[[yocto] [meta-selinux] zeus branch creation] On 19.11.01 (Fri 14:02) Vincent
Prince wrote:
> Hi team,
>
> Would it be possible to create zeus branch for meta-selinux layer?
Yes, for sure. Thanks for the reminder.
--
-Joe MacDonald.
Linux Architect | Mentor® A Siemens Bus
?h=
> warrior
>
> Can we revert this patch on warrior?
Sorry, I've been away from meta-selinux the last couple of weeks, I'm
addressing the warrior (and other patches in the backlog) right now.
--
-Joe MacDonald.
:wq
signature.asc
Description: PGP signature
--
Based on this discussion:
https://www.mail-archive.com/yocto@yoctoproject.org/msg45785.html the
warrior branch does not build against oe-core thud any longer. Since
that's not really intended to be a supported use caes anyway, remove the
layer compatibility statement for thud.
Signed-off-by
he HEAD commit
there, as I see it, is:
commit fb6192aa2c5df8e80c5e6d4fa5448d574332f68f (HEAD -> thud,
origin/thud)
Author: Khem Raj
Date: Tue Feb 26 11:44:43 2019 -0800
refpolicy: Forward patch to apply cleanly on thud
Also fix devtool generated warnings by refreshing patches
Signed-off-by: Khem
[Re: [meta-selinux][PATCH] conf/layer.conf: use BBFILES_DYNAMIC for dynamic
layers] On 19.09.11 (Wed 09:22) Yi Zhao wrote:
>
> On 9/10/19 1:11 AM, Joe MacDonald wrote:
> > Hi Yi,
> >
> > [[meta-selinux][PATCH] conf/layer.conf: use BBFILES_DYNAMIC for dynamic
> >
name from meta-python/recipes-extended/augeas/augeas/augeas_%.bbappend
> rename to
> dynamic-layers/openembedded-layer/recipes-support/augeas/augeas_%.bbappend
> diff --git a/virtualization-layer/recipes-containers/lxc/lxc_%.bbappend
> b/dynamic-layers/virtualization-layer/recipes-con
[Re: [meta-selinux][PATCH] selinux-autorelabel: disable enforcing mode before
relabel] On 19.09.06 (Fri 11:31) Yi Zhao wrote:
>
> On 9/5/19 7:57 PM, Joe MacDonald wrote:
> > [[meta-selinux][PATCH] selinux-autorelabel: disable enforcing mode before
> > relabel] On 19.09.05 (
SCRIPT_SRC}.sh
> > ${D}${sysconfdir}/init.d/${SELINUX_SCRIPT_DST} +# Insert the relabelling
> > code which is only needed with sysvinit + sed -i -e '/HERE/r
> > ${WORKDIR}/${SELINUX_SCRIPT_SRC}.sh.sysvinit' \ + -e '/.*HERE$/d'
> > -e
> > '/.*Contents.*sysvinit/d' \
> > + ${D}${sysconfdir}/init.d/${SELINUX_SCRIPT_DST}
> >
> > install -d ${D}${systemd_unitdir}/system
> > install -m 0644 ${WORKDIR}/${SELINUX_SCRIPT_SRC}.service
> > ${D}${systemd_unitdir}/system @@ -27,6 +33,8 @@ do_install () {
> > if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true',
> 'false',
> > d)}; then install -d ${D}${bindir}
> > install -m 0755 ${WORKDIR}/${SELINUX_SCRIPT_SRC}.sh ${D}$
> {bindir}
> > + sed -i -e '/.*HERE$/d' ${D}${bindir}/$
> {SELINUX_SCRIPT_SRC}.sh
> > + echo "# first boot relabelling" > ${D}/.autorelabel
> > fi
> > }
>
>
>
>
--
-Joe MacDonald.
