diff options
author | Nisha Parrakat <nishaparrakat@gmail.com> | 2021-08-13 07:22:02 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-08-13 22:43:56 +0100 |
commit | 8ff845c9ba1ca55e2f984f93944804c02f807dcc (patch) | |
tree | dfcb94b8d62697c2764b68053e7210ed376ba358 /meta/recipes-core/dbus/dbus.inc | |
parent | ddd4b8c9a1bf590f784ba5ced84fb1fef198cd10 (diff) | |
download | poky-8ff845c9ba1ca55e2f984f93944804c02f807dcc.tar.gz |
dbus_%.bbappend: stop using selinux_set_mapping
https://gitlab.freedesktop.org/dbus/dbus/-/issues/198
https://gitlab.freedesktop.org/dbus/dbus/-/commit/6072f8b24153d844a3033108a17bcd0c1a967816
Currently, if the "dbus" security class or the associated AV doesn't
exist, dbus-daemon fails to initialize and exits immediately. Also the
security classes or access vector cannot be reordered in the policy.
This can be a problem for people developing their own policy or trying
to access a machine where, for some reasons, there is not policy defined
at all.
The code here copy the behaviour of the selinux_check_access() function.
We cannot use this function here as it doesn't allow us to define the
AVC entry reference.
See the discussion at https://marc.info/?l=selinux&m=152163374332372&w=2
(From OE-Core rev: 0441b53d55a919b5ac42e997f4092053b017b553)
Signed-off-by: Nisha Parrakat <nishaparrakat@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/dbus/dbus.inc')
-rw-r--r-- | meta/recipes-core/dbus/dbus.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/dbus/dbus.inc b/meta/recipes-core/dbus/dbus.inc index f0eeffacc8..adc138bf10 100644 --- a/meta/recipes-core/dbus/dbus.inc +++ b/meta/recipes-core/dbus/dbus.inc | |||
@@ -8,6 +8,7 @@ SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.gz \ | |||
8 | file://tmpdir.patch \ | 8 | file://tmpdir.patch \ |
9 | file://dbus-1.init \ | 9 | file://dbus-1.init \ |
10 | file://clear-guid_from_server-if-send_negotiate_unix_f.patch \ | 10 | file://clear-guid_from_server-if-send_negotiate_unix_f.patch \ |
11 | file://stop_using_selinux_set_mapping.patch \ | ||
11 | " | 12 | " |
12 | 13 | ||
13 | SRC_URI[md5sum] = "dfe8a71f412e0b53be26ed4fbfdc91c4" | 14 | SRC_URI[md5sum] = "dfe8a71f412e0b53be26ed4fbfdc91c4" |