Adds a variable that allows the group given permissions to access FAT mounted file systems to be specified, instead of being hardcoded to 'disk'.
As a note, the usage of 'disk' as the mount group is not a very secure default, since the disk user usually has read/write access to all block devices in /dev/, meaning that adding a user to this group for the purpose of accessing FAT file systems effectively gives the write access to all block devices. Signed-off-by: Joshua Watt <[email protected]> --- meta/recipes-core/udev/udev-extraconf/mount.sh | 8 ++++---- meta/recipes-core/udev/udev-extraconf_1.1.bb | 9 ++++++--- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/meta/recipes-core/udev/udev-extraconf/mount.sh b/meta/recipes-core/udev/udev-extraconf/mount.sh index eb84a468be..0cbae48729 100644 --- a/meta/recipes-core/udev/udev-extraconf/mount.sh +++ b/meta/recipes-core/udev/udev-extraconf/mount.sh @@ -83,11 +83,11 @@ automount_systemd() { MOUNT="$MOUNT -o silent" - # If filesystemtype is vfat, change the ownership group to 'disk', and + # If filesystemtype is vfat, change the ownership group to mount group, and # grant it with w/r/x permissions. case $ID_FS_TYPE in vfat|fat) - MOUNT="$MOUNT -o umask=007,gid=`awk -F':' '/^disk/{print $3}' /etc/group`" + MOUNT="$MOUNT -o umask=007,gid=`awk -F':' '/^@MOUNT_GROUP@:/{print $3}' /etc/group`" ;; swap) return ;; @@ -138,11 +138,11 @@ automount() { MOUNT="$MOUNT -o silent" fi - # If filesystem type is vfat, change the ownership group to 'disk', and + # If filesystem type is vfat, change the ownership group to mount group, and # grant it with w/r/x permissions. case $ID_FS_TYPE in vfat|fat) - MOUNT="$MOUNT -o umask=007,gid=`awk -F':' '/^disk/{print $3}' /etc/group`" + MOUNT="$MOUNT -o umask=007,gid=`awk -F':' '/^@MOUNT_GROUP@:/{print $3}' /etc/group`" ;; swap) return ;; diff --git a/meta/recipes-core/udev/udev-extraconf_1.1.bb b/meta/recipes-core/udev/udev-extraconf_1.1.bb index 0e2abcd424..0d7e4f4f36 100644 --- a/meta/recipes-core/udev/udev-extraconf_1.1.bb +++ b/meta/recipes-core/udev/udev-extraconf_1.1.bb @@ -17,6 +17,7 @@ S = "${WORKDIR}/sources" UNPACKDIR = "${S}" MOUNT_BASE = "/run/media" +MOUNT_GROUP ?= "disk" do_install() { install -d ${D}${sysconfdir}/udev/rules.d @@ -31,9 +32,11 @@ do_install() { install -d ${D}${sysconfdir}/udev/scripts/ install -m 0755 ${S}/mount.sh ${D}${sysconfdir}/udev/scripts/mount.sh - sed -i 's|@systemd_unitdir@|${systemd_unitdir}|g' ${D}${sysconfdir}/udev/scripts/mount.sh - sed -i 's|@base_sbindir@|${base_sbindir}|g' ${D}${sysconfdir}/udev/scripts/mount.sh - sed -i 's|@MOUNT_BASE@|${MOUNT_BASE}|g' ${D}${sysconfdir}/udev/scripts/mount.sh + sed -e 's|@systemd_unitdir@|${systemd_unitdir}|g' \ + -e 's|@base_sbindir@|${base_sbindir}|g' \ + -e 's|@MOUNT_BASE@|${MOUNT_BASE}|g' \ + -e 's|@MOUNT_GROUP@|${MOUNT_GROUP}|g' \ + -i ${D}${sysconfdir}/udev/scripts/mount.sh install -m 0755 ${S}/network.sh ${D}${sysconfdir}/udev/scripts } -- 2.47.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#209656): https://lists.openembedded.org/g/openembedded-core/message/209656 Mute This Topic: https://lists.openembedded.org/mt/110537055/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
