Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Adam Duskett <aduskett@gmail.com>
To: buildroot@buildroot.org
Cc: Marcus Folkesson <marcus.folkesson@gmail.com>,
	Antoine Tenart <atenart@kernel.org>,
	Asaf Kahlon <asafka7@gmail.com>,
	Thomas Petazzoni <thomas.petazzoni@bootlin.com>,
	Fabrice Fontaine <fontaine.fabrice@gmail.com>,
	Adam Duskett <aduskett@gmail.com>
Subject: [Buildroot] [PATCH v2 00/13] Selinux: bump to 3.5
Date: Tue, 25 Apr 2023 10:14:41 -0700	[thread overview]
Message-ID: <20230425171454.48802-1-aduskett@gmail.com> (raw)

It's been quite some time since anyone updated the SELinux packages (mainly me!)

Most of the changes are straight forward:
  - Update the package to 3.5
  - Change the license file from COPYING to LICENSE.
    (The COPYING file has been renamed to LICENSE.)

Some notes for specific packages:
  - Audit now installs ausearch to /usr/sbin (or we do?) As such, a small patch
    for selinux-python is necessary to change the patch for ausearch from /sbin
    to /usr/sbin

  - libselinux now requires host-pip to install the python modules.
    Surprisingly, host-pip3 cross-compiles the modules without issue and just
    worked. I should buy a lottery ticket!

  - I found out that if you have rst2html5 on the host, the glib meson package
    tries to use it to generate documents, which causes a failure on installing
    to the target. Luckily we don't want the documents so the fix is to simply
    remove the docs/ subdirectroy from meson.build. This patch is tiny and won't
    be a headache to maintain.
    
  - A small upstream patch needs to be added to refpolicy to ensure refpolicy
    builds without dbus selected.

Tested on Fedora 38. Both with pc_efi and aarch-virt configs.

Other tests ran and passed:

tests.init.test_systemd_selinux.TestSELinuxSystemdExt4
tests.init.test_systemd_selinux.TestSELinuxSystemdSquashfs
tests.core.test_selinux.TestSELinuxCustomGit
tests.core.test_selinux.TestSELinuxExtraModules
tests.core.test_selinux.TestSELinuxExtraModulesDirs
tests.core.test_selinux.TestSELinuxPackage

Changes v1 -> v2:
  - Added refpolicy/2.20221101/0001-mount-dbus-interface-must-be-optional.patch
  
Adam Duskett (13):
  package/libglib2/0003-disable-building-docs.patch: new patch
  package/python-pip: add host variant
  package/libsepol: bump to version 3.5
  package/libsemanage: bump to version 3.5
  package/libselinux: bump to version 3.5
  package/policycoreutils: bump to version 3.5
  package/checkpolicy: bump to version 3.5
  package/restorecond: bump to version 3.5
  package/semodule-utils: bump to version 3.5
  package/audit: bump to version 3.1
  package/selinux-python: bump to version 3.5
  package/setools: bump to version 4.4.2
  package/refpolicy: bump to version 2.20221101

