.conf
116 else
117 MOD_CONF = $(LOCAL_POLDIR)/modules.conf
118 BOOLEANS = $(LOCAL_POLDIR)/booleans.conf
119 endif
120
121 # install paths
122 PKGNAME ?= refpolicy-$(VERSION)
123 PREFIX = $(DESTDIR)/usr
124 TOPDIR = $(DESTDIR)/etc/selinux
125 INSTALLDIR = $(TOPDIR)/$(NAME)
126 SRCPATH = $(INSTALLDIR)/src
127 USERPATH = $(INSTALLDIR)/users
128 CONTEXTPATH = $(INSTALLDIR)/contexts
129 FCPATH = $(CONTEXTPATH)/files/file_contexts
130 SHAREDIR = $(PREFIX)/share/selinux
131 MODPKGDIR = $(SHAREDIR)/$(NAME)
132 HEADERDIR = $(MODPKGDIR)/include
133 DOCSDIR = $(PREFIX)/share/doc/$(PKGNAME)
134
135 # compile strict policy if requested.
136 ifneq ($(findstring strict,$(TYPE)),)
137 M4PARAM += -D strict_policy
138 endif
139
140 # compile targeted policy if requested.
141 ifneq ($(findstring targeted,$(TYPE)),)
142 M4PARAM += -D targeted_policy
143 endif
144
145 # enable MLS if requested.
146 ifneq ($(findstring -mls,$(TYPE)),)
147 M4PARAM += -D enable_mls
148 CHECKPOLICY += -M
149 CHECKMODULE += -M
150 endif
151
152 # enable MLS if MCS requested.
153 ifneq ($(findstring -mcs,$(TYPE)),)
154 M4PARAM += -D enable_mcs
155 CHECKPOLICY += -M
156 CHECKMODULE += -M
157 endif
158
159 # enable distribution-specific policy
160 ifneq ($(DISTRO),)
161 M4PARAM += -D distro_$(DISTRO)
162 endif
163
164 # enable polyinstantiation
165 ifeq ($(POLY),y)
166 M4PARAM += -D enable_polyinstantiation
167 endif
168
169 ifneq ($(OUTPUT_POLICY),)
170 CHECKPOLICY += -c $(OUTPUT_POLICY)
171 endif
172
173 # if not set, use the type as the name.
174 NAME ?= $(TYPE)
175
176 ifeq ($(DIRECT_INITRC),y)
177 M4PARAM += -D direct_sysadm_daemon
178 endif
179
180 ifeq ($(QUIET),y)
181 verbose = @
182 endif
183
184 M4PARAM += -D hide_broken_symptoms
185
186 # we need exuberant ctags; unfortunately it is named
187 # differently on different distros
188 ifeq ($(DISTRO),debian)
189 CTAGS := ctags-exuberant
190 endif
191
192 ifeq ($(DISTRO),gentoo)
193 CTAGS := exuberant-ctags
194 endif
195
196 CTAGS ?= ctags
197
198 # determine the policy version and current kernel version if possible
199 PV := $(shell $(CHECKPOLICY) -V |cut -f 1 -d ' ')
200 KV := $(shell cat /selinux/policyvers)
201
202 # dont print version warnings if we are unable to determine
203 # the currently running kernel's policy version
204 ifeq ($(KV),)
205 KV := $(PV)
206 endif
207
208 M4SUPPORT = $(wildcard $(POLDIR)/support/*.spt $(LOCAL_POLDIR)/support/*.spt)
209
210 APPCONF := config/appconfig-$(TYPE)
211 SEUSERS := $(APPCONF)/seusers
212 APPDIR := $(CONTEXTPATH)
213 APPFILES := $(addprefix $(APPDIR)/,default_contexts default_type initrc_context failsafe_context userhelper_context removable_context dbus_contexts customizable_types) $(CONTEXTPATH)/files/media
214 CONTEXTFILES += $(wildcard $(APPCONF)/*_context*) $(APPCONF)/media
215
