CaROS/meta-selinux
3
0
Fork 0
mirror of git://git.yoctoproject.org/meta-selinux synced 2026-01-01 13:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,011 Commits 28 Branches 0 Tags 2.4 MiB
BitBake 45.2%
Shell 23.5%
PHP 20.8%
C++ 6.8%
Pascal 2.1%
Other 1.6%
f0548e8c70
Go to file
Yi Zhao f0548e8c70 Fwd: [yocto-patches] [meta-selinux][PATCH 2/2] README: remove outdated section 
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Received: from MW4PR11MB6983.namprd11.prod.outlook.com (2603:10b6:303:226::12)
 by DS0PR11MB6399.namprd11.prod.outlook.com with HTTPS; Fri, 21 Jun 2024
 12:13:05 +0000
Received: from DM6PR17CA0028.namprd17.prod.outlook.com (2603:10b6:5:1b3::41)
 by MW4PR11MB6983.namprd11.prod.outlook.com (2603:10b6:303:226::12) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7698.24; Fri, 21 Jun
 2024 12:13:01 +0000
Received: from CY4PEPF0000E9CF.namprd03.prod.outlook.com
 (2603:10b6:5:1b3:cafe::64) by DM6PR17CA0028.outlook.office365.com
 (2603:10b6:5:1b3::41) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7677.32 via Frontend
 Transport; Fri, 21 Jun 2024 12:13:01 +0000
Authentication-Results: spf=softfail (sender IP is 205.220.178.238)
 smtp.mailfrom=lists.yoctoproject.org; dkim=pass (signature was verified)
 header.d=lists.yoctoproject.org;dmarc=pass action=none
 header.from=lists.yoctoproject.org;compauth=pass reason=100
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning
 lists.yoctoproject.org discourages use of 205.220.178.238 as permitted
 sender)
Received: from mx0b-0064b401.pphosted.com (205.220.178.238) by
 CY4PEPF0000E9CF.mail.protection.outlook.com (10.167.241.134) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.7677.15 via Frontend Transport; Fri, 21 Jun 2024 12:13:00 +0000
Received: from pps.filterd (m0250811.ppops.net [127.0.0.1])
	by mx0a-0064b401.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 45LA0WVw013142
	for <yi.zhao@eng.windriver.com>; Fri, 21 Jun 2024 12:13:00 GMT
Resent-Message-Id: <202406211213.45LA0WVw013142@mx0a-0064b401.pphosted.com>
Authentication-Results-Original: ppops.net;	spf=pass
 smtp.mailfrom=bounce+126057+363+7283133+13170635@lists.yoctoproject.org;
	dkim=pass header.d=lists.yoctoproject.org header.s=20240206
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by mx0a-0064b401.pphosted.com (PPS) with ESMTPS id 3yvrmrgtbe-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
