ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/package/system/selinux-policy-local/Makefile b/package/system/selinux-policy-local/Makefile
new file mode 100644
index 0000000..32b2d8f
--- /dev/null
+++ b/package/system/selinux-policy-local/Makefile
@@ -0,0 +1,55 @@
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=selinux-policy
+PKG_VERSION:=0.8
+PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+PKG_BUILD_DEPENDS:=secilc/host policycoreutils/host
+
+USE_SOURCE_DIR:=$(MRVLDIR)/services/selinux-policy
+SVC_SOURCE_DIR:=${USE_SOURCE_DIR}
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/autotools.mk
+
+define Package/selinux-policy-local
+ SECTION:=system
+ CATEGORY:=Base system
+ DEPENDS:=@SELINUX
+ TITLE:=SELinux security policy for OpenWrt
+ PKGARCH:=all
+endef
+
+define Package/selinux-policy-local/description
+ Basic SELinux Security Policy designed specifically for
+ OpenWrt and written in Common Intermediate Language.
+endef
+
+define Build/Compile
+ $(call Build/Compile/Default,policypackets)
+endef
+
+define Package/selinux-policy-local/conffiles
+/etc/selinux/config
+endef
+
+define Package/selinux-policy-local/install
+ $(INSTALL_DIR) $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
+ $(INSTALL_DIR) $(1)/etc/selinux/$(PKG_NAME)/contexts/users/
+ $(INSTALL_DIR) $(1)/etc/selinux/$(PKG_NAME)/policy/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/customizable_types $(1)/etc/selinux/$(PKG_NAME)/contexts/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/file_contexts.subs_dist $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
+ $(INSTALL_DATA) $(PKG_BUILD_DIR)/file_contexts $(1)/etc/selinux/$(PKG_NAME)/contexts/files/
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/policy.* $(1)/etc/selinux/$(PKG_NAME)/policy/
+ $(INSTALL_DATA) ./files/selinux-config $(1)/etc/selinux/config
+ $(INSTALL_DATA) ./files/default_contexts $(1)/etc/selinux/$(PKG_NAME)/contexts/
+ $(INSTALL_DATA) ./files/failsafe_context $(1)/etc/selinux/$(PKG_NAME)/contexts/
+ $(INSTALL_DATA) ./files/seusers $(1)/etc/selinux/$(PKG_NAME)/seusers
+ $(INSTALL_DATA) ./files/users/* $(1)/etc/selinux/$(PKG_NAME)/contexts/users/
+endef
+
+$(eval $(call BuildPackage,selinux-policy-local))
diff --git a/package/system/selinux-policy-local/files/default_contexts b/package/system/selinux-policy-local/files/default_contexts
new file mode 100644
index 0000000..9c3ecf9
--- /dev/null
+++ b/package/system/selinux-policy-local/files/default_contexts
@@ -0,0 +1 @@
+r:sys.subj r:sys.subj
diff --git a/package/system/selinux-policy-local/files/failsafe_context b/package/system/selinux-policy-local/files/failsafe_context
new file mode 100644
index 0000000..19ef971
--- /dev/null
+++ b/package/system/selinux-policy-local/files/failsafe_context
@@ -0,0 +1 @@
+r:sys.subj
diff --git a/package/system/selinux-policy-local/files/selinux-config b/package/system/selinux-policy-local/files/selinux-config
new file mode 100644
index 0000000..8400704
--- /dev/null
+++ b/package/system/selinux-policy-local/files/selinux-config
@@ -0,0 +1,2 @@
+SELINUX=permissive
+SELINUXTYPE=selinux-policy
diff --git a/package/system/selinux-policy-local/files/seusers b/package/system/selinux-policy-local/files/seusers
new file mode 100644
index 0000000..d912227
--- /dev/null
+++ b/package/system/selinux-policy-local/files/seusers
@@ -0,0 +1 @@
+__default__:u
diff --git a/package/system/selinux-policy-local/files/users/u b/package/system/selinux-policy-local/files/users/u
new file mode 100644
index 0000000..9c3ecf9
--- /dev/null
+++ b/package/system/selinux-policy-local/files/users/u
@@ -0,0 +1 @@
+r:sys.subj r:sys.subj