Linux Architect | Mentor® A Siemens Business
:wq
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
[[meta-selinux][PATCH] selinux-autorelabel: disable enforcing mode before
relabel] On 19.09.05 (Thu 16:57) Yi Zhao wrote:
> The commit b0d31db104d9a4e94bc1409c2ffcc1d82f4a780f introduced an issue
> when first boot with bootparams="selinux=1 enforcing=1". At first boot,
> all files are unlabeled i
; a/libmount/src/Makemodule.am
> > -+++ b/libmount/src/Makemodule.am
> > -@@ -38,7 +38,7 @@ libmount_la_CFLAGS = \
> > - -I$(top_srcdir)/libmount/src
> > -
> > - libmount_la_DEPENDENCIES = \
> > -- $(libmount_la_LIBADD) \
> > -+ libcommon.la libblkid.la \
> > -
> b/recipes-security/scapy/python-scapy_2.4.3.bb
> > similarity index 100%
> > rename from recipes-security/scapy/python-scapy_2.4.2.bb
> > rename to recipes-security/scapy/python-scapy_2.4.3.bb
> > diff --git a/recipes-security/scapy/python3-scapy_2.4.2.bb
> > b/reci
bbappend to fix the configure error.
Signed-off-by: Yi Zhao
Signed-off-by: Joe MacDonald
and the second patch is already present in tree:
commit 087fe5c8144c246c6361bd8bcbd1ffd9e9b675bb
Author: Yi Zhao
Date: Fri Aug 9 17:48:00 2019 +0800
libsel
fpolicy-2.20190201/0004-refpolicy-minimum-systemd-mount-logging-authlogin-ad.patch
> @@ -33,13 +33,13 @@ Signed-off-by: Shrikant Bobade
>
> Signed-off-by: Joe MacDonald
> ---
> policy/modules/system/authlogin.te | 2 ++
> - policy/modules/system/logging.te | 7 ++-
>
selinux][PULL] refpolicy: update to 2.20190201 and git HEAD
policies (2019-04-10 10:57:14 -0400)] On 19.04.10 (Wed 11:53) Joe MacDonald
wrote:
> This is a huge, long-overdue update the refpolicy. I apologise for it
> blocking the other outstanding meta-selinux patches, but I've been
>
00644 recipes-security/selinux/libselinux_git.bb
delete mode 100644 recipes-security/selinux/libsemanage_git.bb
delete mode 100644 recipes-security/selinux/libsepol_git.bb
delete mode 100644 recipes-security/selinux/policycoreutils_git.bb
delete mode 100644 recipes-security/selinux/selinux_git.inc
--
-Joe
ject/refpolicy/releases/download/RELEASE_2_20190201/refpolicy-$
> {PV}.tar.bz2"
Thanks, good catch, I don't know how that slipped through. Corrected on
my end, I'll update it in a bit.
-J.
>
>
> Regards,
> Yi
--
-Joe MacDonald.
:wq
signature.asc
Description: PGP signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
)
are available in the Git repository at:
git://git.yoctoproject.org/meta-selinux yocto/master-next
for you to fetch changes up to 776da889b550ac9e5be414a8cc10fd86b1923264:
refpolicy: update to 2.20190201 and git HEAD policies (2019-04-10 10:57:14
-0400)
-
Hi Yi,
I'm in the process of updating a big portion of the meta-selinux layer,
starting with the policy and working outward. I am planning to update
these packages (and likely merge this) but I'm not merging your patch
yet until everything else is sorted out.
Just wanted to follow up with you so
e:
> Are there any news about this? Also for thud branch.
>
> Il mar 30 ott 2018, 14:46 Sinan Kaya ha scritto:
>
> On 10/24/2018 7:49 PM, Joe MacDonald wrote:
> > Hey all,
> >
> > I just thought I should quickly follow up on this. I have a change set
&
tree/jjm/master
https://github.com/joeythesaint/meta-selinux/tree/jjm/sumo
https://github.com/joeythesaint/meta-selinux/tree/jjm/thud
-J.
On Mon, Oct 29, 2018 at 3:16 PM akuster wrote:
>
> On 10/29/18 11:32 AM, Joe MacDonald wrote:
> > From: Hongxu Jia
> >
> > Si
Signed-off-by: Joe MacDonald
---
...poky-fc-update-alternatives_sysklogd.patch | 44 ++-
...add-rules-for-var-log-symlink-apache.patch | 10 ++---
...add-rules-for-var-log-symlink-apache.patch | 27 ++--
recipes-security/refpolicy/refpolicy_git.inc | 2 -
4 files
nt which
allows overriding the REVs from elsewhere.
Signed-off-by: Awais Belal
Signed-off-by: Joe MacDonald
---
recipes-security/refpolicy/refpolicy_git.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/recipes-security/refpolicy/refpolicy_git.inc
b/recipes-security/refpolicy/re
This reverts commit 8ff95d5b2a693aeb4e791aacf83d24313ce35f3e.
