diff options
author | Nicolas Iooss <nicolas.iooss@m4x.org> | 2014-02-19 00:26:33 +0100 |
---|---|---|
committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2014-03-17 09:19:25 +0100 |
commit | e51e839b198fb014732315fa4b8398134a31c3a8 (patch) | |
tree | 837a1fa56c45b79bf7ffdf8bf731a973ea2c73ef /Rules.monolithic | |
parent | Bump module versions for release. (diff) | |
download | hardened-refpolicy-e51e839b198fb014732315fa4b8398134a31c3a8.tar.gz hardened-refpolicy-e51e839b198fb014732315fa4b8398134a31c3a8.tar.bz2 hardened-refpolicy-e51e839b198fb014732315fa4b8398134a31c3a8.zip |
Fix parallel build of the policy
Before this commit, "make -j2" would execute twice at the same time the rules
written to build tmp/all_post.conf because these rules were applied every time
tmp/all_post.conf, tmp/all_attrs_types.conf and tmp/only_te_rules.conf needed
to be built. However, executing twice in parallel such line is buggy:
$(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> \
tmpdir)/all_post.conf
This is why "make" reports following error for parallel builds:
Compiling refpolicy-patched base module
/usr/bin/checkmodule -M -U allow base.conf -o tmp/base.mod
/usr/bin/checkmodule: loading policy configuration from base.conf
policy/modules/kernel/ubac.te":710:ERROR 'syntax error' at token
'fs_use_trans' on line 26520:
fs_use_trans devtmpfs system_u:object_r:device_t:s0;
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/base.mod] Error 1
This commit fixes this bug by splitting the rules in 3 different targets, in
both monolithic and modular builds.
Diffstat (limited to 'Rules.monolithic')
-rw-r--r-- | Rules.monolithic | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/Rules.monolithic b/Rules.monolithic index 7e77c032c..b6359524a 100644 --- a/Rules.monolithic +++ b/Rules.monolithic @@ -144,17 +144,21 @@ $(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf # extract attributes and put them first. extract post te stuff # like genfscon and put last. -$(tmpdir)/all_attrs_types.conf $(tmpdir)/only_te_rules.conf $(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf - $(verbose) $(get_type_attr_decl) $(tmpdir)/all_te_files.conf | $(SORT) > $(tmpdir)/all_attrs_types.conf - $(verbose) cat $(tmpdir)/post_te_files.conf > $(tmpdir)/all_post.conf +$(tmpdir)/all_attrs_types.conf: $(tmpdir)/all_te_files.conf + $(verbose) $(get_type_attr_decl) $^ | $(SORT) > $@ + +$(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf + $(verbose) cat $(tmpdir)/post_te_files.conf > $@ # these have to run individually because order matters: - $(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(comment_move_decl) $(tmpdir)/all_te_files.conf > $(tmpdir)/only_te_rules.conf + $(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $@ || true + +$(tmpdir)/only_te_rules.conf: $(tmpdir)/all_te_files.conf + $(verbose) $(comment_move_decl) $^ > $@ ######################################## # |