CaROS/meta-selinux
3
0
Fork 0
mirror of git://git.yoctoproject.org/meta-selinux synced 2026-01-01 13:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
4273eb6d6e
meta-selinux/recipes-security/selinux/selinux-sandbox_3.8.bb
Yi Zhao 4273eb6d6e selinux: upgrade 3.7 -> 3.8 
ChangeLog:
https://github.com/SELinuxProject/selinux/releases/tag/3.8

* libsemanage: Preserve file context and ownership in policy store
* libselinux: deprecate security_disable(3)
* libsepol: Support nlmsg extended permissions
* libsepol: Add policy capability netlink_xperm
* libsemanage: Optionally allow duplicate declarations
* policycoreutils: introduce unsetfiles
* libselinux/utils: introduce selabel_compare
* improved selabel_lookup performance
* libselinux: support parallel usage of selabel_lookup(3)
* libsepol: add support for xperms in conditional policies
* Improved man pages
* Code improvements and bug fixes
* Always build for LFS mode on 32-bit archs.
* libsemanage: Mute error messages from selinux_restorecon introduced in
  3.8-rc1
* Regex spec ordering is restored to pre 3.8-rc1
* Binary fcontext files format changed, files using old format are ignored
* Code improvements and bug fixes

License-Update: White space cleanup for libsemanage/LICENSE

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@siemens.com>
2025-03-07 14:34:45 -05:00

32 lines
828 B
BlitzBasic
Raw Blame History

SUMMARY = "Run cmd under an SELinux sandbox"
DESCRIPTION = "\
Run application within a tightly confined SELinux domain. The default \
sandbox domain only allows applications the ability to read and write \
stdin, stdout and any other file descriptors handed to it."
SECTION = "base"
LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=393a5ca445f6965873eca0259a17f833"
require selinux_common.inc
SRC_URI += "file://sandbox-de-bashify.patch \
"
S = "${WORKDIR}/git/sandbox"
DEPENDS = "libselinux libcap-ng gettext-native"
RDEPENDS:${PN} = "\
python3-core \
python3-math \
python3-shell \
python3-unixadmin \
libselinux-python \
selinux-python \
"
FILES:${PN} += "\
${datadir}/sandbox/sandboxX.sh \
${datadir}/sandbox/start \
"
Reference in New Issue View Git Blame Copy Permalink