Name refpolicy-mcs
Version 2.20210203+gitX
Summary MCS (Multi Category Security) variant of the SELinux policy
Description This is the reference policy for SE Linux built with MCS support. An MCS policy is the same as an MLS policy but with only one sensitivity level. This is useful on systems where a hierarchical policy (MLS) isn't needed (pretty much all systems) but the non-hierarchical categories are.
Section admin
License GPLv2
Homepage
Recipe file recipes-security/refpolicy/refpolicy-mcs_git.bb
recipes-security/refpolicy/refpolicy_git.inc
recipes-security/refpolicy/refpolicy_common.inc
Layer meta-selinux (honister branch)
Inherits
  • python3-dir
  • python3native
Dependencies
  • bzip2-replacement-native
  • checkpolicy-native
  • m4-native
  • policycoreutils-native
  • python3-native
  • semodule-utils-native
  • virtual/i686-oe-linux-compilerlibs
  • virtual/i686-oe-linux-gcc
  • virtual/libc
PACKAGECONFIG options

Sources

git://github.com/SELinuxProject/refpolicy.git

Patches

Patch Status
refpolicy/0001-fc-subs-volatile-alias-common-var-volatile-paths.patch Inappropriate [embedded specific]
refpolicy/0002-fc-subs-busybox-set-aliases-for-bin-sbin-and-usr.patch Inappropriate [embedded specific]
refpolicy/0003-fc-hostname-apply-policy-to-common-yocto-hostname-al.patch Inappropriate [embedded specific]
refpolicy/0004-fc-bash-apply-usr-bin-bash-context-to-bin-bash.bash.patch Inappropriate [embedded specific]
refpolicy/0005-fc-resolv.conf-label-resolv.conf-in-var-run-properly.patch Inappropriate [embedded specific]
refpolicy/0006-fc-login-apply-login-context-to-login.shadow.patch Inappropriate [embedded specific]
refpolicy/0007-fc-bind-fix-real-path-for-bind.patch Inappropriate [embedded specific]
refpolicy/0008-fc-hwclock-add-hwclock-alternatives.patch Inappropriate [embedded specific]
refpolicy/0009-fc-dmesg-apply-policy-to-dmesg-alternatives.patch Inappropriate [embedded specific]
refpolicy/0010-fc-ssh-apply-policy-to-ssh-alternatives.patch Inappropriate [embedded specific]
refpolicy/0011-fc-sysnetwork-apply-policy-to-ip-alternatives.patch Inappropriate [embedded specific]
refpolicy/0012-fc-udev-apply-policy-to-udevadm-in-libexec.patch Inappropriate [embedded specific]
refpolicy/0013-fc-rpm-apply-rpm_exec-policy-to-cpio-binaries.patch Inappropriate [embedded specific]
refpolicy/0014-fc-su-apply-policy-to-su-alternatives.patch Inappropriate [embedded specific]
refpolicy/0015-fc-fstools-fix-real-path-for-fstools.patch Inappropriate [embedded specific]
refpolicy/0016-fc-init-fix-update-alternatives-for-sysvinit.patch Inappropriate [embedded specific]
refpolicy/0017-fc-brctl-apply-policy-to-brctl-alternatives.patch Inappropriate [embedded specific]
refpolicy/0018-fc-corecommands-apply-policy-to-nologin-alternatives.patch Inappropriate [embedded specific]
refpolicy/0019-fc-locallogin-apply-policy-to-sulogin-alternatives.patch Inappropriate [embedded specific]
refpolicy/0020-fc-ntp-apply-policy-to-ntpd-alternatives.patch Inappropriate [embedded specific]
refpolicy/0021-fc-kerberos-apply-policy-to-kerberos-alternatives.patch Inappropriate [embedded specific]
refpolicy/0022-fc-ldap-apply-policy-to-ldap-alternatives.patch Inappropriate [embedded specific]
refpolicy/0023-fc-postgresql-apply-policy-to-postgresql-alternative.patch Inappropriate [embedded specific]
refpolicy/0024-fc-screen-apply-policy-to-screen-alternatives.patch Inappropriate [embedded specific]
refpolicy/0025-fc-usermanage-apply-policy-to-usermanage-alternative.patch Inappropriate [embedded specific]
refpolicy/0026-fc-getty-add-file-context-to-start_getty.patch Inappropriate [embedded specific]
refpolicy/0027-fc-init-add-file-context-to-etc-network-if-files.patch Inappropriate [embedded specific]
refpolicy/0028-fc-vlock-apply-policy-to-vlock-alternatives.patch Inappropriate [embedded specific]
refpolicy/0029-fc-cron-apply-policy-to-etc-init.d-crond.patch Inappropriate [embedded specific]
refpolicy/0030-fc-sysnetwork-update-file-context-for-ifconfig.patch Inappropriate [embedded specific]
refpolicy/0031-file_contexts.subs_dist-set-aliase-for-root-director.patch Inappropriate [embedded specific]
refpolicy/0032-policy-modules-system-logging-add-rules-for-the-syml.patch Inappropriate [embedded specific]
refpolicy/0033-policy-modules-system-logging-add-rules-for-syslogd-.patch Inappropriate [embedded specific]
refpolicy/0034-policy-modules-kernel-files-add-rules-for-the-symlin.patch Inappropriate [embedded specific]
refpolicy/0035-policy-modules-system-logging-fix-auditd-startup-fai.patch Inappropriate [embedded specific]
refpolicy/0036-policy-modules-kernel-terminal-don-t-audit-tty_devic.patch Inappropriate [embedded specific]
refpolicy/0037-policy-modules-system-modutils-allow-mod_t-to-access.patch Inappropriate [embedded specific]
refpolicy/0038-policy-modules-services-avahi-allow-avahi_t-to-watch.patch Inappropriate [embedded specific]
refpolicy/0039-policy-modules-system-getty-allow-getty_t-to-search-.patch Inappropriate [embedded specific]
refpolicy/0040-policy-modules-services-bluetooth-fix-bluetoothd-sta.patch Inappropriate [embedded specific]
refpolicy/0041-policy-modules-roles-sysadm-allow-sysadm-to-run-rpci.patch Inappropriate [embedded specific]
refpolicy/0042-policy-modules-services-rpc-add-capability-dac_read_.patch Inappropriate [embedded specific]
refpolicy/0043-policy-modules-services-rpcbind-allow-rpcbind_t-to-c.patch Inappropriate [embedded specific]
refpolicy/0044-policy-modules-services-rngd-fix-security-context-fo.patch Inappropriate [embedded specific]
refpolicy/0045-policy-modules-services-ssh-allow-ssh_keygen_t-to-re.patch Inappropriate [embedded specific]
refpolicy/0046-policy-modules-services-ssh-make-respective-init-scr.patch Inappropriate [embedded specific]
refpolicy/0047-policy-modules-kernel-terminal-allow-loging-to-reset.patch Inappropriate [embedded specific]
refpolicy/0048-policy-modules-system-selinuxutil-allow-semanage_t-t.patch Inappropriate [embedded specific]
refpolicy/0049-policy-modules-system-systemd-enable-support-for-sys.patch Inappropriate [embedded specific]
refpolicy/0050-policy-modules-system-systemd-fix-systemd-resolved-s.patch Inappropriate [embedded specific]
refpolicy/0051-policy-modules-system-init-add-capability2-bpf-and-p.patch Inappropriate [embedded specific]
refpolicy/0052-policy-modules-system-systemd-allow-systemd_logind_t.patch Inappropriate [embedded specific]
refpolicy/0053-policy-modules-system-logging-set-label-devlog_t-to-.patch Inappropriate [embedded specific]
refpolicy/0054-policy-modules-system-systemd-support-systemd-user.patch Inappropriate [embedded specific]
refpolicy/0055-policy-modules-system-systemd-allow-systemd-generato.patch Inappropriate [embedded specific]
refpolicy/0056-policy-modules-system-systemd-allow-systemd_backligh.patch Inappropriate [embedded specific]
refpolicy/0057-policy-modules-system-logging-fix-systemd-journald-s.patch Inappropriate [embedded specific]
refpolicy/0058-policy-modules-services-cron-allow-crond_t-to-search.patch Inappropriate [embedded specific]
refpolicy/0059-policy-modules-services-crontab-allow-sysadm_r-to-ru.patch Inappropriate [embedded specific]
refpolicy/0060-policy-modules-system-sysnetwork-support-priviledge-.patch Inappropriate [embedded specific]
refpolicy/0061-policy-modules-services-acpi-allow-acpid-to-watch-th.patch Inappropriate [embedded specific]
refpolicy/0062-policy-modules-system-setrans-allow-setrans-to-acces.patch Inappropriate [embedded specific]
refpolicy/0063-policy-modules-system-modutils-allow-kmod_t-to-write.patch Inappropriate [embedded specific]
refpolicy/0064-policy-modules-roles-sysadm-allow-sysadm_t-to-watch-.patch Inappropriate [embedded specific]
refpolicy/0065-policy-modules-system-selinux-allow-setfiles_t-to-re.patch Inappropriate [embedded specific]
refpolicy/0066-policy-modules-system-mount-make-mount_t-domain-MLS-.patch Inappropriate [embedded specific]
refpolicy/0067-policy-modules-roles-sysadm-MLS-sysadm-rw-to-clearan.patch Inappropriate [embedded specific]
refpolicy/0068-policy-modules-services-rpc-make-nfsd_t-domain-MLS-t.patch Inappropriate [embedded specific]
refpolicy/0069-policy-modules-admin-dmesg-make-dmesg_t-MLS-trusted-.patch Inappropriate [embedded specific]
refpolicy/0070-policy-modules-kernel-kernel-make-kernel_t-MLS-trust.patch Inappropriate [embedded specific]
refpolicy/0071-policy-modules-system-init-make-init_t-MLS-trusted-f.patch Inappropriate [embedded specific]
refpolicy/0072-policy-modules-system-systemd-make-systemd-tmpfiles_.patch Inappropriate [embedded specific]
refpolicy/0073-policy-modules-system-logging-add-the-syslogd_t-to-t.patch Inappropriate [embedded specific]
refpolicy/0074-policy-modules-system-init-make-init_t-MLS-trusted-f.patch Inappropriate [embedded specific]
refpolicy/0075-policy-modules-system-init-all-init_t-to-read-any-le.patch Inappropriate [embedded specific]
refpolicy/0076-policy-modules-system-logging-allow-auditd_t-to-writ.patch Inappropriate [embedded specific]
refpolicy/0077-policy-modules-kernel-kernel-make-kernel_t-MLS-trust.patch Inappropriate [embedded specific]
refpolicy/0078-policy-modules-system-systemd-make-systemd-logind-do.patch Inappropriate [embedded specific]
refpolicy/0079-policy-modules-system-systemd-systemd-user-sessions-.patch Inappropriate [embedded specific]
refpolicy/0080-policy-modules-system-systemd-systemd-make-systemd_-.patch Inappropriate [embedded specific]
refpolicy/0081-policy-modules-services-ntp-make-nptd_t-MLS-trusted-.patch Inappropriate [embedded specific]
refpolicy/0082-policy-modules-system-setrans-allow-setrans_t-use-fd.patch Inappropriate [embedded specific]
refpolicy/0083-policy-modules-services-acpi-make-acpid_t-domain-MLS.patch Inappropriate [embedded specific]
refpolicy/0084-policy-modules-services-avahi-make-avahi_t-MLS-trust.patch Inappropriate [embedded specific]
refpolicy/0085-policy-modules-services-bluetooth-make-bluetooth_t-d.patch Inappropriate [embedded specific]
refpolicy/0086-policy-modules-system-sysnetwork-make-dhcpc_t-domain.patch Inappropriate [embedded specific]
refpolicy/0087-policy-modules-services-inetd-make-inetd_t-domain-ML.patch Inappropriate [embedded specific]
refpolicy/0088-policy-modules-services-bind-make-named_t-domain-MLS.patch Inappropriate [embedded specific]
refpolicy/0089-policy-modules-services-rpc-make-rpcd_t-MLS-trusted-.patch Inappropriate [embedded specific]
refpolicy/0090-policy-modules-system-systemd-make-_systemd_t-MLS-tr.patch Inappropriate [embedded specific]
refpolicy/0091-fc-usermanage-update-file-context-for-chfn-chsh.patch Inappropriate [embedded specific]

