From 1fb5922d15574cb4675f44e434391dd0cf93b79f Mon Sep 17 00:00:00 2001
From: Xin Ouyang <Xin.Ouyang@windriver.com>
Date: Fri, 15 Jun 2012 17:57:53 +0800
Subject: selinux: Add bb for default selinux config.

Now, the default policy is "mls".

Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
---
 recipes-security/selinux/selinux-config_0.1.bb | 33 ++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 recipes-security/selinux/selinux-config_0.1.bb

(limited to 'recipes-security/selinux')

diff --git a/recipes-security/selinux/selinux-config_0.1.bb b/recipes-security/selinux/selinux-config_0.1.bb
new file mode 100644
index 0000000..c0ed158
--- /dev/null
+++ b/recipes-security/selinux/selinux-config_0.1.bb
@@ -0,0 +1,33 @@
+DEFAULT_POLICY = "mls"
+
+SUMMARY = "SELinux configuration"
+DESCRIPTION = "\
+This is the configuration files for SELinux on WRLinux system.  \
+"
+
+SECTION = "base"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+PR = "r0"
+
+CONFFILES_${PN} += "${sysconfdir}/selinux/config"
+
+PACKAGE_ARCH = "${MACHINE_ARCH}"
+
+do_install () {
+	echo "\
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+#     enforcing - SELinux security policy is enforced.
+#     permissive - SELinux prints warnings instead of enforcing.
+#     disabled - No SELinux policy is loaded.
+SELINUX=enforcing
+# SELINUXTYPE= can take one of these two values:
+#     standard - Standard Security protection.
+#     mls - Multi Level Security protection.
+SELINUXTYPE=${DEFAULT_POLICY}
+" > ${WORKDIR}/config
+	install -d ${D}/${sysconfdir}/selinux
+	install -m 0644 ${WORKDIR}/config ${D}/${sysconfdir}/selinux/
+}
+
-- 
cgit v1.2.3-54-g00ecf