meta-security/recipes-core/systemd/systemd/0004-tizen-smack-Handling-of-dev-v216.patch

   1 From 468ef790a7a0e53c390cec9c63090a0ae04a4d58 Mon Sep 17 00:00:00 2001
   2 From: Michael Demeter <michael.demeter@intel.com>
   3 Date: Fri, 11 Oct 2013 15:37:57 -0700
   4 Subject: [PATCH 4/9] tizen-smack: Handling of /dev
   5
   6 Smack enabled systems need /dev special devices correctly labeled
   7
   8 - Add AC_DEFINE for HAVE_SMACK to configure.ac
   9 - Add Check for smack in Makefile.am to include smack default rules
  10 - Add smack default rules to label /dev/xxx correctly for access
  11
  12 Upstream-Status: Inappropriate [configuration]
  13
  14 Change-Id: Iebe2e349cbedb3013abdf32edb55e9310f1d17f5
  15 ---
  16  configure.ac                      |  2 ++
  17  Makefile.am                       |  5 +++++
  18  rules/55-udev-smack-default.rules | 23 +++++++++++++++++++++++
  19  3 files changed, 30 insertions(+)
  20  create mode 100644 rules/55-udev-smack-default.rules
  21
  22 diff --git a/configure.ac b/configure.ac
  23 index 18b7198..05f49ed 100644
  24 --- a/configure.ac
  25 +++ b/configure.ac
  26 @@ -635,6 +635,8 @@ if test "x${have_smack}" = xyes ; then
  27          AC_DEFINE(HAVE_SMACK, 1, [Define if SMACK is available])
  28  fi
  29
  30 +AM_CONDITIONAL([HAVE_SMACK], [test "x$have_smack" = "xyes"])
  31 +
  32  # ------------------------------------------------------------------------------
  33  AC_ARG_ENABLE([gcrypt],
  34          AS_HELP_STRING([--disable-gcrypt],[Disable optional GCRYPT support]),
  35 diff --git a/Makefile.am b/Makefile.am
  36 index bf04d31..1a05607 100644
  37 --- a/Makefile.am
  38 +++ b/Makefile.am
  39 @@ -3108,6 +3108,11 @@ dist_udevrules_DATA += \
  40  nodist_udevrules_DATA += \
  41         rules/99-systemd.rules
  42
  43 +if HAVE_SMACK
  44 +dist_udevrules_DATA += \
  45 +       rules/55-udev-smack-default.rules
  46 +endif
  47 +
  48  dist_udevhwdb_DATA = \
  49         hwdb/20-pci-vendor-model.hwdb \
  50         hwdb/20-pci-classes.hwdb \
  51 diff --git a/rules/55-udev-smack-default.rules b/rules/55-udev-smack-default.rules
  52 new file mode 100644
  53 index 0000000..3829019
  54 --- /dev/null
  55 +++ b/rules/55-udev-smack-default.rules
  56 @@ -0,0 +1,23 @@
  57 +# do not edit this file, it will be overwritten on update
  58 +
  59 +KERNEL=="null", SECLABEL{smack}="*"
  60 +KERNEL=="zero", SECLABEL{smack}="*"
  61 +KERNEL=="console", SECLABEL{smack}="*"
  62 +KERNEL=="kmsg", SECLABEL{smack}="*"
  63 +KERNEL=="video*", SECLABEL{smack}="*"
  64 +KERNEL=="card*", SECLABEL{smack}="*"
  65 +KERNEL=="ptmx", SECLABEL{smack}="*"
  66 +KERNEL=="tty", SECLABEL{smack}="*"
  67 +
  68 +SUBSYSTEM=="graphics", GROUP="video", SECLABEL{smack}="*"
  69 +SUBSYSTEM=="drm", GROUP="video", SECLABEL{smack}="*"
  70 +SUBSYSTEM=="dvb", GROUP="video", SECLABEL{smack}="*"
  71 +
  72 +SUBSYSTEM=="tty", KERNEL=="ptmx", GROUP="tty", MODE="0666", SECLABEL{smack}="*"
  73 +SUBSYSTEM=="tty", KERNEL=="tty", GROUP="tty", MODE="0666", SECLABEL{smack}="*"
  74 +SUBSYSTEM=="tty", KERNEL=="tty[0-9]*", GROUP="tty", MODE="0620", SECLABEL{smack}="*"
  75 +SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty", SECLABEL{smack}="*"
  76 +KERNEL=="tty[A-Z]*[0-9]|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout", SECLABEL{smack}="*"
  77 +
  78 +SUBSYSTEM=="input", KERNEL=="mouse*|mice|event*", MODE="0640", SECLABEL{smack}="*"
  79 +SUBSYSTEM=="input", KERNEL=="ts[0-9]*|uinput", MODE="0640", SECLABEL{smack}="*"
  80 --
  81 1.8.4.5
  82