[yocto] [oe] [meta-selinux] Re: meta-selinux updates for oe-core-1.9 -- resend to right list.
Randy MacLeod
randy.macleod at windriver.com
Thu Aug 13 14:37:09 PDT 2015
Resending to the right list.
(yocto at yoctoproject.org rather than
openembedded-devel at lists.openembedded.org )
Radzy will be working on meta-selinux and
I've suggested that the start with a package uprev or two
once the upstream selinux release intentions are known.
../Randy
---
Going on-list like I should have originally.
On 2015-07-31 01:33 PM, Joe MacDonald wrote:
> Hey Randy,
>
> Good to hear from you.
>
> [meta-selinux updates for oe-core-1.9] On 15.07.31 (Fri 01:05) Randy MacLeod wrote:
>
>> What's the plan for meta-selinux in the next 2 months?
Roy dug up the current meta-selinux, upstream versions:
swig 2.0.10 3.0.6
python-ipy 0.81 0.83
audit 2.3.2 2.4.3
refpolicy-mls 2.20140311 2.20141203
libcap-ng 0.7.3 0.7.7
setools 3.3.8 3.3.8
sepolgen git 1.2.2
libsemanage git 2.4
checkpolicy 2.3 2.4
policycoreutils git 2.4
selinux-config 0.1 0.1
libsepol git 2.4
libsemanage 2.3 2.4
sepolgen 1.2.1 1.2.2
libsepol 2.3 2.4
libselinux git 2.4
policycoreutils 2.3 2.4
libselinux 2.3 2.4
ustr 1.0.4 1.0.4
>
> There's a backlog of meta-selinux patches to integrate that have been in
> my merge queue for rather a long time now. I expect to clear that out,
> which will include an update to the most recent (not the current, any
> longer, I don't think) refpolicy and a new recipe that will build from
> the refpolicy git repository rather than release tarballs. I think
> this'll be a significant benefit to everyone in that it'll make it much
> easier to migrate patches and to try out a new release without waiting
> for a full update. Those are the big things on the horizon.
>
> The other one is the filesystem labelling work being done by the
> community. It looks quite good and as soon as I get a few minutes to
> try it out a bit more on some oddball configurations to ensure we aren't
> bringing in any new dependencies (after having just scrubbed a bunch of
> bashisms and hidden deps), it'll likely get merged.
>
> There's nothing on the radar in the short term that hasn't already been
> discussed on the mailing list, though, AFAIK.
>
> -J.
So when Radzy is back in a week from being OOO, hopefully Joe's backlog
will be cleared and we all can update pkgs as needed. We can split
up that work however it makes sense; just tell the list
if you start working on a package.
My quick review of git logs and my memory of selinux releases
tells me that there tends to be an late fall release.
I looked at the Changelog for a few of the components of:
https://github.com/SELinuxProject/selinux
and things seem to be moving along more quickly than usual
so that pattern might not hold. Is anyone subscribed to the list:
https://www.nsa.gov/research/selinux/list.shtml
if so is there talk of an approximate release date that
would help us decide if we went to update now or in a month or so?
Oh and is selinux happy under gcc-5.2+?
../Randy
>
>>
>> Roy can you summarize the state of each recipe?
>> i.e. current version and upstream version?
>> I'd like to make sure that we're up to date when
>> oe-core-1.9 is released.
>>
--
# Randy MacLeod. SMTS, Linux, Wind River
Direct: 613.963.1350 | 350 Terry Fox Drive, Suite 200, Ottawa, ON,
Canada, K2K 2W5
--
_______________________________________________
Openembedded-devel mailing list
Openembedded-devel at lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel
More information about the yocto
mailing list