2 # This is free software, licensed under the GNU General Public License v2.
3 # See /LICENSE for more information.
6 include $(TOPDIR
)/rules.mk
9 PKG_VERSION
:=2.20200229
12 PKG_SOURCE
:=$(PKG_NAME
)-$(PKG_VERSION
).
tar.bz2
13 PKG_SOURCE_URL
:=https
://github.com
/SELinuxProject
/refpolicy
/releases
/download
/RELEASE_2_20200229
14 PKG_HASH
:=dec854512ed00cd057408f330c2cea4de7a4405f7a147458f59c994bf578e4b0
16 PKG_BUILD_DEPENDS
:=checkpolicy
/host policycoreutils
/host
18 PKG_MAINTAINER
:=Thomas Petazzoni
<thomas.petazzoni@bootlin.com
>
19 PKG_CPE_ID
:=cpe
:/a
:tresys
:refpolicy
20 PKG_LICENSE
:=GPL-2.0
-or-later
21 PKG_LICENSE_FILES
:=COPYING
23 TAR_OPTIONS
:=--transform
='s%^refpolicy%$(PKG_NAME)-$(PKG_VERSION)%' -xf
-
25 include $(INCLUDE_DIR
)/package.mk
27 define Package
/refpolicy
30 TITLE
:=SELinux reference policy
31 URL
:=http
://selinuxproject.org
/page
/Main_Page
35 define Package
/refpolicy
/description
36 The SELinux Reference Policy project
(refpolicy
) is a
37 complete SELinux policy that can be used
as the system
38 policy for a variety of systems and used
as the basis for
39 creating other policies. Reference Policy was originally
40 based on the NSA example policy
, but aims to accomplish many
43 The current refpolicy does not fully support OpenWRT and
44 needs modifications to work with the default system file
45 layout. These changes should be added
as patches to the
46 refpolicy that modify a single SELinux policy.
48 The refpolicy works for the most part in permissive
49 mode. Only the basic set of utilities are enabled in the
50 example policy config and some of the pathing in the
51 policies is not correct. Individual policies would need to
52 be tweaked to
get everything functioning properly.
55 # Yes, we want CC=$(HOSTCC) because the only code that checkpolicy
56 # builds is a small host tool that gets run as part of the build
59 SETFILES
="$(STAGING_DIR_HOST)/bin/setfiles" \
60 CHECKPOLICY
="$(STAGING_DIR_HOSTPKG)/bin/checkpolicy" \
62 CFLAGS
="$(HOST_CFLAGS)"
64 define Build
/Configure
65 $(SED
) "/MONOLITHIC/c\MONOLITHIC = y" $(PKG_BUILD_DIR
)/build.conf
66 $(SED
) "/NAME/c\NAME = targeted" $(PKG_BUILD_DIR
)/build.conf
67 $(call Build
/Compile
/Default
,conf
)
70 define Package
/refpolicy
/conffiles
74 define Package
/refpolicy
/install
75 $(INSTALL_DIR
) $(1)/etc
/selinux
76 $(CP
) $(PKG_INSTALL_DIR
)/etc
/selinux
/* $(1)/etc
/selinux
/
77 $(CP
) .
/files
/selinux-config
$(1)/etc
/selinux
/config
80 $(eval
$(call BuildPackage
,refpolicy
))