SEFlow
Home SourceForge FreshMeat |
documentation for the macro "provide_sandbox"You can setup a sandbox to safely test the interactions of the different types defined in the policy by issuing the command make sandbox-population
It is defined in the file build.m4. m4 code: define(`provide_sandbox', `define(`_policy_documented_possibility_increments', `The linked_to_documentation(`provide_sandbox') macro can be used as a facility to test the security contexts without interfering with the running system. ')dnl define(`_policy_makefile_increments',` SANDBOX=$(TMPDIR)/seflow-sandbox SANDBOXED=\ /usr/bin/gcc\ /lib/libc.so.6\ /lib/ld-linux.so.2 $(SANDBOX): Makefile mkdir -p $(SANDBOX)/usr/bin $(SANDBOX)/lib $(SANDBOX)/tmp sandbox-population: $(SANDBOX) for file in $(SANDBOXED);do cp $$file $(SANDBOX)$$file;done echo "#include<stdio.h>">$(SANDBOX)/tmp/hello.c echo "int main(){printf(\"I am GPL-licensed!\\n\");}"\ >>$(SANDBOX)/tmp/hello.c /usr/sbin/setfilecon gpl_compiled_u:gpl_compiled_r:gpl_compiled_t\ $(SANDBOX)/usr/bin/gcc /usr/sbin/setfilecon gpl_u:gpl_r:gpl_t $(SANDBOX)/tmp/hello.c '_policy_makefile_increments)') |