From: Philip Tricca <flihp@twobit.us>
To: Saul Wold <sgw@linux.intel.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH] sysvinit-inittab: Move start_getty scrip to base_bindir.
Date: Sat, 27 Feb 2016 18:33:09 -0800 [thread overview]
Message-ID: <56D25C65.4040707@twobit.us> (raw)
In-Reply-To: <1455990959-5896-1-git-send-email-flihp@twobit.us>
Ping. Any thoughts on this Saul?
Thanks,
Philip
On 02/20/2016 09:55 AM, Philip Tricca wrote:
> When this file is in ${sysconfdir}/init.d, SELinux labels it as a generic
> init script (initrc_t). This causes problms at runtime because SELinux
> doesn't let the login process execute generic init script. Moving this
> helper script to base_bindir results in it being labeled as a generic
> binary (bin_t). Nearly every SELinux domain is allowed to execute
> generic binaries and the login process is one of them.
>
> Signed-off-by: Philip Tricca <flihp@twobit.us>
> ---
> meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb b/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
> index f539da8..c5b8cdc 100644
> --- a/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
> +++ b/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
> @@ -17,9 +17,9 @@ do_compile() {
>
> do_install() {
> install -d ${D}${sysconfdir}
> - install -d ${D}${sysconfdir}/init.d
> install -m 0644 ${WORKDIR}/inittab ${D}${sysconfdir}/inittab
> - install -m 0755 ${WORKDIR}/start_getty ${D}${sysconfdir}/init.d/start_getty
> + install -d ${D}${base_bindir}
> + install -m 0755 ${WORKDIR}/start_getty ${D}${base_bindir}/start_getty
>
> set -x
> tmp="${SERIAL_CONSOLES}"
> @@ -27,7 +27,7 @@ do_install() {
> do
> j=`echo ${i} | sed s/\;/\ /g`
> label=`echo ${i} | sed -e 's/tty//' -e 's/^.*;//' -e 's/;.*//'`
> - echo "$label:12345:respawn:${sysconfdir}/init.d/start_getty ${j}" >> ${D}${sysconfdir}/inittab
> + echo "$label:12345:respawn:${base_bindir}/start_getty ${j}" >> ${D}${sysconfdir}/inittab
> done
>
> if [ "${USE_VT}" = "1" ]; then
> @@ -76,7 +76,7 @@ fi
> # Set PACKAGE_ARCH appropriately.
> PACKAGE_ARCH = "${MACHINE_ARCH}"
>
> -FILES_${PN} = "${sysconfdir}/inittab ${sysconfdir}/init.d/start_getty"
> +FILES_${PN} = "${sysconfdir}/inittab ${base_bindir}/start_getty"
> CONFFILES_${PN} = "${sysconfdir}/inittab"
>
> USE_VT ?= "1"
>
prev parent reply other threads:[~2016-02-28 2:33 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-20 17:55 [PATCH] sysvinit-inittab: Move start_getty scrip to base_bindir Philip Tricca
2016-02-28 2:33 ` Philip Tricca [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56D25C65.4040707@twobit.us \
--to=flihp@twobit.us \
--cc=openembedded-core@lists.openembedded.org \
--cc=sgw@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox