[yocto] [PATCH 10/20] restorecond: add package 2.7 (20170804)
wenzong.fan at windriver.com
wenzong.fan at windriver.com
Tue Sep 12 19:42:52 PDT 2017
From: Wenzong Fan <wenzong.fan at windriver.com>
Move policycoreutils/restorecond to restorecond:
* Move and rebase patch:
- policycoreutils-make-O_CLOEXEC-optional.patch
* Cleanup policycoreutils_2.7.bb.
Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
recipes-security/selinux/policycoreutils_2.7.bb | 1 -
recipes-security/selinux/restorecond.inc | 28 ++++++++++++++++++++++
.../policycoreutils-make-O_CLOEXEC-optional.patch | 8 +++----
recipes-security/selinux/restorecond_2.7.bb | 7 ++++++
4 files changed, 39 insertions(+), 5 deletions(-)
create mode 100644 recipes-security/selinux/restorecond.inc
rename recipes-security/selinux/{policycoreutils => restorecond}/policycoreutils-make-O_CLOEXEC-optional.patch (90%)
create mode 100644 recipes-security/selinux/restorecond_2.7.bb
diff --git a/recipes-security/selinux/policycoreutils_2.7.bb b/recipes-security/selinux/policycoreutils_2.7.bb
index d407ac3..54ec69a 100644
--- a/recipes-security/selinux/policycoreutils_2.7.bb
+++ b/recipes-security/selinux/policycoreutils_2.7.bb
@@ -8,7 +8,6 @@ SRC_URI[sha256sum] = "0a1b8a4a323b854981c6755ff025fe98a0f1cff307f109abb260f0490f
SRC_URI += "\
file://policycoreutils-fix-sepolicy-install-path.patch \
- file://policycoreutils-make-O_CLOEXEC-optional.patch \
file://policycoreutils-loadpolicy-symlink.patch \
file://policycoreutils-process-ValueError-for-sepolicy-seobject.patch \
file://policycoreutils-fix-TypeError-for-seobject.py.patch \
diff --git a/recipes-security/selinux/restorecond.inc b/recipes-security/selinux/restorecond.inc
new file mode 100644
index 0000000..6f12d23
--- /dev/null
+++ b/recipes-security/selinux/restorecond.inc
@@ -0,0 +1,28 @@
+SUMMARY = "Daemon to watch for file creation and set default file context"
+DESCRIPTION = "\
+The restorecond daemon uses inotify to watch files listed in the \
+/etc/selinux/restorecond.conf, when they are created, this daemon \
+will make sure they have the correct file context associated with \
+the policy."
+
+SECTION = "base"
+LICENSE = "GPLv2+"
+
+SRC_URI += "file://policycoreutils-make-O_CLOEXEC-optional.patch \
+"
+
+inherit systemd update-rc.d
+
+DEPENDS += "libsepol libselinux libpcre dbus-glib glib-2.0 pkgconfig-native"
+
+FILES_${PN} += "${datadir}/dbus-1/services/org.selinux.Restorecond.service \
+"
+
+do_install_prepend() {
+ export SYSTEMDDIR=${D}/${systemd_unitdir}
+}
+
+SYSTEMD_SERVICE_restorecond = "restorecond.service"
+INITSCRIPT_PACKAGES = "restorecond"
+INITSCRIPT_NAME_restorecond = "restorecond"
+INITSCRIPT_PARAMS_restorecond = "defaults"
diff --git a/recipes-security/selinux/policycoreutils/policycoreutils-make-O_CLOEXEC-optional.patch b/recipes-security/selinux/restorecond/policycoreutils-make-O_CLOEXEC-optional.patch
similarity index 90%
rename from recipes-security/selinux/policycoreutils/policycoreutils-make-O_CLOEXEC-optional.patch
rename to recipes-security/selinux/restorecond/policycoreutils-make-O_CLOEXEC-optional.patch
index d50356e..ab1a10a 100644
--- a/recipes-security/selinux/policycoreutils/policycoreutils-make-O_CLOEXEC-optional.patch
+++ b/recipes-security/selinux/restorecond/policycoreutils-make-O_CLOEXEC-optional.patch
@@ -16,13 +16,13 @@ Uptream-Status: Inappropriate [O_CLOEXEC has been in Linux since 2007 and POSIX
Signed-off-by: Joe MacDonald <joe.macdonald at windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
- restorecond/user.c | 8 +++++++-
+ user.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
-diff --git a/restorecond/user.c b/restorecond/user.c
+diff --git a/user.c b/user.c
index 2c28676..6235772 100644
---- a/restorecond/user.c
-+++ b/restorecond/user.c
+--- a/user.c
++++ b/user.c
@@ -202,7 +202,13 @@ static int local_server() {
perror("asprintf");
return -1;
diff --git a/recipes-security/selinux/restorecond_2.7.bb b/recipes-security/selinux/restorecond_2.7.bb
new file mode 100644
index 0000000..1f9a70c
--- /dev/null
+++ b/recipes-security/selinux/restorecond_2.7.bb
@@ -0,0 +1,7 @@
+include selinux_20170804.inc
+include ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "46f8ad0a37f955ef148d4e19b8cc8b1f"
+SRC_URI[sha256sum] = "cb8e0a8d706cb2c1f105125f3514dffffefcbcfb49199183a7f91ab0bdf1f24d"
--
2.13.0
More information about the yocto
mailing list