diff mbox series

[meta-selinux,V2] refpolicy: update to latest git rev

Message ID 20230317141136.4057958-1-yi.zhao@windriver.com
State New
Headers show
Series [meta-selinux,V2] refpolicy: update to latest git rev | expand

Commit Message

Yi Zhao March 17, 2023, 2:11 p.m. UTC
Drop 0003-refpolicy-minimum-make-dbus-module-optional.patch as the issue
has been fixed upstream.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 .../refpolicy/refpolicy-minimum_git.bb        |  1 -
 ...cy-minimum-make-dbus-module-optional.patch | 36 -------------------
 recipes-security/refpolicy/refpolicy_git.inc  |  2 +-
 3 files changed, 1 insertion(+), 38 deletions(-)
 delete mode 100644 recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
diff mbox series

Patch

diff --git a/recipes-security/refpolicy/refpolicy-minimum_git.bb b/recipes-security/refpolicy/refpolicy-minimum_git.bb
index a50a4cd..67c3785 100644
--- a/recipes-security/refpolicy/refpolicy-minimum_git.bb
+++ b/recipes-security/refpolicy/refpolicy-minimum_git.bb
@@ -14,7 +14,6 @@  domains are unconfined. \
 SRC_URI += " \
         file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \
         file://0002-refpolicy-minimum-make-xdg-module-optional.patch \
-        file://0003-refpolicy-minimum-make-dbus-module-optional.patch \
         "
 
 POLICY_NAME = "minimum"
diff --git a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch b/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
deleted file mode 100644
index d545d2a..0000000
--- a/recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch
+++ /dev/null
@@ -1,36 +0,0 @@ 
-From e28807393f105a16528cb5304283bde0b771fc4e Mon Sep 17 00:00:00 2001
-From: Yi Zhao <yi.zhao@windriver.com>
-Date: Wed, 9 Nov 2022 10:53:26 +0800
-Subject: [PATCH] refpolicy-minimum: make dbus module optional
-
-The mount module invokes interface
-dbus_dontaudit_write_system_bus_runtime_named_sockets which is from dbus
-module. Since dbus is not a core moudle in sysvinit system, we could
-make this interface optional in mount module by optional_policy. Then we
-could make the minimum policy without dbus module.
-
-Upstream-Status: Inappropriate [embedded specific]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- policy/modules/system/mount.te | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
-index 97f49e58e..b59529a01 100644
---- a/policy/modules/system/mount.te
-+++ b/policy/modules/system/mount.te
-@@ -146,7 +146,9 @@ selinux_getattr_fs(mount_t)
- 
- userdom_use_all_users_fds(mount_t)
- 
--dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+optional_policy(`
-+	dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+')
- 
- ifdef(`distro_redhat',`
- 	optional_policy(`
--- 
-2.25.1
-
diff --git a/recipes-security/refpolicy/refpolicy_git.inc b/recipes-security/refpolicy/refpolicy_git.inc
index 54e0890..af3413b 100644
--- a/recipes-security/refpolicy/refpolicy_git.inc
+++ b/recipes-security/refpolicy/refpolicy_git.inc
@@ -2,7 +2,7 @@  PV = "2.20221101+git${SRCPV}"
 
 SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=master;name=refpolicy;destsuffix=refpolicy"
 
-SRCREV_refpolicy ?= "03d486e306555da161b653c88e804ce23f3a0ea4"
+SRCREV_refpolicy ?= "8e8f5e3ca3e5900cad126cb8b4fadaa8adb8caac"
 
 UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"