* [Buildroot] [git commit branch/next] package/refpolicy: fix build with ftp
@ 2021-08-03 16:05 Arnout Vandecappelle
0 siblings, 0 replies; only message in thread
From: Arnout Vandecappelle @ 2021-08-03 16:05 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=c5b016c618dfc64532e4b431b014900d68905041
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/next
Fix build failure raised since commit
61a47bb1037ac20772f4e0106aab956adffeee12
Fixes:
- http://autobuild.buildroot.org/results/bde34d81a04b5ea96722dc56249089dce7e65b74
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
---
...modules-services-ftp-te-make-ssh-optional.patch | 44 ++++++++++++++++++++++
1 file changed, 44 insertions(+)
diff --git a/package/refpolicy/0004-policy-modules-services-ftp-te-make-ssh-optional.patch b/package/refpolicy/0004-policy-modules-services-ftp-te-make-ssh-optional.patch
new file mode 100644
index 0000000000..9269c7aff8
--- /dev/null
+++ b/package/refpolicy/0004-policy-modules-services-ftp-te-make-ssh-optional.patch
@@ -0,0 +1,44 @@
+From f26d4bc1b2a7b781c67891cb3bf4579c6582d630 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 30 Jul 2021 22:40:20 +0200
+Subject: [PATCH] policy/modules/services/ftp.te: make ssh optional
+
+Make ssh optional to avoid the following build failure:
+
+ Compiling targeted policy.30
+ env LD_LIBRARY_PATH="/home/fabrice/buildroot/output/host/lib:/home/fabrice/buildroot/output/host/usr/lib" /home/fabrice/buildroot/output/host/usr/bin/checkpolicy -c 30 -U deny -S -O -E policy.conf -o policy.30
+ policy/modules/services/ftp.te:484:ERROR 'type ssh_home_t is not within scope' at token ';' on line 92051:
+ allow sftpd_t ssh_home_t:dir { open read getattr lock search ioctl add_name remove_name write };
+ #line 484
+ checkpolicy: error(s) encountered while parsing configuration
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ policy/modules/services/ftp.te | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/policy/modules/services/ftp.te b/policy/modules/services/ftp.te
+index 0d84da71cf..5686b22581 100644
+--- a/policy/modules/services/ftp.te
++++ b/policy/modules/services/ftp.te
+@@ -481,10 +481,6 @@ tunable_policy(`sftpd_full_access',`
+ files_manage_non_auth_files(sftpd_t)
+ ')
+
+-tunable_policy(`sftpd_write_ssh_home',`
+- ssh_manage_home_files(sftpd_t)
+-')
+-
+ tunable_policy(`use_samba_home_dirs',`
+ fs_list_cifs(sftpd_t)
+ fs_read_cifs_files(sftpd_t)
+@@ -496,3 +492,9 @@ tunable_policy(`use_nfs_home_dirs',`
+ fs_read_nfs_files(sftpd_t)
+ fs_read_nfs_symlinks(ftpd_t)
+ ')
++
++optional_policy(`
++ tunable_policy(`sftpd_write_ssh_home',`
++ ssh_manage_home_files(sftpd_t)
++ ')
++')
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-08-04 1:14 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-03 16:05 [Buildroot] [git commit branch/next] package/refpolicy: fix build with ftp Arnout Vandecappelle
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).