* [Buildroot] refpolicy build failures
@ 2021-07-30 7:10 Thomas Petazzoni
2021-07-31 8:05 ` Fabrice Fontaine
0 siblings, 1 reply; 4+ messages in thread
From: Thomas Petazzoni @ 2021-07-30 7:10 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot, Maxime Chevallier
Hello Fabrice,
Since you've added lots of SELinux modules to package, we're seeing
build failures on the refpolicy package:
http://autobuild.buildroot.net/?reason=refpolicy-2.20210203
There are a least issues with the minidlna, fetchmail and perhaps
apache/httpd.
Could you have a look?
Thanks a lot,
Thomas Petazzoni
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] refpolicy build failures
2021-07-30 7:10 [Buildroot] refpolicy build failures Thomas Petazzoni
@ 2021-07-31 8:05 ` Fabrice Fontaine
2021-07-31 8:13 ` Thomas Petazzoni
0 siblings, 1 reply; 4+ messages in thread
From: Fabrice Fontaine @ 2021-07-31 8:05 UTC (permalink / raw)
To: Thomas Petazzoni; +Cc: buildroot, Maxime Chevallier
Hello Thomas,
Le ven. 30 juil. 2021 à 09:10, Thomas Petazzoni
<thomas.petazzoni@bootlin.com> a écrit :
>
> Hello Fabrice,
>
> Since you've added lots of SELinux modules to package, we're seeing
> build failures on the refpolicy package:
>
> http://autobuild.buildroot.net/?reason=refpolicy-2.20210203
>
> There are a least issues with the minidlna, fetchmail and perhaps
> apache/httpd.
I fixed minidlna, fetchmail and exim.
The other build failures are all related to packages that can
optionally share content through apache/httpd (e.g. collectd, cvs,
git, nut, etc.).
They're raised when apache is not enabled because their file contexts
unconditionally use apache/httpd parameters.
I opened an issue to know how to properly fix those issues:
https://github.com/SELinuxProject/refpolicy/issues/400.
>
> Could you have a look?
>
> Thanks a lot,
>
> Thomas Petazzoni
> --
> Thomas Petazzoni, co-owner and CEO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
Best Regards,
Fabrice
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] refpolicy build failures
2021-07-31 8:05 ` Fabrice Fontaine
@ 2021-07-31 8:13 ` Thomas Petazzoni
2021-07-31 8:18 ` Fabrice Fontaine
0 siblings, 1 reply; 4+ messages in thread
From: Thomas Petazzoni @ 2021-07-31 8:13 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot, Maxime Chevallier
Hello Fabrice,
On Sat, 31 Jul 2021 10:05:50 +0200
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:
> I fixed minidlna, fetchmail and exim.
Thanks for your work, I merged your patches fixing these issues.
> The other build failures are all related to packages that can
> optionally share content through apache/httpd (e.g. collectd, cvs,
> git, nut, etc.).
> They're raised when apache is not enabled because their file contexts
> unconditionally use apache/httpd parameters.
> I opened an issue to know how to properly fix those issues:
> https://github.com/SELinuxProject/refpolicy/issues/400.
Should we revert those changes in Buildroot for the time being? Or
unconditionally add the apache/httpd SELinux modules in collectd, cvs,
git, nut ? This is effectively what the refpolicy requires right now.
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] refpolicy build failures
2021-07-31 8:13 ` Thomas Petazzoni
@ 2021-07-31 8:18 ` Fabrice Fontaine
0 siblings, 0 replies; 4+ messages in thread
From: Fabrice Fontaine @ 2021-07-31 8:18 UTC (permalink / raw)
To: Thomas Petazzoni; +Cc: buildroot, Maxime Chevallier
Le sam. 31 juil. 2021 à 10:13, Thomas Petazzoni
<thomas.petazzoni@bootlin.com> a écrit :
>
> Hello Fabrice,
>
> On Sat, 31 Jul 2021 10:05:50 +0200
> Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:
>
> > I fixed minidlna, fetchmail and exim.
>
> Thanks for your work, I merged your patches fixing these issues.
>
> > The other build failures are all related to packages that can
> > optionally share content through apache/httpd (e.g. collectd, cvs,
> > git, nut, etc.).
> > They're raised when apache is not enabled because their file contexts
> > unconditionally use apache/httpd parameters.
> > I opened an issue to know how to properly fix those issues:
> > https://github.com/SELinuxProject/refpolicy/issues/400.
>
> Should we revert those changes in Buildroot for the time being? Or
> unconditionally add the apache/httpd SELinux modules in collectd, cvs,
> git, nut ? This is effectively what the refpolicy requires right now.
Indeed, I'll send patches to add apache/httpd. Hopefully, we should be
able to remove it later on.
>
> Best regards,
>
> Thomas
> --
> Thomas Petazzoni, co-owner and CEO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
Best Regards,
Fabrice
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-07-31 8:18 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-30 7:10 [Buildroot] refpolicy build failures Thomas Petazzoni
2021-07-31 8:05 ` Fabrice Fontaine
2021-07-31 8:13 ` Thomas Petazzoni
2021-07-31 8:18 ` Fabrice Fontaine
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.