Ensure that eXtended Attributes are managed
authorJosé Bollo <jose.bollo@iot.bzh>
Mon, 6 Mar 2017 16:19:16 +0000 (17:19 +0100)
committerStephane Desneux <stephane.desneux@iot.bzh>
Mon, 27 Mar 2017 13:33:40 +0000 (15:33 +0200)
Common tools like 'useradd' work better in a Smacked
context when the extended attributes are correctly
managed. This is achieved by enforcing extended
attributes "xattr" to be in DISTRO_FEATURES.

When the commit 1c3eae5e654b7942b3ffd0b53426ca77219cec03
of poky will be integrated in the upstream of AGL (pyro),
it will be possible to removes the 3 last lines of
meta-app-framework/conf/include/agl-appfw-smack.inc
that explicitely activate the handling of extended
attributes for the package "shadow". See SPEC-475.

Change-Id: I299e68a34e7e49b33f1046aa99d255655fa2ffcc
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
meta-app-framework/conf/include/agl-appfw-smack.inc

index 90862cb..133f6b0 100644 (file)
@@ -1,12 +1,16 @@
 # enable security features (smack, cynara) - required by Application Framework
 OVERRIDES .= ":smack"
-DISTRO_FEATURES_append = " smack dbus-cynara"
+DISTRO_FEATURES_append = " smack dbus-cynara xattr"
 
 # use tar-native to support SMACK extended attributes independently of host config
-IMAGE_CMD_TAR = "tar --xattrs-include='*'"
+IMAGE_CMD_TAR = "tar --xattrs --xattrs-include='*'"
 IMAGE_DEPENDS_tar_append = " tar-replacement-native"
 EXTRANATIVEPATH += "tar-native"
 
 # security: enable ssh server in place of dropbear to support PAM on user sessions
 IMAGE_FEATURES += "ssh-server-openssh"
 
+# enforce copy of xattrs (to be removed, see SPEC-475)
+PACKAGECONFIG_append_pn-shadow = " attr"
+PACKAGECONFIG_append_pn-shadow-native = " attr"
+