On 04/19/2016 11:34 AM, George McCollister wrote:
> On Mon, Apr 18, 2016 at 2:34 AM, wenzong fan
> wrote:
>> On 04/18/2016 05:02 AM, Philip Tricca wrote:
>>>
>>> Hello Wenzong,
>>>
>>> On 04/08/2016 01:19 AM, wenzong@windriver.com wrote:
Hello Wenzong,
On 04/08/2016 01:19 AM, wenzong@windriver.com wrote:
> From: Wenzong Fan
>
> Apply the changes to refpolicy-minimum_2.20151208.bb:
>
> commit bfaf278116e6c3a04bb82c9f8a4f8629a0a85df8
> Author: Wenzong Fan
> Date: Tue Oct 27 06:25:04 2015 -0400
>
> refpolicy-mini
On 04/13/2016 12:23 AM, wenzong fan wrote:
> On 04/12/2016 10:05 PM, Joe MacDonald wrote:
>> Philip / Wenzong,
>>
>> [Re: [yocto] [meta-selinux][PATCH 2/3] Integrate selinux-config into
>> refpolicy_common.] On 16.04.12 (Tue 13:54) wenzong fan wrote:
>>
>>
efpolicy-minimum.populate_sysroot
>> Please verify which recipe should provide the above files.
>>
>> Philip,
>>
>> Can you consider to withdraw the integration?
>>
>> Thanks
>> Wenzong
>>
>> On 04/04/2016 08:21 AM, Philip Tricca w
Use the anonymous python function to be sure the value set for
'SELINUX' in the config file is something useful. In the event that
DEFAULT_ENFORCING isn't set to one of the 3 permissible values we
set it to 'permissive'.
Signed-off-by: Philip Tricca
---
r
With the virutal package there's no need for a separate recipe to build
the config. This can be generated and included as part of the policy
package.
Signed-off-by: Philip Tricca
---
.../packagegroups/packagegroup-core-selinux.bb | 1 -
.../packagegroups/packagegroup-selinux-minim
one policy package but this falls
in line with the embedded nature of the project.
Signed-off-by: Philip Tricca
---
conf/distro/oe-selinux.conf| 1 +
recipes-security/packagegroups/packagegroup-core-selinux.bb| 3 +--
recipes-security/packagegroups
) that we would treat the policy much like we do the kernel and use
a virtual provider.
Feedback would be much appreciated,
Philip
Philip Tricca (3):
refpolicy: Setup virtual/refpolicy provider.
Integrate selinux-config into refpolicy_common.
refpolicy_common: Sanity test DEFAULT_ENFORCIN
On 03/22/2016 12:43 PM, Stephen Smalley wrote:
> On 03/21/2016 12:26 AM, Philip Tricca wrote:
>> This was mostly straight forward. Had to refresh a single patch:
>> poky-policy-fix-new-SELINUXMNT-in-sys.patch
>
> Can we drop that one? Doesn't upstream already include r
Signed-off-by: Philip Tricca
---
.../ftp-add-ftpd_t-to-mlsfilewrite.patch | 39
.../refpolicy-2.20140311/poky-fc-clock.patch | 22 --
.../poky-fc-corecommands.patch | 24 ---
.../refpolicy-2.20140311/poky-fc-dmesg.patch | 20 --
.../refpolicy
By default we build *_git refpolicy packages. The release packages
have been lagging behind. The first patch replaces the 2.2014120
release with the latest (2.20151208). The second removes the old
2.20140311 release.
Philip Tricca (2):
refpolicy: Replace 2.2014120 with release 2.20151208
On 03/07/2016 07:08 AM, Radzykewycz, T (Radzy) wrote:
>
>
>> From: Philip Tricca [fl...@twobit.us]
>> Sent: Sunday, March 06, 2016 3:38 PM
>> To: Radzykewycz, T (Radzy); joe_macdon...@mentor.com; Hatle, Mark
>> Cc: yocto@yocto
Mark has already clarified this in the eudev thread. That's good enough
for me.
Philip
On 03/06/2016 03:38 PM, Philip Tricca wrote:
> Tested this today and it works as expected: thanks!
>
> This leaves the same PR value as the previous version. The OE style
> guide thinks PR
Tested this today and it works as expected: thanks!
