diff options
| author | Xin Ouyang <Xin.Ouyang@windriver.com> | 2012-11-26 18:43:22 +0800 |
|---|---|---|
| committer | Xin Ouyang <Xin.Ouyang@windriver.com> | 2012-11-26 18:46:00 +0800 |
| commit | d72b55bc20e2d954edd7179ad75023b97375cb29 (patch) | |
| tree | d9fdf628636bb36403ee73e0244ad7cb65c1f993 | |
| parent | 6398c194e31426510773623462bef6beac2803e2 (diff) | |
| download | meta-selinux-d72b55bc20e2d954edd7179ad75023b97375cb29.tar.gz | |
refpolicy: standard/mls policy should set UBAC=n
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
| -rw-r--r-- | recipes-security/refpolicy/refpolicy-mls_2.20120725.bb | 3 | ||||
| -rw-r--r-- | recipes-security/refpolicy/refpolicy-standard_2.20120725.bb | 3 | ||||
| -rw-r--r-- | recipes-security/refpolicy/refpolicy_common.inc | 1 |
3 files changed, 5 insertions, 2 deletions
diff --git a/recipes-security/refpolicy/refpolicy-mls_2.20120725.bb b/recipes-security/refpolicy/refpolicy-mls_2.20120725.bb index 77b7e0f..4d75322 100644 --- a/recipes-security/refpolicy/refpolicy-mls_2.20120725.bb +++ b/recipes-security/refpolicy/refpolicy-mls_2.20120725.bb | |||
| @@ -5,11 +5,12 @@ It allows giving data labels such as \"Top Secret\" and preventing \ | |||
| 5 | such data from leaking to processes or files with lower classification. \ | 5 | such data from leaking to processes or files with lower classification. \ |
| 6 | " | 6 | " |
| 7 | 7 | ||
| 8 | PR = "r2" | 8 | PR = "r3" |
| 9 | 9 | ||
| 10 | POLICY_NAME = "mls" | 10 | POLICY_NAME = "mls" |
| 11 | POLICY_TYPE = "mls" | 11 | POLICY_TYPE = "mls" |
| 12 | POLICY_DISTRO = "redhat" | 12 | POLICY_DISTRO = "redhat" |
| 13 | POLICY_UBAC = "n" | ||
| 13 | POLICY_UNK_PERMS = "allow" | 14 | POLICY_UNK_PERMS = "allow" |
| 14 | POLICY_DIRECT_INITRC = "n" | 15 | POLICY_DIRECT_INITRC = "n" |
| 15 | POLICY_MONOLITHIC = "n" | 16 | POLICY_MONOLITHIC = "n" |
diff --git a/recipes-security/refpolicy/refpolicy-standard_2.20120725.bb b/recipes-security/refpolicy/refpolicy-standard_2.20120725.bb index 25e94c6..1f3030a 100644 --- a/recipes-security/refpolicy/refpolicy-standard_2.20120725.bb +++ b/recipes-security/refpolicy/refpolicy-standard_2.20120725.bb | |||
| @@ -3,11 +3,12 @@ DESCRIPTION = "\ | |||
| 3 | This is the reference policy for SELinux built with type enforcement \ | 3 | This is the reference policy for SELinux built with type enforcement \ |
| 4 | only." | 4 | only." |
| 5 | 5 | ||
| 6 | PR = "r2" | 6 | PR = "r3" |
| 7 | 7 | ||
| 8 | POLICY_NAME = "standard" | 8 | POLICY_NAME = "standard" |
| 9 | POLICY_TYPE = "standard" | 9 | POLICY_TYPE = "standard" |
| 10 | POLICY_DISTRO = "redhat" | 10 | POLICY_DISTRO = "redhat" |
| 11 | POLICY_UBAC = "n" | ||
| 11 | POLICY_UNK_PERMS = "allow" | 12 | POLICY_UNK_PERMS = "allow" |
| 12 | POLICY_DIRECT_INITRC = "n" | 13 | POLICY_DIRECT_INITRC = "n" |
| 13 | POLICY_MONOLITHIC = "n" | 14 | POLICY_MONOLITHIC = "n" |
diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc index f071f71..9c3d050 100644 --- a/recipes-security/refpolicy/refpolicy_common.inc +++ b/recipes-security/refpolicy/refpolicy_common.inc | |||
| @@ -20,6 +20,7 @@ PARALLEL_MAKE = "" | |||
| 20 | EXTRA_OEMAKE += "NAME=${POLICY_NAME} \ | 20 | EXTRA_OEMAKE += "NAME=${POLICY_NAME} \ |
| 21 | TYPE=${POLICY_TYPE} \ | 21 | TYPE=${POLICY_TYPE} \ |
| 22 | DISTRO=${POLICY_DISTRO} \ | 22 | DISTRO=${POLICY_DISTRO} \ |
| 23 | UBAC=${POLICY_UBAC} \ | ||
| 23 | UNK_PERMS=${POLICY_UNK_PERMS} \ | 24 | UNK_PERMS=${POLICY_UNK_PERMS} \ |
| 24 | DIRECT_INITRC=${POLICY_DIRECT_INITRC} \ | 25 | DIRECT_INITRC=${POLICY_DIRECT_INITRC} \ |
| 25 | MONOLITHIC=${POLICY_MONOLITHIC} \ | 26 | MONOLITHIC=${POLICY_MONOLITHIC} \ |