summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* refpolicy: xconsole_device_t as a dev_nodeXin Ouyang2012-10-182-0/+28
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* refpolicy: add poky specific rules for packages.Xin Ouyang2012-10-1811-0/+735
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* refpolicy: Fix specific file contexts for pokyXin Ouyang2012-10-188-2/+245
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* refpolicy: uprev to version 2.20120725.Xin Ouyang2012-10-187-1554/+14
| | | | | | | | | | | Patches are migrated or droped for new version. * poky-fc-etc_init.d.patch: droped because file_contexts.subs_dist is defined to instead. * fix-mount-to-write-mountpoints-dirs.patch: droped because the rules is not needed now. * poky-fc-update-alternatives_sysvinit.patch: migrated. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* libcap-ng: pythonnative, add swig-native dependXin Ouyang2012-10-152-8/+6
| | | | | | | libcap-ng need native python while do_configure, and native swig while do_compile, so add them. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* policycoreutils: disable QA checkes for fixfiles.Xin Ouyang2012-10-112-2/+6
| | | | | | | | | | | | | | | | fixfiles in /sbin would run some /usr/bin binaries to cause these QA warnings. WARNING: Shell scripts in base_bindir and base_sbindir should not reference anything in exec_prefix Since fixfiles is installed into /sbin in most Linux distros, changing this path may cause runtime errors for some hard coded binaries. So, disable unsafe-references-in-scripts QA checkes. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* audit: fix package issues.Xin Ouyang2012-10-111-9/+20
| | | | | | | | | | | | Rename two packages and change files in them. * audit-libs -> audit : main package, for libraries * audit -> auditd : for daemon binaries Libraries are changed to install into ${base_libdir}. The two fixes are used to fix QA issues and fit the Debian policy. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* libselinux: fix Public Domain license warning.Xin Ouyang2012-10-092-4/+4
| | | | | | | The "Public Domain" license now has a common license file placed as PD in Poky/oe-core, so fix this. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* selinux recipes: inherit pythonnativeXin Ouyang2012-09-265-10/+14
| | | | | | | With new changes in oe-core, recipes which need python-native should "inherit pythonnative". Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* policycoreutils: fix build with pam DISTRO_FEATUREXin Ouyang2012-09-242-4/+4
| | | | | | | If no pam DISTRO_FEATURE, policycoreutils should not build with libpam headers and libraries. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* setools: inherit pythonnativeXin Ouyang2012-09-201-3/+3
| | | | | | | With new changes in oe-core, recipes which need python-native should "inherit pythonnative". Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* audit-2.2.1: copy bits/socket_type.h only if it existsXin Ouyang2012-09-071-2/+6
| | | | | | | | | eglibc-2.16 splits enum __socket_type from bits/socket.h to bits/socket_type.h, so old eglibc does not have bits/socket_type.h We should copy it only if it exists. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* rpm: fix depend for selinux enabledXin Ouyang2012-08-211-2/+2
| | | | | | | The depends should be: libsepol -> libselinux -> libsemanage -> rpm Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* pam-1.1.6: fix wrong path for sepermit moduleXin Ouyang2012-08-212-1/+37
| | | | | | | | | Fix this error: =================== | mkdir -p /var/run/sepermit | mkdir: cannot create directory `/var/run/sepermit': Permission denied Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* selinux-task: add necessary packages for selinuxXin Ouyang2012-08-211-0/+4
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* libpam: change to 1.1.6 for poky master.Xin Ouyang2012-08-201-0/+0
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* policycoreutils: rewrite DEPENDS for libcap-ng&libcgroup&pamXin Ouyang2012-08-171-2/+2
| | | | | | | | | EXTRA_DEPENDS is still not null while building native packages, this will add useless depends for libcap-ng&libcgroup&pam and cause build errors. So rewrite these DEPENDS. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* libselinux: Fix indent warning for python codes.Xin Ouyang2012-08-172-10/+10
| | | | | | | | | Fix these warnings: =================== WARNING: Variable get_git_policyconfigarch contains tabs, please remove these(....) Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* audit-2.2.1: Add bits/socket_type.h from target libc-headers.Xin Ouyang2012-08-171-0/+1
| | | | | | | | We have copied some target kernel headers in 72fb6da. We may get build failures because of missing bits/socket_type.h on some hosts, so add it. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* findutils-4.4.2: suitable version of gnulib for selinuxXin Ouyang2012-08-133-39/+61
| | | | | | | Add a suitable version of gnulib into SRC_URI, and run import-gnulib.sh to update it. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* Fetch selinux-at module from gnulib repoAws Ismail2012-08-103-1296/+41
| | | | | | | | | | | | | | | [ CQID: WIND00365962 ] Rather than following the approach in findutils-with-selinux-gnulib.patch, the import-gnulib configuration was modified to enable fetching the latest updates related to selinux support. Specifically, selinux-at module is now in fetched in gnulib in order for it be used by findutils if selinux is enabled. Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
