[yocto] [meta-selinux][PATCH 3/7] refpolicy-targeted: update base refpolicy 20141203
Shrikant Bobade
bobadeshrikant at gmail.com
Thu Jul 30 06:36:29 PDT 2015
From: Shrikant Bobade <shrikant_bobade at mentor.com>
A simple forward-port of refpolicy-targeted to use the 20141203
base refpolicy.
Signed-off-by: Shrikant Bobade <shrikant_bobade at mentor.com>
---
.../refpolicy/refpolicy-targeted_2.20141203.bb | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
create mode 100644 recipes-security/refpolicy/refpolicy-targeted_2.20141203.bb
diff --git a/recipes-security/refpolicy/refpolicy-targeted_2.20141203.bb b/recipes-security/refpolicy/refpolicy-targeted_2.20141203.bb
new file mode 100644
index 0000000..b169604
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy-targeted_2.20141203.bb
@@ -0,0 +1,20 @@
+SUMMARY = "SELinux targeted policy"
+DESCRIPTION = "\
+This is the targeted variant of the SELinux reference policy. Most service \
+domains are locked down. Users and admins will login in with unconfined_t \
+domain, so they have the same access to the system as if SELinux was not \
+enabled. \
+"
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/refpolicy-${PV}:"
+
+POLICY_NAME = "targeted"
+POLICY_TYPE = "mcs"
+POLICY_MLS_SENS = "0"
+
+include refpolicy_${PV}.inc
+
+SRC_URI += " \
+ file://refpolicy-fix-optional-issue-on-sysadm-module.patch \
+ file://refpolicy-unconfined_u-default-user.patch \
+ "
--
1.7.9.5
More information about the yocto
mailing list