[yocto] [meta-selinux][PATCH 0/2] initscripts/devpts.sh: fix context for /dev/pts
Pascal Ouyang
xin.ouyang at windriver.com
Sun Jun 22 23:29:11 PDT 2014
于 14-5-12 下午3:31, wenzong.fan at windriver.com 写道:
> From: Wenzong Fan <wenzong.fan at windriver.com>
>
> devpts use file_use_trans to allocate security contexts. As there are no
> range_trans rules for initrc_t mounting devpts, the security level of
> mountpoint will be derived from the initrc process, to be systemhigh
> (s15:c0.c1023), instead of expected systemlow(s0).
>
> This will block login shells to search PTYs, so use restorecon to fix
> this.
>
> The following changes since commit 368f65a475069ed384d82be09c2515fb765e22ec:
>
> initscripts/checkroot.sh: restore file contexts for /run (2014-05-09 08:59:54 -0400)
>
> are available in the git repository at:
>
> git://git.pokylinux.org/poky-contrib wenzong/fix-pts
> http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/fix-pts
>
> Wenzong Fan (2):
> initscripts: add a local copy of devpts.sh
> initscripts/devpts.sh: fix context for /dev/pts
>
> recipes-core/initscripts/initscripts/devpts.sh | 29 +++++++++++++++++++++
> recipes-core/initscripts/initscripts_1.0.bbappend | 2 ++
> 2 files changed, 31 insertions(+)
> create mode 100755 recipes-core/initscripts/initscripts/devpts.sh
>
Merged, thanks. :)
--
- Pascal
More information about the yocto
mailing list