# $Id: Makefile,v 1.11 2006/04/28 16:48:28 ynakam Exp $

#! SELinux Policy Editor, a simple editor for SELinux policies
#! Copyright (C) 2006 Yuichi Nakamura
sysconfdir =$(DESTDIR)/etc
CONVERTER=/usr/bin/seedit-converter
CHECKMODULE=/usr/bin/checkmodule
SEMODULE_PACKAGE=/usr/bin/semodule_package
SEMODULE=/usr/sbin/semodule
FIXFILES=/sbin/fixfiles
LOADPOLICY=/usr/sbin/load_policy
RESTORECON=/usr/sbin/seedit-restorecon
SELINUXTYPE=seedit
POLICYROOT=$(sysconfdir)/selinux/$(SELINUXTYPE)
POLICYDIR=$(POLICYROOT)/policy
CONTEXTSDIR=$(POLICYROOT)/contexts
CONFDIR=./simplified_policy
BASEPOLICYDIR=./base_policy
MACRODIR=./macros
OUTDIR =./sepolicy
INSTALL_PATH = $(POLICYROOT)
SELINUXCONF=$(sysconfdir)/selinux/config

M4=m4 -D enable_mcs

FILE_CONTEXTS=  $(CONTEXTSDIR)/files/file_contexts.m4
OLD_FILE_CONTEXTS=  $(CONTEXTSDIR)/files/file_contexts.m4.old


policy:
	mkdir -p $(OUTDIR);
	m4 -s $(CONFDIR)/*.sp >$(CONFDIR)/all.sp;
	$(CONVERTER) -i $(CONFDIR)/all.sp -o $(OUTDIR) -b $(BASEPOLICYDIR) -I $(CONFDIR)/include ;
	if [ -e $(BASEPOLICYDIR)/dynamic_contexts ]; then \
		cat $(BASEPOLICYDIR)/dynamic_contexts >> $(OUTDIR)/file_contexts.m4;\
	fi;	
	$(M4)  -Imacros -s $(MACRODIR)/*.te $(OUTDIR)/generated.conf > $(OUTDIR)/policy.conf;
	$(M4)  -Imacros -s $(MACRODIR)/mcs_macros.te $(OUTDIR)/file_contexts.m4 > $(OUTDIR)/file_contexts;
	$(M4) -D out_dummy -Imacros -s $(MACRODIR)/mcs_macros.te $(OUTDIR)/file_contexts.m4 > $(OUTDIR)/file_contexts.base;
	$(M4)  -Imacros -s $(MACRODIR)/mcs_macros.te $(OUTDIR)/userhelper_context.m4 > $(OUTDIR)/userhelper_context.tmp;
	grep system_u $(OUTDIR)/userhelper_context.tmp >  $(OUTDIR)/userhelper_context
	rm $(OUTDIR)/userhelper_context.tmp
	$(CHECKMODULE) $(OUTDIR)/policy.conf -M -o $(OUTDIR)/base.mod
	$(SEMODULE_PACKAGE) -m $(OUTDIR)/base.mod -f $(OUTDIR)/file_contexts.base -o$(OUTDIR)/base.pp
	
install: policy
	cp $(OUTDIR)/file_contexts $(CONTEXTSDIR)/files/
	cp $(OUTDIR)/file_contexts.m4 $(CONTEXTSDIR)/files/
	if [ ! -e $(OUTDIR)/file_contexts.m4.old ] ; then \
	   cp $(OUTDIR)/file_contexts.m4 $(OUTDIR)/file_contexts.m4.old;\
	   cp $(OUTDIR)/file_contexts.m4.old $(CONTEXTSDIR)/files;\
	fi;	 
	cp $(OUTDIR)/customizable_types $(CONTEXTSDIR)
	cp $(OUTDIR)/userhelper_context $(CONTEXTSDIR)
	cp -r $(BASEPOLICYDIR)/contexts/*  $(CONTEXTSDIR) 
	echo "" > $(CONTEXTSDIR)/files/file_contexts.homedirs
	echo "" >  $(POLICYROOT)/users/system.users
	echo "" >  $(POLICYROOT)/users/local.users
	 /usr/sbin/semodule -b $(OUTDIR)/base.pp -s seedit -n
	#file_contexts is overwritten by semodule -b, have to restore
	cp $(OUTDIR)/file_contexts $(CONTEXTSDIR)/files/


relabel: install
	$(SEMODULE) -b $(POLICYDIR)/base.pp
	cp $(OUTDIR)/file_contexts $(CONTEXTSDIR)/files/
	$(FIXFILES) -F restore
	cp $(FILE_CONTEXTS) $(OLD_FILE_CONTEXTS)

diffrelabel: install
	if [ -e fcdiff.tmp ] ; then \
		exec 3< fcdiff.tmp;\
		while read FLs 0<&3; do \
		for FL in $$FLs; do \
		  	if [ -e $$FL ] ; then \
		    		$(RESTORECON) $$FL -R -vv;\
			fi;\
		done; \
		done; \
		exec 3<&-;\
	fi;
	$(LOADPOLICY)
	diff $(OLD_FILE_CONTEXTS) $(FILE_CONTEXTS) -r |cat >  fcdiff.m4.tmp
	$(M4)  -Imacros -s $(MACRODIR)/mcs_macros.te fcdiff.m4.tmp > fcdiff.pre.tmp
	cat fcdiff.pre.tmp |grep -e "^[<>]"|sed -e 's/^[><][ \t]*//'|sed -e 's/[ \t]\+.*//'|sed -e 's/(.*//'|sort|sed s/"\[\^\/\]"//g > fcdiff.tmp
	exec 3< fcdiff.tmp;\
	while read FLs 0<&3; do \
	for FL in $$FLs; do \
	  if [ -e $$FL ] ; then \
	    $(RESTORECON) $$FL -R -vv;\
	  fi;\
	done;\
	done; \
	exec 3<&-;\
	cp $(FILE_CONTEXTS) $(OLD_FILE_CONTEXTS)
	rm fcdiff.tmp
	rm fcdiff.m4.tmp
	rm fcdiff.pre.tmp



