refpolicy: upgrade 20210908+git -> 20221101+gitlangdale

* Update to latest git rev. * Drop obsolete and useless patches. * Rebase patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Yi Zhao <yi.zhao@windriver.com> 2022-11-09 12:30:58 +0800
committer: Joe MacDonald <joe@deserted.net> 2022-11-23 09:26:29 -0500
commit: f6d73a35d3853ab09297fa1738890706901f43b8 (patch)
tree: ade400c3827c3a84dbda977da7894c275b711de1 /recipes-security/refpolicy/refpolicy-minimum_git.bb
parent: e9270d6e5889a854edd1305b91d3e5c7268d0cb8 (diff)
download: meta-selinux-langdale.tar.gz
1 files changed, 45 insertions, 46 deletions
diff --git a/recipes-security/refpolicy/refpolicy-minimum_git.bb b/recipes-security/refpolicy/refpolicy-minimum_git.bb
index 2e95b9f..a50a4cd 100644
--- a/recipes-security/refpolicy/refpolicy-minimum_git.bb
+++ b/recipes-security/refpolicy/refpolicy-minimum_git.bb
@@ -14,28 +14,28 @@ domains are unconfined. \
 SRC_URI += " \
        file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \
        file://0002-refpolicy-minimum-make-xdg-module-optional.patch \
-        file://0003-refpolicy-minimum-enable-nscd_use_shm.patch \
+        file://0003-refpolicy-minimum-make-dbus-module-optional.patch \
        "
 POLICY_NAME = "minimum"
 CORE_POLICY_MODULES = "unconfined \
-        selinuxutil \
+    selinuxutil \
-        storage \
+    storage \
-        sysnetwork \
+    sysnetwork \
-        application \
+    application \
-        libraries \
+    libraries \
-        miscfiles \
+    miscfiles \
-        logging \
+    logging \
-        userdomain \
+    userdomain \
-        init \
+    init \
-        mount \
+    mount \
-        modutils \
+    modutils \
-        getty \
+    getty \
-        authlogin \
+    authlogin \
-        locallogin \
+    locallogin \
-        "
+    "
-#systemd dependent policy modules
+# systemd dependent policy modules
 CORE_POLICY_MODULES += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'clock systemd udev fstools dbus', '', d)}"
 # nscd caches libc-issued requests to the name service.
@@ -60,39 +60,38 @@ EXTRA_POLICY_MODULES += "modutils consoletype hostname netutils"
 # 
 # PURGE_POLICY_MODULES += "xdg xen"
 POLICY_MODULES_MIN = "${CORE_POLICY_MODULES} ${EXTRA_POLICY_MODULES}"
-# re-write the same func from refpolicy_common.inc
+# Re-write the same func from refpolicy_common.inc
-prepare_policy_store () {
+prepare_policy_store() {
-        oe_runmake 'DESTDIR=${D}' 'prefix=${D}${prefix}' install
+    oe_runmake 'DESTDIR=${D}' 'prefix=${D}${prefix}' install
-        POL_PRIORITY=100
+    POL_PRIORITY=100
-        POL_SRC=${D}${datadir}/selinux/${POLICY_NAME}
+    POL_SRC=${D}${datadir}/selinux/${POLICY_NAME}
-        POL_STORE=${D}${localstatedir}/lib/selinux/${POLICY_NAME}
+    POL_STORE=${D}${localstatedir}/lib/selinux/${POLICY_NAME}
-        POL_ACTIVE_MODS=${POL_STORE}/active/modules/${POL_PRIORITY}
+    POL_ACTIVE_MODS=${POL_STORE}/active/modules/${POL_PRIORITY}
-        # Prepare to create policy store
+    # Prepare to create policy store
-        mkdir -p ${POL_STORE}
+    mkdir -p ${POL_STORE}
-        mkdir -p ${POL_ACTIVE_MODS}
+    mkdir -p ${POL_ACTIVE_MODS}
-        # get hll type from suffix on base policy module
+    # Get hll type from suffix on base policy module
-        HLL_TYPE=$(echo ${POL_SRC}/base.* | awk -F . '{if (NF>1) {print $NF}}')
+    HLL_TYPE=$(echo ${POL_SRC}/base.* | awk -F . '{if (NF>1) {print $NF}}')
-        HLL_BIN=${STAGING_DIR_NATIVE}${prefix}/libexec/selinux/hll/${HLL_TYPE}