This leaves the same PR value as the previous version. The OE style
guide thinks PR should be removed when PV changes. Since we're going
from 2.4.4 -> 2.5 this makes me think that since PV changes PR should be
removed. I've never given this much
On 03/03/2016 12:44 PM, Joe MacDonald wrote:
> [Re: [yocto] [meta-selinux] git recipes] On 16.03.02 (Wed 19:59) Philip
> Tricca wrote:
>
>> On 03/02/2016 07:47 AM, Radzykewycz, T (Radzy) wrote:
>>> ____
>>> On 3/1/16 21:40, P
Required by switch to eudev in oe-core. Dropping PR since this is
effectively a new recipe.
Signed-off-by: Philip Tricca
---
recipes-core/eudev/eudev/init | 144
recipes-core/eudev/eudev/udev-cache | 32 +++
recipes-core/eudev/eudev_3.1.5
Not sure what to do with PR value in this case.
Philip
On 03/02/2016 09:55 PM, Philip Tricca wrote:
> Required by switch to eudev in oe-core.
>
> Signed-off-by: Philip Tricca
> ---
> recipes-core/eudev/eudev/init | 144
>
> rec
Required by switch to eudev in oe-core.
Signed-off-by: Philip Tricca
---
recipes-core/eudev/eudev/init | 144
recipes-core/eudev/eudev/udev-cache | 32 +++
recipes-core/eudev/eudev_3.1.5.bbappend | 5 ++
recipes-core/udev/udev/init
On 03/02/2016 07:47 AM, Radzykewycz, T (Radzy) wrote:
>
> On 3/1/16 21:40, Philip Tricca wrote:
>> On 03/01/2016 10:30 AM, Joe MacDonald wrote:
>>> [Re: [yocto] [meta-selinux] git recipes] On 16.02.29 (Mon 08:06) Mark Hatle
>>&
On 03/01/2016 08:20 PM, Philip Tricca wrote:
> Hey all,
>
> meta-selinux has been tracking release branches for a while but we're
> missing a Jethro. I've had a Jethro branch on my github fork for a bit.
> It's pointing at 4c75d9cbc from master with no additiona
On 03/01/2016 02:58 PM, Alejandro del Castillo wrote:
> I first started looking at busybox postinst (modified on meta-selinux) since I
> am getting errors during "opkg upgrade buysbox". The errors that I am getting
> are of the form:
>
> update-alternatives: Error: not linking /bin/gunzip to
> /us
On 03/01/2016 10:30 AM, Joe MacDonald wrote:
> [Re: [yocto] [meta-selinux] git recipes] On 16.02.29 (Mon 08:06) Mark Hatle
> wrote:
>
>> On 2/27/16 10:23 PM, Philip Tricca wrote:
>>> Adding a sensible subject.
>>
>> Sorry couldn't reply when I saw this
Hey all,
meta-selinux has been tracking release branches for a while but we're
missing a Jethro. I've had a Jethro branch on my github fork for a bit.
It's pointing at 4c75d9cbc from master with no additional changes. Both
images build, boot, login and pass the basic smoke test. Seems like this
ma
Adding a sensible subject.
On 02/27/2016 08:17 PM, Philip Tricca wrote:
> While going through the backlog I ran across the 'git' versions of the
> user space. I noticed that a recent contribution was adding a patch to
> the git recipe and I figured that this patch would alread
While going through the backlog I ran across the 'git' versions of the
user space. I noticed that a recent contribution was adding a patch to
the git recipe and I figured that this patch would already be upstream
and so wouldn't be necessary. Not so. The 'git' versions have SRCREV
hard wired (SRCRE
Hello,
This looks straight forward enough. I'm not seeing any QA warnings
though so it looks like the go bindings are only built when the go
compiler is available. Can you point me at the layer you're using to get
the go stuff? There seems to be more than one: meta-golang, oe-meta-go?
Thanks,
Phi
On 02/24/2016 09:53 AM, Radzykewycz, T (Radzy) wrote:
>
>
>> From: Burton, Ross [ross.bur...@intel.com]
>> Sent: Wednesday, February 24, 2016 9:10 AM
>> To: Radzykewycz, T (Radzy)
>> Cc: Hatle, Mark; yocto@yoctoproject.org
>> Subject: Re: [yocto] [meta-seli
Hello all,
I've made a pass back over the meta-selinux backlog and pulled in the
commits necessary to get master building again. Many thanks to those who
posted patches. The next thing I'll be focusing on is a second pass over
the backlog to pull in the remaining bits. Thanks for all of your patie
Merged. Thanks.
On 01/04/2016 10:31 AM, Thomas Perrot wrote:
> Signed-off-by: Thomas Perrot
> ---
> recipes-kernel/linux/linux-yocto_3.14.bbappend | 8
> recipes-kernel/linux/linux-yocto_3.19.bbappend | 8
> 2 files changed, 16 deletions(-)
> delete mode 100644 recipes-kernel/
On 02/17/2016 06:41 PM, Joe MacDonald wrote:
> Adding Philip Tricca as a common layer maintainer and marking Pascal as
> away.
While the admins upstream get my ssh key in place I did a pass over the
pending patches and the current state of the repo. There isn't a lot to
do in the
On 02/17/2016 06:41 PM, Joe MacDonald wrote:
> Adding Philip Tricca as a common layer maintainer and marking Pascal as
Thanks Joe. I'm working my way through the backlog now.
Best,
Philip
--
___
yocto mailing list
yocto@yoctoproject.o
On 11/05/2015 08:56 AM, George McCollister wrote:
> Change [:space:] to [[:space:]]. [:space:] is incorrect and is treated
> as a list of characters. Prior to this change having a policy of
> 'standard' resulted in POL_TYPE being set to 'tandard'.
Good catch.
> Change the regular expression to ma
Signed-off-by: Philip Tricca
---
.../poky-policy-fix-new-SELINUXMNT-in-sys.patch| 100 ++---
1 file changed, 25 insertions(+), 75 deletions(-)
diff --git
a/recipes-security/refpolicy/refpolicy-git/poky-policy-fix-new-SELINUXMNT-in-sys.patch
b/recipes-security/refpolicy
Fixup DESCRIPTION in old selinux-init recipe.
Exclude this autorelabel script from the minimal packagegroup.
Signed-off-by: Philip Tricca
---
.../packagegroups/packagegroup-core-selinux.bb | 1 +
.../selinux-autorelabel/selinux-autorelabel.sh | 22 ++
.../selinux
Remove selinux-init package from packagegroup-selinux-minimal.
Signed-off-by: Philip Tricca
---
.../packagegroups/packagegroup-core-selinux.bb | 1 +
.../packagegroups/packagegroup-selinux-minimal.bb | 2 +-
.../selinux/selinux-init/selinux-init.sh | 9
recipes
This will be useful when we have other init scripts.
Signed-off-by: Philip Tricca
---
recipes-security/selinux/selinux-init_0.1.bb | 24 +++-
recipes-security/selinux/selinux-initsh.inc | 25 +
2 files changed, 28 insertions(+), 21 deletions
Add runtime dependencies for init script.
Signed-off-by: Philip Tricca
---
.../packagegroups/packagegroup-core-selinux.bb | 1 +
.../packagegroups/packagegroup-selinux-minimal.bb | 1 +
.../selinux/selinux-config/selinux-init.sh | 71 --
recipes-security
I've added:
Proper use of RDEPENDS in the recipes for dependency tracking.
Packagegroups have been updated. core-selinux group is kept the same
and the minimal system package group has only thge labeldev script which
is all that's needed to boot.
Philip Tricca (4):
selinux-config: Sep
_ext) instead of just
the *.pp as before. The cil is generated from the hll (the pp file)
using the new 'pp' utility.
The base policy module now lives with all of the other modules.
policy.kern has gone away.
Signed-off-by: Philip Tricca
---
recipes-security/refpolicy/refpolicy_c
Signed-off-by: Philip Tricca
---
...s-Update-for-2015-02-02-Userspace-release.patch | 114 +
...rect-invalid-prototype-for-lsetfilecon_ra.patch | 34 --
recipes-security/setools/setools_3.3.8.bb | 2 +-
3 files changed, 115 insertions(+), 35 deletions
r and secadm_r roles end up defined twice in
the CIL.
