from:"flihp"

[yocto] [meta-selinux][PATCH 0/5] Remove python dependency from refpol.

2013-10-09 Thread flihp

The reference policy package currently pulls in a lot of python stuff
that isn't strictly necessary to boot an SELinux system and load a
policy. This is caused by the mix of python and C utilities in
policycoreutils.

This patch set breaks the policycoreutils recipe up into multiple
packages, one for each utility. In this way we can have the refpol etc
pull in only the utilities necessary for normal operation. This happens
to be only the utilities written in C and thus we can remove python
completely in a minimal image.

I've attempted to localize these changes as much as possible so changes
in this patchset outside of the policycoreutils recipe are few. An
example image reicpe is added to demonstrate a minimal image with only
the utilities required to load a policy and manipulate the policy store
(add / remove policy modules) at runtime.
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [PATCH] policycoreutils: Patch Makefile to get load_policy symlink right.

2014-01-09 Thread flihp

From: Philip Tricca 

Setting DESTDIR in the policycoreutils do_install creates a bad
symlink for load_policy. This patch fixes up the Makefile to
create the symlink relative to DESTDIR.

Signed-off-by: Philip Tricca 
---
 .../policycoreutils-loadpolicy-symlink.patch|   11 +++
 recipes-security/selinux/policycoreutils_2.1.14.bb  |1 +
 2 files changed, 12 insertions(+)
 create mode 100644 
recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch

diff --git 
a/recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch
 
b/recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch
new file mode 100644
index 000..e0bd352
--- /dev/null
+++ 
b/recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch
@@ -0,0 +1,11 @@
+--- a/load_policy/Makefile
 b/load_policy/Makefile
+@@ -19,7 +19,7 @@ install: all
+   test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
+   install -m 644 load_policy.8 $(MANDIR)/man8/
+   -mkdir -p $(USRSBINDIR)
+-  -ln -sf $(SBINDIR)/load_policy $(USRSBINDIR)/load_policy 
++  -ln -sf $(subst $(DESTDIR),,$(SBINDIR))/load_policy 
$(USRSBINDIR)/load_policy 
+ 
+ clean:
+   -rm -f $(TARGETS) *.o 
diff --git a/recipes-security/selinux/policycoreutils_2.1.14.bb 
b/recipes-security/selinux/policycoreutils_2.1.14.bb
index b177042..8a35322 100644
--- a/recipes-security/selinux/policycoreutils_2.1.14.bb
+++ b/recipes-security/selinux/policycoreutils_2.1.14.bb
@@ -12,4 +12,5 @@ SRC_URI += "\
file://policycoreutils-fix-strict-prototypes.patch \
file://policycoreutils-revert-run_init-open_init_pty.patch \
file://policycoreutils-fix-sepolicy-install-path.patch \
+   file://policycoreutils-loadpolicy-symlink.patch \
"
-- 
1.7.10.4

___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [meta-selinux][PATCH] policycoreutils: Patch Makefile to get load_policy symlink right.

2014-01-09 Thread flihp

From: Philip Tricca 

Setting DESTDIR in the policycoreutils do_install creates a bad
symlink for load_policy. This patch fixes up the Makefile to
create the symlink relative to DESTDIR.

Signed-off-by: Philip Tricca 
---
 .../policycoreutils-loadpolicy-symlink.patch|   11 +++
 recipes-security/selinux/policycoreutils_2.1.14.bb  |1 +
 2 files changed, 12 insertions(+)
 create mode 100644 
recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch

diff --git 
a/recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch
 
b/recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch
new file mode 100644
index 000..e0bd352
--- /dev/null
+++ 
b/recipes-security/selinux/policycoreutils/policycoreutils-loadpolicy-symlink.patch
@@ -0,0 +1,11 @@
+--- a/load_policy/Makefile
 b/load_policy/Makefile
+@@ -19,7 +19,7 @@ install: all
+   test -d $(MANDIR)/man8 || install -m 755 -d $(MANDIR)/man8
+   install -m 644 load_policy.8 $(MANDIR)/man8/
+   -mkdir -p $(USRSBINDIR)
+-  -ln -sf $(SBINDIR)/load_policy $(USRSBINDIR)/load_policy 
++  -ln -sf $(subst $(DESTDIR),,$(SBINDIR))/load_policy 
$(USRSBINDIR)/load_policy 
+ 
+ clean:
+   -rm -f $(TARGETS) *.o 
diff --git a/recipes-security/selinux/policycoreutils_2.1.14.bb 
b/recipes-security/selinux/policycoreutils_2.1.14.bb
index b177042..8a35322 100644
--- a/recipes-security/selinux/policycoreutils_2.1.14.bb
+++ b/recipes-security/selinux/policycoreutils_2.1.14.bb
@@ -12,4 +12,5 @@ SRC_URI += "\
file://policycoreutils-fix-strict-prototypes.patch \
file://policycoreutils-revert-run_init-open_init_pty.patch \
file://policycoreutils-fix-sepolicy-install-path.patch \
+   file://policycoreutils-loadpolicy-symlink.patch \
"
-- 
1.7.10.4

