What is the easiest way to re-direct meta-selinux to use another refpolicy ? That is, I want to download a refpolicy, modify it, then tell meta-selinux to use that modified policy. I am currently using morty branch for meta-selinux.
Thank you,
Alan Wright
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20180206/ce787258/attachment.html
On Tue, 2018-02-06 at 21:46 +0000, Wright, Alan via refpolicy wrote:
> What is the easiest way to re-direct meta-selinux to use another
> refpolicy ? That is, I want to download a refpolicy, modify it, then
> tell meta-selinux to use that modified policy. I am currently using
> morty branch for meta-selinux.
Don't know if you'll get an answer on refpolicy list since that is for
upstream refpolicy discussions. Might want to try yocto and the listed
MAINTAINERS for meta-selinux on the best way to do what you want. I
think you can just provide your own .bb file for your modified
refpolicy and set your preferred provider for virtual/refpolicy to
it. Alternatively, have a look at what openxt does,
https://github.com/OpenXT/xenclient-oe
under recipes-security/refpolicy/*
That is a little different though; they are applying their changes as
patches on top of one of the refpolicy packages provided by meta-
selinux.