[yocto] [meta-selinux][PATCH 4/5] Add packagegroup and image recipe for minimal SELinux image.
Philip Tricca
flihp at twobit.us
Wed Oct 9 05:41:00 PDT 2013
This is intended to demonstrate the minimal set packages necessary
to boot and load a system with SELinux enabled. Specifically we
don't need any of the packages that depend on python.
Signed-off-by: Philip Tricca <flihp at twobit.us>
---
.../images/core-image-selinux-minimal.bb | 15 +++++++++++
.../packagegroups/packagegroup-selinux-minimal.bb | 26 ++++++++++++++++++++
2 files changed, 41 insertions(+)
create mode 100644 recipes-security/images/core-image-selinux-minimal.bb
create mode 100644 recipes-security/packagegroups/packagegroup-selinux-minimal.bb
diff --git a/recipes-security/images/core-image-selinux-minimal.bb b/recipes-security/images/core-image-selinux-minimal.bb
new file mode 100644
index 0000000..45cd847
--- /dev/null
+++ b/recipes-security/images/core-image-selinux-minimal.bb
@@ -0,0 +1,15 @@
+DESCRIPTION = "Minimal image with SELinux support (no python)"
+
+IMAGE_FEATURES += "splash ssh-server-openssh"
+
+LICENSE = "MIT"
+
+IMAGE_INSTALL = "\
+ ${CORE_IMAGE_BASE_INSTALL} \
+ bash \
+ util-linux-agetty \
+ packagegroup-core-boot \
+ packagegroup-selinux-minimal \
+"
+
+inherit core-image
diff --git a/recipes-security/packagegroups/packagegroup-selinux-minimal.bb b/recipes-security/packagegroups/packagegroup-selinux-minimal.bb
new file mode 100644
index 0000000..16f6bae
--- /dev/null
+++ b/recipes-security/packagegroups/packagegroup-selinux-minimal.bb
@@ -0,0 +1,26 @@
+DESCRIPTION = "SELinux packagegroup with only packages required for basic operations"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3b58 \
+ file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+PR = "r0"
+
+PACKAGES = "\
+ ${PN} \
+ "
+
+ALLOW_EMPTY_${PN} = "1"
+
+RDEPENDS_${PN} = " \
+ coreutils \
+ libsepol \
+ libselinux \
+ libselinux-bin \
+ libsemanage \
+ policycoreutils-fixfiles \
+ policycoreutils-secon \
+ policycoreutils-semodule \
+ policycoreutils-sestatus \
+ policycoreutils-setfiles \
+ selinux-config \
+ refpolicy-mls \
+ "
--
1.7.10.4
More information about the yocto
mailing list