* [PATCH 0/2] V2: Add /sbin/sushell when SELinux is enabled
@ 2015-07-08 6:25 Kai Kang
2015-07-08 6:26 ` [PATCH 1/2] initscripts: add /sbin/sushell for systemd service debug-shell Kai Kang
2015-07-08 6:26 ` [PATCH 2/2] systemd: add PACKAGECONFIG selinux Kai Kang
0 siblings, 2 replies; 3+ messages in thread
From: Kai Kang @ 2015-07-08 6:25 UTC (permalink / raw)
To: openembedded-core
debug-shell.service from systemd starts different shell according to whether selinux is enabled.
If selinux is enabled, it starts /sbin/sushell. Add /sbin/sushell from fedora.
Tested with and without layer meta-selinux for x86-64.
The following changes since commit 8ad9a434c9fd0300cf5c38c368b181b78421e95a:
bitbake: tests/data: Add new data tests (2015-07-01 15:40:21 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib kangkai/initscripts
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=kangkai/initscripts
Kai Kang (2):
initscripts: add /sbin/sushell for systemd service debug-shell
systemd: add PACKAGECONFIG selinux
meta/recipes-core/initscripts/initscripts-1.0/sushell | 5 +++++
meta/recipes-core/initscripts/initscripts_1.0.bb | 10 +++++++++-
meta/recipes-core/systemd/systemd_219.bb | 5 ++++-
3 files changed, 18 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/sushell
--
1.9.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 1/2] initscripts: add /sbin/sushell for systemd service debug-shell
2015-07-08 6:25 [PATCH 0/2] V2: Add /sbin/sushell when SELinux is enabled Kai Kang
@ 2015-07-08 6:26 ` Kai Kang
2015-07-08 6:26 ` [PATCH 2/2] systemd: add PACKAGECONFIG selinux Kai Kang
1 sibling, 0 replies; 3+ messages in thread
From: Kai Kang @ 2015-07-08 6:26 UTC (permalink / raw)
To: openembedded-core
Add file /sbin/sushell for systemd service debug-shell which starts with
/bin/sushell when SELinux is enabled. Copy and add sushell file from
Fedora 22.
Add runtime dependency bash as well when systemd is enabled to eliminate
QA warning:
WARNING: QA Issue: /sbin/sushell_initscripts contained in package initscripts
requires /bin/bash, but no providers found in its RDEPENDS [file-rdeps]
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
meta/recipes-core/initscripts/initscripts-1.0/sushell | 5 +++++
meta/recipes-core/initscripts/initscripts_1.0.bb | 10 +++++++++-
2 files changed, 14 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/sushell
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/sushell b/meta/recipes-core/initscripts/initscripts-1.0/sushell
new file mode 100644
index 0000000..7d96941
--- /dev/null
+++ b/meta/recipes-core/initscripts/initscripts-1.0/sushell
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+[ -z "$SUSHELL" ] && SUSHELL=/bin/bash
+
+exec $SUSHELL
diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb
index a086591..b1d917d 100644
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -33,6 +33,7 @@ SRC_URI = "file://functions \
file://GPLv2.patch \
file://dmesg.sh \
file://logrotate-dmesg.conf \
+ ${@bb.utils.contains('DISTRO_FEATURES','selinux','file://sushell','',d)} \
"
S = "${WORKDIR}"
@@ -46,7 +47,9 @@ DEPENDS_append = " update-rc.d-native"
DEPENDS_append = " ${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd-systemctl-native','',d)}"
PACKAGES =+ "${PN}-functions"
-RDEPENDS_${PN} = "${PN}-functions"
+RDEPENDS_${PN} = "${PN}-functions \
+ ${@bb.utils.contains('DISTRO_FEATURES','selinux','bash','',d)} \
+ "
FILES_${PN}-functions = "${sysconfdir}/init.d/functions*"
ALTERNATIVE_PRIORITY_${PN}-functions = "90"
@@ -104,6 +107,11 @@ do_install () {
if [ "${TARGET_ARCH}" = "arm" ]; then
install -m 0755 ${WORKDIR}/alignment.sh ${D}${sysconfdir}/init.d
fi
+
+ if ${@bb.utils.contains('DISTRO_FEATURES','selinux','true','false',d)}; then
+ install -d ${D}/${base_sbindir}
+ install -m 0755 ${WORKDIR}/sushell ${D}/${base_sbindir}
+ fi
#
# Install device dependent scripts
#
--
1.9.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 2/2] systemd: add PACKAGECONFIG selinux
2015-07-08 6:25 [PATCH 0/2] V2: Add /sbin/sushell when SELinux is enabled Kai Kang
2015-07-08 6:26 ` [PATCH 1/2] initscripts: add /sbin/sushell for systemd service debug-shell Kai Kang
@ 2015-07-08 6:26 ` Kai Kang
1 sibling, 0 replies; 3+ messages in thread
From: Kai Kang @ 2015-07-08 6:26 UTC (permalink / raw)
To: openembedded-core
Add PACKAGECONFIG 'selinux' for systemd. debug-shell.service starts
different shell according whether selinux is enabled.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
meta/recipes-core/systemd/systemd_219.bb | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-core/systemd/systemd_219.bb b/meta/recipes-core/systemd/systemd_219.bb
index 6ed4fe0..8abd4e5 100644
--- a/meta/recipes-core/systemd/systemd_219.bb
+++ b/meta/recipes-core/systemd/systemd_219.bb
@@ -61,7 +61,9 @@ GTKDOC_DOCDIR = "${S}/docs/"
PACKAGECONFIG ??= "xz ldconfig \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam', '', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)}"
+ ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)} \
+ "
PACKAGECONFIG[journal-upload] = "--enable-libcurl,--disable-libcurl,curl"
# Sign the journal for anti-tampering
@@ -85,6 +87,7 @@ PACKAGECONFIG[xkbcommon] = "--enable-xkbcommon,--disable-xkbcommon,libxkbcommon"
# Update NAT firewall rules
PACKAGECONFIG[iptc] = "--enable-libiptc,--disable-libiptc,iptables"
PACKAGECONFIG[ldconfig] = "--enable-ldconfig,--disable-ldconfig,,"
+PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux"
CACHED_CONFIGUREVARS += "ac_cv_path_KILL=${base_bindir}/kill"
CACHED_CONFIGUREVARS += "ac_cv_path_KMOD=${base_bindir}/kmod"
--
1.9.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-07-08 6:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-07-08 6:25 [PATCH 0/2] V2: Add /sbin/sushell when SELinux is enabled Kai Kang
2015-07-08 6:26 ` [PATCH 1/2] initscripts: add /sbin/sushell for systemd service debug-shell Kai Kang
2015-07-08 6:26 ` [PATCH 2/2] systemd: add PACKAGECONFIG selinux Kai Kang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.