---------- Forwarded message ---------- From: mulhern <mulh...@gmail.com> Date: Wed, Sep 25, 2013 at 6:00 PM Subject: Re: [yocto] [meta-security][PATCH 1/2] Bastille: make questions files writable To: Joe MacDonald <j...@deserted.net>
Hi! Thanks for the patch, however the problem addressed by patch 1/2 already has a fix in progress, see https://bugzilla.yoctoproject.org/show_bug.cgi?id=5177. - mulhern On Fri, Sep 20, 2013 at 12:20 AM, Joe MacDonald <j...@deserted.net> wrote: > do_install would fail when trying to update the questions files during the > set_required_questions.py stage since the default permissions in the > Questions/ did not allow writing. So the shutil.move() in > set_required_questions.py would raise and IOError: > > Fatal error reading config file: [Errno 13] Permission denied: > '[...]/bastille/3.2.1-r0/Bastille/Questions/AccountSecurity.txt' > > for each Questions file. The most direct approach seems to work > reasonably well here, jump in before set_required_questions.py gets run > and make sure we have write permission on the files we're going to write. > > Signed-off-by: Joe MacDonald <j...@deserted.net> > --- > recipes-security/bastille/bastille_3.2.1.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git > a/recipes-security/bastille/bastille_3.2.1.bbb/recipes-security/bastille/ > bastille_3.2.1.bb > index ef697d7..d506399 100644 > --- a/recipes-security/bastille/bastille_3.2.1.bb > +++ b/recipes-security/bastille/bastille_3.2.1.bb > @@ -143,6 +143,7 @@ do_install () { > install -m 0644 OSMap/OSX.bastille ${D}${datadir}/Bastille/OSMap > install -m 0644 OSMap/OSX.system ${D}${datadir}/Bastille/OSMap > > + chmod +w Questions/*.txt > ${THISDIR}/files/set_required_questions.py ${WORKDIR}/config > Questions > > install -m 0777 ${WORKDIR}/config ${D}${sysconfdir}/Bastille/config > -- > 1.7.10.4 > > _______________________________________________ > yocto mailing list > yocto@yoctoproject.org > https://lists.yoctoproject.org/listinfo/yocto >
_______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto