[yocto] [meta-selinux][PATCH 1/1] selinux: set policy-version to 28

Mon Jan 27 00:12:34 PST 2014

于 14-1-27 下午2:52, wenzong.fan at windriver.com 写道:
> From: Wenzong Fan <wenzong.fan at windriver.com>
> 
> The default policy version of new selinux toolchains is 29, to
> fit kernel 3.10.x, set it to 28.
> ---
>   recipes-security/refpolicy/refpolicy_common.inc |    2 ++
>   recipes-security/selinux/libsemanage.inc        |    3 +++
>   2 files changed, 5 insertions(+)
> 
> diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc
> index 6bf7830..fbf9441 100644
> --- a/recipes-security/refpolicy/refpolicy_common.inc
> +++ b/recipes-security/refpolicy/refpolicy_common.inc
> @@ -76,6 +76,8 @@ args = -q -c \$@ \$<
>   path = ${STAGING_DIR_NATIVE}${sbindir_native}/sefcontext_compile
>   args = \$@
>   [end]
> +
> +policy-version = 28
>   EOF
>   	mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/policy
>   	mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules
> diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage.inc
> index 5e90c26..799d864 100644
> --- a/recipes-security/selinux/libsemanage.inc
> +++ b/recipes-security/selinux/libsemanage.inc
> @@ -41,6 +41,9 @@ do_install() {
>               DESTDIR=${D} \
>               PYLIBVER='python${PYTHON_BASEVERSION}' \
>               PYLIBDIR='${D}/${libdir}/$(PYLIBVER)'
> +
> +    # Update "policy-version" for semanage.conf
> +    echo "policy-version = 28" >> "${D}/etc/selinux/semanage.conf"

please use this instead. Thanks.

sed -i 's/^#\s*\(policy-version\s*=\).*$/\1 28/' \
	${D}/etc/selinux/semanage.conf

>   }
>   
>   BBCLASSEXTEND = "native"
> 

-- 
- Pascal