@@ -14,7 +14,6 @@ domains are unconfined. \
SRC_URI += " \
file://0001-refpolicy-minimum-make-sysadmin-module-optional.patch \
file://0002-refpolicy-minimum-make-xdg-module-optional.patch \
- file://0003-refpolicy-minimum-make-dbus-module-optional.patch \
"
POLICY_NAME = "minimum"
deleted file mode 100644
@@ -1,36 +0,0 @@
-From e28807393f105a16528cb5304283bde0b771fc4e Mon Sep 17 00:00:00 2001
-From: Yi Zhao <yi.zhao@windriver.com>
-Date: Wed, 9 Nov 2022 10:53:26 +0800
-Subject: [PATCH] refpolicy-minimum: make dbus module optional
-
-The mount module invokes interface
-dbus_dontaudit_write_system_bus_runtime_named_sockets which is from dbus
-module. Since dbus is not a core moudle in sysvinit system, we could
-make this interface optional in mount module by optional_policy. Then we
-could make the minimum policy without dbus module.
-
-Upstream-Status: Inappropriate [embedded specific]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- policy/modules/system/mount.te | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
-index 97f49e58e..b59529a01 100644
---- a/policy/modules/system/mount.te
-+++ b/policy/modules/system/mount.te
-@@ -146,7 +146,9 @@ selinux_getattr_fs(mount_t)
-
- userdom_use_all_users_fds(mount_t)
-
--dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+optional_policy(`
-+ dbus_dontaudit_write_system_bus_runtime_named_sockets(mount_t)
-+')
-
- ifdef(`distro_redhat',`
- optional_policy(`
-2.25.1
-
@@ -2,7 +2,7 @@ PV = "2.20221101+git${SRCPV}"
SRC_URI = "git://github.com/SELinuxProject/refpolicy.git;protocol=https;branch=master;name=refpolicy;destsuffix=refpolicy"
-SRCREV_refpolicy ?= "03d486e306555da161b653c88e804ce23f3a0ea4"
+SRCREV_refpolicy ?= "8e8f5e3ca3e5900cad126cb8b4fadaa8adb8caac"
UPSTREAM_CHECK_GITTAGREGEX = "RELEASE_(?P<pver>\d+_\d+)"
Drop 0003-refpolicy-minimum-make-dbus-module-optional.patch as the issue has been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> --- .../refpolicy/refpolicy-minimum_git.bb | 1 - ...cy-minimum-make-dbus-module-optional.patch | 36 ------------------- recipes-security/refpolicy/refpolicy_git.inc | 2 +- 3 files changed, 1 insertion(+), 38 deletions(-) delete mode 100644 recipes-security/refpolicy/refpolicy/0003-refpolicy-minimum-make-dbus-module-optional.patch