From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail1.windriver.com (mail1.windriver.com [147.11.146.13]) by yocto-www.yoctoproject.org (Postfix) with ESMTP id BF0D5E003D7 for ; Mon, 27 Jan 2014 23:21:33 -0800 (PST) Received: from ALA-HCA.corp.ad.wrs.com (ala-hca.corp.ad.wrs.com [147.11.189.40]) by mail1.windriver.com (8.14.5/8.14.5) with ESMTP id s0S7LVlL020911 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for ; Mon, 27 Jan 2014 23:21:32 -0800 (PST) Received: from Pascal-MacBookPro.local (128.224.159.178) by ALA-HCA.corp.ad.wrs.com (147.11.189.50) with Microsoft SMTP Server id 14.2.347.0; Mon, 27 Jan 2014 23:21:31 -0800 Message-ID: <52E75A79.60200@windriver.com> Date: Tue, 28 Jan 2014 15:21:29 +0800 From: Pascal Ouyang User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: wenzong fan , , References: <52E614F2.5060900@windriver.com> <52E61C69.5030405@windriver.com> In-Reply-To: <52E61C69.5030405@windriver.com> X-TagToolbar-Keys: D20140128152129405 Subject: Re: [meta-selinux][PATCH 1/1] selinux: set policy-version to 28 X-BeenThere: yocto@yoctoproject.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Discussion of all things Yocto Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jan 2014 07:21:33 -0000 Content-Type: text/plain; charset="GB2312" Content-Transfer-Encoding: 8bit 于 14-1-27 下午4:44, wenzong fan 写道: > On 01/27/2014 04:12 PM, Pascal Ouyang wrote: >> 于 14-1-27 下午2:52, wenzong.fan@windriver.com 写道: >>> From: Wenzong Fan >>> >>> The default policy version of new selinux toolchains is 29, to >>> fit kernel 3.10.x, set it to 28. >>> --- >>> recipes-security/refpolicy/refpolicy_common.inc | 2 ++ >>> recipes-security/selinux/libsemanage.inc | 3 +++ >>> 2 files changed, 5 insertions(+) >>> >>> diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc >>> index 6bf7830..fbf9441 100644 >>> --- a/recipes-security/refpolicy/refpolicy_common.inc >>> +++ b/recipes-security/refpolicy/refpolicy_common.inc >>> @@ -76,6 +76,8 @@ args = -q -c \$@ \$< >>> path = ${STAGING_DIR_NATIVE}${sbindir_native}/sefcontext_compile >>> args = \$@ >>> [end] >>> + >>> +policy-version = 28 >>> EOF >>> mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/policy >>> mkdir -p ${D}${sysconfdir}/selinux/${POLICY_NAME}/modules/active/modules >>> diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage.inc >>> index 5e90c26..799d864 100644 >>> --- a/recipes-security/selinux/libsemanage.inc >>> +++ b/recipes-security/selinux/libsemanage.inc >>> @@ -41,6 +41,9 @@ do_install() { >>> DESTDIR=${D} \ >>> PYLIBVER='python${PYTHON_BASEVERSION}' \ >>> PYLIBDIR='${D}/${libdir}/$(PYLIBVER)' >>> + >>> + # Update "policy-version" for semanage.conf >>> + echo "policy-version = 28" >> "${D}/etc/selinux/semanage.conf" >> >> please use this instead. Thanks. >> >> sed -i 's/^#\s*\(policy-version\s*=\).*$/\1 28/' \ >> ${D}/etc/selinux/semanage.conf >> >>> } >>> >>> BBCLASSEXTEND = "native" > > Branch updated, please help to merge: > > http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/policy-version > > Thanks > Wenzong > >>> >> >> > > Merged. Thanks. :) - Pascal -- - Pascal