|
Lukas Vrabec |
cb2fee |
## Purpose
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
58fb34 |
SELinux Fedora Policy is a fork of the [SELinux reference policy](https://github.com/SELinuxProject/refpolicy/). The [fedora-selinux/selinux-policy](https://github.com/selinux-policy/selinux-policy.git) repo makes Fedora packaging simpler and more transparent for packagers, upstream developers, and users. It is used for applying downstream Fedora fixes, for communication about proposed/committed changes, and for communication with upstream and the community. It reflects the upstream repository structure to make submitting patches to upstream easy.
|
|
Lukas Vrabec |
cb2fee |
|
|
Lukas Vrabec |
cb2fee |
## Structure
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
aebc05 |
### GitHub
|
|
Ondrej Mosnacek |
548766 |
On GitHub, we have one repository containing the policy sources.
|
|
Lukas Vrabec |
cb2fee |
|
|
Lukas Vrabec |
cb2fee |
$ cd selinux-policy
|
|
Lukas Vrabec |
cb2fee |
$ git remote -v
|
|
Lukas Vrabec |
cb2fee |
origin git@github.com:fedora-selinux/selinux-policy.git (fetch)
|
|
Lukas Vrabec |
cb2fee |
|
|
Lukas Vrabec |
cb2fee |
$ git branch -r
|
|
Lukas Vrabec |
cb2fee |
origin/HEAD -> origin/master
|
|
Lukas Vrabec |
cb2fee |
origin/f27
|
|
Lukas Vrabec |
cb2fee |
origin/f28
|
|
Lukas Vrabec |
cb2fee |
origin/master
|
|
Lukas Vrabec |
cb2fee |
origin/rawhide
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
548766 |
Note: As opposed to dist-git, the Rawhide content resides in the _rawhide_ branch rather than _master_.
|
|
Lukas Vrabec |
cb2fee |
|
|
Lukas Vrabec |
cb2fee |
### dist-git
|
|
Ondrej Mosnacek |
58fb34 |
Package sources in dist-git are composed from the _selinux-policy_ repository snapshot tarball, _container-selinux_ policy files snapshot, the _macro-expander_ script snapshot, and from other config files.
|
|
Lukas Vrabec |
cb2fee |
|
|
Lukas Vrabec |
cb2fee |
## Build process
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
aebc05 |
1. Clone the [fedora-selinux/selinux-policy](https://github.com/fedora-selinux/selinux-policy) repository.
|
|
|
fe2076 |
|
|
Ondrej Mosnacek |
aebc05 |
$ cd ~/devel/github
|
|
Ondrej Mosnacek |
aebc05 |
$ git clone git@github.com:fedora-selinux/selinux-policy.git
|
|
Ondrej Mosnacek |
aebc05 |
$ cd selinux-policy
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
58fb34 |
2. Create, backport, or cherry-pick needed changes to a particular branch and push them.
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
548766 |
3. Clone the **selinux-policy** dist-git repository.
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
aebc05 |
$ cd ~/devel/dist-git
|
|
Ondrej Mosnacek |
aebc05 |
$ fedpkg clone selinux-policy
|
|
Ondrej Mosnacek |
aebc05 |
$ cd selinux-policy
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
58fb34 |
4. Download the latest snapshot from the selinux-policy GitHub repository.
|
|
Lukas Vrabec |
cb2fee |
|
|
Lukas Vrabec |
cb2fee |
$ ./make-rhat-patches.sh
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
58fb34 |
5. Add changes to the dist-git repository, bump release, create a changelog entry, commit, and push.
|
|
Ondrej Mosnacek |
548766 |
6. Build the package.
|
|
Lukas Vrabec |
cb2fee |
|
|
Ondrej Mosnacek |
aebc05 |
$ fedpkg build
|