diff options
| author | Philip Tricca <flihp@twobit.us> | 2016-02-20 17:55:59 +0000 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-02-28 11:32:59 +0000 |
| commit | 07e1f10aa06851285b710b8bc8660f6ff87a4823 (patch) | |
| tree | 9b54b049d6409b0d227f405d01a2aa6add86d6f0 | |
| parent | 8d07e14009c14cad55e6629216684661791af906 (diff) | |
| download | poky-07e1f10aa06851285b710b8bc8660f6ff87a4823.tar.gz | |
sysvinit-inittab: Move start_getty scrip to base_bindir.
When this file is in ${sysconfdir}/init.d, SELinux labels it as a generic
init script (initrc_t). This causes problms at runtime because SELinux
doesn't let the login process execute generic init script. Moving this
helper script to base_bindir results in it being labeled as a generic
binary (bin_t). Nearly every SELinux domain is allowed to execute
generic binaries and the login process is one of them.
(From OE-Core rev: 826bfea4b7018c7974ef388facc99ca70bb3654f)
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb b/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb index f539da8dda..c5b8cdca95 100644 --- a/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb +++ b/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb | |||
| @@ -17,9 +17,9 @@ do_compile() { | |||
| 17 | 17 | ||
| 18 | do_install() { | 18 | do_install() { |
| 19 | install -d ${D}${sysconfdir} | 19 | install -d ${D}${sysconfdir} |
| 20 | install -d ${D}${sysconfdir}/init.d | ||
| 21 | install -m 0644 ${WORKDIR}/inittab ${D}${sysconfdir}/inittab | 20 | install -m 0644 ${WORKDIR}/inittab ${D}${sysconfdir}/inittab |
| 22 | install -m 0755 ${WORKDIR}/start_getty ${D}${sysconfdir}/init.d/start_getty | 21 | install -d ${D}${base_bindir} |
| 22 | install -m 0755 ${WORKDIR}/start_getty ${D}${base_bindir}/start_getty | ||
| 23 | 23 | ||
| 24 | set -x | 24 | set -x |
| 25 | tmp="${SERIAL_CONSOLES}" | 25 | tmp="${SERIAL_CONSOLES}" |
| @@ -27,7 +27,7 @@ do_install() { | |||
| 27 | do | 27 | do |
| 28 | j=`echo ${i} | sed s/\;/\ /g` | 28 | j=`echo ${i} | sed s/\;/\ /g` |
| 29 | label=`echo ${i} | sed -e 's/tty//' -e 's/^.*;//' -e 's/;.*//'` | 29 | label=`echo ${i} | sed -e 's/tty//' -e 's/^.*;//' -e 's/;.*//'` |
| 30 | echo "$label:12345:respawn:${sysconfdir}/init.d/start_getty ${j}" >> ${D}${sysconfdir}/inittab | 30 | echo "$label:12345:respawn:${base_bindir}/start_getty ${j}" >> ${D}${sysconfdir}/inittab |
| 31 | done | 31 | done |
| 32 | 32 | ||
| 33 | if [ "${USE_VT}" = "1" ]; then | 33 | if [ "${USE_VT}" = "1" ]; then |
| @@ -76,7 +76,7 @@ fi | |||
| 76 | # Set PACKAGE_ARCH appropriately. | 76 | # Set PACKAGE_ARCH appropriately. |
| 77 | PACKAGE_ARCH = "${MACHINE_ARCH}" | 77 | PACKAGE_ARCH = "${MACHINE_ARCH}" |
| 78 | 78 | ||
| 79 | FILES_${PN} = "${sysconfdir}/inittab ${sysconfdir}/init.d/start_getty" | 79 | FILES_${PN} = "${sysconfdir}/inittab ${base_bindir}/start_getty" |
| 80 | CONFFILES_${PN} = "${sysconfdir}/inittab" | 80 | CONFFILES_${PN} = "${sysconfdir}/inittab" |
| 81 | 81 | ||
| 82 | USE_VT ?= "1" | 82 | USE_VT ?= "1" |