On Mon, Mar 8, 2021 at 2:55 PM Daniel Wagenknecht <[email protected]> wrote: > > file capabilities need to be set on gnome-keyring-daemon. This is now > possible using pkg_postinst function on the build host. Previous > workarounds are not needed anymore. > > Signed-off-by: Daniel Wagenknecht <[email protected]> > --- > .../recipes-gnome/gnome-keyring/gnome-keyring_3.34.0.bb | 8 +++----- > 1 file changed, 3 insertions(+), 5 deletions(-) > > diff --git a/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_3.34.0.bb > b/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_3.34.0.bb > index 52c254b28..be6d922bc 100644 > --- a/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_3.34.0.bb > +++ b/meta-gnome/recipes-gnome/gnome-keyring/gnome-keyring_3.34.0.bb > @@ -43,9 +43,7 @@ FILES_${PN} += " \ > ${libdir}/pkcs11/gnome-keyring-pkcs11.so \ > " > > -# fix | gnome-keyring-daemon: insufficient process capabilities, unsecure > memory might get used ^ Please leave this part of the comment - it is still valid and explaining why setcap is necessary > -# This does not make it through pseudo so perform on-target - sigh > -pkg_postinst_ontarget_${PN} () { > - setcap cap_ipc_lock+ep `which gnome-keyring-daemon` > +pkg_postinst_${PN} () { > + setcap cap_ipc_lock+ep $D/${bindir}/gnome-keyring-daemon > } > -RDEPENDS_${PN} += "libcap-bin" > +PACKAGE_WRITE_DEPS += "libcap-native" > -- Cheers
Andreas
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#89984): https://lists.openembedded.org/g/openembedded-devel/message/89984 Mute This Topic: https://lists.openembedded.org/mt/81173816/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
