From c170b6344b13ea075aff4091c846623b9b6f9a97 Mon Sep 17 00:00:00 2001
From: Stefan Agner <stefan.agner@toradex.com>
Date: Fri, 19 Jul 2019 21:55:15 +0200
Subject: image_types_ostree: make root directory only readable by root

Make the root home directory only accessible by root. Use 700
as commonly used for the root home directory.

Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
---
 classes/image_types_ostree.bbclass | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass
index 6bb303b..d3e7d0d 100644
--- a/classes/image_types_ostree.bbclass
+++ b/classes/image_types_ostree.bbclass
@@ -95,9 +95,9 @@ IMAGE_CMD_ostree () {
         fi
 
         if [ -n "${SYSTEMD_USED}" ]; then
-            echo "d /var/roothome 0755 root root -" >>${tmpfiles_conf}
+            echo "d /var/roothome 0700 root root -" >>${tmpfiles_conf}
         else
-            echo "mkdir -p /var/roothome; chown 755 /var/roothome" >>${tmpfiles_conf}
+            echo "mkdir -p /var/roothome; chown 700 /var/roothome" >>${tmpfiles_conf}
         fi
 
         rm -rf root
-- 
cgit v1.2.3-54-g00ecf