summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChangqing Li <changqing.li@windriver.com>2024-08-27 18:40:41 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2024-08-28 09:14:26 +0100
commit2f46b6f27dfa3a9d5ad177900fcecfe64c3536f1 (patch)
tree8445d619e70eeabe1f40544271f22da5105512d6
parent2f8806deb7655b37d6f8d12ff54680d6acf7a298 (diff)
downloadpoky-2f46b6f27dfa3a9d5ad177900fcecfe64c3536f1.tar.gz
bitbake.conf: drop VOLATILE_TMP_DIR, use FILESYSTEM_PERMS_TABLES instead
* Drop VOLATILE_TMP_DIR, use FILESYSTEM_PERMS_TABLES instead. By default, FILESYSTEM_PERMS_TABLES ?= "files/fs-perms.txt \ files/fs-perms-volatile-log.txt \ files/fs-perms-volatile-tmp.txt" it contains 'files/fs-perms-volatile-tmp.txt', which means volatile tmp is enabled. User can disable volatile tmp by remove 'files/fs-perms-volatile-tmp.txt' from FILESYSTEM_PERMS_TABLES. * If volatile tmp is disabled, both /tmp and /var/tmp are persistent (From OE-Core rev: 8d1ae67b89c45f78162e070228086c7ef88c3264) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat
-rw-r--r--meta/conf/bitbake.conf7
-rw-r--r--meta/files/fs-perms-volatile-tmp.txt38
-rw-r--r--meta/files/fs-perms.txt2
-rw-r--r--meta/recipes-core/base-files/base-files_3.0.14.bb5
-rw-r--r--meta/recipes-core/initscripts/initscripts_1.0.bb2
-rw-r--r--meta/recipes-core/systemd/systemd_256.5.bb2
6 files changed, 45 insertions, 11 deletions
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 76ae17e644..d8252c5b82 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -86,10 +86,6 @@ USRBINPATH:class-nativesdk = "/usr/bin"
86# Root home directory 86# Root home directory
87ROOT_HOME ??= "/home/root" 87ROOT_HOME ??= "/home/root"
88 88
89# if set to 'yes': /tmp links to /var/tmp which links to /var/volatile/tmp
90# otherwise: /tmp is on persistent storage
91VOLATILE_TMP_DIR ?= "yes"
92
93BB_RENAMED_VARIABLES[PNBLACKLIST] = "SKIP_RECIPE" 89BB_RENAMED_VARIABLES[PNBLACKLIST] = "SKIP_RECIPE"
94BB_RENAMED_VARIABLES[CVE_CHECK_PN_WHITELIST] = "CVE_CHECK_SKIP_RECIPE" 90BB_RENAMED_VARIABLES[CVE_CHECK_PN_WHITELIST] = "CVE_CHECK_SKIP_RECIPE"
95BB_RENAMED_VARIABLES[CVE_CHECK_WHITELIST] = "CVE_CHECK_IGNORE" 91BB_RENAMED_VARIABLES[CVE_CHECK_WHITELIST] = "CVE_CHECK_IGNORE"
@@ -381,7 +377,8 @@ FILESEXTRAPATHS ?= "__default:"
381# datadir, sysconfdir, servicedir, sharedstatedir, localstatedir, infodir, 377# datadir, sysconfdir, servicedir, sharedstatedir, localstatedir, infodir,
382# mandir, docdir, bindir, sbindir, libexecdir, libdir and includedir 378# mandir, docdir, bindir, sbindir, libexecdir, libdir and includedir
383FILESYSTEM_PERMS_TABLES ?= "files/fs-perms.txt \ 379FILESYSTEM_PERMS_TABLES ?= "files/fs-perms.txt \
384 files/fs-perms-volatile-log.txt" 380 files/fs-perms-volatile-log.txt \
381 files/fs-perms-volatile-tmp.txt"
385 382
386################################################################## 383##################################################################
387# General work and output directories for the build system. 384# General work and output directories for the build system.
diff --git a/meta/files/fs-perms-volatile-tmp.txt b/meta/files/fs-perms-volatile-tmp.txt
new file mode 100644
index 0000000000..26247acda8
--- /dev/null
+++ b/meta/files/fs-perms-volatile-tmp.txt
@@ -0,0 +1,38 @@
1# This file contains a list of files and directories with known permissions.
