From c0ca652dce6b1d5d11e697cc3a4695d87944f9ad Mon Sep 17 00:00:00 2001

From: Ondrej Mosnacek <omosnace@redhat.com>

Date: Wed, 8 Jun 2022 19:09:54 +0200

Subject: [PATCH] semodule: rename --rebuild-if-modules-changed to --refresh

After the last commit this option's name and description no longer

matches the semantic, so give it a new one and update the descriptions.

The old name is still recognized and aliased to the new one for

backwards compatibility.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>

Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>

---

 policycoreutils/semodule/semodule.8 | 12 ++++++------

 policycoreutils/semodule/semodule.c | 13 ++++++++++---

 2 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/policycoreutils/semodule/semodule.8 b/policycoreutils/semodule/semodule.8

index d1735d21..c56e580f 100644

--- a/policycoreutils/semodule/semodule.8

+++ b/policycoreutils/semodule/semodule.8

@@ -23,12 +23,12 @@ force a reload of policy

 .B \-B, \-\-build

 force a rebuild of policy (also reloads unless \-n is used)

 .TP

-.B \-\-rebuild-if-modules-changed

-Force a rebuild of the policy if any changes to module content are detected

-(by comparing with checksum from the last transaction).  One can use this

-instead of \-B to ensure that any changes to the module store done by an

-external tool (e.g. a package manager) are applied, while automatically

-skipping the rebuild if there are no new changes.

+.B \-\-refresh

+Like \-\-build, but reuses existing linked policy if no changes to module

+files are detected (by comparing with checksum from the last transaction).

+One can use this instead of \-B to ensure that any changes to the module

+store done by an external tool (e.g. a package manager) are applied, while

+automatically skipping the module re-linking if there are no module changes.

 .TP

 .B \-D, \-\-disable_dontaudit

 Temporarily remove dontaudits from policy.  Reverts whenever policy is rebuilt

diff --git a/policycoreutils/semodule/semodule.c b/policycoreutils/semodule/semodule.c

index 22a42a75..324ec9fb 100644

--- a/policycoreutils/semodule/semodule.c

+++ b/policycoreutils/semodule/semodule.c

@@ -149,9 +149,12 @@ static void usage(char *progname)

 	printf("  -c, --cil extract module as cil. This only affects module extraction.\n");

 	printf("  -H, --hll extract module as hll. This only affects module extraction.\n");

 	printf("  -m, --checksum   print module checksum (SHA256).\n");

-	printf("      --rebuild-if-modules-changed\n"

-	       "                   force policy rebuild if module content changed since\n"

-	       "                   last rebuild (based on checksum)\n");

+	printf("      --refresh    like --build, but reuses existing linked policy if no\n"

+	       "                   changes to module files are detected (via checksum)\n");

+	printf("Deprecated options:\n");

+	printf("  -b,--base	   same as --install\n");

+	printf("  --rebuild-if-modules-changed\n"

+	       "                   same as --refresh\n");

 }

 /* Sets the global mode variable to new_mode, but only if no other

@@ -184,6 +187,7 @@ static void parse_command_line(int argc, char **argv)

 {

 	static struct option opts[] = {

 		{"rebuild-if-modules-changed", 0, NULL, '\0'},

+		{"refresh", 0, NULL, '\0'},

 		{"store", required_argument, NULL, 's'},

 		{"base", required_argument, NULL, 'b'},

 		{"help", 0, NULL, 'h'},

@@ -224,6 +228,9 @@ static void parse_command_line(int argc, char **argv)

 		case '\0':

 			switch(longind) {

 			case 0: /* --rebuild-if-modules-changed */

+				fprintf(stderr, "The --rebuild-if-modules-changed option is deprecated. Use --refresh instead.\n");

+				/* fallthrough */

+			case 1: /* --refresh */

 				check_ext_changes = 1;

 				break;

 			default:

-- 

2.35.3