1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
From 468ef790a7a0e53c390cec9c63090a0ae04a4d58 Mon Sep 17 00:00:00 2001
From: Michael Demeter <michael.demeter@intel.com>
Date: Fri, 11 Oct 2013 15:37:57 -0700
Subject: [PATCH 4/9] tizen-smack: Handling of /dev
Smack enabled systems need /dev special devices correctly labeled
- Add AC_DEFINE for HAVE_SMACK to configure.ac
- Add Check for smack in Makefile.am to include smack default rules
- Add smack default rules to label /dev/xxx correctly for access
Upstream-Status: Inappropriate [configuration]
Change-Id: Iebe2e349cbedb3013abdf32edb55e9310f1d17f5
---
configure.ac | 2 ++
Makefile.am | 5 +++++
rules/55-udev-smack-default.rules | 23 +++++++++++++++++++++++
3 files changed, 30 insertions(+)
create mode 100644 rules/55-udev-smack-default.rules
diff --git a/configure.ac b/configure.ac
index 18b7198..05f49ed 100644
--- a/configure.ac
+++ b/configure.ac
@@ -635,6 +635,8 @@ if test "x${have_smack}" = xyes ; then
AC_DEFINE(HAVE_SMACK, 1, [Define if SMACK is available])
fi
+AM_CONDITIONAL([HAVE_SMACK], [test "x$have_smack" = "xyes"])
+
# ------------------------------------------------------------------------------
AC_ARG_ENABLE([gcrypt],
AS_HELP_STRING([--disable-gcrypt],[Disable optional GCRYPT support]),
diff --git a/Makefile.am b/Makefile.am
index bf04d31..1a05607 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3108,6 +3108,11 @@ dist_udevrules_DATA += \
nodist_udevrules_DATA += \
rules/99-systemd.rules
+if HAVE_SMACK
+dist_udevrules_DATA += \
+ rules/55-udev-smack-default.rules
+endif
+
dist_udevhwdb_DATA = \
hwdb/20-pci-vendor-model.hwdb \
hwdb/20-pci-classes.hwdb \
diff --git a/rules/55-udev-smack-default.rules b/rules/55-udev-smack-default.rules
new file mode 100644
index 0000000..3829019
--- /dev/null
+++ b/rules/55-udev-smack-default.rules
@@ -0,0 +1,23 @@
+# do not edit this file, it will be overwritten on update
+
+KERNEL=="null", SECLABEL{smack}="*"
+KERNEL=="zero", SECLABEL{smack}="*"
+KERNEL=="console", SECLABEL{smack}="*"
+KERNEL=="kmsg", SECLABEL{smack}="*"
+KERNEL=="video*", SECLABEL{smack}="*"
+KERNEL=="card*", SECLABEL{smack}="*"
+KERNEL=="ptmx", SECLABEL{smack}="*"
+KERNEL=="tty", SECLABEL{smack}="*"
+
+SUBSYSTEM=="graphics", GROUP="video", SECLABEL{smack}="*"
+SUBSYSTEM=="drm", GROUP="video", SECLABEL{smack}="*"
+SUBSYSTEM=="dvb", GROUP="video", SECLABEL{smack}="*"
+
+SUBSYSTEM=="tty", KERNEL=="ptmx", GROUP="tty", MODE="0666", SECLABEL{smack}="*"
+SUBSYSTEM=="tty", KERNEL=="tty", GROUP="tty", MODE="0666", SECLABEL{smack}="*"
+SUBSYSTEM=="tty", KERNEL=="tty[0-9]*", GROUP="tty", MODE="0620", SECLABEL{smack}="*"
+SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty", SECLABEL{smack}="*"
+KERNEL=="tty[A-Z]*[0-9]|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout", SECLABEL{smack}="*"
+
+SUBSYSTEM=="input", KERNEL=="mouse*|mice|event*", MODE="0640", SECLABEL{smack}="*"
+SUBSYSTEM=="input", KERNEL=="ts[0-9]*|uinput", MODE="0640", SECLABEL{smack}="*"
--
1.8.4.5
|
