[Buildroot] [PATCH v2 1/2] package/refpolicy/Config.in: force merged usr when selecting upstream

Yann E. MORIN yann.morin.1998 at free.fr
Sat Oct 7 19:34:22 UTC 2023 

Adam, All,

On 2023-10-07 20:19 +0200, Adam Duskett spake thusly:
> Refpolicy contexts expect a merged /usr file system. In fact, there
> are no references to /bin, /sbin, /lib, or /lib64 at all. However, if a user
> wants to go through the trouble of creating a policy that works with a
> non-merged system, they should be free to do so. As such, only select
> BR2_ROOTFS_MERGED_USR if using BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION
> 
> Signed-off-by: Adam Duskett <adam.duskett at amarulasolutions.com>
> ---
>  package/refpolicy/Config.in | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/package/refpolicy/Config.in b/package/refpolicy/Config.in
> index 0e72b895df..f1f3c7e64d 100644
> --- a/package/refpolicy/Config.in
> +++ b/package/refpolicy/Config.in
> @@ -36,6 +36,7 @@ choice
>  
>  config BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION
>  	bool "Upstream version"
> +	select BR2_ROOTFS_MERGED_USR

I wonder if this is the proper solution. I would have rather though of
depends on rather than select:

    diff --git a/package/refpolicy/Config.in b/package/refpolicy/Config.in
    index 0e72b895df..c413c1244b 100644
    --- a/package/refpolicy/Config.in
    +++ b/package/refpolicy/Config.in
    @@ -32,13 +32,17 @@ if BR2_PACKAGE_REFPOLICY

     choice
     	prompt "Refpolicy version"
     -	default BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION
     +	default BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION if BR2_ROOTFS_MERGED_USR

     config BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION
     	bool "Upstream version"
    +	depends on BR2_ROOTFS_MERGED_USR
     	help
     	  Use the refpolicy as provided by Buildroot.

    +comment "upstream refpolicy needs merged /usr"
    +	depends on !BR2_ROOTFS_MERGED_USR
    +
     config BR2_PACKAGE_REFPOLICY_CUSTOM_GIT
     	bool "Custom git repository"
     	help

Not totally sure either ways, though...

Regards,
Yann E. MORIN.

>  	help
>  	  Use the refpolicy as provided by Buildroot.
>  
> -- 
> 2.41.0
> 
> _______________________________________________
> buildroot mailing list
> buildroot at buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

More information about the buildroot mailing list