On 12/24/19 10:22 PM, Joe MacDonald wrote:
Hi Yi,
I've merged the others in this series, can you elaborate a bit on how
this ensures we don't have a problem coming back that 5fd3c5b71 was
intended to address?
There are 3 recipes require selinux-initsh.inc: selinux-init_0.1.bb,
selinux-labeldev_0.1.bb and selinux-autorelabel_0.1.bb. The
${SELINUX_SCRIPT_SRC}.sh will expand to different script nameĀ in each
of recipes: selinux-init.sh, selinux-labeldev.sh and
selinux-autorelabel.sh. These scripts will be invoked by systemd
services. The commit 5fd3c5b71edb99659aeb5cb5903088d84517382e move all
installation codes to selinux-autorelabel_0.1.bb which make the
selinux-init.sh and selinux-labeldev.sh will be not installed. This
patch keeps the touching .autorelabel code in the selinux-autorelabel
recipe and move the rest codes back to selinux-initsh.inc.
//Yi
Thanks,
-J.
[[meta-selinux][PATCH 4/6] selinux-initsh.inc: install selinux-init.sh and
selinux-labeldev.sh when using systemd] On 19.12.23 (Mon 16:21) Yi Zhao wrote:
The commit 5fd3c5b71edb99659aeb5cb5903088d84517382e introduced an issue
that selinux-init.sh and selinux-labeldev.sh are not installed when
using systemd which will cause the selinux-ini.service and
selinux-labeldev.service fail to startup. Move the do_install codes from
selinux-autorelabel to selinux-initsh.inc to make sure install these
scripts when using systemd.
Signed-off-by: Yi Zhao <[email protected]>
---
recipes-security/selinux/selinux-autorelabel_0.1.bb | 3 ---
recipes-security/selinux/selinux-initsh.inc | 9 +++++++--
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/recipes-security/selinux/selinux-autorelabel_0.1.bb
b/recipes-security/selinux/selinux-autorelabel_0.1.bb
index 7e7d08c..b898c3b 100644
--- a/recipes-security/selinux/selinux-autorelabel_0.1.bb
+++ b/recipes-security/selinux/selinux-autorelabel_0.1.bb
@@ -21,9 +21,6 @@ require selinux-initsh.inc
do_install_append() {
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false',
d)}; then
- install -d ${D}${bindir}
- install -m 0755 ${WORKDIR}/${SELINUX_SCRIPT_SRC}.sh
${D}${bindir}
- sed -i -e '/.*HERE$/d' ${D}${bindir}/${SELINUX_SCRIPT_SRC}.sh
echo "# first boot relabelling" > ${D}/.autorelabel
fi
}
diff --git a/recipes-security/selinux/selinux-initsh.inc
b/recipes-security/selinux/selinux-initsh.inc
index 6084762..0a6cf4b 100644
--- a/recipes-security/selinux/selinux-initsh.inc
+++ b/recipes-security/selinux/selinux-initsh.inc
@@ -27,8 +27,13 @@ do_install () {
-e '/.*HERE$/d' -e '/.*Contents.*sysvinit/d' \
${D}${sysconfdir}/init.d/${SELINUX_SCRIPT_DST}
- install -d ${D}${systemd_unitdir}/system
- install -m 0644 ${WORKDIR}/${SELINUX_SCRIPT_SRC}.service
${D}${systemd_unitdir}/system
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false',
d)}; then
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0644 ${WORKDIR}/${SELINUX_SCRIPT_SRC}.service
${D}${systemd_unitdir}/system
+ install -d ${D}${bindir}
+ install -m 0755 ${WORKDIR}/${SELINUX_SCRIPT_SRC}.sh ${D}${bindir}
+ sed -i -e '/.*HERE$/d' ${D}${bindir}/${SELINUX_SCRIPT_SRC}.sh
+ fi
}
sysroot_stage_all_append () {
--
2.17.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#47820): https://lists.yoctoproject.org/g/yocto/message/47820
Mute This Topic: https://lists.yoctoproject.org/mt/69227804/21656
Group Owner: [email protected]
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