Signed-off-by: Joe MacDonald
---
conf/layer.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/conf/layer.conf b/conf/layer.conf
index 5fecac6..0f9ea41 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -18,7
-off-by: Joe MacDonald
---
recipes-security/selinux/libselinux.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/recipes-security/selinux/libselinux.inc
b/recipes-security/selinux/libselinux.inc
index 28c437f..33621cc 100644
--- a/recipes-security/selinux/libselinux.inc
+++ b/recipes
From: Chen Qi
In case of the existence of meta-mingw, the library is .dll instead of
.so and these .dll files are in ${bindir}.
We need to check the existence of the .so file before doing readlink,
otherwise do_install fails.
Signed-off-by: Chen Qi
Signed-off-by: Joe MacDonald
---
recipes
From: Piotr Tworek
The package needs logging, json and argparse modules to start.
Additionaly, it also needs libselinux-python in order to really work.
Without it it'll just print an error message instructing the user to
install it.
Signed-off-by: Piotr Tworek
Signed-off-by: Joe MacD
From: Hongxu Jia
Since `9ec5a8a layer.conf: Drop sumo from LAYERSERIES_CORENAMES' and
`9867924 layer.conf: Add thud to LAYERSERIES_CORENAMES' applied in oe-core,
update LAYERSERIES_COMPAT `sumo' -> `thud'
Signed-off-by: Hongxu Jia
Signed-off-by: Joe MacDonald
---
co
e two branches that I can
finish up the refpolicy update (2.20180701) I'd started a little while
ago. After that, I think top of my list is to clean up some (I think
unintended) behaviour in the _git recipe variants.
Comments / suggestions / etc. more than w
sumo and maybe an additional one for thud/post- possibly tomorrow or
after I get home on Friday.
-J.
[Re: [yocto] [selinux] sumo compilation] On 18.10.18 (Thu 15:08) Joe MacDonald
wrote:
> [Re: [yocto] [selinux] sumo compilation] On 18.10.18 (Thu 11:00) Mark Hatle
> wrote:
>
> >
[Re: [yocto] [selinux] sumo compilation] On 18.10.18 (Thu 11:00) Mark Hatle
wrote:
> On 10/18/18 9:49 AM, Sinan Kaya wrote:
> > CC'ing the selinux maintainers:
> >
> > I was told that using the master branch and reverting the e2fs change
> > (http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinu
+= "${sbindir}/semodule"
> +FILES_${PN}-semodule += "${base_sbindir}/semodule"
> FILES_${PN}-hll += "${prefix}/libexec/selinux/hll/*"
> FILES_${PN}-sestatus += "\
> - ${sbindir}/sestatus \
> + ${base_sbindir}/sestatus \
> ${sysconf
aware of build and boot issues on arm and arm64, I'm looking at
getting that functional now, but if you've got changes to support those
that have presumably fallen through the cracks, please feel free to send
them again or point me at them in the arc
>> --Mark
> >>
> >>> Thanks,
> >>> Rudi
> >>>
> >>>
> >>>
> >>> On 05/07/2018 10:20 AM, akuster808 wrote:
> >>>> On 04/14/2018 07:08 PM, Armin Kuster wrote:
> >>>>> Missing or unbuildable dependency chain was: ['meta-world-pkgdata',
> >>>>> 'restorecond', 'libselinux', 'python-importlib']
> >>>>>
> >>>>> Signed-off-by: Armin Kuster
> >>>> ping
> >>>>> ---
> >>>>> recipes-security/selinux/libselinux.inc | 2 +-
> >>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>>>>
> >>>>> diff --git a/recipes-security/selinux/libselinux.inc
> >>>>> b/recipes-security/selinux/libselinux.inc
> >>>>> index bd5ce8d..51d0875 100644
> >>>>> --- a/recipes-security/selinux/libselinux.inc
> >>>>> +++ b/recipes-security/selinux/libselinux.inc
> >>>>> @@ -8,7 +8,7 @@ LICENSE = "PD"
> >>>>> inherit lib_package pythonnative
> >>>>>
> >>>>> DEPENDS += "libsepol python libpcre swig-native"
> >>>>> -RDEPENDS_${PN}-python += "python-importlib"
> >>>>> +RDEPENDS_${PN}-python += "python-core"
> >>>>>
> >>>>> PACKAGES += "${PN}-python"
> >>>>> FILES_${PN}-python =
> >>>>> "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
> >>>
> >>>
> >
>
>
--
-Joe MacDonald.
