[yocto] [meta-security][PATCH] trousers: make initscript more reliable

[André Draszik]

From: André Draszik <adraszik at tycoint.com>

The combination of using start-stop-daemon and pidof is
not working reliably in all cases. Sometimes, the
tcsd daemon isn't running yet at the time pidof is being
invoked.

This results in an empty /var/run/tcsd.pid, making it
impossible to stop tcsd using the init script.

To solve this, one could either add a delay before calling
pidof, or alternatively use start-stop-daemon's built-in
functionality to achieve the same.

Let's do the latter.

Signed-off-by: André Draszik <adraszik at tycoint.com>
---
 meta-tpm/recipes-tpm/trousers/files/trousers.init.sh | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh b/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh
index 0ecf7cc..d0d6cb3 100644
--- a/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh
+++ b/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh
@@ -33,10 +33,12 @@ case "${1}" in
 			exit 0
 		fi
 
-		start-stop-daemon --start --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --chuid ${USER} --exec ${DAEMON} -- ${DAEMON_OPTS}
+		start-stop-daemon --start --quiet --oknodo \
+			--pidfile /var/run/${NAME}.pid --make-pidfile --background \
+			--user ${USER} --chuid ${USER} \
+			--exec ${DAEMON} -- ${DAEMON_OPTS} --foreground
 		RETVAL="$?"
 		echo "$NAME."
-		[ "$RETVAL" = 0 ] && pidof $DAEMON > /var/run/${NAME}.pid
 		exit $RETVAL
 		;;
 
-- 
2.15.0.rc1