* audit: inherit pythonnativeXin Ouyang2012-08-032-2/+2
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* README: Update readme to conform to Yocto Project compliance guidelinesMark Hatle2012-07-301-0/+37
| | | | | | | | | | The compliane guidelines required: layers contain a README file which details the origin of the layer, its maintainer, where to submit changes, and any dependencies or version requirements Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
* findutils-4.4.2: fix build failure while no selinux disto_feature.Xin Ouyang2012-07-283-154/+278
| | | | | | | | | | Current patches for selinux simply add selinux codes without conditional switches. And also, the gnulib patch is incomplete. These will cause build failures while we include selinux layers but do not specify selinux in DISTO_FEATURES. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* policycoreutils: remove format-security from CFLAGS.Xin Ouyang2012-07-233-2/+35
| | | | | | | | Remove -Wno-error=format-security from CFLAGS. and add a patch so we can build policycoreutils if -Werror=format-security enabled. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* glib-2.0: new version 2.32.4Xin Ouyang2012-07-191-0/+0
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* refpolicy: add policy patches for Yocto.Xin Ouyang2012-07-194-0/+1591
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* kernel: bbappend to enable SELinux, v3.4.Xin Ouyang2012-07-191-0/+7
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* selinux-task: add selinux-configXin Ouyang2012-07-191-0/+1
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* Revert "rpm: fix patch not found bug with old oe-core."Xin Ouyang2012-07-191-1/+1
| | | | This reverts commit b1c47e89858b2571d2f75375777f3dd541783a59.
* rpm: fix patch not found bug with old oe-core.Xin Ouyang2012-07-031-1/+1
| | | | | | | | | | NOTE: package rpm-native-5.4.9-r44.1: task do_fetch: Started ERROR: Error executing a python function in .../meta/recipes-devtools/rpm/rpm_5.4.9.bb: IOError: [Errno 2] No such file or directory: '.../rpm-fix-build-bug.patch' Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* python-ipy: rename to fix opkg-build error.Xin Ouyang2012-06-293-2/+2
| | | | | | *** Error: Package name contains illegal characters, (other than [a-z0-9.+-]) Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* ustr: fix wrong packages split.Xin Ouyang2012-06-291-6/+2
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* sudo: uprev to 1.8.5p2Xin Ouyang2012-06-281-0/+0
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* psmisc: uprev to 22.19Xin Ouyang2012-06-281-0/+0
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* util-linux: uprev to 2.21.2Xin Ouyang2012-06-281-0/+0
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* audit: Add .h files from target libc-headers.Xin Ouyang2012-06-281-0/+16
| | | | | | | | | | | | | Just like audit_2.1.3.bb. The executables in lib/, which are named as gen_*_h, will run on the hosts to create *_tables.h/*tabs.h header files for the targets. In some old hosts, build will fail because .h files in the old linux-libc-headers (<= 2.6.29) has incomplete DEFINE lists for the audit system. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* findutils: 4.4.2, support selinuxXin Ouyang2012-06-283-0/+1708
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* findutils: 4.2.31, support selinuxXin Ouyang2012-06-282-0/+508
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* parted: Build with selinux support.Xin Ouyang2012-06-281-0/+5
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* rpm: Build with selinux support.Xin Ouyang2012-06-282-0/+39
| | | | | Acked-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* logrotate: Support selinuxXiaofeng Yan2012-06-251-0/+5
| | | | | | | Add the selinux support for logrotate. Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* util-linux: Support selinuxXiaofeng Yan2012-06-252-0/+24
| | | | | | | Add the selinux support for util-linux. Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* dbus:Support selinuxXiaofeng Yan2012-06-251-0/+5
| | | | | | | Add the selinux support for dbus. Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* udev: Build with selinux support.Xin Ouyang2012-06-201-0/+5
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* audit: fix python header path in configure.acXin Ouyang2012-06-202-1/+31
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* audit: Uprev auditAmy Fong2012-06-184-0/+554
| | | | | | | | | | | The recipe is derived from 2.1.3 with some changes made. 1. configuration files are updated to look for sbin binaries in /usr/sbin 2. a init.d file was derived from Debian to work with busybox's start-stop-daemon 3. the plugin package contents was fine tuned as some of the files from 2.1.3 were required to let audit run. Signed-off-by: Amy Fong <amy.fong@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
* sudo: Build with selinux support.Xin Ouyang2012-06-151-0/+5
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* glib-2.0: Build with selinux support.Xin Ouyang2012-06-151-0/+5
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
* openssh: Build with selinux support.Xin Ouyang2012-06-151-0/+5
| | | | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>