[ovs-dev] selinux: add a new target to build the policy

Message ID 20180219151422.3287-1-aconole@redhat.com
State Accepted
Headers show
Series
  • [ovs-dev] selinux: add a new target to build the policy
Related show

Commit Message

Aaron Conole Feb. 19, 2018, 3:14 p.m.
The selinux policy currently builds manually, as a process that either
the user or distribution maintainer undertakes.  That process consists
of:

  1. Convert the intermediary files into their file form through
     'make' statements at the top level.

  2. Change to the selinux directory and issue the selinux "make -f"
     directive.

This commit introduces a new target 'selinux-policy' which builds the
openvswitch-custom policy files.

Signed-off-by: Aaron Conole <aconole@redhat.com>
---
 rhel/openvswitch-fedora.spec.in | 4 +---
 rhel/openvswitch.spec.in        | 4 +---
 selinux/automake.mk             | 5 +++++
 3 files changed, 7 insertions(+), 6 deletions(-)

Comments

Ansis Atteka Feb. 24, 2018, 2:19 a.m. | #1
On 19 February 2018 at 07:14, Aaron Conole <aconole@redhat.com> wrote:
> The selinux policy currently builds manually, as a process that either
> the user or distribution maintainer undertakes.  That process consists
> of:
>
>   1. Convert the intermediary files into their file form through
>      'make' statements at the top level.
>
>   2. Change to the selinux directory and issue the selinux "make -f"
>      directive.
>
> This commit introduces a new target 'selinux-policy' which builds the
> openvswitch-custom policy files.
>
> Signed-off-by: Aaron Conole <aconole@redhat.com>


Acked-By: Ansis Atteka <aatteka@ovn.org>

Thanks for the patch. Will push to master,

> ---
>  rhel/openvswitch-fedora.spec.in | 4 +---
>  rhel/openvswitch.spec.in        | 4 +---
>  selinux/automake.mk             | 5 +++++
>  3 files changed, 7 insertions(+), 6 deletions(-)
>
> diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
> index ed991cf07..a57abf616 100644
> --- a/rhel/openvswitch-fedora.spec.in
> +++ b/rhel/openvswitch-fedora.spec.in
> @@ -239,9 +239,7 @@ build-aux/dpdkstrip.py \
>         > rhel/usr_lib_systemd_system_ovs-vswitchd.service
>
>  make %{?_smp_mflags}
> -make selinux/openvswitch-custom.te
> -cd selinux
> -make -f %{_datadir}/selinux/devel/Makefile
> +make selinux-policy
>
>  %install
>  rm -rf $RPM_BUILD_ROOT
> diff --git a/rhel/openvswitch.spec.in b/rhel/openvswitch.spec.in
> index e510d351b..a15868f9f 100644
> --- a/rhel/openvswitch.spec.in
> +++ b/rhel/openvswitch.spec.in
> @@ -68,9 +68,7 @@ Tailored Open vSwitch SELinux policy
>  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=%{_localstatedir} \
>      --libdir=%{_libdir} --enable-ssl --enable-shared
>  make %{_smp_mflags}
> -make selinux/openvswitch-custom.te
> -cd selinux
> -make -f %{_datadir}/selinux/devel/Makefile
> +make selinux-policy
>
>  %install
>  rm -rf $RPM_BUILD_ROOT
> diff --git a/selinux/automake.mk b/selinux/automake.mk
> index e8871aa97..48853cdc0 100644
> --- a/selinux/automake.mk
> +++ b/selinux/automake.mk
> @@ -7,3 +7,8 @@
>
>  EXTRA_DIST += \
>          selinux/openvswitch-custom.te.in
> +
> +PHONY: selinux-policy
> +
> +selinux-policy: selinux/openvswitch-custom.te
> +       $(MAKE) -C selinux/ -f /usr/share/selinux/devel/Makefile
> --
> 2.14.3
>

Patch

diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
index ed991cf07..a57abf616 100644
--- a/rhel/openvswitch-fedora.spec.in
+++ b/rhel/openvswitch-fedora.spec.in
@@ -239,9 +239,7 @@  build-aux/dpdkstrip.py \
 	> rhel/usr_lib_systemd_system_ovs-vswitchd.service
 
 make %{?_smp_mflags}
-make selinux/openvswitch-custom.te
-cd selinux
-make -f %{_datadir}/selinux/devel/Makefile
+make selinux-policy
 
 %install
 rm -rf $RPM_BUILD_ROOT
diff --git a/rhel/openvswitch.spec.in b/rhel/openvswitch.spec.in
index e510d351b..a15868f9f 100644
--- a/rhel/openvswitch.spec.in
+++ b/rhel/openvswitch.spec.in
@@ -68,9 +68,7 @@  Tailored Open vSwitch SELinux policy
 ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=%{_localstatedir} \
     --libdir=%{_libdir} --enable-ssl --enable-shared
 make %{_smp_mflags}
-make selinux/openvswitch-custom.te
-cd selinux
-make -f %{_datadir}/selinux/devel/Makefile
+make selinux-policy
 
 %install
 rm -rf $RPM_BUILD_ROOT
diff --git a/selinux/automake.mk b/selinux/automake.mk
index e8871aa97..48853cdc0 100644
--- a/selinux/automake.mk
+++ b/selinux/automake.mk
@@ -7,3 +7,8 @@ 
 
 EXTRA_DIST += \
         selinux/openvswitch-custom.te.in
+
+PHONY: selinux-policy
+
+selinux-policy: selinux/openvswitch-custom.te
+	$(MAKE) -C selinux/ -f /usr/share/selinux/devel/Makefile