Re: [PATCH] semodule-utils: remove semodule_deps
Applied: https://github.com/SELinuxProject/selinux/pull/65 On Tue, Oct 3, 2017 at 7:21 AM, Stephen Smalleywrote: > As discussed in https://github.com/SELinuxProject/selinux/issues/64, > semodule_deps has apparently been broken for a very long time for > binary modules and is completely irrelevant for CIL modules. If there > are any users of it, they ought to be rewritten anyway since it is > not producing correct dependency information, and the ultimate goal > is to stop using binary modules altogether so it is not worth fixing. > Remove it to avoid any further broken usage. > > Signed-off-by: Stephen Smalley > --- > semodule-utils/.gitignore| 1 - > semodule-utils/Makefile | 2 +- > semodule-utils/semodule_deps/Makefile| 28 -- > semodule-utils/semodule_deps/semodule_deps.8 | 46 --- > semodule-utils/semodule_deps/semodule_deps.c | 401 > --- > 5 files changed, 1 insertion(+), 477 deletions(-) > delete mode 100644 semodule-utils/semodule_deps/Makefile > delete mode 100644 semodule-utils/semodule_deps/semodule_deps.8 > delete mode 100644 semodule-utils/semodule_deps/semodule_deps.c > > diff --git a/semodule-utils/.gitignore b/semodule-utils/.gitignore > index 1667564..6ec4efe 100644 > --- a/semodule-utils/.gitignore > +++ b/semodule-utils/.gitignore > @@ -1,5 +1,4 @@ > semodule_package/semodule_package > semodule_package/semodule_unpackage > -semodule_deps/semodule_deps > semodule_expand/semodule_expand > semodule_link/semodule_link > diff --git a/semodule-utils/Makefile b/semodule-utils/Makefile > index 6bf4aee..e0a6579 100644 > --- a/semodule-utils/Makefile > +++ b/semodule-utils/Makefile > @@ -1,4 +1,4 @@ > -SUBDIRS = semodule_package semodule_link semodule_expand semodule_deps > +SUBDIRS = semodule_package semodule_link semodule_expand > > all install relabel clean indent: > @for subdir in $(SUBDIRS); do \ > diff --git a/semodule-utils/semodule_deps/Makefile > b/semodule-utils/semodule_deps/Makefile > deleted file mode 100644 > index 328a503..000 > --- a/semodule-utils/semodule_deps/Makefile > +++ /dev/null > @@ -1,28 +0,0 @@ > -# Installation directories. > -PREFIX ?= $(DESTDIR)/usr > -INCLUDEDIR ?= $(PREFIX)/include > -BINDIR ?= $(PREFIX)/bin > -LIBDIR ?= $(PREFIX)/lib > -MANDIR ?= $(PREFIX)/share/man > -LIBSEPOLA ?= $(LIBDIR)/libsepol.a > - > -CFLAGS ?= -Werror -Wall -W > - > -all: semodule_deps > - > -semodule_deps: semodule_deps.o $(LIBSEPOLA) > - > -install: all > - -mkdir -p $(BINDIR) > - install -m 755 semodule_deps $(BINDIR) > - test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8 > - install -m 644 semodule_deps.8 $(MANDIR)/man8/ > - > -relabel: > - > -clean: > - -rm -f semodule_deps *.o > - > -indent: > - ../../scripts/Lindent $(wildcard *.[ch]) > - > diff --git a/semodule-utils/semodule_deps/semodule_deps.8 > b/semodule-utils/semodule_deps/semodule_deps.8 > deleted file mode 100644 > index 6f21a64..000 > --- a/semodule-utils/semodule_deps/semodule_deps.8 > +++ /dev/null > @@ -1,46 +0,0 @@ > -.TH SEMODULE_DEPS "8" "June 2006" "Security Enhanced Linux" NSA > -.SH NAME > -semodule_deps \- show the dependencies between SELinux policy packages. > - > -.SH SYNOPSIS > -.B semodule_deps [\-v \-g \-b] basemodpkg modpkg1 [modpkg2 ... ] > -.br > -.SH DESCRIPTION > -.PP > -semodule_deps is a developer tool for showing the dependencies > -between policy packages. For each module it prints a list of > -modules that must be present for a module's requirements to > -be satisfied. It only deals with requirements, not optional > -dependencies. > - > -In order for semodule_deps to give useful information the list > -of packages passed in cannot have unsatisfied dependencies. In > -general this means that the list of modules will usually be > -quite long. > - > -By default options to the base module are excluded as almost every > -module has this dependency. The \-b option will include these > -dependencies. > - > -In addition to human readable output, semodule_deps can output the > -dependencies in the Graphviz dot format (http://www.graphviz.org/) > -using the \-g option. This is useful for producing a picture of the > -dependencies. > - > -.SH "OPTIONS" > -.TP > -.B \-v > -verbose mode > -.TP > -.B \-g > -output dependency information in Graphviz dot format > -.TP > -.B \-b > -include dependencies to the base module - by default these are excluded > - > -.SH SEE ALSO > -.B checkmodule(8), semodule_package(8), semodule(8), semodule_link(8) > -.SH AUTHORS > -.nf > -This manual page was written by Karl MacMillan > . > -The program was written by Karl MacMillan . > diff --git a/semodule-utils/semodule_deps/semodule_deps.c > b/semodule-utils/semodule_deps/semodule_deps.c > deleted file mode 100644 > index 7a7ff2f..000 > ---
Re: [PATCH] semodule-utils: remove semodule_deps
On Tue, Oct 3, 2017 at 7:21 AM, Stephen Smalleywrote: > As discussed in https://github.com/SELinuxProject/selinux/issues/64, > semodule_deps has apparently been broken for a very long time for > binary modules and is completely irrelevant for CIL modules. If there > are any users of it, they ought to be rewritten anyway since it is > not producing correct dependency information, and the ultimate goal > is to stop using binary modules altogether so it is not worth fixing. > Remove it to avoid any further broken usage. > > Signed-off-by: Stephen Smalley > --- > semodule-utils/.gitignore| 1 - > semodule-utils/Makefile | 2 +- > semodule-utils/semodule_deps/Makefile| 28 -- > semodule-utils/semodule_deps/semodule_deps.8 | 46 --- > semodule-utils/semodule_deps/semodule_deps.c | 401 > --- > 5 files changed, 1 insertion(+), 477 deletions(-) > delete mode 100644 semodule-utils/semodule_deps/Makefile > delete mode 100644 semodule-utils/semodule_deps/semodule_deps.8 > delete mode 100644 semodule-utils/semodule_deps/semodule_deps.c > > diff --git a/semodule-utils/.gitignore b/semodule-utils/.gitignore > index 1667564..6ec4efe 100644 > --- a/semodule-utils/.gitignore > +++ b/semodule-utils/.gitignore > @@ -1,5 +1,4 @@ > semodule_package/semodule_package > semodule_package/semodule_unpackage > -semodule_deps/semodule_deps > semodule_expand/semodule_expand > semodule_link/semodule_link > diff --git a/semodule-utils/Makefile b/semodule-utils/Makefile > index 6bf4aee..e0a6579 100644 > --- a/semodule-utils/Makefile > +++ b/semodule-utils/Makefile > @@ -1,4 +1,4 @@ > -SUBDIRS = semodule_package semodule_link semodule_expand semodule_deps > +SUBDIRS = semodule_package semodule_link semodule_expand > > all install relabel clean indent: > @for subdir in $(SUBDIRS); do \ > diff --git a/semodule-utils/semodule_deps/Makefile > b/semodule-utils/semodule_deps/Makefile > deleted file mode 100644 > index 328a503..000 > --- a/semodule-utils/semodule_deps/Makefile > +++ /dev/null > @@ -1,28 +0,0 @@ > -# Installation directories. > -PREFIX ?= $(DESTDIR)/usr > -INCLUDEDIR ?= $(PREFIX)/include > -BINDIR ?= $(PREFIX)/bin > -LIBDIR ?= $(PREFIX)/lib > -MANDIR ?= $(PREFIX)/share/man > -LIBSEPOLA ?= $(LIBDIR)/libsepol.a > - > -CFLAGS ?= -Werror -Wall -W > - > -all: semodule_deps > - > -semodule_deps: semodule_deps.o $(LIBSEPOLA) > - > -install: all > - -mkdir -p $(BINDIR) > - install -m 755 semodule_deps $(BINDIR) > - test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8 > - install -m 644 semodule_deps.8 $(MANDIR)/man8/ > - > -relabel: > - > -clean: > - -rm -f semodule_deps *.o > - > -indent: > - ../../scripts/Lindent $(wildcard *.[ch]) > - > diff --git a/semodule-utils/semodule_deps/semodule_deps.8 > b/semodule-utils/semodule_deps/semodule_deps.8 > deleted file mode 100644 > index 6f21a64..000 > --- a/semodule-utils/semodule_deps/semodule_deps.8 > +++ /dev/null > @@ -1,46 +0,0 @@ > -.TH SEMODULE_DEPS "8" "June 2006" "Security Enhanced Linux" NSA > -.SH NAME > -semodule_deps \- show the dependencies between SELinux policy packages. > - > -.SH SYNOPSIS > -.B semodule_deps [\-v \-g \-b] basemodpkg modpkg1 [modpkg2 ... ] > -.br > -.SH DESCRIPTION > -.PP > -semodule_deps is a developer tool for showing the dependencies > -between policy packages. For each module it prints a list of > -modules that must be present for a module's requirements to > -be satisfied. It only deals with requirements, not optional > -dependencies. > - > -In order for semodule_deps to give useful information the list > -of packages passed in cannot have unsatisfied dependencies. In > -general this means that the list of modules will usually be > -quite long. > - > -By default options to the base module are excluded as almost every > -module has this dependency. The \-b option will include these > -dependencies. > - > -In addition to human readable output, semodule_deps can output the > -dependencies in the Graphviz dot format (http://www.graphviz.org/) > -using the \-g option. This is useful for producing a picture of the > -dependencies. > - > -.SH "OPTIONS" > -.TP > -.B \-v > -verbose mode > -.TP > -.B \-g > -output dependency information in Graphviz dot format > -.TP > -.B \-b > -include dependencies to the base module - by default these are excluded > - > -.SH SEE ALSO > -.B checkmodule(8), semodule_package(8), semodule(8), semodule_link(8) > -.SH AUTHORS > -.nf > -This manual page was written by Karl MacMillan > . > -The program was written by Karl MacMillan . > diff --git a/semodule-utils/semodule_deps/semodule_deps.c > b/semodule-utils/semodule_deps/semodule_deps.c > deleted file mode 100644 > index 7a7ff2f..000 > --- a/semodule-utils/semodule_deps/semodule_deps.c > +++ /dev/null > @@ -1,401 +0,0 @@ > -/*
[PATCH] semodule-utils: remove semodule_deps
As discussed in https://github.com/SELinuxProject/selinux/issues/64, semodule_deps has apparently been broken for a very long time for binary modules and is completely irrelevant for CIL modules. If there are any users of it, they ought to be rewritten anyway since it is not producing correct dependency information, and the ultimate goal is to stop using binary modules altogether so it is not worth fixing. Remove it to avoid any further broken usage. Signed-off-by: Stephen Smalley--- semodule-utils/.gitignore| 1 - semodule-utils/Makefile | 2 +- semodule-utils/semodule_deps/Makefile| 28 -- semodule-utils/semodule_deps/semodule_deps.8 | 46 --- semodule-utils/semodule_deps/semodule_deps.c | 401 --- 5 files changed, 1 insertion(+), 477 deletions(-) delete mode 100644 semodule-utils/semodule_deps/Makefile delete mode 100644 semodule-utils/semodule_deps/semodule_deps.8 delete mode 100644 semodule-utils/semodule_deps/semodule_deps.c diff --git a/semodule-utils/.gitignore b/semodule-utils/.gitignore index 1667564..6ec4efe 100644 --- a/semodule-utils/.gitignore +++ b/semodule-utils/.gitignore @@ -1,5 +1,4 @@ semodule_package/semodule_package semodule_package/semodule_unpackage -semodule_deps/semodule_deps semodule_expand/semodule_expand semodule_link/semodule_link diff --git a/semodule-utils/Makefile b/semodule-utils/Makefile index 6bf4aee..e0a6579 100644 --- a/semodule-utils/Makefile +++ b/semodule-utils/Makefile @@ -1,4 +1,4 @@ -SUBDIRS = semodule_package semodule_link semodule_expand semodule_deps +SUBDIRS = semodule_package semodule_link semodule_expand all install relabel clean indent: @for subdir in $(SUBDIRS); do \ diff --git a/semodule-utils/semodule_deps/Makefile b/semodule-utils/semodule_deps/Makefile deleted file mode 100644 index 328a503..000 --- a/semodule-utils/semodule_deps/Makefile +++ /dev/null @@ -1,28 +0,0 @@ -# Installation directories. -PREFIX ?= $(DESTDIR)/usr -INCLUDEDIR ?= $(PREFIX)/include -BINDIR ?= $(PREFIX)/bin -LIBDIR ?= $(PREFIX)/lib -MANDIR ?= $(PREFIX)/share/man -LIBSEPOLA ?= $(LIBDIR)/libsepol.a - -CFLAGS ?= -Werror -Wall -W - -all: semodule_deps - -semodule_deps: semodule_deps.o $(LIBSEPOLA) - -install: all - -mkdir -p $(BINDIR) - install -m 755 semodule_deps $(BINDIR) - test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8 - install -m 644 semodule_deps.8 $(MANDIR)/man8/ - -relabel: - -clean: - -rm -f semodule_deps *.o - -indent: - ../../scripts/Lindent $(wildcard *.[ch]) - diff --git a/semodule-utils/semodule_deps/semodule_deps.8 b/semodule-utils/semodule_deps/semodule_deps.8 deleted file mode 100644 index 6f21a64..000 --- a/semodule-utils/semodule_deps/semodule_deps.8 +++ /dev/null @@ -1,46 +0,0 @@ -.TH SEMODULE_DEPS "8" "June 2006" "Security Enhanced Linux" NSA -.SH NAME -semodule_deps \- show the dependencies between SELinux policy packages. - -.SH SYNOPSIS -.B semodule_deps [\-v \-g \-b] basemodpkg modpkg1 [modpkg2 ... ] -.br -.SH DESCRIPTION -.PP -semodule_deps is a developer tool for showing the dependencies -between policy packages. For each module it prints a list of -modules that must be present for a module's requirements to -be satisfied. It only deals with requirements, not optional -dependencies. - -In order for semodule_deps to give useful information the list -of packages passed in cannot have unsatisfied dependencies. In -general this means that the list of modules will usually be -quite long. - -By default options to the base module are excluded as almost every -module has this dependency. The \-b option will include these -dependencies. - -In addition to human readable output, semodule_deps can output the -dependencies in the Graphviz dot format (http://www.graphviz.org/) -using the \-g option. This is useful for producing a picture of the -dependencies. - -.SH "OPTIONS" -.TP -.B \-v -verbose mode -.TP -.B \-g -output dependency information in Graphviz dot format -.TP -.B \-b -include dependencies to the base module - by default these are excluded - -.SH SEE ALSO -.B checkmodule(8), semodule_package(8), semodule(8), semodule_link(8) -.SH AUTHORS -.nf -This manual page was written by Karl MacMillan . -The program was written by Karl MacMillan . diff --git a/semodule-utils/semodule_deps/semodule_deps.c b/semodule-utils/semodule_deps/semodule_deps.c deleted file mode 100644 index 7a7ff2f..000 --- a/semodule-utils/semodule_deps/semodule_deps.c +++ /dev/null @@ -1,401 +0,0 @@ -/* Authors: Karl MacMillan - * - * Copyright (C) 2006 Tresys Technology, LLC - * Copyright (C) 2006-2007 Red Hat, Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, version 2. - * - */