216 ALL_LAYERS := $(filter-out $(MODDIR)/CVS,$(shell find $(wildcard $(MODDIR)/*) -maxdepth 0 -type d))
217 ifdef LOCAL_ROOT
218 ALL_LAYERS += $(filter-out $(LOCAL_MODDIR)/CVS,$(shell find $(wildcard $(LOCAL_MODDIR)/*) -maxdepth 0 -type d))
219 endif
220
221 GENERATED_TE := $(basename $(foreach dir,$(ALL_LAYERS),$(wildcard $(dir)/*.te.in)))
222 GENERATED_IF := $(basename $(foreach dir,$(ALL_LAYERS),$(wildcard $(dir)/*.if.in)))
223 GENERATED_FC := $(basename $(foreach dir,$(ALL_LAYERS),$(wildcard $(dir)/*.fc.in)))
224
225 # sort here since it removes duplicates, which can happen
226 # when a generated file is already generated
227 DETECTED_MODS := $(sort $(foreach dir,$(ALL_LAYERS),$(wildcard $(dir)/*.te)) $(GENERATED_TE))
228
229 # modules.conf setting for base module
230 MODBASE := base
231
232 # modules.conf setting for loadable module
233 MODMOD := module
234
235 # modules.conf setting for unused module
236 MODUNUSED := off
237
238 # test for module overrides from command line
239 MOD_TEST = $(filter $(APPS_OFF), $(APPS_ON) $(APPS_MODS))
240 MOD_TEST += $(filter $(APPS_MODS), $(APPS_ON))
241 ifneq ($(strip $(MOD_TEST)),)
242 $(error Applications must be on, module, or off, and not in more than one list! $(strip $(MOD_TEST)) found in multiple lists!)
243 endif
244
245 # extract settings from modules.conf
246 BASE_MODS := $(addsuffix .te,$(sort $(shell awk '/^[[:blank:]]*[[:alpha:]]/{ if ($$3 == "$(MODBASE)") print $$1 }' $(MOD_CONF) 2> /dev/null) $(APPS_ON)))
247 MOD_MODS := $(addsuffix .te,$(sort $(shell awk '/^[[:blank:]]*[[:alpha:]]/{ if ($$3 == "$(MODMOD)") print $$1 }' $(MOD_CONF) 2> /dev/null) $(APPS_MODS)))
248 OFF_MODS := $(addsuffix .te,$(sort $(shell awk '/^[[:blank:]]*[[:alpha:]]/{ if ($$3 == "$(MODUNUSED)") print $$1 }' $(MOD_CONF) 2> /dev/null) $(APPS_OFF)))
249
250 # filesystems to be used in labeling targets
251 FILESYSTEMS = $(shell mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[23]| xfs| jfs).*rw/{print $$3}';)
252
253 ########################################
254 #
255 # Functions
256 #
257
258 # parse-rolemap modulename,outputfile
259 define parse-rolemap
260 $(verbose) m4 $(M4PARAM) $(ROLEMAP) | \
261 awk '/^[[:blank:]]*[A-Za-z]/{ print "gen_require(type " $$3 "; role " $$1 ";)\n$1_per_userdomain_template(" $$2 "," $$3 "," $$1 ")" }' >> $2
262 endef
263
264 # peruser-expansion modulename,outputfile
265 define peruser-expansion
266 $(verbose) echo "ifdef(\`""$1""_per_userdomain_template',\`" > $2
267 $(call parse-rolemap,$1,$2)
268 $(verbose) echo "')" >> $2
269 endef
270
271 ########################################
272 #
273 # Load appropriate rules
274 #
275
276 ifeq ($(MONOLITHIC),y)
277 include Rules.monolithic
278 else
279 include Rules.modular
280 endif
281
282 ########################################
283 #
284 # Generated files
285 #
286 # NOTE: There is no "local" version of these files.