:wq
signature.asc
Description: PGP signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
elinux.inc
> > @@ -8,7 +8,7 @@ LICENSE = "PD"
> > inherit lib_package pythonnative
> >
> > DEPENDS += "libsepol python libpcre swig-native"
> > -RDEPENDS_${PN}-python += "python-importlib"
> > +RDEPENDS_${PN}-python += "p
systems.
> > 2. Is there some documentation somewhere on reference builds of
> > Morty with SELinux enforcing ?
There is not at the moment, as far as I know. It's possible that
someone else currently using that combination can help out with some
guidance, but we haven't done an
[RE: [yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-selinux]
On 17.05.08 (Mon 01:40) Huang, Jie (Jackie) wrote:
>
>
> > -Original Message-
> > From: Joe MacDonald [mailto:joe_macdon...@mentor.com]
> > Sent: Tuesday, May 02, 2017 21:14
&g
> - "
> -
> inherit with-selinux
> PACKAGECONFIG[selinux] = "${WITH_SELINUX},${WITHOUT_SELINUX},libsemanage,"
--
-Joe MacDonald.
:wq
--- Begin Message ---
[[yocto] [meta-selinux][PATCH V3] rpm: modify the rpm bbappend file to suitable
for rpm4] On 17.05.10 (Wed
ATHS_prepend := "${THISDIR}/${PN}:"
>
> -FILES_${PN} += "${libdir}/rpm/bin/spooktool \
> -${libdir}/rpm/bin/semodule \
> - "
> -
> inherit with-selinux
> PACKAGECONFIG[selinux] = "${WITH_SELINUX},${WITHOUT_SELINUX},libsemanage,"
> --
rst boot time, as is commonly done with desktop and
server distros.
Signed-off-by: Joe MacDonald
---
classes/selinux-image.bbclass | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/classes/selinux-image.bbclass b/classes/selinux-image.bbclass
index 9303610..90ead2f 100644
-
ex 8d9029b..f1bdaf8 100644
> --- a/recipes-core/systemd/systemd_%.bbappend
> +++ b/recipes-core/systemd/systemd_%.bbappend
> @@ -1,2 +1 @@
> inherit enable-audit
> -inherit enable-selinux
> --
> 2.8.3
>
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital sig
> How can be solved this error? Are you planned to update some patch for solving
> this issue?
>
> Looking forward to your answer,
> Best regards,
> Pello
--
-Joe MacDonald.
:wq
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
Based on the blacklist behaviour, recipes can be tagged as deprecated.
Such recipes will produce a warning message when included in a build but
unlike blacklisted recipes, the build will continue. Update the
documentation to support this new variable.
Signed-off-by: Joe MacDonald
---
This
Hi guys,
[Re: [meta-selinux] What's the point of refpolicy-minimum?] On 17.01.12 (Thu
12:57) wenzong fan wrote:
> On 01/10/2017 10:48 PM, Joe MacDonald wrote:
> >Wenzong / Shrikant,
> >
> >I thought I knew the answer to the above question, and maybe my
> >under
[Re: [yocto] [meta-selinux][PATCH 0/2] uprev refpolicy to 2.20161023] On
17.01.11 (Wed 10:24) wenzong fan wrote:
> On 01/10/2017 10:25 PM, Joe MacDonald wrote:
> >[[yocto] [meta-selinux][PATCH 0/2] uprev refpolicy to 2.20161023] On
> >17.01.10 (Tue 00:54) wenzong@wind
7;m going to remove the 'include [...].bb' from both
'minimum' recipes, as that's completely incorrect, but when I do that I
want to know what anyone using this recipe wants to see from it, so
whatever the 'include' gets replaced with is doing the right thing
(whic
curity/refpolicy/{refpolicy-2.20151208 =>
> refpolicy-2.20161023}/refpolicy-update-for_systemd.patch (100%)
> rename recipes-security/refpolicy/{refpolicy-mcs_2.20151208.bb =>
> refpolicy-mcs_2.20161023.bb} (100%)
> rename recipes-security/refpolicy/{refpolicy-minimum_2.20151208
A number of upstream changes caused patch conflicts or duplication in the
final policy. Update the list of git patches appropriately.