___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [][meta-selinux] libpam: Upgrade recipe with wildcard.

2015-08-02 Thread flihp

From: Philip Tricca 

The DESTDIR prefix patch is now upstream and no longer necessary.

Signed-off-by: Philip Tricca 
---
 .../pam/libpam/sepermit-add-DESTDIR-prefix.patch   | 31 --
 recipes-extended/pam/libpam_1.%.bbappend   |  8 ++
 recipes-extended/pam/libpam_1.1.6.bbappend | 10 ---
 3 files changed, 8 insertions(+), 41 deletions(-)
 delete mode 100644 
recipes-extended/pam/libpam/sepermit-add-DESTDIR-prefix.patch
 create mode 100644 recipes-extended/pam/libpam_1.%.bbappend
 delete mode 100644 recipes-extended/pam/libpam_1.1.6.bbappend

diff --git a/recipes-extended/pam/libpam/sepermit-add-DESTDIR-prefix.patch 
b/recipes-extended/pam/libpam/sepermit-add-DESTDIR-prefix.patch
deleted file mode 100644
index d48d386..000
--- a/recipes-extended/pam/libpam/sepermit-add-DESTDIR-prefix.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Subject: [PATCH] libpam: add missing DESTDIR prefix
-
-The DESTDIR prefix is missing, this will cause build failures for
-mkdir /var/run/sepermit on the host.
-
-| mkdir -p /var/run/sepermit
-| mkdir: cannot create directory `/var/run/sepermit': Permission denied
-
-Upstream-Status: Pending
-
-Signed-off-by: Xin Ouyang 

- modules/pam_sepermit/Makefile.am |2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/modules/pam_sepermit/Makefile.am 
b/modules/pam_sepermit/Makefile.am
-index cfc5594..bc82275 100644
 a/modules/pam_sepermit/Makefile.am
-+++ b/modules/pam_sepermit/Makefile.am
-@@ -35,7 +35,7 @@ if HAVE_LIBSELINUX
-   securelib_LTLIBRARIES = pam_sepermit.la
- 
- install-data-local:
--  mkdir -p $(sepermitlockdir)
-+  mkdir -p $(DESTDIR)$(sepermitlockdir)
- endif
- if ENABLE_REGENERATE_MAN
- noinst_DATA = README pam_sepermit.8 sepermit.conf.5
--- 
-1.7.5.4
-
diff --git a/recipes-extended/pam/libpam_1.%.bbappend 
b/recipes-extended/pam/libpam_1.%.bbappend
new file mode 100644
index 000..100a376
--- /dev/null
+++ b/recipes-extended/pam/libpam_1.%.bbappend
@@ -0,0 +1,8 @@
+#FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+FILESPATH_append := ":${@base_set_filespath(['${THISDIR}/${PN}'], d)}"
+
+PR .= ".4"
+
+inherit enable-selinux
+
+RDEPENDS_${PN}-runtime += "${@target_selinux(d, 'pam-plugin-selinux')}"
diff --git a/recipes-extended/pam/libpam_1.1.6.bbappend 
b/recipes-extended/pam/libpam_1.1.6.bbappend
deleted file mode 100644
index 71acecc..000
--- a/recipes-extended/pam/libpam_1.1.6.bbappend
+++ /dev/null
@@ -1,10 +0,0 @@
-#FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-FILESPATH_append := ":${@base_set_filespath(['${THISDIR}/${PN}'], d)}"
-
-SRC_URI += "file://sepermit-add-DESTDIR-prefix.patch"
-
-PR .= ".4"
-
-inherit enable-selinux
-
-RDEPENDS_${PN}-runtime += "${@target_selinux(d, 'pam-plugin-selinux')}"
-- 
2.1.4

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [PATCH][meta-selinux] parted: Use wildcard for version number in bbappend.

