[OE-core] [yocto] [meta-selinux] [PATCH] refpolicy-mls: user native bzip2 instead of host

Alexandru Moise alexandru.moise at windriver.com
Tue Feb 21 13:55:12 UTC 2017 

The behavior of b{zip,unzip}2 an vary from host to host with
regards to a number of things such as return value or permissions.

We should always use the native bzip2 package to keep the behavior
deterministic. This change prevents a warning at do_package_qa
task of refpolicy-mls package.

Signed-off-by: Alexandru Moise <alexandru.moise at windriver.com>
---
 recipes-security/refpolicy/refpolicy_common.inc | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc
index 58152a8..91dd2ba 100644
--- a/recipes-security/refpolicy/refpolicy_common.inc
+++ b/recipes-security/refpolicy/refpolicy_common.inc
@@ -27,7 +27,7 @@ FILES_${PN}-dev =+ " \
         ${sysconfdir}/selinux/sepolgen.conf \
 "
 
-DEPENDS += "checkpolicy-native policycoreutils-native m4-native"
+DEPENDS += "checkpolicy-native policycoreutils-native m4-native bzip2-native"
 
 RDEPENDS-${PN}-dev =+ " \
         python \
@@ -99,19 +99,21 @@ prepare_policy_store () {
 	# get hll type from suffix on base policy module
 	HLL_TYPE=$(echo ${POL_SRC}/base.* | awk -F . '{if (NF>1) {print $NF}}')
 	HLL_BIN=${STAGING_DIR_NATIVE}${prefix}/libexec/selinux/hll/${HLL_TYPE}
+	native_bzip2=${STAGING_BINDIR_NATIVE}/bzip2-native/bzip2
+	native_bunzip2=${STAGING_BINDIR_NATIVE}/bzip2-native/bunzip2
 
 	for i in ${POL_SRC}/*.${HLL_TYPE}; do
 		MOD_NAME=$(basename $i | sed "s/\.${HLL_TYPE}$//")
 		MOD_DIR=${POL_ACTIVE_MODS}/${MOD_NAME}
 		mkdir -p ${MOD_DIR}
 		echo -n "${HLL_TYPE}" > ${MOD_DIR}/lang_ext
-		if ! bzip2 -t $i >/dev/null 2>&1; then
-			${HLL_BIN} $i | bzip2 --stdout > ${MOD_DIR}/cil
-			bzip2 -f $i && mv -f $i.bz2 $i
+		if ! ${native_bzip2} -t $i >/dev/null 2>&1; then
+			${HLL_BIN} $i | ${native_bzip2} --stdout > ${MOD_DIR}/cil
+			${native_bzip2} -f $i && mv -f $i.bz2 $i
 		else
-			bunzip2 --stdout $i | \
+			${native_bunzip2} --stdout $i | \
 				${HLL_BIN} | \
-				bzip2 --stdout > ${MOD_DIR}/cil
+				${native_bzip2} --stdout > ${MOD_DIR}/cil
 		fi
 		cp $i ${MOD_DIR}/hll
 	done
-- 
2.10.2

More information about the Openembedded-core mailing list