Signed-off-by: Philip Tricca
---
recipes-security/selinux/policycoreutils.inc | 11 +++-
.../policycoreutils-pp-builtin-roles.patch | 70 ++
recipes-security/selinux/policycoreutils_2.3.bb| 19 --
re
Signed-off-by: Philip Tricca
---
...emanage-disable-expand-check-on-policy-load.patch | 20 +---
recipes-security/selinux/libsemanage_2.3.bb | 17 -
recipes-security/selinux/libsemanage_2.4.bb | 18 ++
3 files changed, 27
Signed-off-by: Philip Tricca
---
recipes-security/selinux/checkpolicy_2.3.bb | 7 ---
recipes-security/selinux/checkpolicy_2.4.bb | 7 +++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/checkpolicy_2.3.bb
create mode 100644 recipes-security
Signed-off-by: Philip Tricca
---
recipes-security/selinux/libselinux_2.3.bb | 15 ---
recipes-security/selinux/libselinux_2.4.bb | 15 +++
2 files changed, 15 insertions(+), 15 deletions(-)
delete mode 100644 recipes-security/selinux/libselinux_2.3.bb
create mode 100644
Signed-off-by: Philip Tricca
---
recipes-security/selinux/libsepol_2.3.bb | 7 ---
recipes-security/selinux/libsepol_2.4.bb | 7 +++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/libsepol_2.3.bb
create mode 100644 recipes-security/selinux
Note the change in the URL from the last release. We were pulling source
tarballs generated by GitHub as part of its reponse to the addition of
tags. The SELinux project maintains their own releases on the wiki at:
https://github.com/SELinuxProject/selinux/wiki/Releases
Signed-off-by: Philip
Update toolstack to 2.4 release dated 2015-02-02.
Backport patches to setools for compatibility with new toolstack.
Update refpolicy recipe to cope with new policy CIL.
Philip Tricca (8):
Add common files for 20150202 SELinux userspace release.
libsepol: Bump version to 2.4.
libselinux
Woops, duplicate. Please disregard.
On 09/10/2015 09:36 PM, Philip Tricca wrote:
> Signed-off-by: Philip Tricca
> ---
> recipes-extended/net-tools/net-tools_1.%.bbappend | 11 +++
> recipes-extended/net-tools/net-tools_1.60-25.bbappend | 11 ---
> 2 fi
Signed-off-by: Philip Tricca
---
recipes-extended/net-tools/net-tools_1.%.bbappend | 11 +++
recipes-extended/net-tools/net-tools_1.60-25.bbappend | 11 ---
2 files changed, 11 insertions(+), 11 deletions(-)
create mode 100644 recipes-extended/net-tools/net-tools_1
think I'm breaking builds for some folks but we've made as
much progress as we can w/o a maintainer getting involved. Any help you
can provide would be appreciated.
Thanks,
Philip
On 08/23/2015 10:27 PM, Huang, Jie (Jackie) wrote:
>
>
>> -Original Message-
>&g
We require these headers for some constants that define the xattr
namespaces.
Signed-off-by: Philip Tricca
---
recipes-devtools/e2fsprogs/e2fsprogs_1.42.9.bbappend | 2 ++
1 file changed, 2 insertions(+)
diff --git a/recipes-devtools/e2fsprogs/e2fsprogs_1.42.9.bbappend
b/recipes-devtools
Signed-off-by: Philip Tricca
---
recipes-kernel/linux-libc-headers/linux-libc-headers_%.bbappend | 1 +
1 file changed, 1 insertion(+)
create mode 100644
recipes-kernel/linux-libc-headers/linux-libc-headers_%.bbappend
diff --git a/recipes-kernel/linux-libc-headers/linux-libc-headers_
,
Philip
Philip Tricca (2):
linux-libc-headers: Make headers available to native packages via
BBCLASSEXTEND.
e2fsprogs: Add dependency on linux-libc-headers.
recipes-devtools/e2fsprogs/e2fsprogs_1.42.9.bbappend| 2 ++
recipes-kernel/linux-libc-headers/linux-libc-headers_
Hello Jackie,
On 08/20/2015 11:25 PM, Huang, Jie (Jackie) wrote:
>> -Original Message-
>> From: yocto-boun...@yoctoproject.org [mailto:yocto-boun...@yoctoproject.org]
>> On Behalf Of Philip
>> Tricca
>> Sent: Thursday, June 18, 2015 6:31 AM
>> T
We probably don't need the comment since it's made clear by the DEPENDS
but other than that this LGTM.
Best,
Philip
On 08/18/2015 10:22 PM, jackie.hu...@windriver.com wrote:
> From: Joe Slater
>
> Patches added by this bbappend make us depend on the attr
> package.