287 #
288 $(MODDIR)/kernel/corenetwork.if: $(MODDIR)/kernel/corenetwork.if.m4 $(MODDIR)/kernel/corenetwork.if.in
289 @echo "#" > $@
290 @echo "# This is a generated file! Instead of modifying this file, the" >> $@
291 @echo "# $(notdir $@).in or $(notdir $@).m4 file should be modified." >> $@
292 @echo "#" >> $@
293 $(verbose) cat $(MODDIR)/kernel/corenetwork.if.in >> $@
294 $(verbose) egrep "^[[:blank:]]*network_(interface|node|port)\(.*\)" $(@:.if=.te).in \
295 | m4 -D self_contained_policy $(M4PARAM) $(MODDIR)/kernel/corenetwork.if.m4 - \
296 | sed -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
297
298 $(MODDIR)/kernel/corenetwork.te: $(MODDIR)/kernel/corenetwork.te.m4 $(MODDIR)/kernel/corenetwork.te.in
299 @echo "#" > $@
300 @echo "# This is a generated file! Instead of modifying this file, the" >> $@
301 @echo "# $(notdir $@).in or $(notdir $@).m4 file should be modified." >> $@
302 @echo "#" >> $@
303 $(verbose) m4 -D self_contained_policy $(M4PARAM) $^ \
304 | sed -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
305
306 ########################################
307 #
308 # Create config files
309 #
310 conf: $(MOD_CONF) $(BOOLEANS) $(GENERATED_TE) $(GENERATED_IF) $(GENERATED_FC)
311
312 $(MOD_CONF) $(BOOLEANS): $(POLXML)
313 @echo "Updating $(MOD_CONF) and $(BOOLEANS)"
314 $(verbose) $(GENDOC) -t $(BOOLEANS) -m $(MOD_CONF) -x $(POLXML)
315
316 ########################################
317 #
318 # Generate the fc_sort program
319 #
320 $(FCSORT) : $(SUPPORT)/fc_sort.c
321 $(CC) $(CFLAGS) $(SUPPORT)/fc_sort.c -o $(FCSORT)
322
323 ########################################
324 #
325 # Documentation generation
326 #
327
328 # minimal dependencies here, because we don't want to rebuild
329 # this and its dependents every time the dependencies
330 # change. Also use all .if files here, rather then just the
331 # enabled modules.
332 $(POLXML): $(DETECTED_MODS:.te=.if) $(foreach dir,$(ALL_LAYERS),$(dir)/$(LAYERXML))
333 @echo "Creating $@"
334 @test -d $(dir $(POLXML)) || mkdir -p $(dir $(POLXML))
335 @test -d $(TMPDIR) || mkdir -p $(TMPDIR)
336 $(verbose) echo '<?xml version="1.0" encoding="ISO-8859-1" standalone="no"?>' > $@
337 $(verbose) echo '<!DOCTYPE policy SYSTEM "$(notdir $(XMLDTD))">' >> $@
338 $(verbose) $(GENXML) -m $(LAYERXML) -t $(GLOBALTUN) -b $(GLOBALBOOL) -o $(TMPDIR) $(ALL_LAYERS) >> $@
339 $(verbose) if test -x $(XMLLINT) && test -f $(XMLDTD); then \
340 $(XMLLINT) --noout --path $(dir $(XMLDTD)) --dtdvalid $(XMLDTD) $@ ;\
341 fi
342
343 html $(TMPDIR)/html: $(POLXML)
344 @echo "Building html interface reference documentation in $(HTMLDIR)"
345 @test -d $(HTMLDIR) || mkdir -p $(HTMLDIR)
346 @test -d $(TMPDIR) || mkdir -p $(TMPDIR)
347 $(verbose) $(GENDOC) -d $(HTMLDIR) -T $(DOCTEMPLATE) -x $(POLXML)
348 $(verbose) cp $(DOCTEMPLATE)/*.css $(HTMLDIR)
349 @touch $(TMPDIR)/html
350
351 ########################################
352 #
353 # Runtime binary policy patching of users
354 #
355 $(USERPATH)/system.users: $(M4SUPPORT) $(TMPDIR)/generated_definitions.conf $(USER_FILES)
356 @mkdir -p $(TMPDIR)
357 @mkdir -p $(USERPATH)
358 @echo "Installing system.users"
359 @echo "# " > $(TMPDIR)/system.users
360 @echo "# Do not edit this file. " >> $(TMPDIR)/system.users