	for <yi.zhao@eng.windriver.com>; Fri, 21 Jun 2024 12:12:59 +0000 (GMT)
DKIM-Signature: a=rsa-sha256; bh=TT8ntwmtKtPl2tB6NiVOkhrQfWZFAtwP5vxbH3GHUC0=;
 c=relaxed/simple; d=lists.yoctoproject.org;
 h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20240206; t=1718971979; v=1;
 b=oNCPpe+FXA6wWG5PFsJ1giL/cmLr5NfA2NWYha0yoXxFyARMduazg2zyaf/6QGaU662OnzYP
 Bfdr+Yta/S/BxaeUo6jMeKA0CELYniZXEmzkMMPUW9oOoGJpK29MkZsotQ1PsTyhqsZM8fqRPU2
 4u0/tvwf7I44QH90p9Ez2oWuaIhB+SxhDY0uTmKBcqZvcVSToxvcfwlU2r77+fhL2M6RyHeVZnp
 3DAbIjdDXyiqaEXtaIy06z7vFihoc9RxqbzL1PWyxQXBu5y79P3a1y7LcOuCERozN62OxH8Kiz9
 fQq0CENBGBK+vbMJcJJgLkNuhxelpJGhb1JW3JWxreZcw==
X-Received: by 127.0.0.2 with SMTP id 0pmZYY7284468x6vNDtZU1pU; Fri, 21 Jun 2024 05:12:58 -0700
X-Received: from mail-lj1-f172.google.com (mail-lj1-f172.google.com [209.85.208.172])
 by mx.groups.io with SMTP id smtpd.web10.71540.1718971978379416264
 for <yocto-patches@lists.yoctoproject.org>;
 Fri, 21 Jun 2024 05:12:58 -0700
X-Received: by mail-lj1-f172.google.com with SMTP id 38308e7fff4ca-2ec1620a956so21817691fa.1
        for <yocto-patches@lists.yoctoproject.org>; Fri, 21 Jun 2024 05:12:58 -0700 (PDT)
X-Gm-Message-State: nrEzuOGVtkykRxLyHa0VzQPAx7283133AA=
X-Google-Smtp-Source: AGHT+IFyLIDTVCwYyNsenevEXQWEkW9asNR53S/NqYVKPbIUuFdagEvHbs5qQ1AASpDTZog8ph4UOw==
X-Received: by 2002:a2e:7d0b:0:b0:2ec:1a8b:c374 with SMTP id 38308e7fff4ca-2ec3cff5446mr46722221fa.45.1718971975521;
        Fri, 21 Jun 2024 05:12:55 -0700 (PDT)
X-Received: from lj8k2dq3.sc-core.net ([85.237.126.22])
        by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-57d305616f5sm863931a12.80.2024.06.21.05.12.55
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 21 Jun 2024 05:12:55 -0700 (PDT)
From: "Etienne Cordonnier via lists.yoctoproject.org" <ecordonnier=snap.com@lists.yoctoproject.org>
To: yocto-patches@lists.yoctoproject.org
Cc: Etienne Cordonnier <ecordonnier@snap.com>
Subject: [yocto-patches] [meta-selinux][PATCH 2/2] README: remove outdated section
Date: Fri, 21 Jun 2024 14:12:39 +0200
Message-Id: <20240621121239.594152-2-ecordonnier@snap.com>
In-Reply-To: <20240621121239.594152-1-ecordonnier@snap.com>
References: <20240621121239.594152-1-ecordonnier@snap.com>
Precedence: Bulk
List-Subscribe: <mailto:yocto-patches+subscribe@lists.yoctoproject.org>
List-Help: <mailto:yocto-patches+help@lists.yoctoproject.org>
Sender: yocto-patches@lists.yoctoproject.org
List-Id: <yocto-patches.lists.yoctoproject.org>
Mailing-List: list yocto-patches@lists.yoctoproject.org; contact yocto-patches+owner@lists.yoctoproject.org
Delivered-To: mailing list yocto-patches@lists.yoctoproject.org
Resent-Date: Fri, 21 Jun 2024 05:12:58 -0700
Resent-From: ecordonnier@snap.com
Reply-To: yocto-patches@lists.yoctoproject.org
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://lists.yoctoproject.org/g/yocto-patches/leave/13170635/7283133/1683771902/plugh>
Content-Transfer-Encoding: 8bit
X-Proofpoint-GUID: FWA5om2eLEoo41KSX0E6Qqgsi7jqRrZS
X-Proofpoint-ORIG-GUID: FWA5om2eLEoo41KSX0E6Qqgsi7jqRrZS
X-CLX-Response: 1TFkXGxISEQpMehcbHhMRCllEF2NAWxITa3J8QFlcEQpYWBdtenhATX8cZUx jWhEKeE4Xb0RwWktyU0ZJfXsRCnhLF216eEBNfxxlTGNaEQp5TBdjGmgfGFlQQE0FQxEKQ0gXBx gdEhEKQ1kXBxgSGREKQ0kXGgQaGhoRCllNF2dmchEKWUkXGnEaEBp3BhscEnEeHRAadwYYGgYaE
 QpZXhdsbGYRCklGF11DRE5YQ1xPWHVCRVleT04RCklHF3hPTREKQ04XbH1rH0VHGE9mb0VFHhth eXIabxx7W01ZQx1AW3hYcHkRClhcFx8EGgQZHBwFGxoEGxsaBBsZHgQZHhAbHhofGhEKXlkXTlt SZkcRCk1cFx8dHhEKTFoXaG1dTV0RCkxGF29ra15raxEKQk8XbR5SRwEYcEhmcmsRCkNaFx4fBB
 0TBBgYHgQdEQpCXhcbEQpESRcbEQpCRhdjQFsSE2tyfEBZXBEKQkcXYXNiWHtDfkxTXm8RCkJcF xsRCkJLF2RveEl8XU4eRG0BEQpCSRdvRHBaS3JTRkl9exEKQkUXY1sTSHIFf0B/a2URCkJOF29E cFpLclNGSX17EQpCTBdrZHkYSVBlZmh5ZREKQmwXaXsbH3sbH3tbZ1gRCkJAF29gZHAbTXJoQVh
 BEQpCWBdoQkhsRkJ+bmVgGREKWlgXHhEKeUMXbnN8GHJZUxloTFwRCllLFx8aGR4RClpLFx8aGR 4RCnBnF2ZaemJjGRhtWEB/EBkaEQpwaBdlZ09+f05LTGMaHxAZGhEKcGgXZU1vaWgbeHpTXHgQG hEKcGgXb1phfWVPS2FlW0MQGhEKcGgXZm0BY2hEAUN/cFkQGhEKcGgXa15jTmR9X3tyTEsQGhEK
 cGgXZRxlRXheS2keRVAQGhEKcGgXYR97Xk9rSx5iHVAQGhEKcGgXZ2NyGkwbbXNvUm8QGhEKcH0 XZG0YSR0BTBsYfBoQGhEKcH0XZ31ec3h/bGhGZl8QGhEKcH0XYR15TxxtbV5dfVMQGhEKcGcXb0 R6RRhQE0gackMQGRoRCnB9F2hEUxJfY19BXX5HEBoRCnBnF2hhRBNvb3IFYkNiEBkaEQpwfxdpX
 R9GXVkZH0VcWRATEhEKcF8XY2J6RmxLAUBBe0MQGhEKcF8Xelxfem1GE119E2wQHhIRCnBfF2Ae T3BHXB9vRk9PEBsbEhEKcF8XbB1STEVhQEFZY3MQGRoRCnBsF2l8HV9tUGxsclpeEBoRCm1+Fxo RClhNF0sRIA==
X-CLX-Shades: MLX
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16
 definitions=2024-06-21_04,2024-06-21_01,2024-05-17_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0
 bulkscore=0 priorityscore=149 malwarescore=0 adultscore=0 mlxlogscore=999
 phishscore=0 impostorscore=0 mlxscore=0 suspectscore=0 clxscore=188
