semodule: rename --rebuild-if-modules-changed to --refresh

After the last commit this option's name and description no longer
matches the semantic, so give it a new one and update the descriptions.
The old name is still recognized and aliased to the new one for
backwards compatibility.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This commit is contained in:
Ondrej Mosnacek 2022-06-08 19:09:54 +02:00 committed by Nicolas Iooss
parent bdbe52be1b
commit 8cc529af51
No known key found for this signature in database
GPG key ID: ACE831CD793E2C98
2 changed files with 16 additions and 9 deletions

View file

@ -23,12 +23,12 @@ force a reload of policy
.B \-B, \-\-build
force a rebuild of policy (also reloads unless \-n is used)
.TP
.B \-\-rebuild-if-modules-changed
Force a rebuild of the policy if any changes to module content are detected
(by comparing with checksum from the last transaction). One can use this
instead of \-B to ensure that any changes to the module store done by an
external tool (e.g. a package manager) are applied, while automatically
skipping the rebuild if there are no new changes.
.B \-\-refresh
Like \-\-build, but reuses existing linked policy if no changes to module
files are detected (by comparing with checksum from the last transaction).
One can use this instead of \-B to ensure that any changes to the module
store done by an external tool (e.g. a package manager) are applied, while
automatically skipping the module re-linking if there are no module changes.
.TP
.B \-D, \-\-disable_dontaudit
Temporarily remove dontaudits from policy. Reverts whenever policy is rebuilt

View file

@ -150,9 +150,12 @@ static void usage(char *progname)
printf(" -c, --cil extract module as cil. This only affects module extraction.\n");
printf(" -H, --hll extract module as hll. This only affects module extraction.\n");
printf(" -m, --checksum print module checksum (SHA256).\n");
printf(" --refresh like --build, but reuses existing linked policy if no\n"
" changes to module files are detected (via checksum)\n");
printf("Deprecated options:\n");
printf(" -b,--base same as --install\n");
printf(" --rebuild-if-modules-changed\n"
" force policy rebuild if module content changed since\n"
" last rebuild (based on checksum)\n");
" same as --refresh\n");
}
/* Sets the global mode variable to new_mode, but only if no other
@ -185,6 +188,7 @@ static void parse_command_line(int argc, char **argv)
{
static struct option opts[] = {
{"rebuild-if-modules-changed", 0, NULL, '\0'},
{"refresh", 0, NULL, '\0'},
{"store", required_argument, NULL, 's'},
{"base", required_argument, NULL, 'b'},
{"help", 0, NULL, 'h'},
@ -225,6 +229,9 @@ static void parse_command_line(int argc, char **argv)
case '\0':
switch(longind) {
case 0: /* --rebuild-if-modules-changed */
fprintf(stderr, "The --rebuild-if-modules-changed option is deprecated. Use --refresh instead.\n");
/* fallthrough */
case 1: /* --refresh */
check_ext_changes = 1;
break;
default: