[yocto] [meta-selinux][PATCH 2/2] refpolicy / minimum: support compressed policy

wenzong.fan at windriver.com wenzong.fan at windriver.com
Tue Jul 29 00:30:08 PDT 2014 

From: Wenzong Fan <wenzong.fan at windriver.com>

Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
 .../refpolicy/refpolicy-minimum_2.20130424.bb      |   26 ++++++++++++++------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/recipes-security/refpolicy/refpolicy-minimum_2.20130424.bb b/recipes-security/refpolicy/refpolicy-minimum_2.20130424.bb
index ae9cb43..d9539f3 100644
--- a/recipes-security/refpolicy/refpolicy-minimum_2.20130424.bb
+++ b/recipes-security/refpolicy/refpolicy-minimum_2.20130424.bb
@@ -30,19 +30,29 @@ EXTRA_POLICY_MODULES += "mta"
 
 POLICY_MODULES_MIN = "${CORE_POLICY_MODULES} ${EXTRA_POLICY_MODULES}"
 
+# re-write the same func from refpolicy_common.inc
 prepare_policy_store () {
-	oe_runmake install \
-		DESTDIR=${D}
+	oe_runmake 'DESTDIR=${D}' 'prefix=${D}${prefix}' install
 
 	# Prepare to create policy store
 	mkdir -p ${D}${sysconfdir}/selinux/
 	mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/policy
 	mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules
 	mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/contexts/files
-	bzip2 -c ${D}${datadir}/selinux/${POLICY_NAME}/base.pp  > \
-		${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/base.pp
-	for i in ${POLICY_MODULES_MIN}; do
-		bzip2 -c ${D}${datadir}/selinux/${POLICY_NAME}/$i.pp > \
-			${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules/$i.pp
-	done
+	touch ${D}${sysconfdir}/selinux/${POLICY_NAME}/contexts/files/file_contexts.local
+	if  ${@base_contains('DISTRO_FEATURES','compressed_policy','true','false',d)}; then
+		bzip2 base.pp
+		cp base.pp.bz2 ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/base.pp
+		for i in ${POLICY_MODULES_MIN}; do
+			bzip2 $i
+			cp ${i}.bz2 ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules/`basename $i`
+		done
+	else
+		bzip2 -c ${D}${datadir}/selinux/${POLICY_NAME}/base.pp  > \
+			${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/base.pp
+		for i in ${POLICY_MODULES_MIN}; do
+			bzip2 -c ${D}${datadir}/selinux/${POLICY_NAME}/$i.pp > \
+				${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules/$i.pp
+		done
+	fi
 }
-- 
1.7.9.5

More information about the yocto mailing list