 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.21.0-2406140001 definitions=main-2406210090 domainage_hfrom=5034
 domainage_replyto=5034
Return-Path: bounce+126057+363+7283133+13170635@lists.yoctoproject.org
X-MS-Exchange-Organization-ExpirationStartTime: 21 Jun 2024 12:13:01.0419
 (UTC)
X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
X-MS-Exchange-Organization-Network-Message-Id:
 830422a2-9f77-49ae-2947-08dc91eb7ecc
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 8ddb2873-a1ad-4a18-ae4e-4644631433be:0
X-MS-Exchange-Organization-MessageDirectionality: Incoming
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic:
 CY4PEPF0000E9CF:EE_|MW4PR11MB6983:EE_|DS0PR11MB6399:EE_
Content-Type: text/plain
X-MS-Exchange-Organization-AuthSource:
 CY4PEPF0000E9CF.namprd03.prod.outlook.com
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Office365-Filtering-Correlation-Id: 830422a2-9f77-49ae-2947-08dc91eb7ecc
X-MS-Exchange-AtpMessageProperties: SA|SL
X-MS-Exchange-Organization-SCL: -1
X-Microsoft-Antispam: BCL:0;ARA:13230037|12012899009|4022899006;
X-Forefront-Antispam-Report:
 CIP:205.220.178.238;CTRY:US;LANG:en;SCL:-1;SRV:;IPV:CAL;SFV:SKN;H:mx0b-0064b401.pphosted.com;PTR:mx0b-0064b401.pphosted.com;CAT:NONE;SFS:(13230037)(12012899009)(4022899006);DIR:INB;
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jun 2024 12:13:00.6669
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 830422a2-9f77-49ae-2947-08dc91eb7ecc
X-MS-Exchange-CrossTenant-Id: 8ddb2873-a1ad-4a18-ae4e-4644631433be
X-MS-Exchange-CrossTenant-AuthSource:
 CY4PEPF0000E9CF.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR11MB6983
X-MS-Exchange-Transport-EndToEndLatency: 00:00:05.0202720
X-MS-Exchange-Processed-By-BccFoldering: 15.20.7698.013
X-Microsoft-Antispam-Mailbox-Delivery:
 ucf:0;jmr:0;auth:0;dest:I;ENG:(910001)(944506478)(944626604)(920097)(930097)(140003);
X-Microsoft-Antispam-Message-Info:
 =?iso-8859-1?Q?JUhAT0eVIORmMAGo8996vTiWM6l5xMgv0FumAcB5aifCbFk15eo+kvYaic?=
 =?iso-8859-1?Q?00pu8nEdFRHzE2TuWs+WrlgZvpPI14dei+5XlbX2b2wmuWmPj42Bu+N0lB?=
 =?iso-8859-1?Q?AeQOOf94yptlMYIGa/pZxfr3uEXfC1ZFJZ+h333plSSiUMogXkwQXogWk9?=
 =?iso-8859-1?Q?SDNpYCemjIUBirhihIod3yd+uK1fa5vcWdHDXhOIgY0S4zUgtAXeoPoNEM?=
 =?iso-8859-1?Q?VWlz+LFz2sWfUGQI70Mm5j9g1mu+1ZgtHUSYiB1Sbh+L7TQtj1050YFotW?=
 =?iso-8859-1?Q?O0NYqW18t2aHsjXRn1AQl2EQTH5dFa7pMErmiuU8nlNn8IrP4yQr2INAsh?=
