[yocto] [meta-selinux][PATCH 1/1] selinux: set policy-version to 28

Mon Jan 27 00:44:25 PST 2014

On 01/27/2014 04:12 PM, Pascal Ouyang wrote:
> 于 14-1-27 下午2:52, wenzong.fan at windriver.com 写道:
>> From: Wenzong Fan <wenzong.fan at windriver.com>
>>
>> The default policy version of new selinux toolchains is 29, to
>> fit kernel 3.10.x, set it to 28.
>> ---
>>    recipes-security/refpolicy/refpolicy_common.inc |    2 ++
>>    recipes-security/selinux/libsemanage.inc        |    3 +++
>>    2 files changed, 5 insertions(+)
>>
>> diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc
>> index 6bf7830..fbf9441 100644
>> --- a/recipes-security/refpolicy/refpolicy_common.inc
>> +++ b/recipes-security/refpolicy/refpolicy_common.inc
>> @@ -76,6 +76,8 @@ args = -q -c \$@ \$<
>>    path = ${STAGING_DIR_NATIVE}${sbindir_native}/sefcontext_compile
>>    args = \$@
>>    [end]
>> +
>> +policy-version = 28
>>    EOF
>>    	mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/policy
>>    	mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules
>> diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage.inc
>> index 5e90c26..799d864 100644
>> --- a/recipes-security/selinux/libsemanage.inc
>> +++ b/recipes-security/selinux/libsemanage.inc
>> @@ -41,6 +41,9 @@ do_install() {
>>                DESTDIR=${D} \
>>                PYLIBVER='python${PYTHON_BASEVERSION}' \
>>                PYLIBDIR='${D}/${libdir}/$(PYLIBVER)'
>> +
>> +    # Update "policy-version" for semanage.conf
>> +    echo "policy-version = 28" >> "${D}/etc/selinux/semanage.conf"
> 
> please use this instead. Thanks.
> 
> sed -i 's/^#\s*\(policy-version\s*=\).*$/\1 28/' \
> 	${D}/etc/selinux/semanage.conf
> 
>>    }
>>    
>>    BBCLASSEXTEND = "native"

Branch updated, please help to merge:

http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/policy-version

Thanks
Wenzong

>>
> 
> 