* [meta-selinux][PATCH V2] refpolicy: update to latest git rev
@ 2023-03-17 14:11 Yi Zhao
0 siblings, 0 replies; only message in thread
From: Yi Zhao @ 2023-03-17 14:11 UTC (permalink / raw)
To: yocto, joe.macdonald, joe, joe_macdonald
Drop 0003-refpolicy-minimum-make-dbus-module-optional.patch as the issue
has been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
.../refpolicy/refpolicy-minimum_git.bb | 1 -
...cy-minimum-make-dbus-module-optional.patch | 36 -------------------
recipes-security/refpolicy/refpolicy_git.inc | 2 +-
3 files changed, 1 insertion(+), 38 deletions(-)
delete mode 100644 recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
diff --git a/recipes-security/refpolicy/refpolicy-minimum_git.bb b/recipes-security/refpolicy/refpolicy-minimum_git.bb
index a50a4cd..67c3785 100644
--- a/recipes-security/refpolicy/refpolicy-minimum_git.bb
+++ b/recipes-security/refpolicy/refpolicy-minimum_git.bb
@@ -14,7 +14,6 @@ domains are unconfined. \
SRC_URI += " \
file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \
file://0002-refpolicy-minimum-make-xdg-module-optional.patch \
- file://0003-refpolicy-minimum-make-dbus-module-optional.patch \
"
POLICY_NAME = "minimum"
diff --git a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch b/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
deleted file mode 100644
index d545d2a..0000000
--- a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From e28807393f105a16528cb5304283bde0b771fc4e Mon Sep 17 00:00:00 2001
-From: Yi Zhao <yi.zhao@windriver.com>
-Date: Wed, 9 Nov 2022 10:53:26 +0800
-Subject: [PATCH] refpolicy-minimum: make dbus module optional
-
-The mount module invokes interface
-dbus_dontaudit_write_system_bus_runtime_named_sockets which is from dbus
-module. Since dbus is not a core moudle in sysvinit system, we could
-make this interface optional in mount module by optional_policy. Then we
-could make the minimum policy without dbus module.
-
-Upstream-Status: Inappropriate [embedded specific]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- policy/modules/system/mount.te | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
-index 97f49e58e..b59529a01 100644
---- a/policy/modules/system/mount.te
-+++ b/policy/modules/system/mount.te
-@@ -146,7 +146,9 @@ selinux_getattr_fs(mount_t)
-
- userdom_use_all_users_fds(mount_t)
-
--dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+optional_policy(`
-+ dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+')
-
- ifdef(`distro_redhat',`
- optional_policy(`
---
-2.25.1
-
diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc
index 54e0890..af3413b 100644
--- a/recipes-security/refpolicy/refpolicy_git.inc
+++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -2,7 +2,7 @@ PV = "2.20221101+git${SRCPV}"
SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=master;name=refpolicy;destsuffix=refpolicy"
-SRCREV_refpolicy ?= "03d486e306555da161b653c88e804ce23f3a0ea4"
+SRCREV_refpolicy ?= "8e8f5e3ca3e5900cad126cb8b4fadaa8adb8caac"
UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"
--
2.25.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2023-03-17 14:11 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-17 14:11 [meta-selinux][PATCH V2] refpolicy: update to latest git rev Yi Zhao
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).