[meta-virtualization] [PATCH] Explicitly set CHECKPOLICY path to native sysroot.

[Philip Tricca]

On 10/10/2013 11:21 PM, Bruce Ashfield wrote:
> On Wed, Oct 9, 2013 at 5:14 AM, David Nyström <david.c.nystrom at gmail.com> wrote:
>> On 10/04/2013 07:23 PM, Philip Tricca wrote:
>>>
>>> Probably should add that I'm not very fond of having the path hard coded
>>> like this. Makes for a dependency on the install location from the
>>> checkpolicy recipe. For the short term this fixes the immediate issue
>>> though. Feedback on the "right way" to reference / find this binary
>>> would be appreciated.
>>>
>>> Regards,
>>> - Philip
>>
>>
>> I suppose the correct way would be to patch the configure scripts and
>> upstream that patch to Xen. But I have no problems with this, as long as
>> chkconfig referenced from native sysroot is in DEPENDS, to avoid build race
>> conditions.
> 
> Which isn't the case at the moment.So this patch needs a bit more work.

So even doing this "the right way" by setting the variable and including
checkpolicy in the DEPENDS (using the selinux distro feature) won't fix
the immediate problem: the configure script and Makefile don't work
right so any user with /usr/bin/checkpolicy installed on their build
host will end up with the Xen recipe trying to build the FLASK policy
and it won't compile.

I'll start checking upstream to see if this was fixed recently or if I
have to start from scratch. Good data on how to handle the conditional
dependency though.

> Philip: Are you talking about the selinux checkpolicy here ? I assume you are,
> but want to be sure. If you are, not only do we need the package in the
> DEPENDS, we need meta-selinux in the README's layer dependency list for
> meta-virt.

That's the checkpolicy I'm talking about. The right way to add a
dependency on a new layer w/o forcing that layer on everyone wasn't
initially clear. I'll poke around the DISTRO_FEATURES stuff and com back
with a v2

Thanks,
- Philip