summaryrefslogtreecommitdiffstats
path: root/meta-agl-ic-container/dynamic-layers/meta-selinux/recipes-security
AgeCommit message (Collapse)AuthorFilesLines
2024-05-08meta-agl-ic-container: fix packagegroup-agl-core-selinux-guestScott Murray1-1/+3
packagegroup-agl-core-selinux-guest now triggers a packaging QA check due to it being marked as allarch and pulling in libraries that get renamed by the Debian library renaming logic used by upstream. To fix, follow what is done by the similar packagegroups in meta-selinux and not use packagegroup.bbclass. Bug-AGL: SPEC-5123 Change-Id: I1391977d5db3aad3d4e87ff8d043a3bb26b7074a Signed-off-by: Scott Murray <scott.murray@konsulko.com>
2024-01-29Remove auditd and policy tool in guestNaoto Yamaguchi1-0/+24
The SELinux policy set at host in boot time, the guest container shall not overwrite SELinux policy. On the other hand, existing guest integration install SELinux policy tool in guest. The auditd has same issue. That shall work in host, shall not work in guest. This patch fix these issue. Bug-AGL: SPEC-5039 Change-Id: I3887d4f64d31a833f5e47fd9fb41e8fbbf6efe1e Signed-off-by: Naoto Yamaguchi <naoto.yamaguchi@aisin.co.jp>
2023-05-09Remove python dependency from packagegroup-selinux-minimalNaoto Yamaguchi1-0/+3
A meta-selinux has issue for force install many packages. A packagegroup-selinux-minimal may support desktop and server runtime use case, may not match AGL (embedded) runtime use case. One of the big issue, that force install unnecessarily python runtime to image. It's caused by backward compatibility for policycoreutils package, maybe. This patch fix this issue temporally. Shall fix at meta-agl layer at SPEC-4778. Bug-AGL: SPEC-4777 Change-Id: I2b844cd928448b024e4a6830ea98e7dc76f0832b Signed-off-by: Naoto Yamaguchi <naoto.yamaguchi@aisin.co.jp>