[meta-security][PATCH 1/3] sssd: Create /var/log/sssd in runtime


Armin Kuster
 

/var/log is normally a link to /var/volatile/log and /var/volatile is a
tmpfs mount. So anything created in /var/log will not be available when
the tmpfs is mounted.

[Thanks to Peter Kjellerstedt for example]

Signed-off-by: Armin Kuster <akuster808@...>
---
recipes-security/sssd/sssd_2.5.2.bb | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/recipes-security/sssd/sssd_2.5.2.bb b/recipes-security/sssd/sssd_2.5.2.bb
index ed8af5e..8bc8787 100644
--- a/recipes-security/sssd/sssd_2.5.2.bb
+++ b/recipes-security/sssd/sssd_2.5.2.bb
@@ -86,13 +86,23 @@ do_install () {
rmdir --ignore-fail-on-non-empty "${D}/${bindir}"
install -d ${D}/${sysconfdir}/${BPN}
install -m 600 ${WORKDIR}/${BPN}.conf ${D}/${sysconfdir}/${BPN}
- install -D -m 644 ${WORKDIR}/volatiles.99_sssd ${D}/${sysconfdir}/default/volatiles/99_sssd
+
+ # /var/log/sssd needs to be created in runtime. Use rmdir to catch if
+ # upstream stops creating /var/log/sssd, or adds something else in
+ # /var/log.
+ rmdir ${D}${localstatedir}/log/${BPN} ${D}${localstatedir}/log
+ rmdir --ignore-fail-on-non-empty ${D}${localstatedir}

if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
install -d ${D}${sysconfdir}/tmpfiles.d
echo "d /var/log/sssd 0750 - - - -" > ${D}${sysconfdir}/tmpfiles.d/sss.conf
fi

+ if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then
+ install -d ${D}${sysconfdir}/default/volatiles
+ echo "d ${SSSD_UID}:${SSSD_GID} 0755 ${localstatedir}/log/${BPN} none" > ${D}${sysconfdir}/default/volatiles/99_${BPN}
+ fi
+
# Remove /run as it is created on startup
rm -rf ${D}/run

@@ -106,6 +116,8 @@ fi
chown ${SSSD_UID}:${SSSD_GID} ${sysconfdir}/${BPN}/${BPN}.conf
}

+FILES:${PN} += "${nonarch_libdir}/tmpfiles.d"
+
CONFFILES:${PN} = "${sysconfdir}/${BPN}/${BPN}.conf"

INITSCRIPT_NAME = "sssd"
--
2.25.1

Join yocto@lists.yoctoproject.org to automatically receive all group messages.