Signed-off-by: Joe MacDonald
---
.../ftp-add-ftpd_t-to-mlsfilewrite.patch | 11 +-
.../refpolicy/refpolicy-git/poky-fc-clock.patch| 11
missive booting.
[YOCTO #7506]
Signed-off-by: Joe MacDonald
---
The Yocto bug mentions asked whether removing this setenforce call (that is,
allowing booting in permissive mode) would cause new warnings / errors /
whatever or would potentially even prevent booting at all. I tried to cover the
vari
Augeas lives in meta-python, but meta-selinux shouldn't specifically
require meta-python in every build, so make the bbappend optional using
the standard mechanism already present in the layer.conf.
Signed-off-by: Joe MacDonald
---
meta-python/recipes-extended/augeas/augeas/augeas_%.bba
, possibly more).
Since the intent was to only have one present in the default image anyway,
we'll just throw out the 'virtual/' part of the RPROVIDES and related
dependencies across the board.
Signed-off-by: Joe MacDonald
---
In terms of testing on this change, my primary approach
e2fsprogs has been updated with oe-core commit
f221f331704c0bdfc7c1dd361e666ce2158fe282 Update our bbappend accordingly.
Signed-off-by: Joe MacDonald
---
.../e2fsprogs/{e2fsprogs_git.bbappend => e2fsprogs_%.bbappend}| 0
1 file changed, 0 insertions(+), 0 deletions(-)
ren
define the contents of the ifenslave
> package.
>
> Please correct the above if I have missed something, made an invalid
> assumption, or am barking up the wrong tree.
>
> --
> Paul Stath
> Senior Software Engineer
> Axxcelera Broadband Wireless
> Richmond, VA 23228
>
>
>
>
>
>
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
Philip / Wenzong,
[Re: [yocto] [meta-selinux][PATCH 2/3] Integrate selinux-config into
refpolicy_common.] On 16.04.12 (Tue 13:54) wenzong fan wrote:
> On 04/12/2016 11:55 AM, Philip Tricca wrote:
> >Hello,
> >
> >On 04/11/2016 05:54 AM, Joe MacDonald wrote:
> >>&g
cb788c80a0384361b4de20420"
> >-PR = "r4"
> >-
> >-S = "${WORKDIR}"
> >-
> >-CONFFILES_${PN} += "${sysconfdir}/selinux/config"
> >-
> >-PACKAGE_ARCH = "${MACHINE_ARCH}"
> >-
> >-do_install () {
> >-echo "\
> >-# This file controls the state of SELinux on the system.
> >-# SELINUX= can take one of these three values:
> >-# enforcing - SELinux security policy is enforced.
> >-# permissive - SELinux prints warnings instead of enforcing.
> >-# disabled - No SELinux policy is loaded.
> >-SELINUX=${DEFAULT_ENFORCING}
> >-# SELINUXTYPE= can take one of these values:
> >-# standard - Standard Security protection.
> >-# mls - Multi Level Security protection.
> >-# targeted - Targeted processes are protected.
> >-# mcs - Multi Category Security protection.
> >-SELINUXTYPE=${@d.getVar("PREFERRED_PROVIDER_virtual/refpolicy",
> >False)[len("refpolicy-"):]}
> >-" > ${WORKDIR}/config
> >-install -d ${D}/${sysconfdir}/selinux
> >-install -m 0644 ${WORKDIR}/config ${D}/${sysconfdir}/selinux/
> >-}
> >-
> >-sysroot_stage_all_append () {
> >-sysroot_stage_dir ${D}${sysconfdir} ${SYSROOT_DESTDIR}${sysconfdir}
> >-}
> >
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
is what we were
discussing last week and it seemed to make sense at the time, I went
ahead and merged your patches for you.
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
[Re: [yocto] [meta-selinux] git recipes] On 16.03.02 (Wed 19:59) Philip Tricca
wrote:
> On 03/02/2016 07:47 AM, Radzykewycz, T (Radzy) wrote:
> >
> > On 3/1/16 21:40, Philip Tricca wrote:
> >> On 03/01/2016 10:30 AM, Joe MacDonald
> > that a new udev cache would be generated;
> > - # otherwise, we do not bother to read files.
