aboutsummaryrefslogtreecommitdiff
path: root/Config.in.legacy
diff options
context:
space:
mode:
authorGravatar Adam Duskett <aduskett@gmail.com>2020-02-03 05:29:49 -0800
committerGravatar Thomas Petazzoni <thomas.petazzoni@bootlin.com>2020-02-03 16:49:22 +0100
commit10e19b7532250d5868de11cc226c0f001ef2cdb1 (patch)
tree38b752e7719414b1c0c21aadc5133247789bbd07 /Config.in.legacy
parentc4cf3e628665a9363efb7781aa93da478b32e2d3 (diff)
downloadbuildroot-10e19b7532250d5868de11cc226c0f001ef2cdb1.tar.gz
buildroot-10e19b7532250d5868de11cc226c0f001ef2cdb1.tar.bz2
package/{refpolicy,libsepol}: move policy version selection from refpolicy to libsepol
Currently, a user sets a policy version via the refpolicy package. Having the option here has a few disadvantages: - The Refpolicy package is not technically needed to use SELinux. - When building a modular policy, Refpolicy will ignore the version string and build the highest version possible which will cause libsemanage to possibly fail when loading the policy. Specifying a manual policy version in /etc/selinux/semanage.conf forces libsemanage to load a specific policy version, which fixes the above issue. However, because refpolicy currently defines the policy version, libsemanage does not have a way to determine the policy version, as refpolicy is not a dependency of libsemanage. To work around these limitations, move the policy version number selection to libsepol, as a system using SELinux always requires this library. Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Diffstat (limited to 'Config.in.legacy')
-rw-r--r--Config.in.legacy11
1 files changed, 11 insertions, 0 deletions
diff --git a/Config.in.legacy b/Config.in.legacy
index 061d0f7871..955e5f2f7d 100644
--- a/Config.in.legacy
+++ b/Config.in.legacy
@@ -160,6 +160,17 @@ config BR2_PACKAGE_FIS
comment "Legacy options removed in 2020.02"
+config BR2_PACKAGE_REFPOLICY_POLICY_VERSION
+ string "refpolicy policy version"
+ help
+ The refpolicy policy version option has been moved to the
+ libsepol package.
+
+config BR2_PACKAGE_REFPOLICY_POLICY_VERSION_WRAP
+ bool
+ default y if BR2_PACKAGE_REFPOLICY_POLICY_VERSION != ""
+ select BR2_LEGACY
+
config BR2_PACKAGE_CELT051
bool "celt051 package was removed"
select BR2_LEGACY