[Buildroot] [PATCH] package/refpolicy: Treat all modules as custom
Antoine Tenart
atenart at kernel.org
Fri Sep 17 17:22:37 UTC 2021
Hello José,
Quoting José Pekkarinen (2021-08-30 13:45:31)
> The current processing of the modules doesn't work for
> custom made policies appended through the extra dir mechanism,
> since sed won't find a match for custom modules, it will
> continue without triggering and error. This patch removes
> all the modules from modules.conf and add them one by
> one using REFPOLICY_MODULES values.
I'm failing to see what particular setup the change below would fix.
Could you elaborate on the above? Maybe including configuration
snippets and example of such a module (with the file tree, starting from
REFPOLICY_EXTRA_MODULES_DIRS).
Thanks!
Antoine
> diff --git a/package/refpolicy/refpolicy.mk b/package/refpolicy/refpolicy.mk
> index 0194708b37..1c0a2c3385 100644
> --- a/package/refpolicy/refpolicy.mk
> +++ b/package/refpolicy/refpolicy.mk
> @@ -85,9 +85,9 @@ endef
> # In the context of a monolithic policy enabling a piece of the policy as
> # 'base' or 'module' is equivalent, so we enable them as 'base'.
> define REFPOLICY_CONFIGURE_MODULES
> - $(SED) "s/ = module/ = no/g" $(@D)/policy/modules.conf
> + $(SED) "/ = module/d" $(@D)/policy/modules.conf
> $(foreach m,$(sort $(REFPOLICY_MODULES)),
> - $(SED) "/^$(m) =/c\$(m) = base" $(@D)/policy/modules.conf
> + $(SED) "/^# Module: $(m)/a\$(m) = base" $(@D)/policy/modules.conf
> )
> endef
>
> --
> 2.25.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
More information about the buildroot
mailing list