On Tue, 2018-01-09 at 11:51 -0600, Mark Hatle wrote: > On 1/4/18 4:41 AM, Patrick Ohly wrote: > > On Thu, 2018-01-04 at 11:18 +0100, José Bollo wrote: > > > > Do you agree to move the patch to Smack specific layer? Such > > > > as > > > > meta-security? > > > > > > I agree. > > > > Layers like meta-security should not modify recipes from other > > layers, > > at least not by default. That would violate the "Yocto Compatible > > 2.0" > > rules. > > You can modify (bbappend) to an existing recipe. You can't change > the behavior > (specifically the md5sum) of the function though, unless that new > functionality > is enabled.)
That's what I meant with "by default". > 'smack' should be able to do the same thing, with a similar distro > feature. I'm not convinced that building core components differently depending on such distro features is desirable, because it makes "smack" and "selinux" mutually exclusive. I'd prefer a solution where support for both can be enabled and then on the image itself the tools decide what to do. Whether that's always possible of course is a different question. In this case I think it is, by adding the exception for security.selinux. But I'll leave that up to you and Jose to decide. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core