From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH v2 11/17] refpolicy: new package
Date: Tue, 24 Sep 2013 17:18:26 +0200 [thread overview]
Message-ID: <20130924171826.785ac962@skate> (raw)
In-Reply-To: <OF8AC563B8.B3F98355-ON86257BF0.00510B0E-86257BF0.00513A09@rockwellcollins.com>
Dear Clayton Shotwell,
On Tue, 24 Sep 2013 09:47:16 -0500, Clayton Shotwell wrote:
> > I believe we can merge the refpolicy in its current state (i.e not
> > fully perfect for Buildroot usage), with a clear comment in the
> > Config.in that says so. And then you can continue the
> > development and
> > add more fixes to the refpolicy package as you progress
> > towards making
> > it fully usable in a Buildroot environment.
> >
> > The thing I'm more worried about is that if we need
> > Buildroot-specific
> > changes, will we have to keep them as patches within
> > Buildroot forever?
>
> We might be able to work with the refpolicy maintainers to add a
> "buildroot" distro to the build system. I think a lot of that will
> depend on how extensive the changes are. I'll start making the
> changes and see how bad it is before I contact the maintainers.
Ok. The problem is that the "Buildroot" distribution is not something
that exists really. Depending on the Buildroot configuration, the
contents of the filesystem and the base system can be very different.
It could be Busybox based, or Systemd+coreutils based, or something
else. How does it work in real distributions? Is each package coming
with the SELinux rules for itself? Or should be in the context of
Buildroot just provide the tools and leave it entirely to the user to
write the proper SELinux policy?
Best regards,
Thomas
--
Thomas Petazzoni, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
next prev parent reply other threads:[~2013-09-24 15:18 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-11 21:59 [Buildroot] [PATCH v2 00/17] SELinux Buildroot Additions Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 01/17] libsepol: new package Clayton Shotwell
2013-09-12 19:18 ` Thomas Petazzoni
2013-09-20 13:34 ` Peter Korsgaard
2013-09-11 21:59 ` [Buildroot] [PATCH v2 02/17] libselinux: " Clayton Shotwell
2013-09-12 19:29 ` Thomas Petazzoni
2013-09-11 21:59 ` [Buildroot] [PATCH v2 03/17] ustr: " Clayton Shotwell
2013-09-12 19:34 ` Thomas Petazzoni
2013-09-18 2:15 ` clshotwe at rockwellcollins.com
2013-09-18 4:21 ` Thomas Petazzoni
2013-09-11 21:59 ` [Buildroot] [PATCH v2 04/17] libsemanage: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 05/17] checkpolicy: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 06/17] sepolgen: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 07/17] setools: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 08/17] libcgroup: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 09/17] policycoreutils: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 10/17] python-pyxml: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 11/17] refpolicy: " Clayton Shotwell
2013-09-18 5:18 ` Thomas Petazzoni
2013-09-23 21:52 ` Clayton Shotwell
2013-09-24 6:30 ` Thomas Petazzoni
2013-09-24 14:47 ` Clayton Shotwell
2013-09-24 15:18 ` Thomas Petazzoni [this message]
2013-09-24 18:07 ` Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 12/17] python-pyparsing: Add host build option Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 13/17] audit: new package Clayton Shotwell
2013-09-18 5:00 ` Thomas Petazzoni
2013-09-24 17:47 ` Clayton Shotwell
2013-09-24 21:57 ` Thomas Petazzoni
2013-09-25 12:29 ` Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 14/17] shadow: " Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 15/17] pcre: Add host build support Clayton Shotwell
2013-09-18 5:18 ` Thomas Petazzoni
2013-09-23 21:54 ` Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 16/17] bzip2: Add host build shared library installation Clayton Shotwell
2013-09-11 21:59 ` [Buildroot] [PATCH v2 17/17] sqlite: Add host build support Clayton Shotwell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130924171826.785ac962@skate \
--to=thomas.petazzoni@free-electrons.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox