Age | Commit message (Collapse) | Author |
|
oe-core has used "-Wa,--noexecstack" in CFLAG not only for native
now, so the bbappend should be removed.
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-connectivity/openssl/openssl.inc?id=4fb837687dd68363f25fbfc15207dd05d1369661
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
We add pam conf files for login/sshd to use pam_selinux module. When
selinux is not in DISTRO_FEATURES, pam-plugin-selinux would not be
built, this will cause runtime errors to not allow users to login in
on the console or ssh.
Use @target_selinux() to enable these pam conf files conditionally.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
rndc.key would be labeled with wrong named_zone_t inherited from
/etc/bind while creating, so restorecon on it.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
"-Wa,--noexecstack" will mark objects as requiring executable stack,
this is a dangerous CFLAG and would cause security issues.
So disable it as most distros did.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
sshd_config file from oe-core to set "UsePAM yes".
sshd file (pam config for sshd) from oe-core to add pam_selinux module.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|