According to this commit polkit rules should go to ${datadir} instead of
${sysconfdir}:
https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=d5e90541f8e35916abc930b2da6de037b23d51a1
Theres no need to adjust the permissions for ${datadir} anymore:
https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=6da0fd21c900e32a0693a6b27d38182f19c8c76c
Dont set polkit permissions manually. This allows to drop the manually
set polkit permissions for all files in meta-openembedded and also for
libvirt in meta-virtualization.
In addition, manually setting the permissions would not be needed for
new recipes anymore.
---
meta/recipes-core/systemd/systemd_256.bb | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/meta/recipes-core/systemd/systemd_256.bb
b/meta/recipes-core/systemd/systemd_256.bb
index 6e3985b94f..d9982eb3a4 100644
--- a/meta/recipes-core/systemd/systemd_256.bb
+++ b/meta/recipes-core/systemd/systemd_256.bb
@@ -370,14 +370,6 @@ do_install() {
rm -r ${D}${sysconfdir}/X11
fi
- # If polkit is setup fixup permissions and ownership
- if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false',
d)}; then
- if [ -d ${D}${datadir}/polkit-1/rules.d ]; then
- chmod 700 ${D}${datadir}/polkit-1/rules.d
- chown polkitd:root ${D}${datadir}/polkit-1/rules.d
- fi
- fi
-
# If polkit is not available and a fallback was requested, install a
drop-in that allows networkd to
# request hostname changes via DBUS without elevating its privileges
if ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback',
'true', 'false', d)}; then
@@ -473,7 +465,7 @@ GROUPADD_PARAM:udev = "-r render"
GROUPADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG',
'polkit_hostnamed_fallback', '-r systemd-hostname;', '', d)}"
USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump',
'--system -d / -M --shell /sbin/nologin systemd-coredump;', '', d)}"
USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd',
'--system -d / -M --shell /sbin/nologin systemd-network;', '', d)}"
-USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit',
'--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1
polkitd;', '', d)}"
+USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit',
'--system --no-create-home --user-group --home-dir ${datadir}/polkit-1
polkitd;', '', d)}"
USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved',
'--system -d / -M --shell /sbin/nologin systemd-resolve;', '', d)}"
USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd',
'--system -d / -M --shell /sbin/nologin systemd-timesync;', '', d)}"
USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'oomd',
'--system -d / -M --shell /sbin/nologin systemd-oom;', '', d)}"
--
2.45.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#203309):
https://lists.openembedded.org/g/openembedded-core/message/203309
Mute This Topic: https://lists.openembedded.org/mt/107891561/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