>
> Signed-off-by: Joe Slate
Hey Jackie,
On 08/20/2015 11:25 PM, Huang, Jie (Jackie) wrote:
>> -Original Message-
>> From: yocto-boun...@yoctoproject.org [mailto:yocto-boun...@yoctoproject.org]
>> On Behalf Of Philip
>> Tricca
>> Sent: Thursday, June 18, 2015 6:31 AM
>> To: yocto
Greetings Wenzong,
On 08/21/2015 02:09 AM, wenzong fan wrote:
> On 08/21/2015 10:48 AM, Philip Tricca wrote:
>> Any opinions / thoughts on this one? I've got an upgrade for the
>> toolstack (2.3 -> 2.4) ready to go but I've based it on the release URIs
>> from th
Any opinions / thoughts on this one? I've got an upgrade for the
toolstack (2.3 -> 2.4) ready to go but I've based it on the release URIs
from the wiki so it depends on this patch.
Best,
Philip
On 08/15/2015 06:35 AM, Philip Tricca wrote:
> The SRC_URI used for the last SELinux u
I started scoping out an upgrade over the weekend. I'm maintaining a
branch here: https://github.com/flihp/meta-selinux/tree/upgrade
It is very much a WIP so expect rebases. Some notes below:
On 08/14/2015 12:15 AM, wenzong fan wrote:
> I just sent uprev patches for:
>
> libcap-ng 0.7.3 -> 0.7.7
'Releases' page:
https://github.com/SELinuxProject/selinux/wiki/Releases. This patch
fixes this URI, fixes the SELINUX_RELEASE variable that didn't get
updated during the last upgrade, removes the workaround for the 'S'
variable and fixes up the SRC_URI hashes.
Sig
On 08/10/2015 09:10 PM, Philip Tricca wrote:
> On 08/08/2015 02:00 PM, Joe MacDonald wrote:
>> I'm sorry this has been in the merge queue for so long.
>
> Better late than never :)
>
>> I've merged it
>> after taking the policy updates from Shrikant and a
Hey Shrikant,
On 07/30/2015 02:31 AM, Shrikant Bobade wrote:
> This patch provides green build for core-image-selinux
> (meta-selinux:master & poky:master) against libpam upgrade from 1.1.6 to
> 1.2.1,
> image boots fine,but I am unable to login at target. I have prepared
> build for qemuarm, does
based the patches on the current master HEAD
> commit. That means, though, that if you get a chance I'd like to take a
> look at the branch to ensure I didn't mangle your patch set too much.
Will do.
Philip
> [[meta-selinux][PATCHv2 0/8] Label file system in build.] On 15.06.17 (Wed
This is a duplicate. Please disregard in favor of:
https://lists.yoctoproject.org/pipermail/yocto/2015-July/025833.html
Philip
On 08/02/2015 08:52 AM, fl...@twobit.us wrote:
> From: Philip Tricca
>
> The DESTDIR prefix patch is now upstream and no longer necessary.
>
> Signed
Shrikant,
On 07/30/2015 02:31 AM, Shrikant Bobade wrote:
> This patch provides green build for core-image-selinux
> (meta-selinux:master & poky:master) against libpam upgrade from 1.1.6 to
> 1.2.1,
> image boots fine,but I am unable to login at target. I have prepared
> build for qemuarm, does any
Works for me too.
Philip
On 07/30/2015 04:28 AM, Shrikant Bobade wrote:
> From: Shrikant Bobade
>
> The default kernel is now v4.1. So we need the selinux support
> for kernel v4.1, inorder to get selinux enabled images out of box.
