openwrt/package/system/selinux-policy/Makefile
Daniel Golle 3ffc30f05a
selinux-policy: update to version 0.7
a857b45 resolv/locale: eventually this should be more efficient
 11ed281 some more optimization
 764a475 add redundant calls to file.search_conffile_dirs()
 7d4558e fs: treat devtmpfs that same as tmpfs
 81b677e adds irqbalance skeleton
 5506244 irqbalance rules
 cc96cd8 adds usbutil and gtpfdisk skels
 01e2a55 some fsck, gptfdisk, mkfs and usbutil rules
 d6d1e7d usbutil: output to terminal
 da576fa fsck, gptfdisk and usbutil rules
 09b39e9 unbound
 241a029 hotplugcall: allow dac_read_search (is a subset of dac_override)
 af0fe90 adds label for tcsh
 160f79e adds tcpdump
 6d02b96 adds coreutil execfile for busybox alternatives
 ac54884 coreutilexecfile: these are known to require privileges, so exclude
 8cb3b66 adds chrootexecfile
 6d329d3 this saves 9KiB and its a bit more robust
 88e2425 move addpart/delpart/partx to gptfdisk.cil
 261012d ntphotplug: reads ubox data files
 0473ace various
 740e820 work through to genfs_seclabel_symlinks loose ends (Linux 5.10)
 bef21f5 TODO adds a note about how I dont need to upgrade to polver 33 from 31
 cb2e5a3 ubus uses ntpdhotplug fd, and some genfs_seclabel_symlink changes
 07df9b9 luci, rpcd and wpad (mainly genfs_selabel related but not all)
 8d86cab genfs_seclabel loose ends for blockmount, hotplugcall, irqbalance, zram-swap
 b8156cd adds a note about how i forgot to target blockd
 6e82ab8 adds blockd and related
 254ff43 Makefile: exclude blockd from mintesttgt
 4dc6bc2 pppd update related and unbound-odhcp rules

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-28 18:02:02 +00:00

55 lines
1.7 KiB
Makefile

#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=selinux-policy
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://git.defensec.nl/selinux-policy.git
PKG_VERSION:=0.7
PKG_MIRROR_HASH:=f9c555dfa2bb16e6bfd86f1481aad26fce72e5aa45e297e1b39636b6dd0ce021
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_BUILD_DEPENDS:=secilc/host policycoreutils/host
PKG_MAINTAINER:=Dominick Grift <dominick.grift@defensec.nl>
PKG_CPE_ID:=cpe:/a:defensec:selinux-policy
PKG_LICENSE:=Unlicense
PKG_LICENSE_FILES:=LICENSE
include $(INCLUDE_DIR)/package.mk
define Package/selinux-policy
SECTION:=system
CATEGORY:=Base system
TITLE:=SELinux security policy for OpenWrt
URL:=https://git.defensec.nl/?p=selinux-policy.git;a=summary
PKGARCH:=all
endef
define Package/selinux-policy/description
Basic SELinux Security Policy designed specifically for
OpenWrt and written in Common Intermediate Language.
endef
define Build/Compile
$(call Build/Compile/Default,policy)
endef
define Package/selinux-policy/conffiles
/etc/selinux/config
endef
define Package/selinux-policy/install
$(INSTALL_DIR) $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
$(INSTALL_DIR) $(1)/etc/selinux/$(PKG_NAME)/policy/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/customizable_types $(1)/etc/selinux/$(PKG_NAME)/contexts/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/file_contexts.subs_dist $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/file_contexts $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
$(INSTALL_CONF) $(PKG_BUILD_DIR)/policy.* $(1)/etc/selinux/$(PKG_NAME)/policy/
$(INSTALL_DATA) ./files/selinux-config $(1)/etc/selinux/config
endef
$(eval $(call BuildPackage,selinux-policy))