summaryrefslogtreecommitdiffstats
path: root/recipes-security/selinux/selinux-sandbox.inc
blob: c8e335a3aa47c52d4e05cc7696cbfcf6b0e4edc6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
SUMMARY = "Run cmd under an SELinux sandbox"
DESCRIPTION = "\
Run application within a tightly confined SELinux domain. The default \
sandbox domain only allows applications the ability to read and write \
stdin, stdout and any other file descriptors handed to it."

SECTION = "base"
LICENSE = "GPLv2+"

SRC_URI += "file://sandbox-de-bashify.patch \
"

DEPENDS += "libcap-ng libselinux"

RDEPENDS_${PN} += "\
        python3-core \
        python3-math \
        python3-shell \
        python3-unixadmin \
        libselinux-python \
        selinux-python \
"

FILES_${PN} += "\
        ${datadir}/sandbox/sandboxX.sh \
        ${datadir}/sandbox/start \
"