Other branches

This recipe in other branches of meta-selinux:

Branch Recipe
master refpolicy-mcs 2.20240916+git
scarthgap (Yocto Project 5.0) refpolicy-mcs 2.20240226+git
nanbield (Yocto Project 4.3) refpolicy-mcs 2.20231002+gitX
mickledore (Yocto Project 4.2) refpolicy-mcs 2.20221101+gitX
langdale (Yocto Project 4.1) refpolicy-mcs 2.20221101+gitX
kirkstone (Yocto Project 4.0) refpolicy-mcs 2.20210908+gitX
honister (Yocto Project 3.4) refpolicy-mcs 2.20210203+gitX (this recipe)
hardknott (Yocto Project 3.3) refpolicy-mcs 2.20210203+gitX
gatesgarth (Yocto Project 3.2) refpolicy-mcs 2.20200229+gitX
dunfell (Yocto Project 3.1) refpolicy-mcs 2.20200229+gitX
zeus (Yocto Project 3.0) refpolicy-mcs 2.20190201+gitX
zeus (Yocto Project 3.0) refpolicy-mcs 2.20190201
warrior (Yocto Project 2.7) refpolicy-mcs 2.20190201+gitX
warrior (Yocto Project 2.7) refpolicy-mcs 2.20190201
thud (Yocto Project 2.6) refpolicy-mcs 2.20170805+gitX
thud (Yocto Project 2.6) refpolicy-mcs 2.20170204
sumo (Yocto Project 2.5) refpolicy-mcs 2.20170805+gitX
sumo (Yocto Project 2.5) refpolicy-mcs 2.20170204
rocko (Yocto Project 2.4) refpolicy-mcs 2.20170204
rocko (Yocto Project 2.4) refpolicy-mcs 2.20170805+gitX
morty (Yocto Project 2.2) refpolicy-mcs 2.20151208
morty (Yocto Project 2.2) refpolicy-mcs git
jethro (Yocto Project 2.0) refpolicy-mcs git
jethro (Yocto Project 2.0) refpolicy-mcs 2.20141203
jethro (Yocto Project 2.0) refpolicy-mcs 2.20140311
fido (Yocto Project 1.8) refpolicy-mcs 2.20140311
dizzy (Yocto Project 1.7) refpolicy-mcs 2.20140311
dora (Yocto Project 1.5) refpolicy-mcs 2.20130424