summaryrefslogtreecommitdiffstats
path: root/meta/files
diff options
context:
space:
mode:
authorMark Hatle <mark.hatle@windriver.com>2011-06-20 10:57:49 -0500
committerRichard Purdie <richard.purdie@linuxfoundation.org>2011-06-30 22:54:04 +0100
commit8781c843cf3e0913a8fdd2ff91935f051be01dd9 (patch)
treeab22da12fdc2d43bf13f0b18e92c5eee2d155781 /meta/files
parentb78173f176eeff553e2e941bd06ff032daebc7be (diff)
downloadpoky-8781c843cf3e0913a8fdd2ff91935f051be01dd9.tar.gz
classes/package.bbclass: Add fixup_perms
Add a new function that is responsible for fixing directory and file permissions, owners and groups during the packaging process. This will fix various issues where two packages may create the same directory and end up with different permissions, owner and/or group. The issue being resolved is that if two packages conflict in their ownership of a directory, the first installed into the rootfs sets the permissions. This leads to a least potentially non-deterministic filesystems, at worst security defects. The user can specify their own settings via the configuration files specified in FILESYSTEM_PERMS_TABLES. If this is not defined, it will fall back to loading files/fs-perms.txt from BBPATH. The format of this file is documented within the file. By default all of the system directories, specified in bitbake.conf, will be fixed to be 0755, root, root. The fs-perms.txt contains a few default entries to correct documentation, locale, headers and debug sources. It was discovered these are often incorrect due to being directly copied from the build user environment. The entries needed to match the base-files package have also been added. Also tweak a couple of warnings to provide more diagnostic information. (From OE-Core rev: 8c720efa053f81dc8d2bb604cdbdb25de9a6efab) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/files')
-rw-r--r--meta/files/fs-perms.txt69
1 files changed, 69 insertions, 0 deletions
diff --git a/meta/files/fs-perms.txt b/meta/files/fs-perms.txt
new file mode 100644
index 0000000000..f5a2b696e0
--- /dev/null
+++ b/meta/files/fs-perms.txt
@@ -0,0 +1,69 @@
1# This file contains a list of files and directories with known permissions.
2# It is used by the packaging class to ensure that the permissions, owners and
3# group of listed files and directories are in sync across the system.
4#
5# The format of this file
6#
7#<path> <mode> <uid> <gid> <walk> <fmode> <fuid> <fgid>
8#
9# or
10#
11#<path> link <target>
12#
13# <path>: directory path
14# <mode>: mode for directory
15# <uid>: uid for directory
16# <gid>: gid for directory
17# <walk>: recursively walk the directory? true or false
18# <fmode>: if walking, new mode for files
19# <fuid>: if walking, new uid for files
20# <fgid>: if walking, new gid for files
21# <target>: turn the directory into a symlink point to target
22#
23# in mode, uid or gid, a "-" means don't change any existing values
24#
25# /usr/src 0755 root root false - - -
26# /usr/share/man 0755 root root true 0644 root root
27
28# Note: all standard config directories are automatically assigned "0755 root root false - - -"
29
30# Documentation should always be corrected
31${mandir} 0755 root root true 0644 root root
32${infodir} 0755 root root true 0644 root root
33${docdir} 0755 root root true 0644 root root
34${datadir}/gtk-doc 0755 root root true 0644 root root
35
36# Fixup locales
37${datadir}/locale 0755 root root true 0644 root root
38
39# Cleanup headers
40${includedir} 0755 root root true 0644 root root
41${oldincludedir} 0755 root root true 0644 root root
42
43# Cleanup debug src
44/usr/src/debug 0755 root root true 0644 root root
45
46# Items from base-files
47# Links
48${localstatedir}/cache link volatile/cache
49${localstatedir}/run link volatile/run
50${localstatedir}/log link volatile/log
51${localstatedir}/lock link volatile/lock
52${localstatedir}/tmp link volatile/tmp
53
54# Special permissions from base-files
55# Set 1777
56/tmp 01777 root root false - - -
57${localstatedir}/volatile/lock 01777 root root false - - -
58${localstatedir}/volatile/tmp 01777 root root false - - -
59
60# Set 2775
61/home 02755 root root false - - -
62${prefix}/src 02755 root root false - - -
63${localstatedir}/local 02755 root root false - - -
64
65# Set 3755
66/srv 0755 root root false - - -
67
68# Set 4775
69/var/mail 02755 root root false - - -