 =?iso-8859-1?Q?s+6PqyWiHPKOJTAYOV8nimJCZF4JzMEABvC81gvKT94JN7YfALlc7DbknQ?=
 =?iso-8859-1?Q?tvWwEtCxmYTjKEvEFVLJvpGmnjAI4wwUVaTr6xh669EkX7ZYAbFtXWuNp+?=
 =?iso-8859-1?Q?E0JRJeO2PqT87E1ZM1qun2SF3qYZihDncwkVSK9ORGC2hqlp2t7wcpsjfG?=
 =?iso-8859-1?Q?AG1z/GeDGjWlpouMAYfUOOadJZsSGawBv0jTDsNJLFGXoMpDsqqrXx++pt?=
 =?iso-8859-1?Q?LK30VPxhoyVNYhaY8VC7TG6azv9PLFSVyibH01nLl4vTEpWw848xStRSAq?=
 =?iso-8859-1?Q?k8rsQnLbLb9RYyk6lnBFzyzSBriG3yI0f0VGbwhC9O85j+uk1OcxkO4r7P?=
 =?iso-8859-1?Q?D6Kgr8IinYrVsVhZPawtHR4L7yLcV6Iq7kmZE18YkJYdD8/WFMl++g/Q8e?=
 =?iso-8859-1?Q?UV91dTny6xvRknYrZuj8Q/RnzjKPwuJ8ekcpmUYSiOA1Kbub/l24Z57WIR?=
 =?iso-8859-1?Q?rnBrkMKHlm8bEHHhiZMlKZaeyUlpSdbhBd3JAAptpAyiI7mdUdGNJxV8je?=
 =?iso-8859-1?Q?utx+al1ZcQFQ9TqiX/IuZDO/Ujv7sA5TOD46o8PbhnriFXmAmHdlMH7pl3?=
 =?iso-8859-1?Q?VIVXAx7ZPvYqtIMOehukUuT52oXmmX+mMbQR/emAmvsFmfWJaeTlUVF55E?=
 =?iso-8859-1?Q?bpH6YEMEtMi39CGUUaZ4j+1sM5Zl2Ehx2Y1dM9ANpUVPT9Zknoef1Es872?=
 =?iso-8859-1?Q?lVx57qWjaAc74/1wmwet2PNbTQJiSG3b8Teh1T1qAN75hS+l6sQMxe+IAi?=
 =?iso-8859-1?Q?IteYiYsCzf4n+HCnz1AacEuRi6qTfAfaDwfJi6Q7JdbLoyI5ppJidRz4+B?=
 =?iso-8859-1?Q?fZdFdbN1HTPBZrKiOU3Y0UNqCgAD8uzFDH00usbvuzSddC8zhOyJpNyuwT?=
 =?iso-8859-1?Q?Ww5pLpY94MlhVq6VWqdvhE8PHAlyVAHBg+D4jZo6O8422tRzGFj+pGHHy1?=
 =?iso-8859-1?Q?QkJb+/aXHbLDYZWT/saWoSwzBy09uUhRMYTT0hP4PCY/lBHdE5nOKUWGp9?=
 =?iso-8859-1?Q?cxnFlN5Ftl1Fu0HuDnKsnz8h0yy2yIjBRKh81lHiOF9YDbE5ShrGa3LAUu?=
 =?iso-8859-1?Q?TOAPqJ6cb2EGGDSCugcljVr5fFK2bw19+QO9DRibVxBvowquKCZJ9x2voN?=
 =?iso-8859-1?Q?5XVmhVe29JhBBtjkTejSuQKPJgB+2awi3xZyLtorikgKqcHS8vKSHFEzzD?=
 =?iso-8859-1?Q?4jVfZsRGT9DxzFUCjsO22MK3Up81JEprm9VKIoSQ3MPUGiUcSYTLgTPqwq?=
 =?iso-8859-1?Q?94VX6vo1AgPa1Zl5QZqSeg50wzOklYsazx+/FU7Yx+KB/8LyriDuoDDDtH?=
 =?iso-8859-1?Q?GauPtzowfw4pknV0UT7UMbnlnwZQYdkHkglSP7B0r4ou4fuUQSVBDJcGVG?=
 =?iso-8859-1?Q?5s0d+2HVGdlBiDZBBoLtQNpprN1z7ba4gkDaok/mq/3mcPF9xGsWg3prfb?=
 =?iso-8859-1?Q?TXdUDNXLFyXMSnpHQWQSZHz9yZFxhJIl34LONnCj6GnEDo69wp/RQ8TvIb?=
 =?iso-8859-1?Q?uPbQmM+NyKp0WX+k51oSlX8DcG7dHpdommpZ2FDrTklFFnTctIH6ccVv9w?=
 =?iso-8859-1?Q?WkLOMggBVjVKpPtRQAslAMDNOrSF8JFACkD5ZJBIF3pbezdpK5npGCBk/W?=
 =?iso-8859-1?Q?EIQJUCYbpatKkV+rLEHnEyweOnjBnYcr1a0nb1Xo2g78QcoFm4i3G4qIOh?=
 =?iso-8859-1?Q?s542hYtQGI2BMeoS/oDz9/WDTiUPJGpE/UerwO+Z3YXbg0lLQ6/eMt67vg?=
 =?iso-8859-1?Q?zYXsQN84xaaiAoMXWA8ICnhc3PNnV3vzNicLtu+c2U6AoAVlilPwSBYPvI?=
 =?iso-8859-1?Q?B+zin2Ou0pHNeNtPZDfy1UMcQfU+qeF/LkyGI9EfMqPc/w=3D=3D?=
MIME-Version: 1.0

