[yocto] [PATCH 2/2] audit: fix the permission of configuration file
rongqing.li at windriver.com
rongqing.li at windriver.com
Mon Mar 3 21:52:30 PST 2014
From: Roy Li <rongqing.li at windriver.com>
A ordinary use should not to access auditd configuration files
Signed-off-by: Roy Li <rongqing.li at windriver.com>
---
recipes-security/audit/audit_2.3.2.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/recipes-security/audit/audit_2.3.2.bb b/recipes-security/audit/audit_2.3.2.bb
index eafcd30..4a9c954 100644
--- a/recipes-security/audit/audit_2.3.2.bb
+++ b/recipes-security/audit/audit_2.3.2.bb
@@ -88,4 +88,7 @@ do_install_append() {
# install systemd unit files
install -d ${D}${systemd_unitdir}/system
install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system
+
+ chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d
+ chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules
}
--
1.7.10.4
More information about the yocto
mailing list