361 @echo "# This file is replaced on reinstalls of this policy." >> $(TMPDIR)/system.users
362 @echo "# Please edit local.users to make local changes." >> $(TMPDIR)/system.users
363 @echo "#" >> $(TMPDIR)/system.users
364 $(verbose) m4 -D self_contained_policy $(M4PARAM) $^ | sed -r -e 's/^[[:blank:]]+//' \
365 -e '/^[[:blank:]]*($$|#)/d' >> $(TMPDIR)/system.users
366 $(verbose) install -m 644 $(TMPDIR)/system.users $@
367
368 $(USERPATH)/local.users: config/local.users
369 @mkdir -p $(USERPATH)
370 @echo "Installing local.users"
371 $(verbose) install -b -m 644 $< $@
372
373 ########################################
374 #
375 # Appconfig files
376 #
377 install-appconfig: $(APPFILES)
378
379 $(INSTALLDIR)/booleans: $(BOOLEANS)
380 @mkdir -p $(TMPDIR)
381 @mkdir -p $(INSTALLDIR)
382 $(verbose) sed -r -e 's/false/0/g' -e 's/true/1/g' \
383 -e '/^[[:blank:]]*($$|#)/d' $(BOOLEANS) | sort > $(TMPDIR)/booleans
384 $(verbose) install -m 644 $(TMPDIR)/booleans $@
385
386 $(CONTEXTPATH)/files/media: $(APPCONF)/media
387 @mkdir -p $(CONTEXTPATH)/files/
388 $(verbose) install -m 644 $< $@
389
390 $(APPDIR)/default_contexts: $(APPCONF)/default_contexts
391 @mkdir -p $(APPDIR)
392 $(verbose) install -m 644 $< $@
393
394 $(APPDIR)/removable_context: $(APPCONF)/removable_context
395 @mkdir -p $(APPDIR)
396 $(verbose) install -m 644 $< $@
397
398 $(APPDIR)/default_type: $(APPCONF)/default_type
399 @mkdir -p $(APPDIR)
400 $(verbose) install -m 644 $< $@
401
402 $(APPDIR)/userhelper_context: $(APPCONF)/userhelper_context
403 @mkdir -p $(APPDIR)
404 $(verbose) install -m 644 $< $@
405
406 $(APPDIR)/initrc_context: $(APPCONF)/initrc_context
407 @mkdir -p $(APPDIR)
408 $(verbose) install -m 644 $< $@
409
410 $(APPDIR)/failsafe_context: $(APPCONF)/failsafe_context
411 @mkdir -p $(APPDIR)
412 $(verbose) install -m 644 $< $@
413
414 $(APPDIR)/dbus_contexts: $(APPCONF)/dbus_contexts
415 @mkdir -p $(APPDIR)
416 $(verbose) install -m 644 $< $@
417
418 $(APPDIR)/users/root: $(APPCONF)/root_default_contexts
419 @mkdir -p $(APPDIR)/users
420 $(verbose) install -m 644 $< $@
421
422 ########################################
423 #
424 # Install policy headers
425 #
426 install-headers: $(POLXML)
427 @mkdir -p $(HEADERDIR)
428 @echo "Installing policy headers"
429 $(verbose) install -m 644 $(TMPDIR)/global_{tunables,booleans}.xml $(HEADERDIR)
430 $(verbose) m4 $(M4PARAM) $(ROLEMAP) > $(HEADERDIR)/$(notdir $(ROLEMAP))
431 $(verbose) mkdir -p $(HEADERDIR)/support
432 $(verbose) install -m 644 $(M4SUPPORT) $(word $(words $(GENXML)),$(GENXML)) $(XMLDTD) $(HEADERDIR)/support
433 $(verbose) $(GENPERM) $(AVS) $(SECCLASS) > $(HEADERDIR)/support/all_perms.spt
434 $(verbose) for i in $(notdir $(ALL_LAYERS)); do \
435 mkdir -p $(HEADERDIR)/$$i ;\
436 install -m 644 $(MODDIR)/$$i/*.if \
437 $(MODDIR)/$$i/metadata.xml \
438 $(HEADERDIR)/$$i ;\
439 done
440 $(verbose) echo "TYPE=$(TYPE)" > $(HEADERDIR)/build.conf
441 $(verbose) echo "NAME=$(NAME)" >> $(HEADERDIR)/build.conf
442 ifneq "$(DISTRO)" ""
443 $(verbose) echo "DISTRO=$(DISTRO)" >> $(HEADERDIR)/build.conf
444 endif
445 $(verbose) echo "MONOLITHIC=n" >> $(HEADERDIR)/build.conf
446 $(verbose) echo "DIRECT_INITRC=$(DIRECT_INITRC)" >> $(HEADERDIR)/build.conf
