meta-selinux

mirror of git://git.yoctoproject.org/meta-selinux synced 2026-01-01 13:58:04 +00:00

Author	SHA1	Message	Date
schitrod=cisco.com@lists.yoctoproject.org	bd3902cb93	selinux: Set CVE_PRODUCT The CVE product name for selinux-* package is (usually) the selinux (and not our recipe name), so use selinux as the default. See also: http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html "Results from cve-check are not very good at the moment. One of the reasons for this is that component names used in CVE database differ from yocto recipe names. This series fixes several of those name mapping problems by setting the CVE_PRODUCT correctly in the recipes. To check this mapping with after a build, I'm exporting LICENSE and CVE_PRODUCT variables to buildhistory for recipes and packages." Value added is based on: https://nvd.nist.gov/vuln/search/results?results_type=overview&search_type=all&cpe_product=cpe%3A%2F%3Akernel%3Aselinux Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-05-31 09:43:14 -04:00
Yi Zhao	47858343ed	linux-yocto: drop CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is deprecated and will be rejected in a future kernel release[1]. [1] https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-04-30 21:33:46 -04:00
Yi Zhao	0c8af77822	setools: upgrade 4.1 -> 4.2 ChangeLog: https://github.com/SELinuxProject/setools/releases/tag/4.4.2 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-04-30 21:33:46 -04:00
Yi Zhao	c370b82cde	semodule-utils: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	4da226c5c5	selinux-sandbox: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. * Drop backport patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	06ea8425ae	selinux-gui: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. * Drop backport patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	64be33c89e	selinux-dbus: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	ff424dc4cf	selinux-python: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. * Refresh patch. * Drop backport patch. * Add dependency python3-setuptools-scm-native to fix build error. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	1f4cefc882	restorecond: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	b4385b6746	mcstrans: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	8bd9e77835	policycoreutils: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. * Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	efed45fd9f	secilc: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	4184abc2a6	checkpolicy: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	e582e169c4	libsemanage: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	7c0d8121c3	libselinux-python: upgrade 3.4 -> 3.5 * Add dependency python3-setuptools-scm-native to fix build error. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	4f4946958b	libselinux: upgrade 3.4 -> 3.5 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	a99bb21b0f	libsepol: upgrade 3.4 -> 3.5 License-Update: Rename COPYING to LICENSE. No content changes. * Drop backport patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	2c45147cb8	selinux: upgrade 3.4 -> 3.5 ChangeLog: https://github.com/SELinuxProject/selinux/releases/tag/3.5 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	02348acbf6	refpolicy: update to latest git rev Drop 0003-refpolicy-minimum-make-dbus-module-optional.patch as the issue has been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:02 -04:00
Yi Zhao	e9cea983ee	gitignore: add it Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-27 09:34:01 -04:00
Yi Zhao	91c8ba5814	linux-yocto: drop version from bbappend Make the bbappend available for 5.x and 6.x kernels. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-06 11:04:54 -05:00
Yi Zhao	1e6a19762e	setools: upgrade 4.4.0 -> 4.4.1 Changelog: https://github.com/SELinuxProject/setools/releases/tag/4.4.1 License-Update: Refine COPYING text. No license changes.[1] [1] `fff1906ff4` Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-03-06 11:04:54 -05:00
Yi Zhao	4aed1e830c	layer.conf: update LAYERSERIES_COMPAT for mickledore Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2023-01-17 07:31:54 -05:00
Mingli Yu	696662e9f0	psmisc: move PACKAGECONFIG to oe-core Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=d2aa518163a4836eeb5bf8517456790cba382c2e Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-12-14 20:31:45 -05:00
Mingli Yu	40c6a3dce7	cronie: move PACKAGECONFIG to oe-core Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=fd036af063ef47d8296be909eb5db9bddc05eb6e Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-12-14 20:31:45 -05:00
Mingli Yu	a8c55f9456	util-linux: move PACKAGECONFIG to oe-core Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=c57cc22fad708ac856ac4ebe0a42042031fbf90b Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-12-14 20:31:45 -05:00
