Gitiles
Code Review Sign In
192.168.1.100 / T108 / e958203796650e3959a43708d67534bf36f4c83b^! / . / package / system / selinux-policy
commite958203796650e3959a43708d67534bf36f4c83b[log] [tgz]
authorb.liu <b.liu@mobiletek.cn>Thu Apr 17 19:18:16 2025 +0800
committerb.liu <b.liu@mobiletek.cn>Thu Apr 17 19:18:16 2025 +0800
treeb2d43b7c77053224287779c12b5e890cadc3d327
parentf51a5559b56d8fd47d9623531065443befb43e5b [diff]
ASR_BASE

Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1

diff --git a/package/system/selinux-policy/Makefile b/package/system/selinux-policy/Makefile
new file mode 100644
index 0000000..34c234a
--- /dev/null
+++ b/package/system/selinux-policy/Makefile

@@ -0,0 +1,55 @@
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=selinux-policy
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://git.defensec.nl/selinux-policy.git
+PKG_VERSION:=1.2.5
+PKG_MIRROR_HASH:=0b485aefed7ecc1ba3c5f5843cb3b10e9d7c55c09b361cd56933081c0dbdc223
+PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+PKG_BUILD_DEPENDS:=secilc/host policycoreutils/host
+
+PKG_MAINTAINER:=Dominick Grift <dominick.grift@defensec.nl>
+PKG_CPE_ID:=cpe:/a:defensec:selinux-policy
+PKG_LICENSE:=Unlicense
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/selinux-policy
+	SECTION:=system
+	CATEGORY:=Base system
+	DEPENDS:=@SELINUX
+	TITLE:=SELinux security policy for OpenWrt
+	URL:=https://git.defensec.nl/?p=selinux-policy.git;a=summary
+	PKGARCH:=all
+endef
+
+define Package/selinux-policy/description
+	Basic SELinux Security Policy designed specifically for
+	OpenWrt and written in Common Intermediate Language.
+endef
+
+define Build/Compile
+	$(call Build/Compile/Default,policy)
+endef
+
+define Package/selinux-policy/conffiles
+/etc/selinux/config
+endef
+
+define Package/selinux-policy/install
+	$(INSTALL_DIR) $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
+	$(INSTALL_DIR) $(1)/etc/selinux/$(PKG_NAME)/policy/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/customizable_types $(1)/etc/selinux/$(PKG_NAME)/contexts/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/file_contexts.subs_dist $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/file_contexts $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/policy.* $(1)/etc/selinux/$(PKG_NAME)/policy/
+	$(INSTALL_DATA) ./files/selinux-config $(1)/etc/selinux/config
+endef
+
+$(eval $(call BuildPackage,selinux-policy))

diff --git a/package/system/selinux-policy/files/selinux-config b/package/system/selinux-policy/files/selinux-config
new file mode 100644
index 0000000..8400704
--- /dev/null
+++ b/package/system/selinux-policy/files/selinux-config

@@ -0,0 +1,2 @@
+SELINUX=permissive
+SELINUXTYPE=selinux-policy