Google Git
Sign in
fuchsia/integration/a7bdf73265d0e942583354c707caa9d380cb11da
commit
a7bdf73265d0e942583354c707caa9d380cb11da
[log]
author
Onath Dillinger <claridge@fuchsia.infra.roller.google.com>
Wed Jan 22 14:03:48 2025 -0800
committer
Copybara-Service <copybara-worker@google.com>
Wed Jan 22 14:05:17 2025 -0800
tree
fd9a9ac30dbbdbb1a3b4a8f385a1c336a36c4ade
parent
528b82e72f98d4fd0d4318789f67306a59ea0faf [diff]
[roll] Roll fuchsia Revert "[sestarnix] Add default exceptions config, and enforce exec checks"

This reverts commit 1e5a482d452c8b46b7d91f3a93e91b860e5297d4.

Reason for revert: Interferes with system suspension.

Original-Bug: 391664952

Original change's description:
> [sestarnix] Add default exceptions config, and enforce exec checks
>
> Containers with SELinux enabled will now run with a built-in set of
> access-check exceptions, unless a configuration file or the
> special "#strict" setting, are specified. This simplifies migration
> away from the todo_check_permission() workaround, and allows tests
> in the SELinux Test Suite to pass, by running the suite with no
> exceptions applied.
>
> The exceptions configuration format now accepts both b/<id> and
> https://fxbug.dev/<id> forms.
>
> The file:entrypoint and file:execute_no_trans permissions are now
> enforced on exec(), with the set of access-check exceptions
> required by some current containers baked-into the default config.
>
> Original-Bug: 389914184, 330904217, 390458405, 368235493, 390739936, 368236372
> Change-Id: Ia4129e05526b686d685bab978958293a9c95efa1
> Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1189072
> Fuchsia-Auto-Submit: Wez <wez@google.com>
> Reviewed-by: Kevin Lindkvist <lindkvist@google.com>
> Commit-Queue: Auto-Submit <auto-submit@fuchsia-infra.iam.gserviceaccount.com>

Original-Bug: 389914184, 330904217, 390458405, 368235493, 390739936, 368236372
Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1191534
Original-Revision: 04ff916cb56028be16fbdc4b1bfce70d37d8dc4c
GitOrigin-RevId: 68c0dde56fa9b7806e69b31f7aad48a68a2d4468
Change-Id: Ic4bb09fd1bf7d34a935e672b02b1b93b79abe304
1 file changed
tree: fd9a9ac30dbbdbb1a3b4a8f385a1c336a36c4ade
  1. ctf/
  2. git-hooks/
  3. infra/
  4. third_party/
  5. cts
  6. firmware
  7. flower
  8. jiri.lock
  9. MILESTONE
  10. minimal
  11. prebuilts
  12. README.md
  13. stem
  14. test_durations
  15. toolchain
README.md

Integration

This repository contains Fuchsia's Global Integration manifest files.

Making changes

All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.

Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance in one of the communication channels documented at get involved.

Obtaining the source

First install Jiri.

Next run:

$ jiri init
$ jiri import minimal https://fuchsia.googlesource.com/integration
$ jiri update

Third party

Third party projects should have their own subdirectory in ./third_party.