diff options
| author | Chris PeBenito <cpebenito@tresys.com> | 2007-08-22 15:34:23 +0000 |
|---|---|---|
| committer | Chris PeBenito <cpebenito@tresys.com> | 2007-08-22 15:34:23 +0000 |
| commit | f65ca5f9b63b0e6df7aa87f596971df6c9c128a0 (patch) | |
| tree | f14d5282ed09972badd76d6d1e6bc6d457d2fba5 /README | |
| parent | 80d5e02c81f9a821466287f2ad23c5a18c9b06ba (diff) | |
trunk: add some info to the readme about building from headers
Diffstat (limited to 'README')
| -rw-r--r-- | README | 50 |
1 files changed, 50 insertions, 0 deletions
@@ -53,6 +53,13 @@ load Compile, package, and install the base module and validate Validate if the configured modules can successfully link and expand. +install-headers Install the policy headers into /usr/share/selinux/NAME. + The headers are sufficient for building a policy + module locally, without requiring the complete + Reference Policy sources. The build.conf settings + for this policy configuration should be set before + using this target. + Make targets specific to monolithic policies: policy Compile a policy locally for development and testing. @@ -207,3 +214,46 @@ policy/support/* Support macros. policy/users This file defines the users included in the policy. support/* Tools used in the build process. + + +4) Building policy modules using Reference Policy headers: + +The system must first have the Reference Policy headers installed, typically +by the distribution. Otherwise, the headers can be installed using the +install-headers target from the full Reference Policy sources. + +To set up a directory to build a local module, one must simply place a .te +file in a directory. A sample Makefile to use in the directory is the +Makefile.example in the doc directory. This may be installed in +/usr/share/doc, under the directory for the distribution's policy. +Alternatively, the primary Makefile in the headers directory (typically +/usr/share/selinux/NAME/Makefile) can be called directly, using make's -f +option. + +Larger projects can set up a structure of layers, just as in Reference +Policy, by creating policy/modules/LAYERNAME directories. Each layer also +must have a metadata.xml file which is an XML file with a summary tag and +optional desc (long description) tag. This should describe the purpose of +the layer. + +Metadata.xml example: + +<summary>ABC modules for the XYZ components.</summary> + +Make targets for modules built from headers: + +MODULENAME.pp Compile and package the MODULENAME local module. + +all Compile and package the modules in the current + directory. + +load Compile and package the modules in the current + directory, then insert them into the module store. + +refresh Attempts to reinsert all modules that are currently + in the module store from the local and system module + packages. + +xml Build a policy.xml from the XML included with the + base policy headers and any XML in the modules in + the current directory. |