From: Etienne Cordonnier <ecordonnier@snap.com>

After commit
https://git.yoctoproject.org/meta-selinux/commit/?id=9e986d7d794f044464e1af914ddbcd57d8f1c2e9 ,
it is not possible any more to choose a different version os the refpolicy, and
only the git version is maintained.

Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Joe MacDonald <joe.macdonald@siemens.com>
2024-08-26 08:11:43 -04:00
classes selinux-image.bbclass: refactor bbclass 2023-10-12 10:14:19 -04:00
conf layer.conf: update for the scarthgap release series 2024-03-20 07:32:53 -04:00
dynamic-layers/networking-layer/recipes-daemons/iscsi-initiator-utils python2: drop bbappend 2021-08-29 21:34:22 -04:00
recipes-connectivity iproute2: move PACKAGECONFIG to oe-core 2022-12-14 20:31:45 -05:00
recipes-core busybox: Fix wrapper creation 2024-03-28 10:01:42 -04:00
recipes-devtools/rpm rpm: remove PACKAGECONFIG[selinux] 2024-02-27 12:30:20 -05:00
recipes-extended shadow: comment out pam_lastlog line in login pam file 2024-07-24 10:52:09 -04:00
recipes-graphics classes: drop redundant classes 2021-08-29 21:34:22 -04:00
recipes-kernel linux-yocto: drop CONFIG_SECURITY_SELINUX_DISABLE 2023-09-05 14:36:06 -04:00
recipes-security policycoreutils: fix packaging for sestatus binary 2024-07-24 10:50:23 -04:00
recipes-support classes: drop redundant classes 2021-08-29 21:34:22 -04:00
.gitignore gitignore: add it 2023-03-27 09:34:01 -04:00
MAINTAINERS MAINTAINERS: fix description of section entries 2024-06-26 11:09:53 -04:00
README Fwd: [yocto-patches] [meta-selinux][PATCH 2/2] README: remove outdated section 2024-08-26 08:11:43 -04:00
SELinux-FAQ SELinux-FAQ: remove references to poky-selinux distro 2022-11-07 14:19:08 -05:00

README 

meta-selinux
============

This layer's purpose is enabling SE Linux support.

The majority of this layers work is accomplished in bbappend files, used to
enable SE Linux support in existing recipes.

A new recipes-security was added.  The purpose of this category is to add
software specific to system security.

Please see the MAINTAINERS file for information on contacting the maintainers
of this layer, as well as instructions for submitting patches.


Dependencies
------------

This layer depends on the openembedded-core metadata and the meta-python and
meta-oe layers from the meta-openembedded repository.


Maintenance
-----------
Please see the MAINTAINERS file for information on contacting the maintainers
of this layer, as well as instructions for submitting patches.


Building the meta-selinux layer
-------------------------------
In order to add selinux support to the poky build this layer should be added
to your projects bblayers.conf file.

By default the selinux components are disabled.  This conforms to the
Yocto Project compatible guideline that indicate that simply including a
layer should not change the system behavior.

In order to use the components in this layer you must add the 'selinux' to the
DISTRO_FEATURES.  In addition to selinux, you should be sure that acl, xattr and
pam are also present.
e.g. DISTRO_FEATURES:append = " acl xattr pam selinux"

You must also specify a preferred provider for the virtual/refpolicy.  The
included policies with this layer are simply reference policies and will need
to be tailored for your environment.  
* Enable the refpolicy-mls:
e.g. PREFERRED_PROVIDER_virtual/refpolicy ?= "refpolicy-mls"


Using different init manager
----------------------------
By default selinux enabled images coming up with "sysvinit" as init manager,
we can use "systemd" as an init manager using below changes to local.conf

* enable systemd as init manager changes to local.conf
DISTRO_FEATURES:remove = " sysvinit"
DISTRO_FEATURES:append = " systemd"
VIRTUAL-RUNTIME_init_manager = "systemd"
DISTRO_FEATURES_BACKFILL_CONSIDERED = ""


Enable labeling on first boot
----------------------------
By default, the system will label selinux contexts during build. To enable
labeling on first boot. Set FIRST_BOOT_RELABEL to 1 in local.conf:

FIRST_BOOT_RELABEL = "1"


Starting up the system
----------------------
Most likely the reference policy selected will not just work "out of the box".

As always, if you update the reference policy to better work with OpenEmbedded
or Poky configurations, please submit the changes back to the project.

When using 'core-image-selinux', the system will boot and automatically setup
the policy by running the "fixfiles -f -F relabel" for you.  This is
implemented via the 'selinux-autorelabel' recipe.

The 'core-image-selinux-minimal' does not automatically relabel the system.
So you must boot using the parameters "selinux=1 enforcing=0", and then
manually perform the setup.  Running 'fixfiles -f -F relabel' is available
in this configuration.

After logging in you can verify selinux is present using:

$ sestatus

Output should include:
SELinux status:                 enabled
...
Current mode:                   enforcing
...

The above indicates that selinux is currently running, and if you are running
in an enforcing mode or not.


License
-------

All metadata is MIT licensed unless otherwise stated. Source code included
in tree for individual recipes is under the LICENSE stated in each recipe
(.bb file) unless otherwise stated.

This README document is Copyright (C) 2012 Wind River Systems, Inc.