PERFORCE change 87612 for review

Todd Miller millert at
Thu Dec 1 21:49:35 GMT 2005

Change 87612 by millert at millert_g4tower on 2005/12/01 21:48:52

	Add a failsafe context of user_r:user_d so users not explicitly
	listed in the users file will still be able to login and have
	a sensible context.  Also avoid duplicates of things in the
	policy dir that live in /etc/sedarwin proper.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/policy/Makefile#5 edit
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/policy/excludes#1 add
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/policy/failsafe_context#1 add

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/policy/Makefile#5 (text+ko) ====

@@ -21,7 +21,7 @@
 	m4 -Imacros -s rules > rules.m4
 fc.out: fc
-	sudo /Users/andrew/setfsmac -x -t -s fc /bin > fc.out
+	sudo ../../darwin/mac_cmds/setfsmac/setfsmac -x -t -s fc /bin > fc.out
 genfs: fc.out
 	cat fc.out | sed -ne 's/^\/[a-zA-Z0-9\/\.]* *[^ ]*$$/genfscon hfs &/p' > genfs
@@ -36,8 +36,9 @@
 	$(INSTALL) -o ${BINOWN} -g ${BINGRP} -m 644 ${POLICY} ${DESTDIR}
 	$(INSTALL) -o ${BINOWN} -g ${BINGRP} -m 644 sebsd_migscs ${DESTDIR}
+	$(INSTALL) -o ${BINOWN} -g ${BINGRP} -m 644 failsafe_context ${DESTDIR}/private/etc/sedarwin
 	$(INSTALL) -o ${BINOWN} -g ${BINGRP} -m 700 ${SCRIPTS} ${DESTDIR}/private/etc/sedarwin
-	(cd $(CURDIR)/..; tar -cf - policy) | (cd $(DESTDIR)/private/etc/sedarwin/; tar -xf -)
+	(cd $(CURDIR)/..; tar -X policy/excludes -cf - policy) | (cd $(DESTDIR)/private/etc/sedarwin/; tar -xf -)
 	cp -f Makefile.install $(DESTDIR)/private/etc/sedarwin/policy/Makefile
 # Mig security classes and access vectors
To Unsubscribe: send mail to majordomo at
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list