Mingli Yu	61a64b0640	iproute2: move PACKAGECONFIG to oe-core Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=067ce90494bc370fc7a271c6a036c414358f0f38 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-12-14 20:31:45 -05:00
Mingli Yu	f6303c0f30	sudo: move PACKAGECONFIG to oe-core Move PACKAGECONFIG setting to oe-core [1] to conform to yocto compliance. [1] https://git.openembedded.org/openembedded-core/commit/?id=5c8e22895709a0ce7ce855468473d9d6d10a1e65 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-12-14 20:31:45 -05:00
Yi Zhao	f6d73a35d3	refpolicy: upgrade 20210908+git -> 20221101+git * Update to latest git rev. * Drop obsolete and useless patches. * Rebase patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-11-23 09:26:29 -05:00
Yi Zhao	e9270d6e58	libsepol: fix build failure for refpolicy-mls Backport a patch to fix build failure for refpolicy-mls: \| Creating mls xserver.pp policy package \| libsepol.validate_user_datum: Invalid user datum \| libsepol.validate_datum_array_entries: Invalid datum array entries \| libsepol.validate_policydb: Invalid policydb \| /buildarea/build/tmp/work/qemux86_64-poky-linux/refpolicy-mls/2.20220520+gitAUTOINC+f311d401cd-r0/recipe-sysroot-native/usr/bin/semodule_package: Error while reading policy module from tmp/xserver.mod \| make: *** [Rules.modular:98: xserver.pp] Error 1 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-11-07 14:19:08 -05:00
Yi Zhao	08a2705c00	base-files: set correct label for /var/volatile By default /var/volatile will be mounted with tmpfs_t instead of var_t label, which will cause us to have to add some extra rules to eliminate avc denials of some services. Set rootcontext for /var/volatile in fstab to make sure it is mounted with correct label. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-11-07 14:19:08 -05:00
Yi Zhao	cccf2bbe02	SELinux-FAQ: remove references to poky-selinux distro Update SELinux-FAQ as the poky-selinux distro has been removed for a long time. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-11-07 14:19:08 -05:00
Yi Zhao	506daf988c	layer.conf: add langdale to LAYERSERIES_COMPAT Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-10-02 21:38:35 -04:00
Oleksiy Obitotskyy	fbb3340b0e	libsemanage: Add python3 to dependencies Recipe have implicit dependency on nativesdk-python, so recipe-sysroot-root populated with python headers. But during build code look for headers into recipe-sysroot. Add python dependency explicitly. Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-10-02 21:38:23 -04:00
Yi Zhao	6683a43e61	setools: fix buildpaths issue Fixes: QA Issue: File /usr/src/debug/setools/4.4.0-r0/setools/policyrep.c in package setools-src contains reference to TMPDIR [buildpaths] Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	02cf8bb65a	semodule-utils: upgrade 3.3 -> 3.4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	e37231db76	selinux-sandbox: upgrade 3.3 -> 3.4 * Backport a patch to fix chcat runtime error. * Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	cf3c9d14de	selinux-gui: upgrade 3.3 -> 3.4 Backport a patch to fix chcat runtime error. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	b2d237954f	selinux-dbus: upgrade 3.3 -> 3.4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	f355a62016	selinux-python: upgrade 3.3 -> 3.4 * Backport a patch to fix chcat runtime error. * Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	420efa1ba2	restorecond: upgrade 3.3 -> 3.4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	123166b8c3	mcstrans: upgrade 3.3 -> 3.4 Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	7d634556b0	policycoreutils: upgrade 3.3 -> 3.4 Refresh patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	74b2eb2da9	secilc: upgrade 3.3 -> 3.4 Use precise license BSD-2-Clause instead of license BSD. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:59 -04:00
Yi Zhao	1f550adf05	checkpolicy: upgrade 3.3 -> 3.4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:58 -04:00
Yi Zhao	76cb1e8caf	libsemanage: upgrade 3.3 -> 3.4 Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:58 -04:00
Yi Zhao	b452f8c085	libselinux-python: upgrade 3.3 -> 3.4 * Use libpcre2 instead of libpcre. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:58 -04:00
Yi Zhao	3b8a799fa9	libselinux: upgrade 3.3 -> 3.4 Use libpcre2 instead of libpcre. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:57 -04:00
Yi Zhao	d97c3636d2	libsepol: upgrade 3.3 -> 3.4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:57 -04:00
Yi Zhao	1485dd7fb9	selinux: upgrade 3.3 -> 3.4 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>	2022-08-28 13:54:57 -04:00

1 2 3 4 5 ...

961 Commits