> > - readfiles $CMP_FILE_LIST
> > - echo "$READDATA" > /dev/s
nd of
> >> 2013. They're also disabled via DEFAULT_PREFERENCE = "-1"
> >>
> >> These 'git' versions seem super useful for testing bleeding edge stuff
> >> so IMHO keeping them around would be the right thing to do. Not sure how
>
e 'steps:' stanza will be included.
Signed-off-by: Joe MacDonald
---
.../site-packages/autobuilder/buildsteps/CreateBBLayersConf.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git
a/lib/python2.7/site-packages/autobuilder/buildsteps/CreateBBLayersC
[Re: [yocto] [meta-selinux][PATCH] swig is in meta-oe, remove this copy] On
16.02.22 (Mon 15:58) Burton, Ross wrote:
>
> On 22 February 2016 at 15:33, Joe MacDonald wrote:
>
> I'm also not against removing the local copy (I don't think it adds
> anything to t
find pcre-config script from PCRE (Perl Compatible Regular
> > Expressions)
> > --library package. This dependency is needed for configure to
> > complete,
> > --Either:
> > --- Install the PCRE developer package on your system (preferred
[Re: [yocto] [meta-selinux][PATCH] MAINTAINERS: Update maintainers file] On
16.02.20 (Sat 20:24) Philip Tricca wrote:
> On 02/17/2016 06:41 PM, Joe MacDonald wrote:
> > Adding Philip Tricca as a common layer maintainer and marking Pascal as
> > away.
>
> While the admins up
Adding Philip Tricca as a common layer maintainer and marking Pascal as
away.
Signed-off-by: Joe MacDonald
---
MAINTAINERS | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
Pascal: if you're still watching the list, it looks like your email is
bouncing, can you contact either
/net-tools_1.60-25.bbappend
> b/recipes-extended/net-tools/net-tools_1.60-%.bbappend
> similarity index 100%
> rename from recipes-extended/net-tools/net-tools_1.60-25.bbappend
> rename to recipes-extended/net-tools/net-tools_1.60-%.bbappend
> --
> 2.1.4
>
--
-Joe
Commit bf362e4a8bb9fef3d16b81dea7b39a057e293ee4 in poky updates net-tools,
take this opportunity to convert this to a wildcard, since the bbappend
still seems to apply.
Signed-off-by: Joe MacDonald
---
recipes-extended/net-tools/net-tools_%.bbappend | 11 +++
recipes-extended/net
"failed to get value,
> >>>> skipping\n");
> >>>> ++ goto next;
> >>>> ++ }
> >>>> ++ /* setup offsets and lengths for name and value */
> >>>> ++ entry->e_name_len = name_l
Acked-by: Joe MacDonald
[[meta-cgl][PATCH] README: updated maintainers and general content accordingly]
On 15.08.25 (Tue 14:00) Alexandru.Vaduva wrote:
> Signed-off-by: Alexandru.Vaduva
>
> Author:Alexandru.Vaduva
> Signed-off-by: Alexandru.Vaduva
> ---
le
of patches) and it looks like I didn't destroy Phil's work on the
filesystem labelling bits when rebasing them, so I expect I'll merge
those tomorrow too. Let's say everything after that is negotiable. :-)
-J.
>
> ../Randy
>
> ---
>
> Going on-list like I
e result of a
conscious decision. It's totally worthwhile re-visiting that decision,
though to make sure the reasons are still valid.
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
> > +
> > +RDEPENDS_${PN}-runtime += "${@target_selinux(d,
> 'pam-plugin-selinux')}"
> > diff --git a/recipes-extended/pam/libpam_1.1.6.bbappend
> > b/recipes-extended/pam/libpam_1.1.6.bbappend
> > deleted
atch
> create mode 100644
> recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block.patch
> create mode 100644
> recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-cache.patch
> create mode 100644
> recipes-devtools/e2fsprogs/e2fsprogs/mke2fs.c-create_inode.
a/recipes-extended/findutils/findutils_4.4.2.bbappend
> >+++ b/recipes-extended/findutils/findutils_4.4.2.bbappend
> >@@ -5,6 +5,7 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}-${PV}:"
> > SRC_URI +=
> > "git://git.savannah.gnu.org/gnulib.git;protocol=git;rev=0e0635af0b23826911dc456bd0da40dcb19247de"
> > SRC_URI += "file://findutils-with-selinux.patch"
> > SRC_URI += "file://findutils-with-selinux-gnulib.patch"
> >+SRC_URI +=
> >"file://drop-the-error-output-of-ls-command.patch;patchdir=../git/"
> >
> > inherit with-selinux
> >
> >
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
I will, of course, actually spell-check the commit log before committing
anything.
