On 03/21/2016 12:26 AM, Philip Tricca wrote: > This was mostly straight forward. Had to refresh a single patch: > poky-policy-fix-new-SELINUXMNT-in-sys.patch
Can we drop that one? Doesn't upstream already include rules for the change from /selinux to /sys/fs/selinux, since that has been the default for Linux 3.0 and later? Also, refpolicy-update-for_systemd.patch seems suspect, given that upstream refpolicy already includes systemd support (but you need to build with SYSTEMD=y, which can be done now via POLICY_SYSTEMD=y in your local.conf or elsewhere). The only bit I see in that patch that isn't already in refpolicy is allow devpts device_t:filesystem associate; which ought to be rewritten as dev_associate(devpts_t) and upstreamed to refpolicy terminal.te if needed. I assume that is from creating the /dvv/pts mount point and automatically trying to label it according to file_contexts, but the type in file_contexts is really for the devpts mount, not the mount point. -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
