On Mon, Dec 22, 2025 at 9:05 PM Jaihind Yadav via lists.openembedded.org <[email protected]> wrote: > > Ideally, /var/lib/systemd/backlight should be created and labeled at > runtime, not at build time. The previous approach installed this > directory during image build, which can cause issues with features like > OSTree when SELinux is enabled.
It seems you are talking about OSTree and relabeling interchangeably. Is the issue that OSTree doesn't want things to be present in /var? How is relabeling a problem if it's already present at build time? > > This change ships a tmpfiles configuration to ensure the directory is > created and labeled correctly during first boot, allowing SELinux > relabeling to work as intended. It looks like this is what the original code did as well by letting StateDirectory= in the unit create backlight directory before it switched to creating this at build time in link mentioned below. Why is this a problem specifically only for backlight? > > Reference: > Previous discussion and initial fix: > https://docs.yoctoproject.org/pipermail/yocto/2018-April/040854.html > > Signed-off-by: Jaihind Yadav <[email protected]> > --- > recipes-core/systemd/systemd_selinux.inc | 12 +++++++++--- > 1 file changed, 9 insertions(+), 3 deletions(-) > > diff --git a/recipes-core/systemd/systemd_selinux.inc > b/recipes-core/systemd/systemd_selinux.inc > index 7d466ee..f36519c 100644 > --- a/recipes-core/systemd/systemd_selinux.inc > +++ b/recipes-core/systemd/systemd_selinux.inc > @@ -1,7 +1,13 @@ > inherit enable-selinux enable-audit > > +# Ship tmpfiles config for backlight > +SYSTEMD_TMPFILES += "systemd-backlight.conf" What is SYSTEMD_TMPFILES? > do_install:append() { > - if ${@bb.utils.contains('PACKAGECONFIG', 'backlight', 'true', > 'false', d)}; then > - install -d ${D}${localstatedir}/lib/systemd/backlight > - fi > + if ${@bb.utils.contains('PACKAGECONFIG', 'backlight', 'true', 'false', > d)}; then > + install -d ${D}${sysconfdir}/tmpfiles.d > + cat > ${D}${sysconfdir}/tmpfiles.d/systemd-backlight.conf <<'EOF' > +d /var/lib/systemd/backlight 0755 root root - > +z /var/lib/systemd/backlight - - - - > +EOF > + fi > } > -- > 2.43.0 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#122813): https://lists.openembedded.org/g/openembedded-devel/message/122813 Mute This Topic: https://lists.openembedded.org/mt/116900764/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
