X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=meta-security%2Frecipes-core%2Fsystemd%2Fsystemd_234.bbappend;h=79753a2d6d186fa9f4fe9d2840e25835423546dd;hb=6a170f94b3f32558863529b9d762972fe3a3401d;hp=4bbc8aa04e9091651e66e9fd1c558f312837bb60;hpb=f11a3e7653777ad4342e615f47ec4a5417a2fa96;p=AGL%2Fmeta-agl.git diff --git a/meta-security/recipes-core/systemd/systemd_234.bbappend b/meta-security/recipes-core/systemd/systemd_234.bbappend index 4bbc8aa04..79753a2d6 100644 --- a/meta-security/recipes-core/systemd/systemd_234.bbappend +++ b/meta-security/recipes-core/systemd/systemd_234.bbappend @@ -1,57 +1,22 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" -SYSTEMD_SMACK_PATCHES_216 = " \ -file://0003-tizen-smack-Handling-of-run-and-sys-fs-cgroup-v216.patch \ -file://0004-tizen-smack-Handling-of-dev-v216.patch \ -file://0005-tizen-smack-Handling-network-v216.patch \ -file://0007-tizen-smack-Runs-systemd-journald-with-v216.patch \ -" - -SYSTEMD_SMACK_PATCHES_219 = " \ -file://0003-tizen-smack-Handling-of-run-and-sys-fs-cgroup.patch \ -file://0004-tizen-smack-Handling-of-dev.patch \ -file://0005-tizen-smack-Handling-network.patch \ -file://0007-tizen-smack-Runs-systemd-journald-with.patch \ -" -SYSTEMD_SMACK_PATCHES_225 = " \ -file://0003-tizen-smack-Handling-of-run-and-sys-fs-cgroup.patch \ -file://0004-tizen-smack-Handling-of-dev.patch \ -file://0005-tizen-smack-Handling-network-v225.patch \ -file://0007-tizen-smack-Runs-systemd-journald-with.patch \ -" - -SYSTEMD_SMACK_PATCHES_228 = " \ -file://0005-tizen-smack-Handling-network-v228.patch \ -file://mount-setup.c-fix-handling-of-symlink-Smack-labellin-v228.patch \ -" - -SYSTEMD_SMACK_PATCHES_234 = " \ -file://0001-Switch-Smack-label-earlier.patch \ +################################################################################## +# What follows is temporary. +# This patch is still needed for systemd 234 but is normally upstreamed +# and thus should be removed in later versions. +################################################################################## +SRC_URI_append_with-lsm-smack = "\ + file://0001-Switch-Smack-label-earlier.patch \ " -# Most patches from sandbox/jobol/v219. Cannot be applied unconditionally -# because systemd panics when booted without Smack support: -# systemd[1]: Cannot determine cgroup we are running in: No such file or directory -# systemd[1]: Failed to allocate manager object: No such file or directory -# [!!!!!!] Failed to allocate manager object, freezing. -# -# There's a slight dependency on the base systemd in 0005-tizen-smack-Handling-network. -# We use the beginning of PV (unexpanded here to prevent a cyclic dependency -# during resolution apparently caused by ${SRCPV}) to pick the right set of -# patches. -# -# Patches are optional. Hopefully we won't need any for systemd >= 229. -SRC_URI_append_with-lsm-smack = " ${SYSTEMD_SMACK_PATCHES_234}" - -# A workaround for a missing space in a SRC_URI_append in a private layer elsewhere: -SRC_URI += "" - # Ensures systemd runs with label "System" EXTRA_OECONF_append_with-lsm-smack = " --with-smack-run-label=System" +################################################################################## # Maintaining trivial, non-upstreamable configuration changes as patches # is tedious. But in same cases (like early mounting of special directories) # the configuration has to be in code. We make these changes here directly. +################################################################################## do_patch[prefuncs] += "patch_systemd" do_patch[vardeps] += "patch_systemd" patch_systemd() {