2014-12-19 Thread flihp

From: Philip Tricca 

Signed-off-by: Philip Tricca 
---
 recipes-extended/parted/parted_%.bbappend   |3 +++
 recipes-extended/parted/parted_3.1.bbappend |3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)
 create mode 100644 recipes-extended/parted/parted_%.bbappend
 delete mode 100644 recipes-extended/parted/parted_3.1.bbappend

diff --git a/recipes-extended/parted/parted_%.bbappend 
b/recipes-extended/parted/parted_%.bbappend
new file mode 100644
index 000..366fdf5
--- /dev/null
+++ b/recipes-extended/parted/parted_%.bbappend
@@ -0,0 +1,3 @@
+PR .= ".2"
+
+inherit enable-selinux
diff --git a/recipes-extended/parted/parted_3.1.bbappend 
b/recipes-extended/parted/parted_3.1.bbappend
deleted file mode 100644
index 366fdf5..000
--- a/recipes-extended/parted/parted_3.1.bbappend
+++ /dev/null
@@ -1,3 +0,0 @@
-PR .= ".2"
-
-inherit enable-selinux
-- 
1.7.10.4

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [PATCH][meta-selinux] cronie: Use wildcard for version number in bbappend.

2014-12-19 Thread flihp

From: Philip Tricca 

Signed-off-by: Philip Tricca 
---
 recipes-extended/cronie/cronie_%.bbappend  |3 +++
 recipes-extended/cronie/cronie_1.4.11.bbappend |3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)
 create mode 100644 recipes-extended/cronie/cronie_%.bbappend
 delete mode 100644 recipes-extended/cronie/cronie_1.4.11.bbappend

diff --git a/recipes-extended/cronie/cronie_%.bbappend 
b/recipes-extended/cronie/cronie_%.bbappend
new file mode 100644
index 000..a398bec
--- /dev/null
+++ b/recipes-extended/cronie/cronie_%.bbappend
@@ -0,0 +1,3 @@
+PR .= ".2"
+
+inherit with-selinux with-audit
diff --git a/recipes-extended/cronie/cronie_1.4.11.bbappend 
b/recipes-extended/cronie/cronie_1.4.11.bbappend
deleted file mode 100644
index a398bec..000
--- a/recipes-extended/cronie/cronie_1.4.11.bbappend
+++ /dev/null
@@ -1,3 +0,0 @@
-PR .= ".2"
-
-inherit with-selinux with-audit
-- 
1.7.10.4

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [][meta-selinux][PATCH] Fix bad path in d382d5

2015-03-03 Thread flihp

From: Philip Tricca 

BBFILE_COLLECTIONS for meta-virtualization is 'virtualization-layer'.
This is required to get lxc bbappend working when meta-virtualization is
added to bblayers.conf.

Signed-off-by: Philip Tricca 
---
 meta-virtualization/recipes-containers/lxc/lxc_%.bbappend  |1 -
 virtualization-layer/recipes-containers/lxc/lxc_%.bbappend |1 +
 2 files changed, 1 insertion(+), 1 deletion(-)
 delete mode 100644 meta-virtualization/recipes-containers/lxc/lxc_%.bbappend
 create mode 100644 virtualization-layer/recipes-containers/lxc/lxc_%.bbappend

diff --git a/meta-virtualization/recipes-containers/lxc/lxc_%.bbappend 
b/meta-virtualization/recipes-containers/lxc/lxc_%.bbappend
deleted file mode 100644
index 8c11cac..000
--- a/meta-virtualization/recipes-containers/lxc/lxc_%.bbappend
+++ /dev/null
@@ -1 +0,0 @@
-inherit enable-selinux
diff --git a/virtualization-layer/recipes-containers/lxc/lxc_%.bbappend 
b/virtualization-layer/recipes-containers/lxc/lxc_%.bbappend
new file mode 100644
index 000..8c11cac
--- /dev/null
+++ b/virtualization-layer/recipes-containers/lxc/lxc_%.bbappend
@@ -0,0 +1 @@
+inherit enable-selinux
-- 
1.7.10.4

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [meta-selinux][PATCH 0/5] Remove python dependency from refpol.

[yocto] [PATCH] policycoreutils: Patch Makefile to get load_policy symlink right.

[yocto] [meta-selinux][PATCH] policycoreutils: Patch Makefile to get load_policy symlink right.

[yocto] [][meta-selinux] libpam: Upgrade recipe with wildcard.

[yocto] [PATCH][meta-selinux] parted: Use wildcard for version number in bbappend.

[yocto] [PATCH][meta-selinux] cronie: Use wildcard for version number in bbappend.

[yocto] [][meta-selinux][PATCH] Fix bad path in d382d5

7 matches

Site Navigation

Mail list logo

Footer information