Looks good to me. Thanks, - Philip
On 10/02/2013 08:57 PM, Joe MacDonald wrote: > Philip / Mark / all, > > Earlier today I updated master with a rebased version of what was in > master-next. I apologize for not sending this out earlier. Today's > been a bit turbo. > > This update should have been a fast-forward update to master, so if > that's not the case, or if the updates cause any unexpected behaviour, > please let me know. > > The only outstanding issue I'm aware of right now is basically what I > related in my earlier mail, but less severe. The initial boot and > auto-relabelling hums along fine. The second boot produces a few > issues about /dev/vcs* and /dev/fb* having their label applications > denied due to an invalid context. Logging in to the system and > manually doing a restorecon on those devices as root/secadm_r/secadm_t > applies the correct label until the next boot. Then you're back to > the default labels and have to restore them again. > > The current state of affairs works around the more serious problem I > mentioned previously by not using the udev device cache. I'd like to > fix that, but since it was the approach used in master previously, I > didn't think it was worth holding off on the update just for that. > > -J. > > On Sat, Sep 28, 2013 at 3:46 PM, Philip Tricca <[email protected]> wrote: >> On 09/27/2013 03:58 PM, Joe MacDonald wrote: >>> [[yocto] [meta-selinux] Updated meta-selinux -- master-next] On 13.09.19 >>> (Thu 13:41) Mark Hatle wrote: >>> >>>> I have updated meta-selinux, and placed the update into the 'master-next' >>>> branch. >>>> >>>> This was locally tested with Poky as of commit >>>> 853bc53cd58a621918f0e5ce662dba263d1befb4. >>>> >>>> Note, when building the core-image-selinux, the internal refpolicies >>>> cause a lot of failures. I'm not an expert on how this should be >>>> configured, so I'm looking for help/patches from others. >>>> >>>> If you know of any other additional patches that should be applied, >>>> or are able to help with the refpolicies, please let me know! >>>> >>>> Thanks! >>>> --Mark >>> >>> I just pushed a new (non-ff!) update to master-next. It includes the >>> following: >>> >>> - Mark Hatle: policycoreutils: avoid shell for checking target-special >>> actions >>> - Mark Hatle: setools: Uprev setools >>> - Mark Hatle: README: Update status >>> - Mark Hatle: libcap-ng: Uprev libcap-ng >>> - Mark Hatle: audit: Uprev to audit 2.3.2 >>> - Mark Hatle: swig: Update to latest swig from meta-openembedded >>> - Mark Hatle: python-ipy: Uprev to latest 0.81 version >>> - Mark Hatle: distro/*: Update the distro files >>> - Christopher Larson: layer.conf: avoid unnecessary early expansion with >>> := >>> - Qiang Chen: selinux: remove reference to locale env files from login >>> - Mark Hatle: linux-yocto: Add support for the 3.10 kernel >>> - Xin Ouyang: kernel: add BBAPPEND for linux 3.10 >> >> Can I put in a request to cherry-pick the 3.10 kernel update down to master? >> This is independent from all of the tools / policy updates and it would be >> very convenient for those of us building against master oe-core. As of now a >> build of meta-selinux master against oe-core master results in an image that >> will panic on boot as linux-yocto builds the 3.10 kernel and the selinux >> distros don't prefer a kernel with an available selinux config (3.8 is the >> most recent). >> >> Thanks, >> - Philip >> > > > _______________________________________________ yocto mailing list [email protected] https://lists.yoctoproject.org/listinfo/yocto
