[Buildroot] [PATCH 0/3] core/pkg-infra: allow packages to provide permisions in a file
Yann E. MORIN
yann.morin.1998 at free.fr
Wed Dec 14 16:42:55 UTC 2016
Peter, All,
On 2016-12-13 23:34 +0100, Peter Korsgaard spake thusly:
> >>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:
>
> > Hello All!
> > This series is a quick proof-of-concpet to allow packages to provide a
> > permission table in a file rather than in-line in the .mk fiile.
>
> > That permission file can be generated. It is usefull for the SELinux
> > stuff and busybox, where individual applets should have a suid bit, but
> > we only know what applets exist at configure time, not when parsing the
> > .mk file.
>
> > This is RFC material, jsut for quick review of the concept, not the
> > actual code. This is not meant to be applied now.
>
> I'm not really happy with having 2 ways of specifying per-package
> permissions, but OK - perhaps it is the best way of handling this.
>
> Alternatively we could drop the check-for-empty <pkg>_PERMISSIONS in
> pkg-generic.mk, so PACKAGES_PERMISSIONS only get expanded at filesystem
> creation time and then do something like:
>
> BUSYBOX_PERMISSIONS = \
> $(if $(shell grep 'CONFIG_PING=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping f 4755 0 0 - - - - -$(sep)) \
> $(if $(shell grep 'CONFIG_PING6=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping6 f 4755 0 0 - - - - -$(sep))
Which is exactly what I suggested on IRC...
> But that also isn't very pretty.
.. and which I also dismissed becayuse it is not nice either.
I prefer that we have a proper infra in place rather than do tricks like
that...
Regards,
Yann E. MORIN.
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
More information about the buildroot
mailing list