summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYi Zhao <yi.zhao@windriver.com>2020-09-23 17:45:47 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-09-23 20:54:03 +0100
commitf4eec671b51e09495e184720e8c8952de79a1ce2 (patch)
treee1734fc634d0343790130a9dc309ead84ffe12b0
parent23c09875681b4736c023e7abf4cd35418fef208f (diff)
downloadpoky-f4eec671b51e09495e184720e8c8952de79a1ce2.tar.gz
poky-f4eec671b51e09495e184720e8c8952de79a1ce2.tar.bz2
poky-f4eec671b51e09495e184720e8c8952de79a1ce2.zip
dhcpcd: add dhcpcd user to support priviledge separation
The dhcpcd enables privsep by default. It requires a user added to the system. Add dhcpcd user and group to support it. (From OE-Core rev: 31c13dc5bbdde0e6ba1510b684eba0aa2ff2c937) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb8
1 files changed, 7 insertions, 1 deletions
diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb
index 557e15128e..4344841b54 100644
--- a/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb
+++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb
@@ -19,7 +19,7 @@ SRC_URI = "https://roy.marples.name/downloads/${BPN}/${BPN}-${PV}.tar.xz \
SRC_URI[sha256sum] = "fcb2d19672d445bbfd38678fdee4f556ef967a3ea6bd81092d10545df2cb9666"
-inherit pkgconfig autotools-brokensep systemd
+inherit pkgconfig autotools-brokensep systemd useradd
SYSTEMD_SERVICE_${PN} = "dhcpcd.service"
@@ -33,10 +33,16 @@ EXTRA_OECONF = "--enable-ipv4 \
--runstatedir=/run \
"
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM_${PN} = "--system -d ${localstatedir}/lib/${BPN} -M -s /bin/false -U dhcpcd"
+
do_install_append () {
# install systemd unit files
install -d ${D}${systemd_unitdir}/system
install -m 0644 ${WORKDIR}/dhcpcd*.service ${D}${systemd_unitdir}/system
+
+ chmod 700 ${D}${localstatedir}/lib/${BPN}
+ chown dhcpcd:dhcpcd ${D}${localstatedir}/lib/${BPN}
}
FILES_${PN}-dbg += "${libdir}/dhcpcd/dev/.debug"