From: Alejandro del Castillo <alejandro.delcastillo@ni.com>
To: <yocto@yoctoproject.org>, <Xin.Ouyang@windriver.com>, <flihp@twobit.us>
Subject: Re: [meta-selinux][PATCH] busybox: explicitly set temporary shell scripts to be executable
Date: Tue, 1 Mar 2016 16:58:37 -0600 [thread overview]
Message-ID: <56D61E9D.5020607@ni.com> (raw)
In-Reply-To: <1455921936-24140-1-git-send-email-alejandro.delcastillo@ni.com>
I first started looking at busybox postinst (modified on meta-selinux) since I
am getting errors during "opkg upgrade buysbox". The errors that I am getting
are of the form:
update-alternatives: Error: not linking /bin/gunzip to
/usr/lib/busybox/bin/gunzip since /bin/gunzip exists and is not a link
Which only happen for utilities that don't have any alternative installed after
removing busybox, hence no symlink. Utilities that do have an alternative
installed are correctly processed, for example:
update-alternatives: Linking /usr/bin/ar to /usr/bin/x86_64-nilrt-linux-ar
The root problem is that meta-selinux on commit
521ca9c9cf370840e9f8c808a7955aa5da7c356e replaced the temporary symlink creation
on postinst with sh wrappers, which breaks update-alternatives when it tries to
update symlinks (which are now sh wrappers).
Is there a reason why the postinst needs to be different on the selinux version
of busybox? If the postinst is just creating temporary symlinks which will go
away once the update-alternatives block later on the script runs, do we need the
sh wrappers?
On 02/19/2016 04:45 PM, Alejandro del Castillo wrote:
> During an on target upgrade, the postinst script is creating scripts
> that call buysbox, to avoid missing commands errors. However, the
> scripts permissions are not set explicitly, relying on the mask.
>
> Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
> ---
> recipes-core/busybox/busybox_%.bbappend | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/recipes-core/busybox/busybox_%.bbappend b/recipes-core/busybox/busybox_%.bbappend
> index b4935b2..2e806af 100644
> --- a/recipes-core/busybox/busybox_%.bbappend
> +++ b/recipes-core/busybox/busybox_%.bbappend
> @@ -78,6 +78,7 @@ pkg_postinst_${PN} () {
> # we can use busybox here because even if we are using splitted busybox
> # we've made a symlink from /bin/busybox to /bin/busybox.nosuid.
> busybox echo "#!/bin/busybox$suffix" > $link
> + /bin/busybox.nosuid chmod 755 $link
> fi
> done < /etc/busybox.links$suffix
> fi
>
--
Cheers,
Alejandro
next prev parent reply other threads:[~2016-03-02 0:32 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-19 22:45 [meta-selinux][PATCH] busybox: explicitly set temporary shell scripts to be executable Alejandro del Castillo
2016-03-01 22:58 ` Alejandro del Castillo [this message]
2016-03-02 5:43 ` Philip Tricca
2016-03-07 15:59 ` Alejandro del Castillo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56D61E9D.5020607@ni.com \
--to=alejandro.delcastillo@ni.com \
--cc=Xin.Ouyang@windriver.com \
--cc=flihp@twobit.us \
--cc=yocto@yoctoproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.