[Buildroot] [PATCH 0/3] core/pkg-infra: allow packages to provide permisions in a file

Yann E. MORIN yann.morin.1998 at free.fr
Wed Dec 14 16:42:55 UTC 2016


Peter, All,

On 2016-12-13 23:34 +0100, Peter Korsgaard spake thusly:
> >>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:
> 
>  > Hello All!
>  > This series is a quick proof-of-concpet to allow packages to provide a
>  > permission table in a file rather than in-line in the .mk fiile.
> 
>  > That permission file can be generated. It is usefull for the SELinux
>  > stuff and busybox, where individual applets should have a suid bit, but
>  > we only know what applets exist at configure time, not when parsing the
>  > .mk file.
> 
>  > This is RFC material, jsut for quick review of the concept, not the
>  > actual code. This is not meant to be applied now.
> 
> I'm not really happy with having 2 ways of specifying per-package
> permissions, but OK - perhaps it is the best way of handling this.
> 
> Alternatively we could drop the check-for-empty <pkg>_PERMISSIONS in
> pkg-generic.mk, so PACKAGES_PERMISSIONS only get expanded at filesystem
> creation time and then do something like:
> 
> BUSYBOX_PERMISSIONS = \
>         $(if $(shell grep 'CONFIG_PING=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping f 4755 0  0 - - - - -$(sep)) \
>         $(if $(shell grep 'CONFIG_PING6=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping6 f 4755 0  0 - - - - -$(sep))

Which is exactly what I suggested on IRC...

> But that also isn't very pretty.

.. and which I also dismissed becayuse it is not nice either.

I prefer that we have a proper infra in place rather than do tricks like
that...

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'


More information about the buildroot mailing list