diff options
| -rw-r--r-- | recipes-security/selinux/policycoreutils_2.7.bb | 1 | ||||
| -rw-r--r-- | recipes-security/selinux/policycoreutils_git.bb | 1 | ||||
| -rw-r--r-- | recipes-security/selinux/restorecond.inc | 28 | ||||
| -rw-r--r-- | recipes-security/selinux/restorecond/policycoreutils-make-O_CLOEXEC-optional.patch (renamed from recipes-security/selinux/policycoreutils/policycoreutils-make-O_CLOEXEC-optional.patch) | 8 | ||||
| -rw-r--r-- | recipes-security/selinux/restorecond_2.7.bb | 7 |
5 files changed, 39 insertions, 6 deletions
diff --git a/recipes-security/selinux/policycoreutils_2.7.bb b/recipes-security/selinux/policycoreutils_2.7.bb index d407ac3..54ec69a 100644 --- a/recipes-security/selinux/policycoreutils_2.7.bb +++ b/recipes-security/selinux/policycoreutils_2.7.bb | |||
| @@ -8,7 +8,6 @@ SRC_URI[sha256sum] = "0a1b8a4a323b854981c6755ff025fe98a0f1cff307f109abb260f0490f | |||
| 8 | 8 | ||
| 9 | SRC_URI += "\ | 9 | SRC_URI += "\ |
| 10 | file://policycoreutils-fix-sepolicy-install-path.patch \ | 10 | file://policycoreutils-fix-sepolicy-install-path.patch \ |
| 11 | file://policycoreutils-make-O_CLOEXEC-optional.patch \ | ||
| 12 | file://policycoreutils-loadpolicy-symlink.patch \ | 11 | file://policycoreutils-loadpolicy-symlink.patch \ |
| 13 | file://policycoreutils-process-ValueError-for-sepolicy-seobject.patch \ | 12 | file://policycoreutils-process-ValueError-for-sepolicy-seobject.patch \ |
| 14 | file://policycoreutils-fix-TypeError-for-seobject.py.patch \ | 13 | file://policycoreutils-fix-TypeError-for-seobject.py.patch \ |
diff --git a/recipes-security/selinux/policycoreutils_git.bb b/recipes-security/selinux/policycoreutils_git.bb index 1f72805..2057408 100644 --- a/recipes-security/selinux/policycoreutils_git.bb +++ b/recipes-security/selinux/policycoreutils_git.bb | |||
| @@ -7,7 +7,6 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833" | |||
| 7 | 7 | ||
| 8 | SRC_URI += "\ | 8 | SRC_URI += "\ |
| 9 | file://policycoreutils-fix-sepolicy-install-path.patch \ | 9 | file://policycoreutils-fix-sepolicy-install-path.patch \ |
| 10 | file://policycoreutils-make-O_CLOEXEC-optional.patch \ | ||
| 11 | file://policycoreutils-loadpolicy-symlink.patch \ | 10 | file://policycoreutils-loadpolicy-symlink.patch \ |
| 12 | file://policycoreutils-process-ValueError-for-sepolicy-seobject.patch \ | 11 | file://policycoreutils-process-ValueError-for-sepolicy-seobject.patch \ |
| 13 | file://policycoreutils-fix-TypeError-for-seobject.py.patch \ | 12 | file://policycoreutils-fix-TypeError-for-seobject.py.patch \ |
diff --git a/recipes-security/selinux/restorecond.inc b/recipes-security/selinux/restorecond.inc new file mode 100644 index 0000000..6f12d23 --- /dev/null +++ b/recipes-security/selinux/restorecond.inc | |||
| @@ -0,0 +1,28 @@ | |||
| 1 | SUMMARY = "Daemon to watch for file creation and set default file context" | ||
| 2 | DESCRIPTION = "\ | ||
| 3 | The restorecond daemon uses inotify to watch files listed in the \ | ||
| 4 | /etc/selinux/restorecond.conf, when they are created, this daemon \ | ||
| 5 | will make sure they have the correct file context associated with \ | ||
| 6 | the policy." | ||
| 7 | |||
| 8 | SECTION = "base" | ||
| 9 | LICENSE = "GPLv2+" | ||
| 10 | |||
| 11 | SRC_URI += "file://policycoreutils-make-O_CLOEXEC-optional.patch \ | ||
| 12 | " | ||
| 13 | |||
| 14 | inherit systemd update-rc.d | ||
| 15 | |||
| 16 | DEPENDS += "libsepol libselinux libpcre dbus-glib glib-2.0 pkgconfig-native" | ||
| 17 | |||
| 18 | FILES_${PN} += "${datadir}/dbus-1/services/org.selinux.Restorecond.service \ | ||
| 19 | " | ||
| 20 | |||
| 21 | do_install_prepend() { | ||
| 22 | export SYSTEMDDIR=${D}/${systemd_unitdir} | ||
| 23 | } | ||
| 24 | |||
| 25 | SYSTEMD_SERVICE_restorecond = "restorecond.service" | ||
| 26 | INITSCRIPT_PACKAGES = "restorecond" | ||
| 27 | INITSCRIPT_NAME_restorecond = "restorecond" | ||
| 28 | INITSCRIPT_PARAMS_restorecond = "defaults" | ||
diff --git a/recipes-security/selinux/policycoreutils/policycoreutils-make-O_CLOEXEC-optional.patch b/recipes-security/selinux/restorecond/policycoreutils-make-O_CLOEXEC-optional.patch index d50356e..ab1a10a 100644 --- a/recipes-security/selinux/policycoreutils/policycoreutils-make-O_CLOEXEC-optional.patch +++ b/recipes-security/selinux/restorecond/policycoreutils-make-O_CLOEXEC-optional.patch | |||
| @@ -16,13 +16,13 @@ Uptream-Status: Inappropriate [O_CLOEXEC has been in Linux since 2007 and POSIX | |||
| 16 | Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com> | 16 | Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com> |
| 17 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> | 17 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> |
| 18 | --- | 18 | --- |
| 19 | restorecond/user.c | 8 +++++++- | 19 | user.c | 8 +++++++- |
| 20 | 1 file changed, 7 insertions(+), 1 deletion(-) | 20 | 1 file changed, 7 insertions(+), 1 deletion(-) |
| 21 | 21 | ||
| 22 | diff --git a/restorecond/user.c b/restorecond/user.c | 22 | diff --git a/user.c b/user.c |
| 23 | index 2c28676..6235772 100644 | 23 | index 2c28676..6235772 100644 |
| 24 | --- a/restorecond/user.c | 24 | --- a/user.c |
| 25 | +++ b/restorecond/user.c | 25 | +++ b/user.c |
| 26 | @@ -202,7 +202,13 @@ static int local_server() { | 26 | @@ -202,7 +202,13 @@ static int local_server() { |
| 27 | perror("asprintf"); | 27 | perror("asprintf"); |
| 28 | return -1; | 28 | return -1; |
diff --git a/recipes-security/selinux/restorecond_2.7.bb b/recipes-security/selinux/restorecond_2.7.bb new file mode 100644 index 0000000..1f9a70c --- /dev/null +++ b/recipes-security/selinux/restorecond_2.7.bb | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | include selinux_20170804.inc | ||
| 2 | include ${BPN}.inc | ||
| 3 | |||
| 4 | LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833" | ||
| 5 | |||
| 6 | SRC_URI[md5sum] = "46f8ad0a37f955ef148d4e19b8cc8b1f" | ||
| 7 | SRC_URI[sha256sum] = "cb8e0a8d706cb2c1f105125f3514dffffefcbcfb49199183a7f91ab0bdf1f24d" | ||