 package/audit/audit.hash                      |  2 +-
 package/audit/audit.mk                        |  2 +-
 package/checkpolicy/checkpolicy.hash          |  4 +-
 package/checkpolicy/checkpolicy.mk            |  4 +-
 .../libglib2/0003-disable-building-docs.patch | 38 ++++++++++++++
 package/libselinux/0001-fix-musl-build.patch  |  4 +-
 ...T-and-rely-on-the-installed-file-nam.patch |  8 +--
 package/libselinux/Config.in                  |  1 +
 package/libselinux/libselinux.hash            |  2 +-
 package/libselinux/libselinux.mk              | 16 ++++--
 package/libsemanage/libsemanage.hash          |  4 +-
 package/libsemanage/libsemanage.mk            |  4 +-
 package/libsepol/libsepol.hash                |  4 +-
 package/libsepol/libsepol.mk                  |  4 +-
 ...-all-paths-that-use-an-absolute-path.patch |  2 +-
 package/policycoreutils/policycoreutils.hash  |  4 +-
 package/policycoreutils/policycoreutils.mk    |  4 +-
 package/python-pip/python-pip.mk              |  1 +
 ...ount-dbus-interface-must-be-optional.patch | 33 ++++++++++++
 package/refpolicy/refpolicy.hash              |  2 +-
 package/refpolicy/refpolicy.mk                |  2 +-
 package/restorecond/restorecond.hash          |  4 +-
 package/restorecond/restorecond.mk            |  4 +-
 .../0001-fix-ausearch-path.patch              | 37 ++++++++++++++
 package/selinux-python/selinux-python.hash    |  4 +-
 package/selinux-python/selinux-python.mk      |  4 +-
 package/semodule-utils/semodule-utils.hash    |  4 +-
 package/semodule-utils/semodule-utils.mk      |  4 +-
 ...e-setools.InfoFlowAnalysis-and-setoo.patch | 50 +++++++++----------
 package/setools/setools.hash                  |  4 +-
 package/setools/setools.mk                    |  2 +-
 31 files changed, 191 insertions(+), 71 deletions(-)
 create mode 100644 package/libglib2/0003-disable-building-docs.patch
 create mode 100644 package/refpolicy/2.20221101/0001-mount-dbus-interface-must-be-optional.patch
 create mode 100644 package/selinux-python/0001-fix-ausearch-path.patch

-- 
2.40.0

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

             reply	other threads:[~2023-04-25 17:15 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-04-25 17:14 Adam Duskett [this message]
2023-04-25 17:14 ` [Buildroot] [PATCH v2 01/13] package/libglib2/0003-disable-building-docs.patch: new patch Adam Duskett
2023-04-25 21:03   ` Peter Seiderer
2023-04-28  1:44     ` James Knight
2023-05-09 19:43   ` Yann E. MORIN
2023-04-25 17:14 ` [Buildroot] [PATCH v2 02/13] package/python-pip: add host variant Adam Duskett
2023-05-09 21:00   ` Yann E. MORIN
2023-06-12 15:52   ` Peter Korsgaard
2023-06-12 17:54     ` Yann E. MORIN
2023-06-12 19:28       ` Peter Korsgaard
2023-04-25 17:14 ` [Buildroot] [PATCH v2 03/13] package/libsepol: bump to version 3.5 Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 04/13] package/libsemanage: " Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 05/13] package/libselinux: " Adam Duskett
2023-05-09 21:02   ` Yann E. MORIN
2023-04-25 17:14 ` [Buildroot] [PATCH v2 06/13] package/policycoreutils: " Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 07/13] package/checkpolicy: " Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 08/13] package/restorecond: " Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 09/13] package/semodule-utils: " Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 10/13] package/audit: bump to version 3.1 Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 11/13] package/selinux-python: bump to version 3.5 Adam Duskett
2023-05-09 21:05   ` Yann E. MORIN
2023-04-25 17:14 ` [Buildroot] [PATCH v2 12/13] package/setools: bump to version 4.4.2 Adam Duskett
2023-04-25 17:14 ` [Buildroot] [PATCH v2 13/13] package/refpolicy: bump to version 2.20221101 Adam Duskett
2023-05-09 21:06   ` Yann E. MORIN
2023-05-09 21:00 ` [Buildroot] [PATCH v2 00/13] Selinux: bump to 3.5 Yann E. MORIN

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230425171454.48802-1-aduskett@gmail.com \
    --to=aduskett@gmail.com \
    --cc=asafka7@gmail.com \
    --cc=atenart@kernel.org \
    --cc=buildroot@buildroot.org \
    --cc=fontaine.fabrice@gmail.com \
    --cc=marcus.folkesson@gmail.com \
    --cc=thomas.petazzoni@bootlin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox