opensourcemirror
/
cockpit
mirror of https://github.com/cockpit-project/cockpit.git
1
0
Fork 0
Code Issues Releases Wiki Activity

selinux: Document how to quickly iterate policy changes 

Knowing what to change in the policy is often not quite obvious, and
takes several attempts. Show how to do this much more quickly than
repeated rpm/image builds.
This commit is contained in:
Martin Pitt 2023-09-26 10:41:43 +02:00 committed by Allison Karlitskaya
parent a324b3fa3b
commit 02051cfa0a
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
selinux/HACKING.md Normal file
View File

@ -0,0 +1,11 @@
# Changing cockpit's SELinux policy
The clean way is to edit the policy files and then rebuild the rpms and image with
`test/image-prepare -q fedora-XX`.
To iterate more quickly, locally `./configure` the build tree with
`--enable-selinux-policy=targeted`, then you can quickly recompile and install
the policy into the `c` SSH target with:
```sh
make cockpit.pp && scp cockpit.pp c:/tmp/ && ssh c semodule -i /tmp/cockpit.pp
```