447 $(verbose) echo "POLY=$(POLY)" >> $(HEADERDIR)/build.conf
448 $(verbose) install -m 644 $(SUPPORT)/Makefile.devel $(HEADERDIR)/Makefile
449
450 ########################################
451 #
452 # Install policy documentation
453 #
454 install-docs: $(TMPDIR)/html
455 @mkdir -p $(DOCSDIR)/html
456 @echo "Installing policy documentation"
457 $(verbose) install -m 644 $(DOCFILES) $(DOCSDIR)
458 $(verbose) install -m 644 $(wildcard $(HTMLDIR)/*) $(DOCSDIR)/html
459
460 ########################################
461 #
462 # Install policy sources
463 #
464 install-src:
465 rm -rf $(SRCPATH)/policy.old
466 -mv $(SRCPATH)/policy $(SRCPATH)/policy.old
467 mkdir -p $(SRCPATH)/policy
468 cp -R . $(SRCPATH)/policy
469
470 ########################################
471 #
472 # Generate tags file
473 #
474 tags: $(TAGS)
475 $(TAGS):
476 @($(CTAGS) --version | grep -q Exuberant) || (echo ERROR: Need exuberant-ctags to function!; exit 1)
477 @LC_ALL=C $(CTAGS) -f $(TAGS) --langdef=te --langmap=te:..te.if.spt \
478 --regex-te='/^type[ \t]+(\w+)(,|;)/\1/t,type/' \
479 --regex-te='/^typealias[ \t]+\w+[ \t+]+alias[ \t]+(\w+);/\1/t,type/' \
480 --regex-te='/^attribute[ \t]+(\w+);/\1/a,attribute/' \
481 --regex-te='/^[ \t]*define\(`(\w+)/\1/d,define/' \
482 --regex-te='/^[ \t]*interface\(`(\w+)/\1/i,interface/' \
483 --regex-te='/^[ \t]*bool[ \t]+(\w+)/\1/b,bool/' policy/modules/*/*.{if,te} policy/support/*.spt
484
485 ########################################
486 #
487 # Filesystem labeling
488 #
489 checklabels:
490 @echo "Checking labels on filesystem types: ext2 ext3 xfs jfs"
491 @if test -z "$(FILESYSTEMS)"; then \
492 echo "No filesystems with extended attributes found!" ;\
493 false ;\
494 fi
495 $(verbose) $(SETFILES) -v -n $(FCPATH) $(FILESYSTEMS)
496
497 restorelabels:
498 @echo "Restoring labels on filesystem types: ext2 ext3 xfs jfs"
499 @if test -z "$(FILESYSTEMS)"; then \
500 echo "No filesystems with extended attributes found!" ;\
501 false ;\
502 fi
503 $(verbose) $(SETFILES) -v $(FCPATH) $(FILESYSTEMS)
504
505 relabel:
506 @echo "Relabeling filesystem types: ext2 ext3 xfs jfs"
507 @if test -z "$(FILESYSTEMS)"; then \
508 echo "No filesystems with extended attributes found!" ;\
509 false ;\
510 fi
511 $(verbose) $(SETFILES) $(FCPATH) $(FILESYSTEMS)
512
513 resetlabels:
514 @echo "Resetting labels on filesystem types: ext2 ext3 xfs jfs"
515 @if test -z "$(FILESYSTEMS)"; then \
516 echo "No filesystems with extended attributes found!" ;\
517 false ;\
518 fi
519 $(verbose) $(SETFILES) -F $(FCPATH) $(FILESYSTEMS)
520
521 ########################################
522 #
523 # Clean everything
524 #
525 bare: clean
526 rm -f $(POLXML)
527 rm -f $(MOD_CONF)
528 rm -f $(BOOLEANS)
529 rm -fR $(HTMLDIR)
530 rm -f $(TAGS)
531 # don't remove these files if we're given a local root
532 ifndef LOCAL_ROOT
533 rm -f $(FCSORT)
534 rm -f $(SUPPORT)/*.pyc
535 ifneq ($(GENERATED_TE),)
536 rm -f $(GENERATED_TE)
537 endif
538 ifneq ($(GENERATED_IF),)
539 rm -f $(GENERATED_IF)
540 endif
541 ifneq ($(GENERATED_FC),)
542 rm -f $(GENERATED_FC)
543 endif
544 endif
545
546 .PHONY: install-src install-appconfig conf html bare tags
547 .SUFFIXES:
548 .SUFFIXES: .c
The IPFire selinux policy.