[Buildroot] [PATCH 0/3] core/pkg-infra: allow packages to provide permisions in a file
Peter Korsgaard
peter at korsgaard.com
Tue Dec 13 22:34:39 UTC 2016
>>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:
> Hello All!
> This series is a quick proof-of-concpet to allow packages to provide a
> permission table in a file rather than in-line in the .mk fiile.
> That permission file can be generated. It is usefull for the SELinux
> stuff and busybox, where individual applets should have a suid bit, but
> we only know what applets exist at configure time, not when parsing the
> .mk file.
> This is RFC material, jsut for quick review of the concept, not the
> actual code. This is not meant to be applied now.
I'm not really happy with having 2 ways of specifying per-package
permissions, but OK - perhaps it is the best way of handling this.
Alternatively we could drop the check-for-empty <pkg>_PERMISSIONS in
pkg-generic.mk, so PACKAGES_PERMISSIONS only get expanded at filesystem
creation time and then do something like:
BUSYBOX_PERMISSIONS = \
$(if $(shell grep 'CONFIG_PING=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping f 4755 0 0 - - - - -$(sep)) \
$(if $(shell grep 'CONFIG_PING6=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping6 f 4755 0 0 - - - - -$(sep))
...
But that also isn't very pretty.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list