[yocto] [meta-selinux][PATCH 1/1] refpolicy: fix real path for udevd

wenzong.fan at windriver.com wenzong.fan at windriver.com
Wed Jan 8 18:54:36 PST 2014 

From: Wenzong Fan <wenzong.fan at windriver.com>

In Yocto the real path for udevd is /lib/udev/udevd, this patch fixes
the init issues like:

udevd[87]: setfilecon /dev/vcsa2 failed: Operation not permitted
udevd[89]: setfilecon /dev/fb0 failed: Operation not permitted

Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
 .../refpolicy-2.20130424/poky-fc-udevd.patch       |   27 ++++++++++++++++++++
 .../refpolicy/refpolicy_2.20130424.inc             |    1 +
 2 files changed, 28 insertions(+)
 create mode 100644 recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-udevd.patch

diff --git a/recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-udevd.patch b/recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-udevd.patch
new file mode 100644
index 0000000..d6540a9
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy-2.20130424/poky-fc-udevd.patch
@@ -0,0 +1,27 @@
+From 86fd93b15b97042bcf5ff1b2d1228e7d64b8cfd1 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan <wenzong.fan at windriver.com>
+Date: Tue, 7 Jan 2014 22:22:00 -0500
+Subject: [PATCH] refpolicy: fix real path for udevd
+
+Upstream-Status: Inappropriate [configuration]
+
+Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
+---
+ policy/modules/system/udev.fc |    1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/policy/modules/system/udev.fc b/policy/modules/system/udev.fc
+index 40928d8..36d471d 100644
+--- a/policy/modules/system/udev.fc
++++ b/policy/modules/system/udev.fc
+@@ -10,6 +10,7 @@
+ /etc/udev/scripts/.+ --	gen_context(system_u:object_r:udev_helper_exec_t,s0)
+ 
+ /lib/udev/udev-acl --	gen_context(system_u:object_r:udev_exec_t,s0)
++/lib/udev/udevd    --	gen_context(system_u:object_r:udev_exec_t,s0)
+ 
+ ifdef(`distro_debian',`
+ /lib/udev/create_static_nodes -- gen_context(system_u:object_r:udev_exec_t,s0)
+-- 
+1.7.9.5
+
diff --git a/recipes-security/refpolicy/refpolicy_2.20130424.inc b/recipes-security/refpolicy/refpolicy_2.20130424.inc
index 6871813..cfeeaed 100644
--- a/recipes-security/refpolicy/refpolicy_2.20130424.inc
+++ b/recipes-security/refpolicy/refpolicy_2.20130424.inc
@@ -27,6 +27,7 @@ SRC_URI += "file://poky-fc-subs_dist.patch \
             file://poky-fc-ssh.patch \
             file://poky-fc-su.patch \
             file://poky-fc-sysnetwork.patch \
+            file://poky-fc-udevd.patch \
            "
 
 # Specific policy for Poky
-- 
1.7.9.5

More information about the yocto mailing list