[Buildroot] [PATCH] package/refpolicy: enable refpolicy's xdg module when systemd is enabled
Adam Duskett
aduskett at gmail.com
Tue Nov 2 17:26:05 UTC 2021
Hey Romain;
Sorry for the late reply!
On Mon, Nov 1, 2021 at 2:23 AM Romain Naour <romain.naour at gmail.com> wrote:
>
> Hello Adam,
>
> Le 01/11/2021 à 07:10, ratbert90 a écrit :
> > Hello;
> >
> > Shouldn’t this go in systemd.mk?
>
> I'm not sure to understand, what do you mean?
>
> It's about a refpolicy module not selinux module (SYSTEMD_SELINUX_MODULES).
Refpolicy modules are SELinux modules!
I just tested by adding xdg to SYSTEMD_SELINUX_MODULES which does
indeed fix the issue.
Adam
>
> Another way to fix the issue is to add xdp to BR2_REFPOLICY_EXTRA_MODULES in the
> test config... but I don't think it's the right fix.
>
> Best regards,
> Romain
>
>
> >
> > Adam
> > --------------------------------------------------------------------------------
> > *Da:* buildroot <buildroot-bounces at buildroot.org> per conto di Romain Naour
> > <romain.naour at gmail.com>
> > *Inviato:* Sunday, October 31, 2021 3:42:07 PM
> > *A:* buildroot at buildroot.org <buildroot at buildroot.org>
> > *Cc:* Romain Naour <romain.naour at gmail.com>; Antoine Tenart <atenart at kernel.org>
> > *Oggetto:* [Buildroot] [PATCH] package/refpolicy: enable refpolicy's xdg module
> > when systemd is enabled
> >
> > policy/modules/system/systemd.te requires xdg module enabled [1]
> > otherwise refpolicy fail to build:
> >
> > policy/modules/system/systemd.te:288:ERROR 'attribute xdg_config_type is not
> > declared' at token ';' on line 508447:
> >
> > Fixes:
> > https://gitlab.com/buildroot.org/buildroot/-/jobs/1710552468
> > <https://gitlab.com/buildroot.org/buildroot/-/jobs/1710552468>
> > https://gitlab.com/buildroot.org/buildroot/-/jobs/1710552470
> > <https://gitlab.com/buildroot.org/buildroot/-/jobs/1710552470>
> >
> > [1]
> > https://github.com/SELinuxProject/refpolicy/blob/RELEASE_2_20210908/policy/modules/system/systemd.te#L288
> > <https://github.com/SELinuxProject/refpolicy/blob/RELEASE_2_20210908/policy/modules/system/systemd.te#L288>
> >
> > Signed-off-by: Romain Naour <romain.naour at gmail.com>
> > Cc: Antoine Tenart <atenart at kernel.org>
> > ---
> > package/refpolicy/refpolicy.mk | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/package/refpolicy/refpolicy.mk b/package/refpolicy/refpolicy.mk
> > index 975c3b584c..b1d101e311 100644
> > --- a/package/refpolicy/refpolicy.mk
> > +++ b/package/refpolicy/refpolicy.mk
> > @@ -69,6 +69,7 @@ REFPOLICY_MODULES = \
> > sysnetwork \
> > unconfined \
> > userdomain \
> > + $(if $(BR2_PACKAGE_SYSTEMD),xdg) \
> > $(PACKAGES_SELINUX_MODULES) \
> > $(call qstrip,$(BR2_REFPOLICY_EXTRA_MODULES)) \
> > $(foreach d,$(REFPOLICY_EXTRA_MODULES_DIRS),\
> > --
> > 2.31.1
> >
> > _______________________________________________
> > buildroot mailing list
> > buildroot at buildroot.org
> > https://lists.buildroot.org/mailman/listinfo/buildroot
> > <https://lists.buildroot.org/mailman/listinfo/buildroot>
>
More information about the buildroot
mailing list