refpolicy: update to latest git rev

Drop 0003-refpolicy-minimum-make-dbus-module-optional.patch as the issue has been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Yi Zhao <yi.zhao@windriver.com> 2023-03-17 22:11:36 +0800
committer: Joe MacDonald <joe@deserted.net> 2023-03-27 09:34:02 -0400
commit: 02348acbf654c77b67d8b3443af59b2c5b25aa77 (patch)
tree: 7ef80b871b8e85f57ce580b4e06485b63beaab4e
parent: e9cea983ee0a64a5904484b775bc7b70ac83a493 (diff)
download: meta-selinux-02348acbf654c77b67d8b3443af59b2c5b25aa77.tar.gz
3 files changed, 1 insertions, 38 deletions
diff --git a/recipes-security/refpolicy/refpolicy-minimum_git.bb b/recipes-security/refpolicy/refpolicy-minimum_git.bb
index a50a4cd..67c3785 100644
--- a/recipes-security/refpolicy/refpolicy-minimum_git.bb
+++ b/recipes-security/refpolicy/refpolicy-minimum_git.bb
@@ -14,7 +14,6 @@ domains are unconfined. \
 SRC_URI += " \
        file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \
        file://0002-refpolicy-minimum-make-xdg-module-optional.patch \
-        file://0003-refpolicy-minimum-make-dbus-module-optional.patch \
        "
 POLICY_NAME = "minimum"
diff --git a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch b/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
deleted file mode 100644
index d545d2a..0000000
--- a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From e28807393f105a16528cb5304283bde0b771fc4e Mon Sep 17 00:00:00 2001
-From: Yi Zhao <yi.zhao@windriver.com>
-Date: Wed, 9 Nov 2022 10:53:26 +0800
-Subject: [PATCH] refpolicy-minimum: make dbus module optional
-The mount module invokes interface
-dbus_dontaudit_write_system_bus_runtime_named_sockets which is from dbus
-module. Since dbus is not a core moudle in sysvinit system, we could
-make this interface optional in mount module by optional_policy. Then we
-could make the minimum policy without dbus module.
-Upstream-Status: Inappropriate [embedded specific]
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- policy/modules/system/mount.te | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
-index 97f49e58e..b59529a01 100644
--- a/policy/modules/system/mount.te
-+++ b/policy/modules/system/mount.te
-@@ -146,7 +146,9 @@ selinux_getattr_fs(mount_t)
- 
- userdom_use_all_users_fds(mount_t)
- 
-dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+optional_policy(`
-+       dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+')
- 
- ifdef(`distro_redhat',`
-        optional_policy(`
-- 
-2.25.1
diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc
index 54e0890..af3413b 100644
--- a/recipes-security/refpolicy/refpolicy_git.inc
+++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -2,7 +2,7 @@ PV = "2.20221101+git${SRCPV}"
 SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=master;name=refpolicy;destsuffix=refpolicy"
-SRCREV_refpolicy ?= "03d486e306555da161b653c88e804ce23f3a0ea4"
+SRCREV_refpolicy ?= "8e8f5e3ca3e5900cad126cb8b4fadaa8adb8caac"
 UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"
author	Yi Zhao <yi.zhao@windriver.com>	2023-03-17 22:11:36 +0800
committer	Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -0400
commit	02348acbf654c77b67d8b3443af59b2c5b25aa77 (patch)
tree	7ef80b871b8e85f57ce580b4e06485b63beaab4e
parent	e9cea983ee0a64a5904484b775bc7b70ac83a493 (diff)
download	meta-selinux-02348acbf654c77b67d8b3443af59b2c5b25aa77.tar.gz

diff --git a/recipes-security/refpolicy/refpolicy-minimum_git.bb b/recipes-security/refpolicy/refpolicy-minimum_git.bb index a50a4cd..67c3785 100644 --- a/recipes-security/refpolicy/refpolicy-minimum_git.bb +++ b/recipes-security/refpolicy/refpolicy-minimum_git.bb
@@ -14,7 +14,6 @@ domains are unconfined. \
14	SRC_URI += " \	14	SRC_URI += " \
15	file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \	15	file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \
16	file://0002-refpolicy-minimum-make-xdg-module-optional.patch \	16	file://0002-refpolicy-minimum-make-xdg-module-optional.patch \
17	file://0003-refpolicy-minimum-make-dbus-module-optional.patch \
18	"	17	"
19		18
20	POLICY_NAME = "minimum"	19	POLICY_NAME = "minimum"


diff --git a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch b/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch deleted file mode 100644 index d545d2a..0000000 --- a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch +++ /dev/null
@@ -1,36 +0,0 @@
1	From e28807393f105a16528cb5304283bde0b771fc4e Mon Sep 17 00:00:00 2001
2	From: Yi Zhao <yi.zhao@windriver.com>
3	Date: Wed, 9 Nov 2022 10:53:26 +0800
4	Subject: [PATCH] refpolicy-minimum: make dbus module optional
5
6	The mount module invokes interface
7	dbus_dontaudit_write_system_bus_runtime_named_sockets which is from dbus
8	module. Since dbus is not a core moudle in sysvinit system, we could
9	make this interface optional in mount module by optional_policy. Then we
10	could make the minimum policy without dbus module.
11
12	Upstream-Status: Inappropriate [embedded specific]
13
14	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
15	---
16	policy/modules/system/mount.te \| 4 +++-
17	1 file changed, 3 insertions(+), 1 deletion(-)
18
19	diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
20	index 97f49e58e..b59529a01 100644
21	--- a/policy/modules/system/mount.te
22	+++ b/policy/modules/system/mount.te
23	@@ -146,7 +146,9 @@ selinux_getattr_fs(mount_t)
24
25	userdom_use_all_users_fds(mount_t)
26
27	-dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
28	+optional_policy(`
29	+ dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
30	+')
31
32	ifdef(`distro_redhat',`
33	optional_policy(`
34	--
35	2.25.1
36


diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc index 54e0890..af3413b 100644 --- a/recipes-security/refpolicy/refpolicy_git.inc +++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -2,7 +2,7 @@ PV = "2.20221101+git${SRCPV}"
2		2
3	SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=master;name=refpolicy;destsuffix=refpolicy"	3	SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=master;name=refpolicy;destsuffix=refpolicy"
4		4
5	SRCREV_refpolicy ?= "03d486e306555da161b653c88e804ce23f3a0ea4"	5	SRCREV_refpolicy ?= "8e8f5e3ca3e5900cad126cb8b4fadaa8adb8caac"
6		6
7	UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"	7	UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"
8		8