[yocto] [meta-selinux] do_install failing with monolithic policy in meta-selinux refpolicy

Fri, 27 Sep 2024 12:15:04 -0700 

Hi Yocto team,

I'm trying to enable SELinux in my custom image with meta-selinux layer. I have 
poky & meta-openembedded also in place. The refpolicy I have used is 
"refpolicy-standard" & mode as "enforcing". I have enabled monolithic by 
setting POLICY_MONOLITHIC to "y" in 
https://git.yoctoproject.org/meta-selinux/tree/recipes-security/refpolicy/refpolicy_common.inc#n111
But compiling refpolicy-standard is failing at do_install with following error :

Creating policy.xml
Updating policy/booleans.conf and policy/modules.conf
support/sedoctool.py:269: SyntaxWarning: "is not" with a literal. Did you mean 
"!="?
if desc.data is not '':
Installing local.users
Failed to open 
/yocto/build/tmp/work/qemuarm64-gnu-linux/refpolicy-standard/2.20190201+gitAUTOINC+df696a3254-r0/image/usr/share/selinux/standard/*.*:
 No such file or directory
bzip2: Can't open input file 
/yocto/build/tmp/work/qemuarm64-gnu-linux/refpolicy-standard/2.20190201+gitAUTOINC+df696a3254-r0/image/usr/share/selinux/standard/*.*:
 No such file or directory.
cp: cannot stat 
'/yocto/build/tmp/work/qemuarm64-gnu-linux/refpolicy-standard/2.20190201+gitAUTOINC+df696a3254-r0/image/usr/share/selinux/standard/*.*':
 No such file or directory
WARNING: exit code 1 from a shell command.
ERROR: Execution of 
'/yocto/build/tmp/work/qemuarm64-gnu-linux/refpolicy-standard/2.20190201+gitAUTOINC+df696a3254-r0/temp/run.do_install.2247013'
 failed with exit code 1:
Compiling and installing standard /yocto/build/tmp/work/qemuarm64-gnu-li

This seems like an issue with prepare_policy_store function in 
https://git.yoctoproject.org/meta-selinux/tree/recipes-security/refpolicy/refpolicy_common.inc#n161
which is trying to access each .pp file, but these files will not be present 
when using monolithic option.

Any help on the installation failure? Thanks in advance!

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#63905): https://lists.yoctoproject.org/g/yocto/message/63905
Mute This Topic: https://lists.yoctoproject.org/mt/108691326/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to