From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 0/3] core/pkg-infra: allow packages to provide permisions in a file
Date: Tue, 13 Dec 2016 23:34:39 +0100 [thread overview]
Message-ID: <87r35b1mrk.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <cover.1481665059.git.yann.morin.1998@free.fr> (Yann E. MORIN's message of "Tue, 13 Dec 2016 22:37:44 +0100")
>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes:
> Hello All!
> This series is a quick proof-of-concpet to allow packages to provide a
> permission table in a file rather than in-line in the .mk fiile.
> That permission file can be generated. It is usefull for the SELinux
> stuff and busybox, where individual applets should have a suid bit, but
> we only know what applets exist at configure time, not when parsing the
> .mk file.
> This is RFC material, jsut for quick review of the concept, not the
> actual code. This is not meant to be applied now.
I'm not really happy with having 2 ways of specifying per-package
permissions, but OK - perhaps it is the best way of handling this.
Alternatively we could drop the check-for-empty <pkg>_PERMISSIONS in
pkg-generic.mk, so PACKAGES_PERMISSIONS only get expanded at filesystem
creation time and then do something like:
BUSYBOX_PERMISSIONS = \
$(if $(shell grep 'CONFIG_PING=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping f 4755 0 0 - - - - -$(sep)) \
$(if $(shell grep 'CONFIG_PING6=y' $(BUSYBOX_BUILD_CONFIG)),/bin/ping6 f 4755 0 0 - - - - -$(sep))
...
But that also isn't very pretty.
--
Bye, Peter Korsgaard
next prev parent reply other threads:[~2016-12-13 22:34 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-13 21:37 [Buildroot] [PATCH 0/3] core/pkg-infra: allow packages to provide permisions in a file Yann E. MORIN
2016-12-13 21:37 ` [Buildroot] [PATCH 1/3] core: allow packages to declare a permission file Yann E. MORIN
2016-12-13 22:28 ` Peter Korsgaard
2016-12-14 16:41 ` Yann E. MORIN
2016-12-13 21:37 ` [Buildroot] [PATCH 2/3] docs/manual: document FOO_PERMISSIONS_FILE Yann E. MORIN
2016-12-13 21:37 ` [Buildroot] [PATCH 3/3] [RFC] package/busybox: gneerate permissions for enabeld applets Yann E. MORIN
2016-12-13 22:32 ` Peter Korsgaard
2016-12-14 16:44 ` Yann E. MORIN
2016-12-13 22:34 ` Peter Korsgaard [this message]
2016-12-14 16:42 ` [Buildroot] [PATCH 0/3] core/pkg-infra: allow packages to provide permisions in a file Yann E. MORIN
2016-12-21 19:02 Yann E. MORIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87r35b1mrk.fsf@dell.be.48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.