[Buildroot] [PATCH 00/15] Improve SELinux support
Antoine Tenart
antoine.tenart at bootlin.com
Sat Aug 1 08:05:22 UTC 2020
Hi Adam,
Quoting Adam Duskett (2020-07-31 19:08:12)
> On Fri, Jul 31, 2020 at 3:15 AM Antoine Tenart
> <antoine.tenart at bootlin.com> wrote:
> >
> > - Override the location of the refpolicy source and all of the above
> > mechanisms, as when designing a fully custom system, one could want to
> > provide a fully custom SELinux policy.
>
> Any chance of supporting a modular policy in the future? :)
I don't have such plans for now, but if someone wants to tackle this I
believe it should be doable.
Out of curiosity, what would be the use case of having a modular policy
on a Buildroot generated image where packages can't be installed at
runtime?
> > Finally, the documentation is updated in patch 15 to explain how to use
> > SELinux within Buildroot.
> >
> Perhaps a test-case would be in order as well?
Yes, I'll send another series with an example qemu selinux defconfig and
new SELinux tests after this one.
> Overall, this is a wonderful, long-needed patch series of which I am
> incredibly excited to review!
Thanks!
Antoine
--
Antoine Ténart, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list