summaryrefslogtreecommitdiffstats
path: root/meta-oe
diff options
context:
space:
mode:
authorMarkus Volk <f_l_k@t-online.de>2024-09-18 17:31:32 +0200
committerKhem Raj <raj.khem@gmail.com>2024-09-18 09:52:30 -0700
commit6cd59b1adcbb24ff88cf1c33957448742ad82c88 (patch)
tree5e63acfe9a3823e2a4b735e4f4a6440a1469844d /meta-oe
parentac20f1d653e6a5236e4368d101051cb49842a07e (diff)
downloadmeta-openembedded-6cd59b1adcbb24ff88cf1c33957448742ad82c88.tar.gz
colord: add configuration to fix runtime
Make colord work out of the box - We already create a colord user -> make use of it by passing the username to the 'daemon_user' meson option. The conf files and systemd service file will then be created accordingly. - Add a backport patch to fix 'only root can write into /var' issue. This prevents colord from starting [https://github.com/hughsie/colord/issues/166] - Set the runtime path for hwdata pnp.ids and add hwdata to RDEPENDS:${PN} for non systemd images - inherit gtk-doc to make api-documentation available - Dont create a home-dir for colord user. It shouldn't need one. NOTE: colord will fail on first run with missing databases. After second boot it should run as expected. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe')
-rw-r--r--meta-oe/recipes-support/colord/colord.bb32
-rw-r--r--meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch28
2 files changed, 47 insertions, 13 deletions
diff --git a/meta-oe/recipes-support/colord/colord.bb b/meta-oe/recipes-support/colord/colord.bb
index e30022251..6eb9db8da 100644
--- a/meta-oe/recipes-support/colord/colord.bb
+++ b/meta-oe/recipes-support/colord/colord.bb
@@ -1,28 +1,33 @@
1require ${BPN}.inc 1require ${BPN}.inc
2 2
3inherit meson gobject-introspection gsettings gettext bash-completion systemd features_check useradd pkgconfig 3inherit meson gobject-introspection gsettings gtk-doc gettext bash-completion systemd features_check useradd pkgconfig
4 4
5# polkit and gobject-introspection are mandatory and cannot be configured 5# polkit and gobject-introspection are mandatory and cannot be configured
6REQUIRED_DISTRO_FEATURES = "polkit gobject-introspection-data" 6REQUIRED_DISTRO_FEATURES = "polkit gobject-introspection-data"
7GIR_MESON_OPTION = "" 7GIR_MESON_OPTION = ""
8 8
9DEPENDS += " \ 9DEPENDS += " \
10 ${BPN}-native \ 10 ${BPN}-native \
11 glib-2.0 \ 11 dbus \
12 lcms \ 12 glib-2.0 \
13 sqlite3 \ 13 lcms \
14 libgusb \ 14 libgudev \
15 libgudev \ 15 libgusb \
16 polkit \ 16 polkit \
17 sqlite3 \
17" 18"
18 19
20RDEPENDS:${PN} += "hwdata"
21
19SRC_URI += " \ 22SRC_URI += " \
20 file://0001-Run-native-cd_idt8-cd_create_profile.patch \ 23 file://0001-Run-native-cd_idt8-cd_create_profile.patch \
24 file://08a32b2379fb5582f4312e59bf51a2823df56276.patch \
21" 25"
22 26
23EXTRA_OEMESON = " \ 27EXTRA_OEMESON += " \
24 -Dman=false \ 28 -Dman=false \
25 -Ddocs=false \ 29 -Ddaemon_user=colord \
30 -Dpnp_ids=${datadir}/hwdata/pnp.ids \
26" 31"
27 32
28PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" 33PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
@@ -42,4 +47,5 @@ FILES:${PN} += " \
42" 47"
43 48
44USERADD_PACKAGES = "${PN}" 49USERADD_PACKAGES = "${PN}"
45USERADD_PARAM:${PN} = "--system --user-group -d /var/lib/colord -s /bin/false colord" 50USERADD_PARAM:${PN} = "--system --user-group -s /bin/false colord"
51
diff --git a/meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch b/meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch
new file mode 100644
index 000000000..860e6ab4a
--- /dev/null
+++ b/meta-oe/recipes-support/colord/colord/08a32b2379fb5582f4312e59bf51a2823df56276.patch
@@ -0,0 +1,28 @@
1From 08a32b2379fb5582f4312e59bf51a2823df56276 Mon Sep 17 00:00:00 2001
2From: Richard Hughes <richard@hughsie.com>
3Date: Mon, 29 Jan 2024 10:37:11 +0000
4Subject: [PATCH] Fix writing to the database with ProtectSystem=strict
5
6Fixes https://github.com/hughsie/colord/issues/166
7
8Upstream-Status: Backport [https://github.com/hughsie/colord/commit/08a32b2379fb5582f4312e59bf51a2823df56276]
9Signed-off-by: Markus Volk <f_l_k@t-online.de>
10---
11 data/colord.service.in | 4 ++++
12 1 file changed, 4 insertions(+)
13
14diff --git a/data/colord.service.in b/data/colord.service.in
15index 6825d944..c358dc4b 100644
16--- a/data/colord.service.in
17+++ b/data/colord.service.in
18@@ -17,6 +17,10 @@ ProtectControlGroups=true
19 RestrictRealtime=true
20 RestrictAddressFamilies=AF_UNIX
21
22+ConfigurationDirectory=colord
23+StateDirectory=colord
24+CacheDirectory=colord
25+
26 # drop all capabilities
27 CapabilityBoundingSet=~CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_IPC_OWNER CAP_NET_ADMIN CAP_SYS_RAWIO CAP_SYS_TIME CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE CAP_KILL CAP_MKNOD CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_RESOURCE CAP_MAC_ADMIN CAP_MAC_OVERRIDE CAP_SYS_BOOT CAP_LINUX_IMMUTABLE CAP_IPC_LOCK CAP_SYS_CHROOT CAP_BLOCK_SUSPEND CAP_LEASE CAP_SYS_PACCT CAP_SYS_TTY_CONFIG CAP_WAKE_ALARM
28