Take a look at how the OE meta-selinux layer handles it. They rewrote the recipe to build it in 2 stages. Stage one produces the policy modules. Stage two is the compilation of the binary policy (semodule call), utilizing the fakeroot/pseudo
environment in order to build the monolithic policy.
I successfully applied the recipe to the Fedora reference policy with some modifications.
Jack Fewx
Platform Software Senior Engineer
Dell | Enterprise Product Group
-----Original Message-----
From: sagivdev@xxxxxxxxx [mailto:sagivdev@xxxxxxxxx]
Sent: Sunday, August 14, 2016 7:43 AM
To: selinux@xxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Switching to monolithic policy
Update: In case anyone will stumble upon this error in the future:
>From my understanding, the error occurs because monolithic policy in the openembedded environemnt are by default compiled and installed on the host machine (as opposed to modular policies).
I have not solved this completly just yet, but I think this is the main issue. I will continue to work on this and also look into the suggestions posted by James and Miroslav and post here if i manage to solve the issue.
Thanks,
Sagiv.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/selinux@xxxxxxxxxxxxxxxxxxxxxxx
|
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/selinux@xxxxxxxxxxxxxxxxxxxxxxx
