1 files changed, 28 insertions, 0 deletions
diff --git a/recipes-security/selinux/selinux-sandbox.inc b/recipes-security/selinux/selinux-sandbox.inc
new file mode 100644
index 0000000..8616dd7
--- /dev/null
+++ b/recipes-security/selinux/selinux-sandbox.inc
@@ -0,0 +1,28 @@
+SUMMARY = "Run cmd under an SELinux sandbox"
+DESCRIPTION = "\
+Run application within a tightly confined SELinux domain. The default \
+sandbox domain only allows applications the ability to read and write \
+stdin, stdout and any other file descriptors handed to it."
+SECTION = "base"
+LICENSE = "GPLv2+"
+SRC_URI += "file://sandbox-de-bashify.patch \
+"
+DEPENDS += "libcap-ng libselinux"
+RDEPENDS_${PN} += "\
+        python-math \
+        python-shell \
+        python-subprocess \
+        python-textutils \
+        python-unixadmin \
+        libselinux-python \
+        selinux-python \
+"
+FILES_${PN} += "\
+        ${datadir}/sandbox/sandboxX.sh \
+        ${datadir}/sandbox/start \
+"

diff --git a/recipes-security/selinux/selinux-sandbox.inc b/recipes-security/selinux/selinux-sandbox.inc new file mode 100644 index 0000000..8616dd7 --- /dev/null +++ b/recipes-security/selinux/selinux-sandbox.inc
@@ -0,0 +1,28 @@
	1	SUMMARY = "Run cmd under an SELinux sandbox"
	2	DESCRIPTION = "\
	3	Run application within a tightly confined SELinux domain. The default \
	4	sandbox domain only allows applications the ability to read and write \
	5	stdin, stdout and any other file descriptors handed to it."
	6
	7	SECTION = "base"
	8	LICENSE = "GPLv2+"
	9
	10	SRC_URI += "file://sandbox-de-bashify.patch \
	11	"
	12
	13	DEPENDS += "libcap-ng libselinux"
	14
	15	RDEPENDS_${PN} += "\
	16	python-math \
	17	python-shell \
	18	python-subprocess \
	19	python-textutils \
	20	python-unixadmin \
	21	libselinux-python \
	22	selinux-python \
	23	"
	24
	25	FILES_${PN} += "\
	26	${datadir}/sandbox/sandboxX.sh \
	27	${datadir}/sandbox/start \
	28	"