diff options
author | Markus Volk <f_l_k@t-online.de> | 2024-09-18 17:31:32 +0200 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2024-09-18 09:52:30 -0700 |
commit | 6cd59b1adcbb24ff88cf1c33957448742ad82c88 (patch) | |
tree | 5e63acfe9a3823e2a4b735e4f4a6440a1469844d /meta-oe | |
parent | ac20f1d653e6a5236e4368d101051cb49842a07e (diff) | |
download | meta-openembedded-6cd59b1adcbb24ff88cf1c33957448742ad82c88.tar.gz |
colord: add configuration to fix runtime
Make colord work out of the box
- We already create a colord user -> make use of it by passing the username
to the 'daemon_user' meson option. The conf files and systemd service file
will then be created accordingly.
- Add a backport patch to fix 'only root can write into /var' issue.
This prevents colord from starting
[https://github.com/hughsie/colord/issues/166]
- Set the runtime path for hwdata pnp.ids and
add hwdata to RDEPENDS:${PN} for non systemd images
- inherit gtk-doc to make api-documentation available
- Dont create a home-dir for colord user. It shouldn't need one.
NOTE:
colord will fail on first run with missing databases.
After second boot it should run as expected.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe')
-rw-r--r-- | meta-oe/recipes-support/colord/colord.bb | 32 | ||||
-rw-r--r-- | meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch | 28 |
2 files changed, 47 insertions, 13 deletions
diff --git a/meta-oe/recipes-support/colord/colord.bb b/meta-oe/recipes-support/colord/colord.bb index e30022251..6eb9db8da 100644 --- a/meta-oe/recipes-support/colord/colord.bb +++ b/meta-oe/recipes-support/colord/colord.bb | |||
@@ -1,28 +1,33 @@ | |||
1 | require ${BPN}.inc | 1 | require ${BPN}.inc |
2 | 2 | ||
3 | inherit meson gobject-introspection gsettings gettext bash-completion systemd features_check useradd pkgconfig | 3 | inherit meson gobject-introspection gsettings gtk-doc gettext bash-completion systemd features_check useradd pkgconfig |
4 | 4 | ||
5 | # polkit and gobject-introspection are mandatory and cannot be configured | 5 | # polkit and gobject-introspection are mandatory and cannot be configured |
6 | REQUIRED_DISTRO_FEATURES = "polkit gobject-introspection-data" | 6 | REQUIRED_DISTRO_FEATURES = "polkit gobject-introspection-data" |
7 | GIR_MESON_OPTION = "" | 7 | GIR_MESON_OPTION = "" |
8 | 8 | ||
9 | DEPENDS += " \ | 9 | DEPENDS += " \ |
10 | ${BPN}-native \ | 10 | ${BPN}-native \ |
11 | glib-2.0 \ | 11 | dbus \ |
12 | lcms \ | 12 | glib-2.0 \ |
13 | sqlite3 \ | 13 | lcms \ |
14 | libgusb \ | 14 | libgudev \ |
15 | libgudev \ | 15 | libgusb \ |
16 | polkit \ | 16 | polkit \ |
17 | sqlite3 \ | ||
17 | " | 18 | " |
18 | 19 | ||
20 | RDEPENDS:${PN} += "hwdata" | ||
21 | |||
19 | SRC_URI += " \ | 22 | SRC_URI += " \ |
20 | file://0001-Run-native-cd_idt8-cd_create_profile.patch \ | 23 | file://0001-Run-native-cd_idt8-cd_create_profile.patch \ |
24 | file://08a32b2379fb5582f4312e59bf51a2823df56276.patch \ | ||
21 | " | 25 | " |
22 | 26 | ||
23 | EXTRA_OEMESON = " \ | 27 | EXTRA_OEMESON += " \ |
24 | -Dman=false \ | 28 | -Dman=false \ |
25 | -Ddocs=false \ | 29 | -Ddaemon_user=colord \ |
30 | -Dpnp_ids=${datadir}/hwdata/pnp.ids \ | ||
26 | " | 31 | " |
27 | 32 | ||
28 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" | 33 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" |
@@ -42,4 +47,5 @@ FILES:${PN} += " \ | |||
42 | " | 47 | " |
43 | 48 | ||
44 | USERADD_PACKAGES = "${PN}" | 49 | USERADD_PACKAGES = "${PN}" |
45 | USERADD_PARAM:${PN} = "--system --user-group -d /var/lib/colord -s /bin/false colord" | 50 | USERADD_PARAM:${PN} = "--system --user-group -s /bin/false colord" |
51 | |||
diff --git a/meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch b/meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch new file mode 100644 index 000000000..860e6ab4a --- /dev/null +++ b/meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | From 08a32b2379fb5582f4312e59bf51a2823df56276 Mon Sep 17 00:00:00 2001 | ||
2 | From: Richard Hughes <richard@hughsie.com> | ||
3 | Date: Mon, 29 Jan 2024 10:37:11 +0000 | ||
4 | Subject: [PATCH] Fix writing to the database with ProtectSystem=strict | ||
5 | |||
6 | Fixes https://github.com/hughsie/colord/issues/166 | ||
7 | |||
8 | Upstream-Status: Backport [https://github.com/hughsie/colord/commit/08a32b2379fb5582f4312e59bf51a2823df56276] | ||
9 | Signed-off-by: Markus Volk <f_l_k@t-online.de> | ||
10 | --- | ||
11 | data/colord.service.in | 4 ++++ | ||
12 | 1 file changed, 4 insertions(+) | ||
13 | |||
14 | diff --git a/data/colord.service.in b/data/colord.service.in | ||
15 | index 6825d944..c358dc4b 100644 | ||
16 | --- a/data/colord.service.in | ||
17 | +++ b/data/colord.service.in | ||
18 | @@ -17,6 +17,10 @@ ProtectControlGroups=true | ||
19 | RestrictRealtime=true | ||
20 | RestrictAddressFamilies=AF_UNIX | ||
21 | |||
22 | +ConfigurationDirectory=colord | ||
23 | +StateDirectory=colord | ||
24 | +CacheDirectory=colord | ||
25 | + | ||
26 | # drop all capabilities | ||
27 | CapabilityBoundingSet=~CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_IPC_OWNER CAP_NET_ADMIN CAP_SYS_RAWIO CAP_SYS_TIME CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE CAP_KILL CAP_MKNOD CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_RESOURCE CAP_MAC_ADMIN CAP_MAC_OVERRIDE CAP_SYS_BOOT CAP_LINUX_IMMUTABLE CAP_IPC_LOCK CAP_SYS_CHROOT CAP_BLOCK_SUSPEND CAP_LEASE CAP_SYS_PACCT CAP_SYS_TTY_CONFIG CAP_WAKE_ALARM | ||
28 | |||