summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* linux-yocto: drop CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUEYi Zhao2023-04-301-1/+0
| | | | | | | | | | CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is deprecated and will be rejected in a future kernel release[1]. [1] https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* setools: upgrade 4.1 -> 4.2Yi Zhao2023-04-301-1/+1
| | | | | | | | ChangeLog: https://github.com/SELinuxProject/setools/releases/tag/4.4.2 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* semodule-utils: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-sandbox: upgrade 3.4 -> 3.5Yi Zhao2023-03-272-51/+1
| | | | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. * Drop backport patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-gui: upgrade 3.4 -> 3.5Yi Zhao2023-03-272-202/+1
| | | | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. * Drop backport patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-dbus: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-python: upgrade 3.4 -> 3.5Yi Zhao2023-03-273-186/+19
| | | | | | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. * Refresh patch. * Drop backport patch. * Add dependency python3-setuptools-scm-native to fix build error. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* restorecond: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* mcstrans: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* policycoreutils: upgrade 3.4 -> 3.5Yi Zhao2023-03-272-6/+6
| | | | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. * Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* secilc: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* checkpolicy: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libsemanage: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-6/+7
| | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libselinux-python: upgrade 3.4 -> 3.5Yi Zhao2023-03-273-15/+19
| | | | | | | | * Add dependency python3-setuptools-scm-native to fix build error. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libselinux: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-0/+0
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libsepol: upgrade 3.4 -> 3.5Yi Zhao2023-03-272-83/+1
| | | | | | | | | License-Update: Rename COPYING to LICENSE. No content changes. * Drop backport patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | | ChangeLog: https://github.com/SELinuxProject/selinux/releases/tag/3.5 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* refpolicy: update to latest git revYi Zhao2023-03-273-38/+1
| | | | | | | | Drop 0003-refpolicy-minimum-make-dbus-module-optional.patch as the issue has been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* gitignore: add itYi Zhao2023-03-271-0/+7
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* linux-yocto: drop version from bbappendYi Zhao2023-03-061-0/+0
| | | | | | | Make the bbappend available for 5.x and 6.x kernels. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* setools: upgrade 4.4.0 -> 4.4.1Yi Zhao2023-03-061-2/+2
| | | | | | | | | | | | Changelog: https://github.com/SELinuxProject/setools/releases/tag/4.4.1 License-Update: Refine COPYING text. No license changes.[1] [1] https://github.com/SELinuxProject/setools/commit/fff1906ff436835108b62bf46616e19705183dfb Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* layer.conf: update LAYERSERIES_COMPAT for mickledoreYi Zhao2023-01-171-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* psmisc: move PACKAGECONFIG to oe-coreMingli Yu2022-12-141-1/+0
| | | | | | | | | Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=d2aa518163a4836eeb5bf8517456790cba382c2e Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* cronie: move PACKAGECONFIG to oe-coreMingli Yu2022-12-141-1/+0
| | | | | | | | | Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=fd036af063ef47d8296be909eb5db9bddc05eb6e Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* util-linux: move PACKAGECONFIG to oe-coreMingli Yu2022-12-141-1/+0
| | | | | | | | | Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=c57cc22fad708ac856ac4ebe0a42042031fbf90b Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* iproute2: move PACKAGECONFIG to oe-coreMingli Yu2022-12-141-1/+0
| | | | | | | | | Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=067ce90494bc370fc7a271c6a036c414358f0f38 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* sudo: move PACKAGECONFIG to oe-coreMingli Yu2022-12-141-3/+0
| | | | | | | | | Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=5c8e22895709a0ce7ce855468473d9d6d10a1e65 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* refpolicy: upgrade 20210908+git -> 20221101+gitlangdaleYi Zhao2022-11-2381-1636/+556
| | | | | | | | | * Update to latest git rev. * Drop obsolete and useless patches. * Rebase patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libsepol: fix build failure for refpolicy-mlsYi Zhao2022-11-072-0/+82
| | | | | | | | | | | | | | Backport a patch to fix build failure for refpolicy-mls: | Creating mls xserver.pp policy package | libsepol.validate_user_datum: Invalid user datum | libsepol.validate_datum_array_entries: Invalid datum array entries | libsepol.validate_policydb: Invalid policydb | /buildarea/build/tmp/work/qemux86_64-poky-linux/refpolicy-mls/2.20220520+gitAUTOINC+f311d401cd-r0/recipe-sysroot-native/usr/bin/semodule_package: Error while reading policy module from tmp/xserver.mod | make: *** [Rules.modular:98: xserver.pp] Error 1 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* base-files: set correct label for /var/volatileYi Zhao2022-11-072-0/+14
| | | | | | | | | | | | By default /var/volatile will be mounted with tmpfs_t instead of var_t label, which will cause us to have to add some extra rules to eliminate avc denials of some services. Set rootcontext for /var/volatile in fstab to make sure it is mounted with correct label. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* SELinux-FAQ: remove references to poky-selinux distroYi Zhao2022-11-071-4/+2
| | | | | | | | Update SELinux-FAQ as the poky-selinux distro has been removed for a long time. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* layer.conf: add langdale to LAYERSERIES_COMPATYi Zhao2022-10-021-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libsemanage: Add python3 to dependenciesOleksiy Obitotskyy2022-10-021-1/+1
| | | | | | | | | | Recipe have implicit dependency on nativesdk-python, so recipe-sysroot-root populated with python headers. But during build code look for headers into recipe-sysroot. Add python dependency explicitly. Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* setools: fix buildpaths issueYi Zhao2022-08-281-16/+17
| | | | | | | | | Fixes: QA Issue: File /usr/src/debug/setools/4.4.0-r0/setools/policyrep.c in package setools-src contains reference to TMPDIR [buildpaths] Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* semodule-utils: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-7/+4
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-sandbox: upgrade 3.3 -> 3.4Yi Zhao2022-08-283-6/+57
| | | | | | | | * Backport a patch to fix chcat runtime error. * Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-gui: upgrade 3.3 -> 3.4Yi Zhao2022-08-282-1/+203
| | | | | | | Backport a patch to fix chcat runtime error. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-dbus: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux-python: upgrade 3.3 -> 3.4Yi Zhao2022-08-283-27/+201
| | | | | | | | * Backport a patch to fix chcat runtime error. * Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* restorecond: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-3/+3
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* mcstrans: upgrade 3.3 -> 3.4Yi Zhao2022-08-283-11/+11
| | | | | | | Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* policycoreutils: upgrade 3.3 -> 3.4Yi Zhao2022-08-282-43/+43
| | | | | | | Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* secilc: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-2/+2
| | | | | | | Use precise license BSD-2-Clause instead of license BSD. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* checkpolicy: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-4/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libsemanage: upgrade 3.3 -> 3.4Yi Zhao2022-08-284-17/+18
| | | | | | | Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libselinux-python: upgrade 3.3 -> 3.4Yi Zhao2022-08-283-14/+15
| | | | | | | | * Use libpcre2 instead of libpcre. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libselinux: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-4/+3
| | | | | | | Use libpcre2 instead of libpcre. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* libsepol: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-5/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* refpolicy: add file context for findfs alternativeYi Zhao2022-07-062-0/+30
| | | | | | | Add file context for findfs alternative which is provided by util-linux. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>