libsemanage no longer has the !BR2_arc dependency, so we can drop it
as well from policycoreutils. In practice, we still can't select
policycoreutils on ARC due to BR2_PACKAGE_AUDIT_ARCH_SUPPORTS.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Now that libsemanage is available on non-glibc configurations, we can
also allow the selection of policycoreutils for such configurations.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Policycoreutils was broken up into several packages, as such several
changes needed to happen for this patch to work:
- Remove patches 3, 4, and 5 as they no longer apply.
- Refresh patches 1 and 2 to work with version 2.7
- Remove semodule_${deps,expand,link,package} and sestatus from the makedirs
in the mk file.
- Remove restorecond from the make and config file. (Seperate package)
- Remove Audit2allow from the make and config file. (In a different package)
- Remove the package sepolgen
- Add the package selinux-python
- Add the package restorecond
- Add the package semodule-utils
- Add the relevant Config.in.legacy options into the menu.
Because these are utilities that work on top of python, the older versions of
these utilites still work, and as such this should be a single patch.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This python utility scans the logs for messages logged when the system
denied permission for operations, and generates a snippet of policy
rules which, if loaded into policy, might have allowed those operations
to succeed. However, this utility only generates Type Enforcement (TE)
allow rules.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas: adjust Config.in to propagate the dependencies of sepolgen,
checkpolicy and python3.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This package contains the core policy utilities that are required
for basic operation of an SELinux system.
Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
Tested-by: Bryce Ferguson <bryce.ferguson@rockwellcollins.com>
Signed-off-by: Bryce Ferguson <bryce.ferguson@rockwellcollins.com>
[Thomas:
- Move the Config.in comment at the top of the Config.in file rather
than between the main option and its sub-options, as this breaks
menuconfig indentation.
- Fix the propagation of the libsemanage dependencies. libsemanage
depends on BR2_PACKAGE_AUDIT_ARCH_SUPPORTS and
BR2_TOOLCHAIN_USES_GLIBC which were not accounted for. Since it
depends on BR2_TOOLCHAIN_USES_GLIBC, then all the gettext related
handling becomes useless and has been removed.
- Rename the prompt of the restorecond sub-option to just
"restorecond".
- Use TARGET_CONFIGURE_OPTS and HOST_CONFIGURE_OPTS instead of
passing LDFLAGS, CC, etc. manually.
- Use make "foreach" function for loops instead of shell "for" loops.
- Rework the explanation of why we're passing DESTDIR at build time.
- Minor formatting tweaks here and there.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
