[yocto] [meta-selinux][PATCH 1/1] selinux: set policy-version to 28
wenzong.fan at windriver.com
wenzong.fan at windriver.com
Sun Jan 26 22:52:01 PST 2014
From: Wenzong Fan <wenzong.fan at windriver.com>
The default policy version of new selinux toolchains is 29, to
fit kernel 3.10.x, set it to 28.
---
recipes-security/refpolicy/refpolicy_common.inc | 2 ++
recipes-security/selinux/libsemanage.inc | 3 +++
2 files changed, 5 insertions(+)
diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc
index 6bf7830..fbf9441 100644
--- a/recipes-security/refpolicy/refpolicy_common.inc
+++ b/recipes-security/refpolicy/refpolicy_common.inc
@@ -76,6 +76,8 @@ args = -q -c \$@ \$<
path = ${STAGING_DIR_NATIVE}${sbindir_native}/sefcontext_compile
args = \$@
[end]
+
+policy-version = 28
EOF
mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/policy
mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules
diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage.inc
index 5e90c26..799d864 100644
--- a/recipes-security/selinux/libsemanage.inc
+++ b/recipes-security/selinux/libsemanage.inc
@@ -41,6 +41,9 @@ do_install() {
DESTDIR=${D} \
PYLIBVER='python${PYTHON_BASEVERSION}' \
PYLIBDIR='${D}/${libdir}/$(PYLIBVER)'
+
+ # Update "policy-version" for semanage.conf
+ echo "policy-version = 28" >> "${D}/etc/selinux/semanage.conf"
}
BBCLASSEXTEND = "native"
--
1.7.9.5
More information about the yocto
mailing list