>
> Signed-off-by: Shrikant Bobade
> ---
> recipes-kernel/li
Signed-off-by: Philip Tricca
---
.../e2fsprogs/misc-xattr-create-xattr-cache.patch | 181 +
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 182 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr
Signed-off-by: Philip Tricca
---
.../e2fsprogs/misc-xattr-create-xattr-block.patch | 341 +
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 342 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr
Signed-off-by: Philip Tricca
---
.../misc-xattr-create-xattr-block-node.patch | 175 +
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 176 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block
Signed-off-by: Philip Tricca
---
.../lib-ext2fs-ext2_ext_attr.h-add-xattr-index.patch | 20
recipes-devtools/e2fsprogs/e2fsprogs_1.42.9.bbappend | 1 +
2 files changed, 21 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/lib-ext2fs-ext2_ext_attr.h-add
Signed-off-by: Philip Tricca
---
.../mke2fs.c-create_inode.c-copy-xattrs.patch | 164 +
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 165 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/mke2fs.c-create_inode.c-copy
Signed-off-by: Philip Tricca
---
.../misc-xattr-add-xattr-module-stub.patch | 57 ++
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 5 ++
2 files changed, 62 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-add-xattr-module
Signed-off-by: Philip Tricca
---
classes/selinux-image.bbclass | 8
recipes-security/images/core-image-selinux-minimal.bb | 2 +-
recipes-security/images/core-image-selinux.bb | 2 +-
3 files changed, 10 insertions(+), 2 deletions(-)
create mode 100644
Signed-off-by: Philip Tricca
---
.../policycoreutils-fts_flags-FTS_NOCHDIR.patch| 25 ++
recipes-security/selinux/policycoreutils_2.3.bb| 1 +
2 files changed, 26 insertions(+)
create mode 100644
recipes-security/selinux/policycoreutils/policycoreutils-fts_flags
f unique SELinux labels in the reference file systems it's
likely sufficient for a first version. Feedback / comments on both the
implementation and testing approach would be appreciated.
Regards,
Philip
Philip Tricca (8):
policycoreutils: Patch setfiles to add FTS_NOCHDIR to fts_flags
It looks like I screwed up this patch when I was rewriting some git
history. I'm working up a fix.
Philip
On 06/06/2015 05:37 PM, Philip Tricca wrote:
> Signed-off-by: Philip Tricca
> ---
> .../e2fsprogs/misc-xattr-create-xattr-cache.patch | 217
> +
On 06/05/2015 01:40 AM, Shrikant Bobade wrote:
> From: Shrikant Bobade
>
> The default kernel is now v3.19. So we need the selinux support
> for kernel v3.19, inorder to get selinux enabled images out of box.
Looks good to me. Boots policy in enforcing as expected.
Philip
--
_
Signed-off-by: Philip Tricca
---
.../e2fsprogs/misc-xattr-create-xattr-cache.patch | 217 +
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 218 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr
Signed-off-by: Philip Tricca
---
.../misc-xattr-create-xattr-block-node.patch | 126 +
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 127 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block
Signed-off-by: Philip Tricca
---
.../e2fsprogs/misc-xattr-create-xattr-block.patch | 351 +
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 352 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr
Signed-off-by: Philip Tricca
---
.../lib-ext2fs-ext2_ext_attr.h-add-xattr-index.patch | 20
recipes-devtools/e2fsprogs/e2fsprogs_1.42.9.bbappend | 1 +
2 files changed, 21 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/lib-ext2fs-ext2_ext_attr.h-add
Signed-off-by: Philip Tricca
---
.../misc-create_inode.c-label-fs-objects.patch | 30 ++
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 31 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-create_inode.c-label-fs
Signed-off-by: Philip Tricca
---
.../misc-mke2fs.c-label-root-dir-and-cleanup.patch | 40 ++
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 41 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-mke2fs.c-label-root-dir-and
Signed-off-by: Philip Tricca
---
.../e2fsprogs/Makefile.in-build-xattr.o.patch | 96 ++
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 1 +
2 files changed, 97 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/Makefile.in-build-xattr.o.patch
Signed-off-by: Philip Tricca
---
.../e2fsprogs/misc-xattr-copy-xattrs.patch | 69 ++
.../e2fsprogs/e2fsprogs_1.42.9.bbappend| 5 ++
2 files changed, 74 insertions(+)
create mode 100644
recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-copy-xattrs.patch
Signed-off-by: Philip Tricca
---
classes/selinux-image.bbclass | 8
recipes-security/images/core-image-selinux-minimal.bb | 2 +-
recipes-security/images/core-image-selinux.bb | 2 +-
3 files changed, 10 insertions(+), 2 deletions(-)
create mode 100644
FTS_NOCHDIR disables this optimization and causes
fts_accpath to be relative to the directory where the traversal started.
An alternative fix could replace the use of fts_accpath with fts_path
which is absolute.
Signed-off-by: Philip Tricca
---
.../policycoreutils-setfiles-path.patch
e caching implementation but in the meantime I thought I'd get
an RFC out to get early feedback / testing.