2# It is used by the packaging class to ensure that the permissions, owners and
3# group of listed files and directories are in sync across the system.
4#
5# The format of this file
6#
7#<path> <mode> <uid> <gid> <walk> <fmode> <fuid> <fgid>
8#
9# or
10#
11#<path> link <target>
12#
13# <path>: directory path
14# <mode>: mode for directory
15# <uid>: uid for directory
16# <gid>: gid for directory
17# <walk>: recursively walk the directory? true or false
18# <fmode>: if walking, new mode for files
19# <fuid>: if walking, new uid for files
20# <fgid>: if walking, new gid for files
21# <target>: turn the directory into a symlink point to target
22#
23# in mode, uid or gid, a "-" means don't change any existing values
24#
25# /usr/src 0755 root root false - - -
26# /usr/share/man 0755 root root true 0644 root root
27
28# Note: all standard config directories are automatically assigned "0755 root root false - - -"
29
30# Documentation should always be corrected
31
32# Items from base-files
33# Links
34${localstatedir}/tmp link volatile/tmp
35
36# Special permissions from base-files
37# Set 1777
38${localstatedir}/volatile/tmp 01777 root root false - - -
diff --git a/meta/files/fs-perms.txt b/meta/files/fs-perms.txt
index 61f0a6e26a..d2266c1b26 100644
--- a/meta/files/fs-perms.txt
+++ b/meta/files/fs-perms.txt
@@ -46,7 +46,6 @@ ${includedir} 0755 root root true 0644 root root
46# Links 46# Links
47${localstatedir}/run link /run 47${localstatedir}/run link /run
48${localstatedir}/lock link /run/lock 48${localstatedir}/lock link /run/lock
49${localstatedir}/tmp link volatile/tmp
50 49
51/home 0755 root root false - - - 50/home 0755 root root false - - -
52/srv 0755 root root false - - - 51/srv 0755 root root false - - -
@@ -56,7 +55,6 @@ ${localstatedir}/local 0755 root root false - - -
56# Special permissions from base-files 55# Special permissions from base-files
57# Set 1777 56# Set 1777
58/tmp 01777 root root false - - - 57/tmp 01777 root root false - - -
59${localstatedir}/volatile/tmp 01777 root root false - - -
60 58
61# Set 0700 59# Set 0700
62${ROOT_HOME} 0700 root root false - - - 60${ROOT_HOME} 0700 root root false - - -
diff --git a/meta/recipes-core/base-files/base-files_3.0.14.bb b/meta/recipes-core/base-files/base-files_3.0.14.bb
index dc1292ae55..8bcd91e699 100644
--- a/meta/recipes-core/base-files/base-files_3.0.14.bb
+++ b/meta/recipes-core/base-files/base-files_3.0.14.bb
@@ -31,7 +31,7 @@ UNPACKDIR = "${S}"
31INHIBIT_DEFAULT_DEPS = "1" 31INHIBIT_DEFAULT_DEPS = "1"
32 32
33docdir:append = "/${P}" 33docdir:append = "/${P}"
34dirs1777 = "/tmp ${localstatedir}/volatile/tmp" 34dirs1777 = "/tmp ${localstatedir}/${@bb.utils.contains('FILESYSTEM_PERMS_TABLES', 'files/fs-perms-volatile-tmp.txt', 'volatile/', '', d)}tmp"
35dirs2775 = "" 35dirs2775 = ""
36dirs555 = "/sys /proc" 36dirs555 = "/sys /proc"
