aboutsummaryrefslogtreecommitdiffstats
path: root/meta-app-framework
diff options
context:
space:
mode:
authorJosé Bollo <jose.bollo@iot.bzh>2017-03-06 17:19:16 +0100
committerStephane Desneux <stephane.desneux@iot.bzh>2017-03-27 15:33:40 +0200
commit84359dab292d9cfc2ad66800c8d1765ce32c717b (patch)
treeebc2824db4332efdde73e33b8465248123614532 /meta-app-framework
parent91ee2f30326ae626b40f6a80dc47eac1085051b9 (diff)
Ensure that eXtended Attributes are managed
Common tools like 'useradd' work better in a Smacked context when the extended attributes are correctly managed. This is achieved by enforcing extended attributes "xattr" to be in DISTRO_FEATURES. When the commit 1c3eae5e654b7942b3ffd0b53426ca77219cec03 of poky will be integrated in the upstream of AGL (pyro), it will be possible to removes the 3 last lines of meta-app-framework/conf/include/agl-appfw-smack.inc that explicitely activate the handling of extended attributes for the package "shadow". See SPEC-475. Change-Id: I299e68a34e7e49b33f1046aa99d255655fa2ffcc Signed-off-by: José Bollo <jose.bollo@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
Diffstat (limited to 'meta-app-framework')
-rw-r--r--meta-app-framework/conf/include/agl-appfw-smack.inc8
1 files changed, 6 insertions, 2 deletions
diff --git a/meta-app-framework/conf/include/agl-appfw-smack.inc b/meta-app-framework/conf/include/agl-appfw-smack.inc
index 90862cb09..133f6b04c 100644
--- a/meta-app-framework/conf/include/agl-appfw-smack.inc
+++ b/meta-app-framework/conf/include/agl-appfw-smack.inc
@@ -1,12 +1,16 @@
# enable security features (smack, cynara) - required by Application Framework
OVERRIDES .= ":smack"
-DISTRO_FEATURES_append = " smack dbus-cynara"
+DISTRO_FEATURES_append = " smack dbus-cynara xattr"
# use tar-native to support SMACK extended attributes independently of host config
-IMAGE_CMD_TAR = "tar --xattrs-include='*'"
+IMAGE_CMD_TAR = "tar --xattrs --xattrs-include='*'"
IMAGE_DEPENDS_tar_append = " tar-replacement-native"
EXTRANATIVEPATH += "tar-native"
# security: enable ssh server in place of dropbear to support PAM on user sessions
IMAGE_FEATURES += "ssh-server-openssh"
+# enforce copy of xattrs (to be removed, see SPEC-475)
+PACKAGECONFIG_append_pn-shadow = " attr"
+PACKAGECONFIG_append_pn-shadow-native = " attr"
+