base_sections := $(tmpdir)/pre_te_files.conf $(tmpdir)/all_attrs_types.conf $(tmpdir)/global_bools.conf $(tmpdir)/only_te_rules.conf $(tmpdir)/all_post.conf
-base_pre_te_files := $(secclass) $(isids) $(avs) $(m4support) $(poldir)/mls $(poldir)/mcs
+base_pre_te_files := $(secclass) $(isids) $(avs) $(m4support) $(poldir)/mls $(poldir)/mcs $(policycaps)
base_te_files := $(base_mods)
base_post_te_files := $(user_files) $(poldir)/constraints
base_fc_files := $(base_mods:.te=.fc)
@test -d $(tmpdir) || mkdir -p $(tmpdir)
$(verbose) $(M4) $(M4PARAM) $^ > $@
-$(tmpdir)/generated_definitions.conf: $(base_te_files)
+$(tmpdir)/generated_definitions.conf:
@test -d $(tmpdir) || mkdir -p $(tmpdir)
# define all available object classes
$(verbose) $(genperm) $(avs) $(secclass) > $@
$(tmpdir)/global_bools.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(globalbool) $(globaltun)
$(verbose) $(M4) $(M4PARAM) $^ > $@
-$(tmpdir)/all_interfaces.conf: $(m4support) $(all_interfaces)
+$(tmpdir)/all_interfaces.conf: $(m4support) $(all_interfaces) $(m4iferror)
@test -d $(tmpdir) || mkdir -p $(tmpdir)
- @echo "ifdef(\`__if_error',\`m4exit(1)')" > $(tmpdir)/iferror.m4
@echo "divert(-1)" > $@
- $(verbose) $(M4) $^ $(tmpdir)/iferror.m4 >> $(tmpdir)/$(@F).tmp
+ $(verbose) $(M4) $^ >> $(tmpdir)/$(@F).tmp
$(verbose) $(SED) -e s/dollarsstar/\$$\*/g $(tmpdir)/$(@F).tmp >> $@
@echo "divert" >> $@
$(verbose) $(M4) $(M4PARAM) -s $^ > $@
$(tmpdir)/post_te_files.conf: M4PARAM += -D self_contained_policy
-$(tmpdir)/post_te_files.conf: $(m4support) $(base_post_te_files)
+$(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(base_post_te_files)
@test -d $(tmpdir) || mkdir -p $(tmpdir)
$(verbose) $(M4) $(M4PARAM) $^ > $@
@test -d $(tmpdir) || mkdir -p $(tmpdir)
$(verbose) $(M4) $(M4PARAM) $^ > $@
-########################################
-#
-# Remove the dontaudit rules from the base.conf
-#
-enableaudit: $(base_conf)
- @test -d $(tmpdir) || mkdir -p $(tmpdir)
- @echo "Removing dontaudit rules from $(^F)"
- $(verbose) $(GREP) -v dontaudit $(base_conf) > $(tmpdir)/base.audit
- $(verbose) mv $(tmpdir)/base.audit $(base_conf)
-
########################################
#
# Appconfig files
@echo "Validating policy linking."
$(verbose) $(SEMOD_LNK) -o $(tmpdir)/test.lnk $^
$(verbose) $(SEMOD_EXP) $(tmpdir)/test.lnk $(tmpdir)/policy.bin
+ $(verbose) $(SEPOLGEN) -p $(tmpdir)/policy.bin -i $(poldir) -o $(tmpdir)/output
@echo "Success."
########################################