-J.
[[yocto] [meta-selinux][PATCH] python: use wildcard for verison] On 15.02.25
(Wed 10:13) Joe MacDonald wrote:
> The current python bbappend doesn't include any patches, so it's
> reasona
The current python bbappend doesn't include any patches, so it's
reasonable to move to a wildcard for the version.
Signed-off-by: Joe MacDonald
---
recipes-devtools/python/{python_2.7.3.bbappend => python_%.bbappend} | 2 --
1 file changed, 2 deletions(-)
rename recipes-de
http://crashcourse.ca
>
> Twitter: http://twitter.com/rpjday
> LinkedIn: http://ca.linkedin.com/in/rpjday
>
--
-Joe MacDonald.
:wq
signature.asc
Descri
libpcap was not previously installing a pkg-config file. Add a basic one
that will allow using 'pkg-config --libs libpcap', for example, in recipes
rather than 'pcap-config', which frequently returns incorrect information.
Signed-off-by: Joe MacDonald
---
I'm n
Both the fixfiles and sandbox utilities had dependencies on bash when they
didn't really need to. Update sandbox and patch fixfiles. ifgen is
python script, so ensure that python is listed as a runtime dependency.
Signed-off-by: Joe MacDonald
---
recipes-security/selinux/policycoreutil
l and without having to resort to tools like git-diff and git-checkout
to try alternate configurations.
Signed-off-by: Joe MacDonald
---
.gitignore | 15 ++---
yocto-autobuilder-setup| 37 +
.../Mak
-autobuilder-setup
YOCTO_AB_CONFIG_DIR need not exist prior to sourcing the setup script, but
the parent directory must be writable. If YOCTO_AB_CONFIG_DIR does
already exist, the setup script will attempt to re-use that directory.
Signed-off-by: Joe MacDonald
---
yocto-autobuilder-setup | 92
'll just include both in a single thread.
-J.
>
> On 17 February 2015 at 21:41, Joe MacDonald wrote:
> > The main README points at conf/autobuilder.conf and conf/yoctoAB.conf,
> > both of which aren't the current places where the autobuilder looks for
> > these fi
Add in support for optional bbappends based on the presence of other
layers in the project and move the lxc recipe to a meta-virtualization
location.
Signed-off-by: Joe MacDonald
---
README | 13 +
conf/layer.conf
On Tue, Feb 17, 2015 at 9:51 PM, Joe MacDonald wrote:
> Move yocto-controller and yocto-worker to .template versions and update
> the setup script to move them in the expected location if they aren't
> already preset, allowing local configurations to make whatever changes
> they
l and without having to resort to tools like git-diff and git-checkout
to try alternate configurations.
Signed-off-by: Joe MacDonald
---
.gitignore | 14 ++--
yocto-autobuilder-setup| 37 +
.../Mak
paste-friendly.
Signed-off-by: Joe MacDonald
---
README | 6 +++---
README-NEW-AUTOBUILDER | 14 +++---
2 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/README b/README
index 94dae28..06b9cbc 100644
--- a/README
+++ b/README
@@ -97,13 +97,13 @@ Setting up
nt or long
in the past.
Signed-off-by: Joe MacDonald
---
yocto-start-autobuilder | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/yocto-start-autobuilder b/yocto-start-autobuilder
index 7078163..ee597df 100755
--- a/yocto-start-autobuilder
+++ b/yocto-start-autobui
yocto-autobuilder-setup modifies bin/worker-init on every new deployment,
so we don't want to consider worker-init for tracking by default.
Signed-off-by: Joe MacDonald
---
.gitignore | 5 +
1 file changed, 5 insertions(+)
diff --git a/.gitignore b/.gitignore
index cb595bb..a4b31c6 1
changes to it as well.