Thanks,
Philip
--
Philip Tricca (10):
policycoreutils: Add FTS_NOCHDIR flag to fts_open.
selinux-image: Add new image class to label the rootfs.
e2fsprogs: Add bbappend and
On 05/18/2015 07:15 PM, Khem Raj wrote:
>
>> On May 16, 2015, at 12:04 PM, Philip Tricca wrote:
>>
>> Upstream 3.19 isn't supported by meta-selinux yet. Set PREFERRED_VERSION
>> to 3.14 as a work-around to keep the reference images bootable.
>>
>>
Upstream 3.19 isn't supported by meta-selinux yet. Set PREFERRED_VERSION
to 3.14 as a work-around to keep the reference images bootable.
---
conf/distro/oe-selinux.conf | 2 ++
1 file changed, 2 insertions(+)
diff --git a/conf/distro/oe-selinux.conf b/conf/distro/oe-selinux.conf
index 6e55a32..ea
Upstream 3.19 isn't supported by meta-selinux yet. Set PREFERRED_VERSION
to 3.14 as a work-around to keep the reference images bootable.
Signed-off-by: Philip Tricca
---
conf/distro/oe-selinux.conf | 2 ++
1 file changed, 2 insertions(+)
diff --git a/conf/distro/oe-selinux.conf b/conf/d
This is a stop-gap to get meaningful error messages to folks till we get
per-layer bbappends implemented.
Signed-off-by: Philip Tricca
---
conf/layer.conf |8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/conf/layer.conf b/conf/layer.conf
index 7af76a1..723f5a8
On 02/11/2015 11:55 AM, dpquigl wrote:
> On Wed, 2015-02-11 at 16:29 +, Paul Eggleton wrote:
>> (Adding yocto@yoctoproject.org to CC since that is where meta-selinux
>> patches
>> tend to go at least)
>>
>> On Wednesday 11 February 2015 10:53:03 dpquigl wrote:
>>> I'm working on OpenXT and it
Forgot to copy the maintainer ... again :)
On 01/28/2015 10:36 AM, Philip Tricca wrote:
> This is another round of renaming the meta-selinux bbappends to use
> wild cards. The three recipes renamed here had no patches to port.
> They're basically 3-4 line recipes that enable SE
Hello Armin,
I've submitted a very similar patch a few days earlier. This was bundled
up into a larger series that *should* get meta-selinux master building
again. See:
https://lists.yoctoproject.org/pipermail/yocto/2015-January/023314.html
Philip
On 01/30/2015 10:02 PM, Armin Kuster wrote:
> Fr
Signed-off-by: Philip Tricca
---
recipes-extended/ustr/ustr_1.0.4.bb |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/recipes-extended/ustr/ustr_1.0.4.bb
b/recipes-extended/ustr/ustr_1.0.4.bb
index a0a1e41..cdb78ad 100644
--- a/recipes-extended/ustr/ustr_1.0.4.bb
+++ b
Signed-off-by: Philip Tricca
---
recipes-connectivity/dhcp/dhcp_%.bbappend |3 +++
recipes-connectivity/dhcp/dhcp_4.3.0.bbappend |3 ---
2 files changed, 3 insertions(+), 3 deletions(-)
create mode 100644 recipes-connectivity/dhcp/dhcp_%.bbappend
delete mode 100644 recipes
Signed-off-by: Philip Tricca
---
recipes-core/coreutils/coreutils_%.bbappend|1 +
recipes-core/coreutils/coreutils_8.22.bbappend |3 ---
2 files changed, 1 insertion(+), 3 deletions(-)
create mode 100644 recipes-core/coreutils/coreutils_%.bbappend
delete mode 100644 recipes-core
Signed-off-by: Philip Tricca
---
recipes-extended/sysklogd/sysklogd_%.bbappend |1 +
recipes-extended/sysklogd/sysklogd_1.5.bbappend |3 ---
2 files changed, 1 insertion(+), 3 deletions(-)
create mode 100644 recipes-extended/sysklogd/sysklogd_%.bbappend
delete mode 100644 recipes
t thing to do.
One oddity here is the change made to the ustr recipe. It was using
a variable I've never seen before and failing to fetch the SRC_URI.
I think this variable was a typo and after changing ${BPV} -> ${PV}
the expected behavior was restored.
Philip Tricca (4):
sysklogd
1 - 100 of 188 matches
Mail list logo