-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We are trying to shrink the size of SELinux on small platforms like cloud
images, THis patch removes the policy.kern file after compile replacing it
with a link. Some parts of libsemanage still want to read the policy.kern
file because this is the only way to guarantee the last built policy.
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlJpKFcACgkQrlYvE4MpobPM/ACgk1tOADZClDfT1jt1t0omAElJ
WVQAni6gX/105cQbGti9DlEP6Tabx2bc
=JnPX
-----END PGP SIGNATURE-----
>From 108f006906c314d10d1521602ee9b2fc5f47e1f7 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Wed, 9 Oct 2013 16:42:04 -0400
Subject: [PATCH 21/74] Remove the policy.kern after policy is build and
replace with symbolic link.
We want to shink the space required by selinux-policy for small cloud images.
This file has no purpose after policy is built.
---
libsemanage/src/semanage_store.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
index 57ef49f..4b040c3 100644
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@@ -1234,6 +1234,10 @@ static int semanage_install_active(semanage_handle_t * sh)
retval = 0;
cleanup:
+ (void) unlink(active_kernel);
+ if (symlink(store_pol, active_kernel) < 0) {
+ ERR(sh, "Unable to create sybolic link from %s to %s error code %d.", active_kernel, store_pol, r);
+ }
free(storepath);
return retval;
}
--
1.8.3.1
