Currently, a user sets a policy version via the refpolicy package.
Having the option here has a few disadvantages:
- The Refpolicy package is not technically needed to use SELinux.
- When building a modular policy, Refpolicy will ignore the version string
and build the highest version possible which will cause libsemanage to
possibly fail when loading the policy.
Specifying a manual policy version in /etc/selinux/semanage.conf
forces libsemanage to load a specific policy version, which fixes the
above issue. However, because refpolicy currently defines the policy
version, libsemanage does not have a way to determine the policy
version, as refpolicy is not a dependency of libsemanage.
To work around these limitations, move the policy version number
selection to libsepol, as a system using SELinux always requires this
library.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove gadgetfs-test as gadgetfs has been deprecated in favour of
functionfs.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also add myself as DEVELOPER, as waf is currently orphan,
and I am the last one to fiddle with it.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The CMakeLists.txt file uses the CMP0091 which is an MSVC runtime
library flag abstraction macro.
Because we are not building ninja for Microsoft, it is safe to remove
this macro and set the minimum version to 3.10.
Fixes:
http://autobuild.buildroot.net/results/992b34c5625ec733d8dce678aa7a7540c4768ca1
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Depend on host-python3, as python2 support was removed.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Only host-policycoreutils is needed to build refpolicy. Remove the uneeded
target package.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove fis as RedBoot hasn't been updated for over 10 years.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: rebase libplist after bump]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This was missed when LLVM and Clang were updated.
Signed-off-by: Michael Drake <michael.drake@codethink.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream changes include:
- Fix loading FreeBSD kernels with multiple PT_LOAD sections.
- Use autotools to configure and build kexec-lite
- Add support for kexec_file_load
The packaging is adjusted to account for the change in build systems.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Add --with-stdc++lib=dynamic to openjdk.mk or else openjdk will fail to
build because it defaults to looking for a static libstdc++ library.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Convert patch 0005-Fix-installation-of-class-headers.patch to git
format and re-number it to 0004-Fix-installation-of-class-headers.patch.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)
django.contrib.postgres.aggregates.StringAgg aggregation function was
subject to SQL injection, using a suitably crafted delimiter.
For more details, see the advisory:
https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Ninja 1.10.0 now supports cmake as a build system. This change makes the make
file much more straightforward.
The host-python2 dependency is no longer needed as it is no longer
used during the build. We however need to keep install commands as
there is no installation step planned in CMakeLists.txt.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
