1 Star 0 Fork 23

shiyaobin/secpaver

forked from openEuler/secpaver 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
Makefile 3.31 KB
一键复制 编辑 原始数据 按行查看 历史
luhuaxin 提交于 2021-09-30 18:15 . fix path of service file
# Copyright (c) Huawei Technologies Co., Ltd. 2020-2021. All rights reserved.
# secPaver is licensed under the Mulan PSL v2.
# You can use this software according to the terms and conditions of the Mulan PSL v2.
# You may obtain a copy of Mulan PSL v2 at:
# http://license.coscl.org.cn/MulanPSL2
# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
# PURPOSE.
# See the Mulan PSL v2 for more details.
.PHONY: all clean install unit-test
PWD := $(shell pwd)
BUILD_DIR := $(PWD)/build
BIN_DIR := $(DESTDIR)/usr/bin
SO_DIR := $(DESTDIR)/usr/lib64/secpaver
CONFIG_DIR := $(DESTDIR)/etc/secpaver
RESOURCE_DIR := $(DESTDIR)/var/local/secpaver
SCRIPTS_DIR := $(DESTDIR)/usr/share/secpaver/scripts
DATA_DIR := $(DESTDIR)/usr/share/secpaver
SYSTEMD_DIR = $(DESTDIR)/usr/lib/systemd/system
LOG_DIR := $(DESTDIR)/var/log/secpaver
BUILDFLAGS := -trimpath
LDFLAGS := -w -s -buildid=IdBySecPaver -linkmode=external -extldflags=-static -extldflags=-zrelro -extldflags=-znow $(LDFLAGS)
ifeq ($(shell go help mod >/dev/null 2>&1 && echo true), true)
export GO111MODULE=on
export GOFLAGS=-mod=vendor
endif
all: pav pavd
selinux:
CGO_CFLAGS_ALLOW="-ftrapv -D_FORTIFY_SOURCE=2 -O2" CGO_CFLAGS="-fstack-protector-strong -ftrapv -D_FORTIFY_SOURCE=2 -O2" \
CGO_LDFALGS_ALLOW="-Wl,-z,-s,relro,now,noexecstack" CGO_LDFALGS="-Wl,-z,-s,relro,now,noexecstack" \
go build -buildmode=plugin $(BUILDFLAGS) -ldflags '$(LDFLAGS)' -o $(BUILD_DIR)/selinux.so cmd/plugin/selinux/*.go
strip $(BUILD_DIR)/selinux.so
pav:
CGO_CFLAGS_ALLOW="-ftrapv -D_FORTIFY_SOURCE=2 -O2" CGO_CFLAGS="-fstack-protector-strong -ftrapv -D_FORTIFY_SOURCE=2 -O2" \
CGO_LDFALGS_ALLOW="-Wl,-z,-s,relro,now,noexecstack" CGO_LDFALGS="-Wl,-z,-s,relro,now,noexecstack" \
go build -buildmode=pie $(BUILDFLAGS) -ldflags '$(LDFLAGS)' -o $(BUILD_DIR)/pav cmd/pav/*.go
strip $(BUILD_DIR)/pav
pavd:
CGO_CFLAGS_ALLOW="-ftrapv -D_FORTIFY_SOURCE=2 -O2" CGO_CFLAGS="-fstack-protector-strong -ftrapv -D_FORTIFY_SOURCE=2 -O2" \
CGO_LDFALGS_ALLOW="-Wl,-z,-s,relro,now,noexecstack" CGO_LDFALGS="-Wl,-z,-s,relro,now,noexecstack" \
go build -buildmode=pie $(BUILDFLAGS) -ldflags '$(LDFLAGS)' -o $(BUILD_DIR)/pavd cmd/pavd/*.go
strip $(BUILD_DIR)/pavd
everything: pav pavd selinux
clean:
rm -rf $(BUILD_DIR)/pav*
install:
@echo "BEGIN INSTALL secPaver"
mkdir -p $(BIN_DIR)
mkdir -p $(SO_DIR)
mkdir -p $(SCRIPTS_DIR)
mkdir -p $(SCRIPTS_DIR)/selinux
mkdir -p $(SYSTEMD_DIR)
mkdir -p $(LOG_DIR)
mkdir -p $(CONFIG_DIR)/pavd
mkdir -p $(RESOURCE_DIR)/projects
mkdir -p $(RESOURCE_DIR)/policies/selinux
chmod 700 $(RESOURCE_DIR) \
$(SO_DIR) \
$(LOG_DIR) \
$(CONFIG_DIR) $(CONFIG_DIR)/pavd \
$(RESOURCE_DIR)/projects $(RESOURCE_DIR)/policies $(RESOURCE_DIR)/policies/selinux \
$(SCRIPTS_DIR) $(SCRIPTS_DIR)/selinux \
$(DATA_DIR)
install -m 500 $(BUILD_DIR)/pav $(BIN_DIR)
install -m 500 $(BUILD_DIR)/pavd $(BIN_DIR)
install -m 500 $(BUILD_DIR)/*.so $(SO_DIR)
install -m 600 misc/config/config.json $(CONFIG_DIR)/pavd
install -m 500 misc/scripts/selinux/*.sh $(SCRIPTS_DIR)/selinux
install -m 600 misc/scripts/selinux/config $(SCRIPTS_DIR)/selinux
install -m 600 misc/pavd.service $(SYSTEMD_DIR)
systemctl daemon-reload
@echo "END INSTALL secPaver"
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/shiyaobin/secpaver.git
git@gitee.com:shiyaobin/secpaver.git
shiyaobin
secpaver
secpaver
master

搜索帮助