[yocto] [meta-selinux][PATCH] selinux-config: make DEFAULT_POLICY and DEFAULT_ENFORCING configurable
Maxin B. John
maxin.john at enea.com
Fri Aug 14 05:45:20 PDT 2015
From: Josep Puigdemont <josep.puigdemont at enea.com>
Make DEFAULT_POLICY and DEFAULT_ENFORCING configurations more flexible.
Signed-off-by: Maxin B. John <maxin.john at enea.com>
---
recipes-security/selinux/selinux-config_0.1.bb | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/recipes-security/selinux/selinux-config_0.1.bb b/recipes-security/selinux/selinux-config_0.1.bb
index 98f6d5f..f77b490 100644
--- a/recipes-security/selinux/selinux-config_0.1.bb
+++ b/recipes-security/selinux/selinux-config_0.1.bb
@@ -1,15 +1,15 @@
-DEFAULT_POLICY = "mls"
-DEFAULT_ENFORCING = "enforcing"
+DEFAULT_POLICY ??= "mls"
+DEFAULT_ENFORCING ??= "enforcing"
SUMMARY = "SELinux configuration"
DESCRIPTION = "\
-This is the configuration files for SELinux on WRLinux system. \
+SELinux configuration files for Yocto. \
"
SECTION = "base"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
-PR = "r3"
+PR = "r4"
S = "${WORKDIR}"
@@ -37,9 +37,11 @@ do_install () {
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=${DEFAULT_ENFORCING}
-# SELINUXTYPE= can take one of these two values:
+# SELINUXTYPE= can take one of these values:
# standard - Standard Security protection.
# mls - Multi Level Security protection.
+# targeted - Targeted processes are protected.
+# mcs - Multi Category Security protection.
SELINUXTYPE=${DEFAULT_POLICY}
" > ${WORKDIR}/config
install -d ${D}/${sysconfdir}/selinux
--
1.9.1
More information about the yocto
mailing list