+    HLL_BIN=${STAGING_DIR_NATIVE}${prefix}/libexec/selinux/hll/${HLL_TYPE}
-        for i in base ${POLICY_MODULES_MIN}; do
+    for i in base ${POLICY_MODULES_MIN}; do
-                MOD_FILE=${POL_SRC}/${i}.${HLL_TYPE}
+        MOD_FILE=${POL_SRC}/${i}.${HLL_TYPE}
-                MOD_DIR=${POL_ACTIVE_MODS}/${i}
+        MOD_DIR=${POL_ACTIVE_MODS}/${i}
-                mkdir -p ${MOD_DIR}
+        mkdir -p ${MOD_DIR}
-                echo -n "${HLL_TYPE}" > ${MOD_DIR}/lang_ext
+        echo -n "${HLL_TYPE}" > ${MOD_DIR}/lang_ext
-                if ! bzip2 -t ${MOD_FILE} >/dev/null 2>&1; then
+        if ! bzip2 -t ${MOD_FILE} >/dev/null 2>&1; then
-                        ${HLL_BIN} ${MOD_FILE} | bzip2 --stdout > ${MOD_DIR}/cil
+            ${HLL_BIN} ${MOD_FILE} | bzip2 --stdout > ${MOD_DIR}/cil
-                        bzip2 -f ${MOD_FILE} && mv -f ${MOD_FILE}.bz2 ${MOD_FILE}
+            bzip2 -f ${MOD_FILE} && mv -f ${MOD_FILE}.bz2 ${MOD_FILE}
-                else
+        else
-                        bunzip2 --stdout ${MOD_FILE} | \
+            bunzip2 --stdout ${MOD_FILE} | \
-                                ${HLL_BIN} | \
+                ${HLL_BIN} | \
-                                bzip2 --stdout > ${MOD_DIR}/cil
+                bzip2 --stdout > ${MOD_DIR}/cil
-                fi
+        fi
-                cp ${MOD_FILE} ${MOD_DIR}/hll
+        cp ${MOD_FILE} ${MOD_DIR}/hll
-        done
+    done
 }
author	Yi Zhao <yi.zhao@windriver.com>	2022-11-09 12:30:58 +0800
committer	Joe MacDonald <joe@deserted.net>	2022-11-23 09:26:29 -0500
commit	f6d73a35d3853ab09297fa1738890706901f43b8 (patch)
tree	ade400c3827c3a84dbda977da7894c275b711de1 /recipes-security/refpolicy/refpolicy-minimum_git.bb
parent	e9270d6e5889a854edd1305b91d3e5c7268d0cb8 (diff)
download	meta-selinux-langdale.tar.gz

diff --git a/recipes-security/refpolicy/refpolicy-minimum_git.bb b/recipes-security/refpolicy/refpolicy-minimum_git.bb index 2e95b9f..a50a4cd 100644 --- a/recipes-security/refpolicy/refpolicy-minimum_git.bb +++ b/recipes-security/refpolicy/refpolicy-minimum_git.bb
@@ -14,28 +14,28 @@ domains are unconfined. \
14	SRC_URI += " \	14	SRC_URI += " \
15	file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \	15	file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \
16	file://0002-refpolicy-minimum-make-xdg-module-optional.patch \	16	file://0002-refpolicy-minimum-make-xdg-module-optional.patch \
17	file://0003-refpolicy-minimum-enable-nscd_use_shm.patch \	17	file://0003-refpolicy-minimum-make-dbus-module-optional.patch \
18	"	18	"
19		19
20	POLICY_NAME = "minimum"	20	POLICY_NAME = "minimum"
21		21
22	CORE_POLICY_MODULES = "unconfined \	22	CORE_POLICY_MODULES = "unconfined \
23	selinuxutil \	23	selinuxutil \
24	storage \	24	storage \
25	sysnetwork \	25	sysnetwork \
26	application \	26	application \
27	libraries \	27	libraries \
28	miscfiles \	28	miscfiles \
29	logging \	29	logging \
30	userdomain \	30	userdomain \
31	init \	31	init \
32	mount \	32	mount \
33	modutils \	33	modutils \
34	getty \	34	getty \
35	authlogin \	35	authlogin \
36	locallogin \	36	locallogin \
37	"	37	"
38	#systemd dependent policy modules	38	# systemd dependent policy modules
39	CORE_POLICY_MODULES += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'clock systemd udev fstools dbus', '', d)}"	39	CORE_POLICY_MODULES += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'clock systemd udev fstools dbus', '', d)}"
40		40
41	# nscd caches libc-issued requests to the name service.	41	# nscd caches libc-issued requests to the name service.