Signed-off-by: Joe MacDonald
---
.gitignore | 6 ++
1 file changed, 6 insertions(+)
diff --git a/.gitignore b/.gitignore
index f1f9e4e..cb595bb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,11 @@
*.so
*.pyc
+# Configuration hunks, changed by anyone using AB
nt to bring in all of these additional layers, my advice
for the short term is to stick with either the 1.7 branch or if you know
you need to work on master, stick with commit 0d270cbd.
-J.
[Re: [meta-selinux][PATCH] Add explicit dependency on layers with recipes we
bbappend.] On 15.02.12 (Thu
BFILE_PRIORITY_selinux = "5"
> # cause compatibility issues with other layers
> LAYERVERSION_selinux = "1"
>
> -LAYERDEPENDS_selinux = "core"
> +LAYERDEPENDS_selinux = " \
> +core \
> +meta-python \
> +networking-layer \
>
there are quite a few developers
> > using SELiunx on embedded products in Japan.
>
> I guess I've been wondering the same thing. For OpenXT we had
> implemented our own SELinux support on top of OE (we weren't OSS at the
>
ough, it's really not possible to divorce
much of SELinux functionality from python on the target, so then I don't
know if it really makes sense for something like that to be part of
oe-core, proper. I would think no.
>
> Cheers,
> Paul
>
> --
>
> Paul Eggleton
> Intel Open Source Technology Centre
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
w many recipes it has to touch. Ultimately it
> > depends on how many people in the embedded space want to enable and use
> > SELinux.
> >
> > Thoughts from others?
> >
>
> In OpenXT we're using OE to generate images for dom0, a user interface
> domain,
dutils/findutils_4.5.%.bbappend
> create mode 100644 recipes-extended/logrotate/logrotate_%.bbappend
> delete mode 100644 recipes-extended/logrotate/logrotate_3.8.7.bbappend
> create mode 100644 recipes-extended/tar/tar_%.bbappend
> delete mode 100644 r
; new file mode 100644
> index 000..8c11cac
> --- /dev/null
> +++ b/recipes-containers/lxc/lxc_%.bbappend
> @@ -0,0 +1 @@
> +inherit enable-selinux
> --
> 2.1.0
>
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
auditd.service
> +++ b/recipes-security/audit/audit/auditd.service
> @@ -5,7 +5,6 @@ After=local-fs.target
> Conflicts=shutdown.target
> Before=sysinit.target shutdown.target
> After=systemd-tmpfiles-setup.service
> -RefuseManualStop=yes
>
> [Service]
>
> @@ -29,6 +29,7 @@ SRC_URI += "file://poky-fc-subs_dist.patch \
> file://poky-fc-rpm.patch \
> file://poky-fc-ftpwho-dir.patch \
> file://poky-fc-fix-real-path_su.patch \
> +file://refpolicy-update-for_systemd.patch \
> "
>
> # Specific policy for Poky
> --
> 1.7.9.5
>
>
>
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
f_4.87.bbappend
> b/recipes-extended/lsof/lsof_%.bbappend
> similarity index 100%
> rename from recipes-extended/lsof/lsof_4.87.bbappend
> rename to recipes-extended/lsof/lsof_%.bbappend
> --
> 1.9.1
>
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
tended/parted/parted_3.1.bbappend
> b/recipes-extended/parted/parted_3.1.bbappend
> deleted file mode 100644
> index 366fdf5..000
> --- a/recipes-extended/parted/parted_3.1.bbappend
> +++ /dev/null
> @@ -1,3 +0,0 @@
> -PR .= ".2&qu
diff --git a/recipes-extended/cronie/cronie_1.4.11.bbappend
> b/recipes-extended/cronie/cronie_1.4.11.bbappend
> deleted file mode 100644
> index a398bec..000
> --- a/recipes-extended/cronie/cronie_1.4.11.bbappend
> +++ /dev/null
> @@ -1,3 +0,0 @@
> -PR .= ".2"
>
/systemd/systemd_%.bbappend
> @@ -0,0 +1,2 @@
> +inherit enable-audit
> +inherit enable-selinux
> --
> 1.7.9.5
>
--
-Joe MacDonald.
:wq
signature.asc
Description: Digital signature
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
1 - 100 of 208 matches
Mail list logo
