diff --git a/refpolicy/INSTALL b/refpolicy/INSTALL index c24ebb2..ac1f6e8 100644 --- a/refpolicy/INSTALL +++ b/refpolicy/INSTALL @@ -1,8 +1,11 @@ -To install into /etc/selinux/strict: +To install Reference Policy sources into /etc/selinux/refpolicy/src/policy: make install-src -After install, the old Make targets have been maintained: +This will back up a pre-existing source policy to the +/etc/selinux/refpolicy/src/policy.bak directory. + +After installing the policy sources, the old Make targets have been maintained: Local policy development: @@ -21,3 +24,5 @@ Filesystem labeling: make relabel make checklabels make restorelabels + +See the README for more information on available make targets. diff --git a/refpolicy/README b/refpolicy/README new file mode 100644 index 0000000..0896c07 --- /dev/null +++ b/refpolicy/README @@ -0,0 +1,58 @@ +1) Reference Policy make targets: + +General Make targets: + +install-src Install the policy sources into + /etc/selinux/NAME/src/policy, where NAME is defined in + the Makefile. If not defined, the TYPE, as defined in + the Makefile, is used. The default NAME is refpolicy. + A pre-existing source policy will be moved to + /etc/selinux/NAME/src/policy.bak. + +conf Regenerate policy.xml, and update/create modules.conf + and booleans.conf. This should be done after adding + or removing modules, or after running the bare target. + If the configuration files exist, their settings will + be preserved. This must be ran on policy sources that + are checked out from the CVS repository before they can + be used. + +clean Delete all temporary files, compiled policies, + and file_contexts. Configuration files are left intact. + +bare Do the clean make target and also delete configuration + files, web page documentation, and policy.xml. + +html Regenerate policy.xml and create web page documentation + in the doc/html directory. + +Make targets specific to modular (loadable modules) policies: + +base Compile and package the base module. This is the + default target for modular policies. + +modules Compile and package all Reference Policy modules + configured to be built as loadable modules. + +MODULENAME.pp Compile and package the MODULENAME Reference Policy + module. + +Make targets specific to monolithic policies: + +policy Compile a policy locally for development and testing. + This is the default target for monolithic policies. + +install Compile and install the policy and file contexts. + +load Compile and install the policy and file contexts, then + load the policy. + +enableaudit Remove all dontaudit rules from policy.conf. + +relabel Relabel the filesystem. + +checklabels Check the labels on the filesystem, and report when + a file would be relabeled, but do not change its label. + +restorelabels Relabel the filesystem and report each file that is + relabeled. diff --git a/refpolicy/Rules.modular b/refpolicy/Rules.modular index 69a1817..450ee7c 100644 --- a/refpolicy/Rules.modular +++ b/refpolicy/Rules.modular @@ -28,7 +28,7 @@ vpath %.fc $(ALL_LAYERS) # # default action: create all module packages # -default: base modules +default: base base: $(BASE_PKG)