@@ -60,39 +60,38 @@ EXTRA_POLICY_MODULES += "modutils consoletype hostname netutils"
60	#	60	#
61	# PURGE_POLICY_MODULES += "xdg xen"	61	# PURGE_POLICY_MODULES += "xdg xen"
62		62
63
64	POLICY_MODULES_MIN = "${CORE_POLICY_MODULES} ${EXTRA_POLICY_MODULES}"	63	POLICY_MODULES_MIN = "${CORE_POLICY_MODULES} ${EXTRA_POLICY_MODULES}"
65		64
66	# re-write the same func from refpolicy_common.inc	65	# Re-write the same func from refpolicy_common.inc
67	prepare_policy_store () {	66	prepare_policy_store() {
68	oe_runmake 'DESTDIR=${D}' 'prefix=${D}${prefix}' install	67	oe_runmake 'DESTDIR=${D}' 'prefix=${D}${prefix}' install
69	POL_PRIORITY=100	68	POL_PRIORITY=100
70	POL_SRC=${D}${datadir}/selinux/${POLICY_NAME}	69	POL_SRC=${D}${datadir}/selinux/${POLICY_NAME}
71	POL_STORE=${D}${localstatedir}/lib/selinux/${POLICY_NAME}	70	POL_STORE=${D}${localstatedir}/lib/selinux/${POLICY_NAME}
72	POL_ACTIVE_MODS=${POL_STORE}/active/modules/${POL_PRIORITY}	71	POL_ACTIVE_MODS=${POL_STORE}/active/modules/${POL_PRIORITY}
73		72
74	# Prepare to create policy store	73	# Prepare to create policy store
75	mkdir -p ${POL_STORE}	74	mkdir -p ${POL_STORE}
76	mkdir -p ${POL_ACTIVE_MODS}	75	mkdir -p ${POL_ACTIVE_MODS}
77		76
78	# get hll type from suffix on base policy module	77	# Get hll type from suffix on base policy module
79	HLL_TYPE=$(echo ${POL_SRC}/base.* \| awk -F . '{if (NF>1) {print $NF}}')	78	HLL_TYPE=$(echo ${POL_SRC}/base.* \| awk -F . '{if (NF>1) {print $NF}}')
80	HLL_BIN=${STAGING_DIR_NATIVE}${prefix}/libexec/selinux/hll/${HLL_TYPE}	79	HLL_BIN=${STAGING_DIR_NATIVE}${prefix}/libexec/selinux/hll/${HLL_TYPE}
81		80
82	for i in base ${POLICY_MODULES_MIN}; do	81	for i in base ${POLICY_MODULES_MIN}; do
83	MOD_FILE=${POL_SRC}/${i}.${HLL_TYPE}	82	MOD_FILE=${POL_SRC}/${i}.${HLL_TYPE}
84	MOD_DIR=${POL_ACTIVE_MODS}/${i}	83	MOD_DIR=${POL_ACTIVE_MODS}/${i}
85	mkdir -p ${MOD_DIR}	84	mkdir -p ${MOD_DIR}
86	echo -n "${HLL_TYPE}" > ${MOD_DIR}/lang_ext	85	echo -n "${HLL_TYPE}" > ${MOD_DIR}/lang_ext
87		86
88	if ! bzip2 -t ${MOD_FILE} >/dev/null 2>&1; then	87	if ! bzip2 -t ${MOD_FILE} >/dev/null 2>&1; then
89	${HLL_BIN} ${MOD_FILE} \| bzip2 --stdout > ${MOD_DIR}/cil	88	${HLL_BIN} ${MOD_FILE} \| bzip2 --stdout > ${MOD_DIR}/cil
90	bzip2 -f ${MOD_FILE} && mv -f ${MOD_FILE}.bz2 ${MOD_FILE}	89	bzip2 -f ${MOD_FILE} && mv -f ${MOD_FILE}.bz2 ${MOD_FILE}
91	else	90	else
92	bunzip2 --stdout ${MOD_FILE} \| \	91	bunzip2 --stdout ${MOD_FILE} \| \
93	${HLL_BIN} \| \	92	${HLL_BIN} \| \
94	bzip2 --stdout > ${MOD_DIR}/cil	93	bzip2 --stdout > ${MOD_DIR}/cil
95	fi	94	fi
96	cp ${MOD_FILE} ${MOD_DIR}/hll	95	cp ${MOD_FILE} ${MOD_DIR}/hll
97	done	96	done
98	}	97	}