[yocto] [meta-selinux] Updated meta-selinux -- master (was: master-next)
Philip Tricca
flihp at twobit.us
Thu Oct 3 18:49:46 PDT 2013
Looks good to me.
Thanks,
- Philip
On 10/02/2013 08:57 PM, Joe MacDonald wrote:
> Philip / Mark / all,
>
> Earlier today I updated master with a rebased version of what was in
> master-next. I apologize for not sending this out earlier. Today's
> been a bit turbo.
>
> This update should have been a fast-forward update to master, so if
> that's not the case, or if the updates cause any unexpected behaviour,
> please let me know.
>
> The only outstanding issue I'm aware of right now is basically what I
> related in my earlier mail, but less severe. The initial boot and
> auto-relabelling hums along fine. The second boot produces a few
> issues about /dev/vcs* and /dev/fb* having their label applications
> denied due to an invalid context. Logging in to the system and
> manually doing a restorecon on those devices as root/secadm_r/secadm_t
> applies the correct label until the next boot. Then you're back to
> the default labels and have to restore them again.
>
> The current state of affairs works around the more serious problem I
> mentioned previously by not using the udev device cache. I'd like to
> fix that, but since it was the approach used in master previously, I
> didn't think it was worth holding off on the update just for that.
>
> -J.
>
> On Sat, Sep 28, 2013 at 3:46 PM, Philip Tricca <flihp at twobit.us> wrote:
>> On 09/27/2013 03:58 PM, Joe MacDonald wrote:
>>> [[yocto] [meta-selinux] Updated meta-selinux -- master-next] On 13.09.19 (Thu 13:41) Mark Hatle wrote:
>>>
>>>> I have updated meta-selinux, and placed the update into the 'master-next' branch.
>>>>
>>>> This was locally tested with Poky as of commit
>>>> 853bc53cd58a621918f0e5ce662dba263d1befb4.
>>>>
>>>> Note, when building the core-image-selinux, the internal refpolicies
>>>> cause a lot of failures. I'm not an expert on how this should be
>>>> configured, so I'm looking for help/patches from others.
>>>>
>>>> If you know of any other additional patches that should be applied,
>>>> or are able to help with the refpolicies, please let me know!
>>>>
>>>> Thanks!
>>>> --Mark
>>>
>>> I just pushed a new (non-ff!) update to master-next. It includes the
>>> following:
>>>
>>> - Mark Hatle: policycoreutils: avoid shell for checking target-special actions
>>> - Mark Hatle: setools: Uprev setools
>>> - Mark Hatle: README: Update status
>>> - Mark Hatle: libcap-ng: Uprev libcap-ng
>>> - Mark Hatle: audit: Uprev to audit 2.3.2
>>> - Mark Hatle: swig: Update to latest swig from meta-openembedded
>>> - Mark Hatle: python-ipy: Uprev to latest 0.81 version
>>> - Mark Hatle: distro/*: Update the distro files
>>> - Christopher Larson: layer.conf: avoid unnecessary early expansion with :=
>>> - Qiang Chen: selinux: remove reference to locale env files from login
>>> - Mark Hatle: linux-yocto: Add support for the 3.10 kernel
>>> - Xin Ouyang: kernel: add BBAPPEND for linux 3.10
>>
>> Can I put in a request to cherry-pick the 3.10 kernel update down to master? This is independent from all of the tools / policy updates and it would be very convenient for those of us building against master oe-core. As of now a build of meta-selinux master against oe-core master results in an image that will panic on boot as linux-yocto builds the 3.10 kernel and the selinux distros don't prefer a kernel with an available selinux config (3.8 is the most recent).
>>
>> Thanks,
>> - Philip
>>
>
>
>
More information about the yocto
mailing list