rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
SELinux policy configuration
5,968 Commits 8 Branches 89 Tags 36 MiB
Shell 100%
Go to file
Ondrej Mosnacek aebc05fc19 Reword and clean up the README 
Fix grammar, reword misleading statements, add some missing information,
and fix fromatting.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
 		2020-11-25 19:27:11 +01:00
tests test-reboot.yml: test.log is mandatory, improve results format 2020-08-27 07:49:02 +02:00
.gitignore Clean up .gitignore 2020-11-03 12:25:19 +01:00
COPYING remove extra level of directory 2006-07-12 20:32:27 +00:00
Makefile.devel Hard code to MLSENABLED 2011-08-22 16:30:20 -04:00
README.md Reword and clean up the README 2020-11-25 19:27:11 +01:00
booleans-minimum.conf Remove ftp_home_dir boolean from distgit 2016-04-26 14:04:52 +02:00
booleans-mls.conf Make rawhide == f18 2012-12-17 17:21:00 +01:00
booleans-targeted.conf Change default value of use_virtualbox boolean 2019-09-16 16:08:14 +02:00
booleans.subs_dist subs virt_sandbox_use_nfs by virt_use_nfs 2016-07-16 17:52:41 +02:00
customizable_types * Mon Oct 17 2016 Miroslav Grepl <mgrepl@redhat.com> - 3.13.1-221 2016-10-17 20:52:01 +02:00
file_contexts.subs_dist Add /var/usrlocal equivalency rule 2019-10-31 16:50:38 -04:00
make-rhat-patches.sh make-rhat-patches: Use shallow clone 2020-10-12 06:38:28 +00:00
modules-minimum.conf - More access needed for devicekit 2010-08-30 11:58:36 -04:00
modules-mls-base.conf Add fixes for selinux-policy packages to reflect the latest changes related to policy module store migration. 2015-07-16 09:10:21 +02:00
modules-mls-contrib.conf Make active lsm module in MLS policy 2019-04-05 11:03:51 +02:00
modules-targeted-base.conf * Mon Aug 03 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-23 2020-08-03 13:25:54 +02:00
modules-targeted-contrib.conf * Tue Apr 16 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.6-12 2020-04-14 16:43:04 +02:00
modules-targeted.conf We should not build vbetool anylonger 2014-10-12 07:15:24 -04:00
permissivedomains.cil Remove all domains from permissive domains, it looks these policies are tested already 2019-01-13 19:28:55 +01:00
rpm.macros Update rpm.macros file fomr the upstream repo 2019-11-05 17:50:20 +01:00
securetty_types-minimum - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-mls - Update to upstream 2010-03-18 15:47:35 +00:00
securetty_types-targeted - Update to upstream 2010-03-18 15:47:35 +00:00
selinux-policy.conf We need to setcheckreqprot to 0 for security purposes 2015-04-16 14:00:38 -04:00
selinux-policy.spec * Tue Nov 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-9 2020-11-24 19:47:48 +01:00
setrans-minimum.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
setrans-mls.conf - Multiple policy fixes 2006-09-19 14:59:46 +00:00
setrans-targeted.conf - Update to Latest upstream 2009-03-03 20:10:30 +00:00
sources * Tue Nov 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-9 2020-11-24 19:47:48 +01:00
users-minimum - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00
users-mls - Move users file to selection by spec file. 2010-01-11 22:06:55 +00:00
users-targeted - Move users file to selection by spec file. 2010-01-12 13:36:10 +00:00

README.md

Purpose

SELinux Fedora Policy is a fork of the SElinux reference policy. The fedora-selinux/selinux-policy repo makes Fedora packaging simpler and more transparent for packagers, upstream developers, and users. It is used for applying downstream Fedora fixes, for communication about proposed/committed changes, and for communication with upstream and the community. It reflects the upstream repository structure to make submitting patches to upstream easy.

Structure

GitHub

On GitHub, we have two repositories (selinux-policy and selinux-policy-contrib) for dist-git repository.

$ cd selinux-policy
$ git remote -v
origin	git@github.com:fedora-selinux/selinux-policy.git (fetch)


$ git branch -r
origin/HEAD -> origin/master
origin/f27
origin/f28
origin/master
origin/rawhide

$ cd selinux-policy-contrib
$ git remote -v
origin	git@github.com:fedora-selinux/selinux-policy-contrib.git (fetch)

$ git branch -r
origin/HEAD -> origin/master
origin/f27
origin/f28
origin/master
origin/rawhide

Note: As opposed to dist-git, the Rawhide content in both selinux-policy and selinux-policy-contrib repositories resides in rawhide branches rather than master.

dist-git

Package sources in dist-git are composed from selinux-policy, selinux-policy-contrib, and macro-expander repository snapshot tarballs, container-selinux policy files snapshot, and from other config files.

Build process

  1. Clone the fedora-selinux/selinux-policy repository.

     $ cd ~/devel/github
 $ git clone git@github.com:fedora-selinux/selinux-policy.git
 $ cd selinux-policy

  2. Clone the fedora-selinux/selinux-policy-contrib repository.

     $ cd ~/devel/github
 $ git clone git@github.com:fedora-selinux/selinux-policy-contrib.git
 $ cd selinux-policy-contrib

  3. Create, backport, cherry-pick needed changes to a particular branch and push them.

  4. Clone the selinux-policy dist-git repository.

     $ cd ~/devel/dist-git
 $ fedpkg clone selinux-policy
 $ cd selinux-policy

  5. Download the latest snaphots from selinux-policy and selinux-policy-contrib github repositories.

     $ ./make-rhat-patches.sh

  6. Add changes to the dist-git repository, bump release, create a changelog entry, commit and push.

  7. Build the package.

     $ fedpkg build