Tree - rpms/selinux-policy - CentOS Git server

rpms / selinux-policy

Blame macro-expander

Blob History Raw

Lukas Vrabec	7d7414	`#!/bin/bash`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`function usage {`
Lukas Vrabec	7d7414	`echo "Usage: $0 [ -c \| -t [ -M ] ] <macro>"`
Lukas Vrabec	7d7414	`echo "Options:`
Lukas Vrabec	7d7414	`-c generate CIL output`
Lukas Vrabec	7d7414	`-t generate standard policy source format (.te) allow rules - this is default`
Lukas Vrabec	7d7414	`-M generate complete module .te output`
Lukas Vrabec	7d7414	`"`
Lukas Vrabec	7d7414	`}`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`function cleanup {`
Lukas Vrabec	7d7414	`rm -rf $TEMP_STORE`
Lukas Vrabec	7d7414	`}`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`while getopts "chMt" opt; do`
Lukas Vrabec	7d7414	`case $opt in`
Lukas Vrabec	7d7414	`c) GENCIL=1`
Lukas Vrabec	7d7414	`;;`
Lukas Vrabec	7d7414	`t) GENTE=1`
Lukas Vrabec	7d7414	`;;`
Lukas Vrabec	7d7414	`M) GENTEMODULE=1`
Lukas Vrabec	7d7414	`;;`
Lukas Vrabec	7d7414	`h) usage`
Lukas Vrabec	7d7414	`exit 0`
Lukas Vrabec	7d7414	`;;`
Lukas Vrabec	7d7414	`\?) usage`
Lukas Vrabec	7d7414	`exit 1`
Lukas Vrabec	7d7414	`;;`
Lukas Vrabec	7d7414	`esac`
Lukas Vrabec	7d7414	`done`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`shift $((OPTIND-1))`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`SELINUX_MACRO=$1`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`if [ -z "$SELINUX_MACRO" ]`
Lukas Vrabec	7d7414	`then`
Lukas Vrabec	7d7414	`exit 1`
Lukas Vrabec	7d7414	`fi`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`TEMP_STORE="$(mktemp -d)"`
Lukas Vrabec	7d7414	`cd $TEMP_STORE`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`IFS="("`
Lukas Vrabec	7d7414	`set $1`
Lukas Vrabec	7d7414	`SELINUX_DOMAIN="${2::-1}"`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`echo -e "policy_module(expander, 1.0.0) \n" \`
Lukas Vrabec	7d7414	"gen_require(\`\n" \
Lukas Vrabec	7d7414	`"type $SELINUX_DOMAIN ; \n" \`
Lukas Vrabec	7d7414	`"')" > expander.te`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`echo "$SELINUX_MACRO" >> expander.te`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`make -f /usr/share/selinux/devel/Makefile tmp/all_interfaces.conf &> /dev/null`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`if [ "x$GENCIL" = "x1" ]; then`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`make -f /usr/share/selinux/devel/Makefile expander.pp &> /dev/null`
Lukas Vrabec	7d7414	`MAKE_RESULT=$?`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`if [ $MAKE_RESULT -ne 2 ]`
Lukas Vrabec	7d7414	`then`
Lukas Vrabec	7d7414	`/usr/libexec/selinux/hll/pp < $TEMP_STORE/expander.pp > $TEMP_STORE/expander.cil 2> /dev/null`
Lukas Vrabec	7d7414	`grep -v "cil_gen_require" $TEMP_STORE/expander.cil \| sort -u`
Lukas Vrabec	7d7414	`fi`
Lukas Vrabec	7d7414	`fi`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`if [ "$GENTE" = "1" -o "x$GENCIL" != "x1" ]; then`
Lukas Vrabec	7d7414	m4 -D enable_mcs -D distro_redhat -D hide_broken_symptoms -D mls_num_sens=16 -D mls_num_cats=1024 -D mcs_num_cats=1024 -s /usr/share/selinux/devel/include/support/file_patterns.spt /usr/share/selinux/devel/include/support/ipc_patterns.spt /usr/share/selinux/devel/include/support/obj_perm_sets.spt /usr/share/selinux/devel/include/support/misc_patterns.spt /usr/share/selinux/devel/include/support/misc_macros.spt /usr/share/selinux/devel/include/support/all_perms.spt /usr/share/selinux/devel/include/support/mls_mcs_macros.spt /usr/share/selinux/devel/include/support/loadable_module.spt tmp/all_interfaces.conf expander.te > expander.tmp 2> /dev/null
Lukas Vrabec	7d7414	`if [ "x$GENTEMODULE" = "x1" ]; then`
Lukas Vrabec	7d7414	`# sed '/^#.$/d;/^\s$/d;/^\sclass ./d;/^\scategory ./d;s/^\s*//' expander.tmp`
Lukas Vrabec	7d7414	`sed '/^#.$/d;/^\s$/d;/^\scategory ./d;s/^\s*//' expander.tmp`
Lukas Vrabec	7d7414	`else`
Lukas Vrabec	7d7414	`grep '^\sallow' expander.tmp \| sed 's/^\s//'`
Lukas Vrabec	7d7414	`fi`
Lukas Vrabec	7d7414	`fi`
Lukas Vrabec	7d7414
Lukas Vrabec	7d7414	`cd - > /dev/null`
Lukas Vrabec	7d7414	`cleanup`

rpms / selinux-policy

Source Code

Blame macro-expander