From 46cdd1b5073a6b7cdf0e23723f54958ec2f8c97e Mon Sep 17 00:00:00 2001
From: Steve Lawrence <slawrence@tresys.com>
Date: Mon, 30 Aug 2010 16:32:31 -0400
Subject: Add SELinux policy plugin

This adds a new plugin specifically for a collection to load SELinux
policy. This implements the post_add and pre_remove plugin hooks. The
only time anything happens during the pre_remove hook is if post_add was
not called (i.e.  if the transaction only removes policies).

This plugin extracts all the policy information from packages in the
sepolicy collection during the open te hook. It then determines which
policies should be installed/removed based on if the package is being
installed/removed and the type of the policy and the system policy. It
then executes semodule (or uses libsemanage if semodule cannot be
executed or installing in a chroot) to remove and install the necessary
policies. It then reloads the selinux state, reloads the file contexts,
and if necessary, relabels the file system.
---
 plugins/Makefile.am | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'plugins/Makefile.am')

diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index 07560f07a..25774c42c 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -13,7 +13,11 @@ AM_LDFLAGS = -avoid-version -module -shared
 
 pluginsdir = $(rpmconfigdir)/plugins
 
-plugins_LTLIBRARIES = exec.la
+plugins_LTLIBRARIES = exec.la sepolicy.la
 
 exec_la_SOURCES = plugin.h exec.c
 exec_la_LIBADD = $(top_builddir)/lib/librpm.la $(top_builddir)/rpmio/librpmio.la
+
+sepolicy_la_SOURCES = plugin.h sepolicy.c
+sepolicy_la_LIBADD = $(top_builddir)/lib/librpm.la $(top_builddir)/rpmio/librpmio.la @WITH_SELINUX_LIB@
+
-- 
cgit v1.2.1