[yocto] [meta-selinux][PATCH 0/2] initscripts/devpts.sh: fix context for /dev/pts
wenzong.fan at windriver.com
wenzong.fan at windriver.com
Mon May 12 00:31:47 PDT 2014
From: Wenzong Fan <wenzong.fan at windriver.com>
devpts use file_use_trans to allocate security contexts. As there are no
range_trans rules for initrc_t mounting devpts, the security level of
mountpoint will be derived from the initrc process, to be systemhigh
(s15:c0.c1023), instead of expected systemlow(s0).
This will block login shells to search PTYs, so use restorecon to fix
this.
The following changes since commit 368f65a475069ed384d82be09c2515fb765e22ec:
initscripts/checkroot.sh: restore file contexts for /run (2014-05-09 08:59:54 -0400)
are available in the git repository at:
git://git.pokylinux.org/poky-contrib wenzong/fix-pts
http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/fix-pts
Wenzong Fan (2):
initscripts: add a local copy of devpts.sh
initscripts/devpts.sh: fix context for /dev/pts
recipes-core/initscripts/initscripts/devpts.sh | 29 +++++++++++++++++++++
recipes-core/initscripts/initscripts_1.0.bbappend | 2 ++
2 files changed, 31 insertions(+)
create mode 100755 recipes-core/initscripts/initscripts/devpts.sh
--
1.7.9.5
More information about the yocto
mailing list