[yocto] [meta-selinux][PATCH] refpolicy-minimum_git: add systemd dependent policy modules

[Shrikant Bobade]

From: Shrikant Bobade <shrikant_bobade at mentor.com>

with systemd enabled refpolicy-minimum build breaks due to missing dependent
policy modules, so add the dependent modules: clock, systemd, udev
conditionally based on DISTRO_FEATURES.

dependent systemd policy modules needed to fix these errors:

* Failed to resolve 'adjtime_t' in typeattributeset statement at line 138 of
.. modules/100/init/cil

* Failed to resolve 'systemd_kmod_conf_t' in typeattributeset statement at
line 141 of.. moules/100/init/cil

* Failed to resolve 'udev_t' in typeattributeset statement at line 143 of
modules/100/init/cil semodule:  Failed!

Signed-off-by: Shrikant Bobade <shrikant_bobade at mentor.com>
---
 recipes-security/refpolicy/refpolicy-minimum_git.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/recipes-security/refpolicy/refpolicy-minimum_git.bb b/recipes-security/refpolicy/refpolicy-minimum_git.bb
index 47ed558..04ceadd 100644
--- a/recipes-security/refpolicy/refpolicy-minimum_git.bb
+++ b/recipes-security/refpolicy/refpolicy-minimum_git.bb
@@ -17,6 +17,8 @@ CORE_POLICY_MODULES = "unconfined \
 	application libraries miscfiles logging userdomain \
 	init mount modutils getty authlogin locallogin \
 	"
+#systemd dependent policy modules
+CORE_POLICY_MODULES += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'clock systemd udev', '', d)}"
 
 # nscd caches libc-issued requests to the name service.
 # Without nscd.pp, commands want to use these caches will be blocked.
-- 
1.9.1