mirror of
git://git.yoctoproject.org/meta-selinux
synced 2026-01-01 13:58:04 +00:00
e506763d39
ChangeLog: https://github.com/SELinuxProject/selinux/releases/tag/3.7 * audit2allow -C for CIL output mode * sepolgen: adjust parse for refpolicy * semanage: Allow modifying records on "add" * semanage: Do not sort local fcontext definitions * Improved man pages * checkpolicy: support CIDR notation for nodecon statements * sandbox: Add support for Wayland * Code improvements and bug fixes Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe.macdonald@siemens.com>
32 lines
828 B
BlitzBasic
32 lines
828 B
BlitzBasic
SUMMARY = "Run cmd under an SELinux sandbox"
|
|
DESCRIPTION = "\
|
|
Run application within a tightly confined SELinux domain. The default \
|
|
sandbox domain only allows applications the ability to read and write \
|
|
stdin, stdout and any other file descriptors handed to it."
|
|
SECTION = "base"
|
|
LICENSE = "GPL-2.0-or-later"
|
|
LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=393a5ca445f6965873eca0259a17f833"
|
|
|
|
require selinux_common.inc
|
|
|
|
SRC_URI += "file://sandbox-de-bashify.patch \
|
|
"
|
|
|
|
S = "${WORKDIR}/git/sandbox"
|
|
|
|
DEPENDS = "libselinux libcap-ng gettext-native"
|
|
|
|
RDEPENDS:${PN} = "\
|
|
python3-core \
|
|
python3-math \
|
|
python3-shell \
|
|
python3-unixadmin \
|
|
libselinux-python \
|
|
selinux-python \
|
|
"
|
|
|
|
FILES:${PN} += "\
|
|
${datadir}/sandbox/sandboxX.sh \
|
|
${datadir}/sandbox/start \
|
|
"
|