checkpolicy: add package

Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>

1 files changed, 31 insertions, 0 deletions

diff --git a/rules/checkpolicy.in b/rules/checkpolicy.in
new file mode 100644
index 000000000..545e7cfb7
--- /dev/null
+++ b/rules/checkpolicy.in
@@ -0,0 +1,31 @@
+## SECTION=selinux
+
+config CHECKPOLICY
+	tristate
+	prompt "checkpolicy"
+	#
+	# The target package is not functional yet, but we need the host
+	# package. Depend on broken for now.
+	#
+	depends on BROKEN
+	select LIBSELINUX
+	select LIBSEPOL
+	select FLEX
+	help
+	  Security-enhanced Linux is a patch of the Linux kernel and a
+	  number of utilities with enhanced security functionality
+	  designed to add mandatory access controls to Linux. The
+	  Security-enhanced Linux kernel contains new architectural
+	  components originally developed to improve the security of
+	  the Flask operating system. These architectural components
+	  provide general support for the enforcement of many kinds of
+	  mandatory access control policies, including those based on
+	  the concepts of Type Enforcement, Role-based Access Control,
+	  and Multi-level Security.
+
+	  This package contains checkpolicy, the SELinux policy
+	  compiler. Only required for building policies. It uses
+	  libsepol to generate the binary policy. checkpolicy uses
+	  the static libsepol since it deals with low level details of
+	  the policy that have not been encapsulated/abstracted by a
+	  proper shared library interface.