diff mbox series

[meta-selinux] Enable SELinux support in native packages

Message ID 20260213154238.4093604-2-u.kleine-koenig@baylibre.com
State New
Headers show
Series [meta-selinux] Enable SELinux support in native packages | expand

Commit Message

Uwe Kleine-König Feb. 13, 2026, 3:42 p.m. UTC 
With SELinux enabled for the target it makes sense to have SELinux
support enabled for the native tools, too.

Note that for native packages DISTRO_FEATURES is filtered, thus up to now
it never contained "selinux". Append to DISTRO_FEATURES_FILTER_NATIVE to
make "selinux" propagate also to DISTRO_FEATURES for native packages.
---
Hello,

I use this on scarthgap, but the patch applies fine to master, too.

During a debug session it took me quite a while to find out why

	ls -lZ "${IMAGE_ROOTFS}

at the end of selinux_set_labels() didn't show the labels added by
setfiles.

Best regards
Uwe

 classes/enable-selinux.bbclass | 2 +-
 conf/layer.conf                | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)


base-commit: 536df5a4fbce3c9fd63f51580f43d248a0d1b0ef
diff mbox series

Patch

diff --git a/classes/enable-selinux.bbclass b/classes/enable-selinux.bbclass
index 3dc61d6931ff..0c9f52e74cec 100644
--- a/classes/enable-selinux.bbclass
+++ b/classes/enable-selinux.bbclass
@@ -1,3 +1,3 @@ 
 inherit selinux
 
-PACKAGECONFIG:append = " ${@target_selinux(d, 'selinux')}"
+PACKAGECONFIG:append = " ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}"
diff --git a/conf/layer.conf b/conf/layer.conf
index 4e04e5cc7e6a..ca981db57019 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -25,3 +25,7 @@  LAYERDEPENDS_selinux = " \
 "
 
 PREFERRED_PROVIDER_virtual/refpolicy ??= "refpolicy-targeted"
+
+# With target support for SELinux it is very helpful during debug when the
+# native tools support SELinux, too.
+DISTRO_FEATURES_FILTER_NATIVE:append = " selinux"