Code Review
/
AGL
/
meta-agl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
base-files: add /media to System::Shared SMACK label
[AGL/meta-agl.git]
/
meta-security
/
recipes-core
/
base-files
/
base-files_%.bbappend
diff --git
a/meta-security/recipes-core/base-files/base-files_%.bbappend
b/meta-security/recipes-core/base-files/base-files_%.bbappend
index
a6af182
..
f0e340f
100644
(file)
--- a/
meta-security/recipes-core/base-files/base-files_%.bbappend
+++ b/
meta-security/recipes-core/base-files/base-files_%.bbappend
@@
-56,6
+56,12
@@
pkg_postinst_${PN}_with-lsm-smack() {
chsmack -t $D${sysconfdir}
chsmack -a 'System::Shared' $D${sysconfdir}
chsmack -t $D${sysconfdir}
chsmack -a 'System::Shared' $D${sysconfdir}
+ # Same for /media. Any daemon running as "System" will get write access
+ # to everything.
+ install -d $D/media
+ chsmack -t $D/media
+ chsmack -a 'System::Shared' $D/media
+
# Same for /var. Any daemon running as "System" will get write access
# to everything.
install -d $D${localstatedir}
# Same for /var. Any daemon running as "System" will get write access
# to everything.
install -d $D${localstatedir}