37dirs755 = "/boot /dev ${base_bindir} ${base_sbindir} ${base_libdir} \ 37dirs755 = "/boot /dev ${base_bindir} ${base_sbindir} ${base_libdir} \
@@ -55,7 +55,8 @@ dirs755-lsb = "/srv \
55 ${prefix}/lib/locale" 55 ${prefix}/lib/locale"
56dirs2775-lsb = "/var/mail" 56dirs2775-lsb = "/var/mail"
57 57
58volatiles = "${@bb.utils.contains('FILESYSTEM_PERMS_TABLES', 'files/fs-perms-volatile-log.txt', 'log', '', d)} tmp" 58volatiles = "${@bb.utils.contains('FILESYSTEM_PERMS_TABLES', 'files/fs-perms-volatile-log.txt', 'log', '', d)} \
59 ${@bb.utils.contains('FILESYSTEM_PERMS_TABLES', 'files/fs-perms-volatile-tmp.txt', 'tmp', '', d)}"
59conffiles = "${sysconfdir}/debian_version ${sysconfdir}/host.conf \ 60conffiles = "${sysconfdir}/debian_version ${sysconfdir}/host.conf \
60 ${sysconfdir}/issue /${sysconfdir}/issue.net \ 61 ${sysconfdir}/issue /${sysconfdir}/issue.net \
61 ${sysconfdir}/nsswitch.conf ${sysconfdir}/profile \ 62 ${sysconfdir}/nsswitch.conf ${sysconfdir}/profile \
diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb
index 0879b30623..98693fa66e 100644
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -110,7 +110,7 @@ do_install () {
110 sed -i -e '\@^d root root 0755 /var/volatile/log none$@ a\l root root 0755 /var/log /var/volatile/log' \ 110 sed -i -e '\@^d root root 0755 /var/volatile/log none$@ a\l root root 0755 /var/log /var/volatile/log' \
111 ${D}${sysconfdir}/default/volatiles/00_core 111 ${D}${sysconfdir}/default/volatiles/00_core
112 fi 112 fi
113 if [ "${VOLATILE_TMP_DIR}" != "yes" ]; then 113 if ! ${@bb.utils.contains('FILESYSTEM_PERMS_TABLES', 'files/fs-perms-volatile-tmp.txt', 'true', 'false', d)}; then
114 sed -i -e "/\<tmp\>/d" ${D}${sysconfdir}/default/volatiles/00_core 114 sed -i -e "/\<tmp\>/d" ${D}${sysconfdir}/default/volatiles/00_core
115 fi 115 fi
116 install -m 0755 ${S}/dmesg.sh ${D}${sysconfdir}/init.d 116 install -m 0755 ${S}/dmesg.sh ${D}${sysconfdir}/init.d
diff --git a/meta/recipes-core/systemd/systemd_256.5.bb b/meta/recipes-core/systemd/systemd_256.5.bb
index 7f66c921ab..1485614c71 100644
--- a/meta/recipes-core/systemd/systemd_256.5.bb
+++ b/meta/recipes-core/systemd/systemd_256.5.bb
@@ -327,7 +327,7 @@ do_install() {
327 327
328 # if the user requests /tmp be on persistent storage (i.e. not volatile) 328 # if the user requests /tmp be on persistent storage (i.e. not volatile)
329 # then don't use a tmpfs for /tmp 329 # then don't use a tmpfs for /tmp
330 if [ "${VOLATILE_TMP_DIR}" != "yes" ]; then 330 if ! ${@bb.utils.contains('FILESYSTEM_PERMS_TABLES', 'files/fs-perms-volatile-tmp.txt', 'true', 'false', d)}; then
331 rm -f ${D}${rootlibexecdir}/systemd/system/tmp.mount 331 rm -f ${D}${rootlibexecdir}/systemd/system/tmp.mount
332 rm -f ${D}${rootlibexecdir}/systemd/system/local-fs.target.wants/tmp.mount 332 rm -f ${D}${rootlibexecdir}/systemd/system/local-fs.target.wants/tmp.mount
333 fi 333 fi
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-03-20 15:04:44 +0000